I ran the same createusr command, it produced the same error, and here is the access log entry. [03/Jun/2016:10:08:08 -0700] conn=57841 fd=94 slot=94 connection from 192.168.x.y to 192.168.x.z [03/Jun/2016:10:08:08 -0700] conn=57841 op=0 EXT oid="1.3.6.1.4.1.1466.20037" name="startTLS" [03/Jun/2016:10:08:08 -0700] conn=57841 op=0 RESULT err=0 tag=120 nentries=0 etime=0 [03/Jun/2016:10:08:08 -0700] conn=57841 SSL 256-bit AES [03/Jun/2016:10:08:08 -0700] conn=57841 op=1 BIND dn="cn=Directory Manager" method=128 version=3 [03/Jun/2016:10:08:08 -0700] conn=57841 op=1 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager" [03/Jun/2016:10:08:08 -0700] conn=57841 op=2 SRCH base="dc=ccbox,dc=com" scope=2 filter="(&(objectClass=posixAccount)(uid=test06032016a))" attrs=ALL [03/Jun/2016:10:08:08 -0700] conn=57841 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [03/Jun/2016:10:08:08 -0700] conn=57841 op=-1 fd=94 closed - B1 Personally, if this was a permissions problem with 389 ds I would be surprised. You said there were no restrictions with "cn=directory manager". I do have some questions that may help further troubleshoot this. What is the "oid="1.3.6.1.4.1.1466.20037""? What are the significance of "tag=120", "tag=97", and "tag=101" i.e. are they relevant? Does it mean that there was no matching result found if "nentries=0" is returned? Does this log give us enough information to duplicate the search? Thanks, Job -- 389-users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://lists.fedoraproject.org/admin/lists/389-users@xxxxxxxxxxxxxxxxxxxxxxx
