> On 22 Nov 2019, at 19:11, cool dharma06 <cooldharma06@xxxxxxxxx> wrote: > > hi, > > > On Fri, Nov 22, 2019 at 4:41 AM William Brown <wbrown@xxxxxxx> wrote: >> >> >> >>> On 21 Nov 2019, at 16:13, cool dharma06 <cooldharma06@xxxxxxxxx> wrote: >>> >>> Hi, >>> >>> >>> On Thu, Nov 21, 2019 at 7:48 AM William Brown <wbrown@xxxxxxx> wrote: >>>> >>>> >>>>> On 21 Nov 2019, at 10:49, cool dharma06 <cooldharma06@xxxxxxxxx> wrote: >>>>> >>>> >>>>> Hi William, >>>>> >>>>> Thanks for your reply. >>>>> >>>>> I want to enable 389ds to generate nsUniqueID, modifiedTimestamp, creators name for all enteries which is added/getting added to 389-ds. Any suggestions or reference link to enable this. >>>> >>>> They are all generated by default as part of the server - it may be the access controls preventing you from viewing them instead .... >>> >>> Sure, I will verify the access policy. And I used following commands to retrieve the user information. >>> >>> $ dsidm ceenext-sles account get-by-dn >>> Enter dn to retrieve : cn=sudo,ou=Groups,dc=cee,dc=test,dc=com >>> dn: cn=sudo,ou=Groups,dc=cee,dc=test,dc=com >>> cn: sudo >>> gidNumber: 1950 >>> objectClass: posixGroup >>> objectClass: groupOfNames >>> objectClass: top >> >> You already have dsidm as a command ?! Which suse version are you on. > I am using SLES 15.1. I installed 389-ds-base from SUSE repo. > Lib386-XXX.rpm i took from Tumbleweed. There are some updates coming soon to this package I think which will make things better. > >> Anyway, trying looking at the entry as "cn=Directory Manager" instead of anonymous, as cn=dm bypasses aci's. > > Thanks for your suggestions, now i am able to view all the attributes. Great! > >>> >>>>> >>>>> >>>>> I have OpenLdap set up with replication enabled and I want to make one more 389-ds with replication in sles 15.1 machine . I am unable to find admin-console package. >>>>> So I installed lib389 rpm and I am using dsctl, dsidm, dsconf tools to experiment and add users in my local 389ds setup. >>>> >>>> SUSE does not ship admin-console, and never will - we are in the process of actually bringing the new ds* tools into SLE 15.0 and 15.1 which will make it much easier to administer the server. You can see these on the wiki or on Red Hat's correspending 389 docs >>>> >>>> http://www.port389.org/docs/389ds/howto/quickstart.html >>>> https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/ >>>> >>>> We are also in the progress of releasing 389-ds docs for SUSE as well, >>> >>> It will be very helpful if you share the ds* tools and 389-ds docs release dates. >> >> I don't have a release date yet I'm sorry - not because I can't share, but because there is some administration going on with the packages and I'm not sure of when it will be done (but it's necessary steps :) ) > > No issue and thanks for the information. If official SUSE packages are > there it will very useful. Happy to help, and feel free to ask questions anytime! > >>> >>>>> >>>>> Once it's done I am planning to enable sync and replication in 389-ds. >>>>> >>>>> It will be very helpful if u have any guidelines on this. >>>> >>>> 389-ds can replicate with other 389-ds servers, but *not* openldap. So I think you need to do a datamigration .... >>> >>> Yes, with multiple 389-ds i am planning for replication. Any guidelines or reference link to configure replication. >> >> In the red_hat_directory_server/11 link from redhat, look at their replication section :) > > Thank you, I will verify the redhat Guide links. As above, if you have any questions, please let us know. > >>> >>>> >>>>> >>>>> Thanks & Regards >>>>> cooldharma06 >>>>> >>>>> >>>>> On Thu, Nov 21, 2019, 4:33 AM William Brown <wbrown@xxxxxxx> wrote: >>>>> >>>>> >>>>>> On 20 Nov 2019, at 15:41, cool dharma06 <cooldharma06@xxxxxxxxx> wrote: >>>>>> >>>>>> Hi all, >>>>>> >>>>>> i have OpenLDAP in my environment. And i am experimenting 389-ds and their functionalities. In my OpenLDAP, i have entries with following attributes: >>>>>> entryCSN, contextCSN, entryUUID. >>>>>> >>>>>> 1. For entryCSN and contextCSN - any equivalent attribute available in 389-ds >>>>>> >>>>>> 2. When i check for the above attributes in 389-ds, i am unable to find those attributes. From the post link, its mentioned like we can use nsUniqueID in place of entryUUID. but we might face issue during Sync/repl. >>>>>> >>>>>> Is this issue got fixed. >>>>>> https://pagure.io/389-ds-base/issue/137 >>>>>> >>>>>> Any suggestions for the above queries. >>>>> >>>>> OpenLDAP and 389-ds use a really different replication model. That's probably why you can't find the same types and datapoints. >>>>> >>>>> My question is "what are you trying to achieve". You shouldn't need to look at our replication state, that's an internal detail. >>>>> >>>>> If you want a "did this entry change" look at the entryUSN plugin. >>>>> >>>>> If you need the entries unique id, look at nsUniqueID attribute - we have spoken about adding entryUUID too, but it's just never materialised. >>>>> >>>>> It's not recommended to set nsUniqueID manually, you should let 389-ds generate that itself. >>>>> >>>>> Does that help? Really happy to help as much as possible with your 389-ds experimenting :) >>>>> >>>>>> >>>>>> Thanks & Regards >>>>>> cooldharma06 >>>>>> _______________________________________________ >>>>>> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx >>>>>> To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >>>>>> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>>>>> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >>>>>> List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx >>>>> >>>>> — >>>>> Sincerely, >>>>> >>>>> William Brown >>>>> >>>>> Senior Software Engineer, 389 Directory Server >>>>> SUSE Labs >>>>> _______________________________________________ >>>>> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx >>>>> To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >>>>> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>>>> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >>>>> List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx >>>>> _______________________________________________ >>>>> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx >>>>> To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >>>>> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>>>> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >>>>> List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx >>>> >>>> — >>>> Sincerely, >>>> >>>> William Brown >>>> >>>> Senior Software Engineer, 389 Directory Server >>>> SUSE Labs >>>> _______________________________________________ >>>> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx >>>> To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >>>> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>>> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >>>> List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx >>> _______________________________________________ >>> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx >>> To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >>> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >>> List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx >> >> — >> Sincerely, >> >> William Brown >> >> Senior Software Engineer, 389 Directory Server >> SUSE Labs >> _______________________________________________ >> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx >> To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >> List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx > _______________________________________________ > 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx > Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx — Sincerely, William Brown Senior Software Engineer, 389 Directory Server SUSE Labs _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
