[Fedora-directory-users] Preparing to upgrade to fds 1.0.4

Richard Megginson rmeggins at redhat.com
Thu Feb 22 19:46:18 UTC 2007 

Bliss, Aaron wrote:
> Yes, before the upgrade I was able to login with my userid, was not
> fully qualified; I just tried fully qualifying my userid and it
> works...not sure if this is a bug...
>   
I'm really surprised that it ever worked.  Did you have to do anything 
to make that work?  I don't know how to make the console dialog box 
search somewhere other than o=NetscapeRoot.
> Aaron 
>
> -----Original Message-----
> From: fedora-directory-users-bounces at redhat.com
> [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of Richard
> Megginson
> Sent: Thursday, February 22, 2007 2:22 PM
> To: General discussion list for the Fedora Directory server project.
> Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
>
> Bliss, Aaron wrote:
>   
>> More progress; I've been able to find the lonely password policy that
>> wasn't disabled; turns out the entire policy had to be disabled, not
>> just the password syntax checking piece; so the setup piece finished
>> without a hitch, Directory server shows version 1.0.4, however my
>>     
> userid
>   
>> is still unable to log into the console; this is so peculiar; I'm able
>> to login as admin only; the directory console error log shows "user
>> myuserid not found: /admin-serv/authenticate"; I've verified that
>> myuserid is listed as follows; after logging into the console with the
>> admin account, servername, server group, right click Administration
>> Server, set access permissions; I did the same for the Directory
>>     
> Server.
>   
>> I'm just not sure what/where else to check...it's almost as if
>> authenticating to the console is only searching the Netscape root, not
>> the user directory database...Any other ideas?  Thanks again.
>>   
>>     
> So, before the upgrade, you were able to login to the console using a 
> regular user account, and now you are not able to?  Did you login with 
> just your uid or did you have to specify your full DN?
>   
>> Aaron 
>>
>> -----Original Message-----
>> From: fedora-directory-users-bounces at redhat.com
>> [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of
>>     
> Richard
>   
>> Megginson
>> Sent: Thursday, February 22, 2007 10:56 AM
>> To: General discussion list for the Fedora Directory server project.
>> Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds
>>     
> 1.0.4
>   
>> Bliss, Aaron wrote:
>>   
>>     
>>> I had both in place; a few users had individual password policies
>>>       
> that
>   
>>>     
>>>       
>> I
>>   
>>     
>>> disabled, as well as a global password policy
>>>   
>>>     
>>>       
>> I just don't know.  The DN in question is under o=NetscapeRoot - I
>>     
> doubt
>   
>> you would have applied any user or subtree password policy there, so
>>     
> it 
>   
>> must be the global password policy.  Are you using the console?  Can
>>     
> you
>   
>> verify that global password policy is disabled?
>>   
>>     
>>> Aaron 
>>>
>>> -----Original Message-----
>>> From: fedora-directory-users-bounces at redhat.com
>>> [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of
>>>     
>>>       
>> Richard
>>   
>>     
>>> Megginson
>>> Sent: Thursday, February 22, 2007 10:49 AM
>>> To: General discussion list for the Fedora Directory server project.
>>> Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds
>>>     
>>>       
>> 1.0.4
>>   
>>     
>>> Bliss, Aaron wrote:
>>>   
>>>     
>>>       
>>>> I thought that you might say that...I'm not really sure where else
>>>>     
>>>>       
>>>>         
>>> there
>>>   
>>>     
>>>       
>>>> would be a password policy getting applied, is there any kind of
>>>>     
>>>>       
>>>>         
>>> custom
>>>   
>>>     
>>>       
>>>> ldap query that I would use to figure what dn's the policy is
>>>>         
> defined
>   
>>>> at?  Thanks.
>>>>   
>>>>     
>>>>       
>>>>         
>>> Are you using global password policy or per-user/per-subtree?
>>>   
>>>     
>>>       
>>>> Aaron
>>>>
>>>> -----Original Message-----
>>>> From: fedora-directory-users-bounces at redhat.com
>>>> [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of
>>>>     
>>>>       
>>>>         
>>> Richard
>>>   
>>>     
>>>       
>>>> Megginson
>>>> Sent: Thursday, February 22, 2007 10:02 AM
>>>> To: General discussion list for the Fedora Directory server project.
>>>> Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds
>>>>     
>>>>       
>>>>         
>>> 1.0.4
>>>   
>>>     
>>>       
>>>> Bliss, Aaron wrote:
>>>>   
>>>>     
>>>>       
>>>>         
>>>>> Yep, err=19 was in the output log...
>>>>>   
>>>>>     
>>>>>       
>>>>>         
>>>>>           
>>>> <snip>
>>>>   
>>>>     
>>>>       
>>>>         
>>>>> [21/Feb/2007:17:08:02 -0500] conn=0 op=11 RESULT err=19 tag=103
>>>>> nentries=0 etime=0
>>>>> [21/Feb/2007:17:08:02 -0500] conn=0 op=11 MOD
>>>>> dn="cn=slapd-al-lnx-s11,cn=Fedora Directory Server,cn=Server
>>>>>
>>>>>     
>>>>>       
>>>>>         
>>>>>           
> Group,cn=al-lnx-s11.preferredcare.org,ou=preferredcare.org,o=NetscapeRoo
>   
>>   
>>     
>>>   
>>>     
>>>       
>>>>   
>>>>     
>>>>       
>>>>         
>>>>> t", invalid password syntax
>>>>>   
>>>>>     
>>>>>       
>>>>>         
>>>>>           
>>>> This means that there is still some password policy being applied.
>>>>     
>>>>       
>>>>         
>>> I'm 
>>>   
>>>     
>>>       
>>>> not sure what's going on, but you need to make sure all password
>>>>     
>>>>       
>>>>         
>>> policy 
>>>   
>>>     
>>>       
>>>> is disabled before running setup.
>>>>
>>>>
>>>> Confidentiality Notice:
>>>> The information contained in this electronic message is intended for
>>>>     
>>>>       
>>>>         
>>> the exclusive use of the individual or entity named above and may
>>> contain privileged or confidential information.  If the reader of
>>>       
> this
>   
>>> message is not the intended recipient or the employee or agent
>>> responsible to deliver it to the intended recipient, you are hereby
>>> notified that dissemination, distribution or copying of this
>>>     
>>>       
>> information
>>   
>>     
>>> is prohibited.  If you have received this communication in error,
>>>     
>>>       
>> please
>>   
>>     
>>> notify the sender immediately by telephone and destroy the copies you
>>> received.
>>>   
>>>     
>>>       
>>>> --
>>>> Fedora-directory-users mailing list
>>>> Fedora-directory-users at redhat.com
>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>   
>>>>     
>>>>       
>>>>         
>>> --
>>> Fedora-directory-users mailing list
>>> Fedora-directory-users at redhat.com
>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>   
>>>     
>>>       
>> --
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>   
>>     
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>   
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20070222/2bcb6f46/attachment.bin>

More information about the Fedora-directory-users mailing list