Directory Server 5.0 and 5.1 - Triggers

Does the previous versions of Sun Java Directory Server 5.0 and 5.1 support LDAP Triggers.
I need to be clarified soon.

Hi,
You can set this in "iPlanet Diretory Server", to force the user to log off after particular time. For more info. check iPlanet Directory server guide.
Regards,
Dakshin.

Similar Messages

  • Active Directory - Server 2008 R2 and 2012 R2 (Server Formatting or not productive

    Hello guys, I come here to try to clarify a great doubts regarding Server Operating Systems, I will attempt to detail the most of my scenario.
    Suppose I have a Server 2008 R2 in production, and this is my Active Directory server (meudominio.local) and am managing through Group Policy settings my workstations that are around 60-70 computers, guys my doubts the thing is, if I need some time to format
    and perform a fresh installation of my server as it will be my Active Directory? Of course I will have lost my domain controller and I have to accomplish the placement of each workstation again that enters my domain one by one.
    I know there is the option of AD replication, so we call the Active Directory, even for another version of the Operating System, prátia already realized this, but it most often comes not functioning properly, done without replication problems Server 2003 to
    2008 R2.
    Guys like to know a solution to not having to put my plants in my domain network again one by one, is there any way to backup so that when I reinstalled the system and the AD again in my server stations return to "see" again that server as your domain
    controller, even me installing AD with the same domain name before this formatting stations do not respond to this driver in this case do the Network ID or add the station to the area again, so she creates a new user profile for example (Max.meudominio) while
    your old profile "guy" still remains on the machine, I adopted the practice of editing the record of this newly created profile and pointing him well for the old user folder which contains all data and settings, eg edit my key "ProfileImagePath"
    regedit logged in with the newly created profile (Max.meudominio) ->
    (switch "ProfileImagePath" C:\Users\Max.meudominio) thus pointing to the folder before replacing in the field again this season after formatted server, thus ->
    (Switch "ProfileImagePath" C:\Users\Max), detail that we give permission for all such user "C:\Users\Max" folder, after that restart the computer and he comes back with the user profile and all your settings.
    I wonder if there is another method to perform this procedure, do not know even a backup AD to not have to replace all the seasons again "meudominio.local".
    Thank you for your attention!
    Translation with Google translator! Sorry.
    Matias Duarte Coordenador de Suporte Dual Solucoes® | Soluções em tecnologia da informação

    As the practice of replication I know her mostly said she has some flaws when I do the replication of my domain to another server but it works correctly, so having a server "master" and the other ServidorBKP as "slave", in redundancy,
    the problem is when I say, and put the "ServidorBKP" being my primary domain controller and disabling my main controller, to disable or turn off my main controller the stations themselves are unable to login because it does not communicate with the
    my ServidorBKP "slave" even I put it as the main driver of course.
    Regarding the System State as far as I know this option existed in Server 2003.
    I also got some information, confer on the links below.
    http://msdn.microsoft.com/en-us/library/bb727048.aspx
    http://technet.microsoft.com/pt-br/library/cc758435(v=ws.10).aspx
    http://technet.microsoft.com/en-us/library/cc961934.aspx
    I'm still researching other ways, getting communicate any news to everyone. (Google Translate)
    Matias Duarte Coordenador de T.I. Dual Solucoes® | Soluções em tecnologia da informação http://www.matiasduarte.com.br

  • Directory Server 5.1 and CMS 4.2 SP2

    There's a similar question on 16 January that didn't get answered.
    I realise I can configure CMS to publish certificates to an "external" DS 5.1 LDAP directory. However, I'd like to know whether there is a realistic method to make CMS use DS 5.1 for it's internal database (port 38900). I don't want to build a complex mixed-version environment unless there will be no alternative for (say) the next 6-9 months.
    I have a production user directory that is being upgraded from DS 4.12 to 5.1. Our CMS system is also in production, and was upgraded to 4.2 SP2 about 6 months ago.
    Does anyone have any experiences in this area that can help me decide on an optimal way forward?

    I recommened that you read the Release Notes of DS5.2, there are some notes on Replication between 5.1 and 5.2.
    ===
    In Directory Server 5.2, the schema file 11rfc2307.ldif has been altered to conform to rfc2307. If replication is enabled between 5.2 servers and 5.1 servers, the rfc2307 schema MUST be corrected on the 5.1 servers, or replication will not work correctly.
    Workaround
    To ensure correct replication between Directory Server 5.2 and Directory Server 5.1, perform the following tasks:
    * For zip installations, remove the 10rfc2307.ldif file from the 5.1 schema directory and copy the 5.2 11rfc2307.ldif file to the 5.1 schema directory. (5.1 Directory Server Solaris packages already include this change.)
    * Copy the following files from the 5.2 schema directory into the 5.1 schema directory, overwriting the 5.1 copies of these files:
    11rfc2307.ldif, 50ns-msg.ldif, 30ns-common.ldif, 50ns-directory.ldif, 50ns-mail.ldif, 50ns-mlm.ldif, 50ns-admin.ldif, 50ns-certificate.ldif, 50ns-netshare.ldif, 50ns-legacy.ldif, and 20subscriber.ldif.
    * Restart the Directory Server 5.1 server.
    * In the Directory Server 5.2 server, set the nsslapd-schema-repl-useronly attribute under cn=config to on.
    * Configure replication on both servers.
    * Initialize the replicas.
    ===
    Also search for "migrate" or "repl" or "5.1" in Release Notes and read the relevant information.
    http://docs.sun.com/source/817-7611/index.html
    Another guide is "Installation and Migration Guide"
    http://docs.sun.com/app/docs/doc/817-7608
    HTH.
    Gary

  • Configure replication between directory server 5.1 and 5.2

    we have two directory servers running on different machine 5.1 and new 5.2. All database have been successfully backup and restore from 5.1 to new 5.2. In this scenario, we would like to setup 5.1 and new 5.2 D.S as multi-master replication.
    As described in the sun Documentation, we have copy few ldif file from new 5.2 to 5.1 so that both schema are up to date.
    The new instance of 5.2 is running fine. However, on the other hand, 5.1 has a problem to start the server as show in the following below.
    # ./start-slapd
    [31/May/2005:14:07:43 +0800] dse - The entry cn=schema in file /usr/iplanet/servers/slapd-ifpdev02/config/schema/50ns-admin.ldif is invalid, error code 21 (Invalid syntax) - object class nsAdminServer: Unknown required attribute type "nsServerID"
    [31/May/2005:14:07:43 +0800] dse - Please edit the file to correct the reported problems and then restart the server.
    Any help from you guys are greatly appreciated.

    I recommened that you read the Release Notes of DS5.2, there are some notes on Replication between 5.1 and 5.2.
    ===
    In Directory Server 5.2, the schema file 11rfc2307.ldif has been altered to conform to rfc2307. If replication is enabled between 5.2 servers and 5.1 servers, the rfc2307 schema MUST be corrected on the 5.1 servers, or replication will not work correctly.
    Workaround
    To ensure correct replication between Directory Server 5.2 and Directory Server 5.1, perform the following tasks:
    * For zip installations, remove the 10rfc2307.ldif file from the 5.1 schema directory and copy the 5.2 11rfc2307.ldif file to the 5.1 schema directory. (5.1 Directory Server Solaris packages already include this change.)
    * Copy the following files from the 5.2 schema directory into the 5.1 schema directory, overwriting the 5.1 copies of these files:
    11rfc2307.ldif, 50ns-msg.ldif, 30ns-common.ldif, 50ns-directory.ldif, 50ns-mail.ldif, 50ns-mlm.ldif, 50ns-admin.ldif, 50ns-certificate.ldif, 50ns-netshare.ldif, 50ns-legacy.ldif, and 20subscriber.ldif.
    * Restart the Directory Server 5.1 server.
    * In the Directory Server 5.2 server, set the nsslapd-schema-repl-useronly attribute under cn=config to on.
    * Configure replication on both servers.
    * Initialize the replicas.
    ===
    Also search for "migrate" or "repl" or "5.1" in Release Notes and read the relevant information.
    http://docs.sun.com/source/817-7611/index.html
    Another guide is "Installation and Migration Guide"
    http://docs.sun.com/app/docs/doc/817-7608
    HTH.
    Gary

  • How do I bind to directory server with SSL and authentication?

    I'm running Lion Server 10.7.3, Open Directory master. In Open Directory/Settings/LDAP, I've checked the box to Enable SSL and selected a (self-signed) certificate. In Policies/Binding, I've checked the box to Enable Authenticated Directory Binding.
    Testing with a client computer on which Snow Leopard has been freshly installed and fully updated, I went to System Prefs/Accounts to bind to the new directory server. The good news is, the binding was successful, and when the client initiates an AFP connection with the server, it uses Kerberos, creating a ticket as expected. (Which doesn't work with Lion clients, alas, but that's a seperate matter.)
    Here are the problems:
    1) It looks like the binding did not use SSL. By which I mean that when I opened Directory Utility and examined the LDAPv3 entry, the SSL checkbox was not checked. (If I then check the box, everything looks fine until I restart the client, after which I have a red dot. So I'm guessing that checking the box does nothing until after restart, and that it breaks the binding.)
    2) I was never prompted to authenticate for the directory binding.
    So I get that literally I'm *enabling* SSL and Authenticated Directory Binding, but it seems like the defaults are to bind without SSL or authentication, and there's no obvious-to-me way to force the binding to use those things. How do I do that?
    What I'd really like to do is *require* SSL and Authenticated Directory Binding. I want this because my belief (correct me if I'm wrong) is that if authentication is required to bind to the server, no one will be able to bind to my server without my permission, and that SSL offers a more secure connection to my server than not-SSL. How do I require these things, or do I not really want to?
    Thank you.

    You cannot connect to databases via Muse at the moment. Please refer: http://forums.adobe.com/message/5090145#5090145
    Cheers,
    Vikas

  • Single directory Server for Messaging and Portal

    We are trying to unify our directory services.
    At present, there two directory servers, one for iPlanet messaging 5.2 and another for Portal server 6.0.
    Messaging's Directory server is v5.1 and Portal's Directory server is v5.2. Their BaseDN is same.
    Now, What we are planning to do is as below.
    1. LDIF everything from Msgr Directory and import into Portal's Directory.
    2. Point Msg Server to the Portal's directory.
    But, we are not sure what to export or how to tell messaging server to look at the Portal's Directory. Any help will be greatly appreciated!!!
    Thanks
    Srini

    What you are trying to do is non-trivial.
    Setting the ldap server for user and groups on the mail server is easy enough -- look at the output of configutil and you will find the values of local.ugldap*
    define the values you need to change.
    e.g.:
    local.ugldapbasedn
    local.ugldapbindcred
    local.ugldapbinddn
    local.ugldaphost
    local.ugldapport
    etc.
    These are all listed in the messaging reference manual.
    You need to ensure that the schemas of the two apps. match. For example, if you are using schema 1 for mail and schema 2 for the portal (quite likely), there will be a lot more work to do on the directory than simply moving the user entries accross and merging them.
    Unless you have done this sort of thing before, or feel very comfortable and knowlegable about how the messaging server in partuicular works with LDAP, I would suggest that you seriously consider getting help from Sun Professonal Services.

  • Sun Directory Server attribute userPassword and SSHA

    I am trying to write my own java code to validate an input plain text password against the corresponding encoded value as it appears on the Sun One directory server attribute 'userPassword'.
    For example the userPassword attribute value might look like this:
    {SSHA}...some-ssha-encoded-jibberish...
    Now what does the java code snippet look like that take as input a
    plain-text password String and encodes it to see if it matches the
    Sun One encoded attribute value??

    I know that doing an LDAP bind will accomplish the 'logical' equivlant of what I am after but for my application purposes I need to be able to validate the password string with my own code. In fact my problem goes beyond just the {SSHA} style hash I also need to be able to validate the {crypt} style has as well. I have solved the {SHA} style hash validation but the other two hashes are problematic thus far.

  • JNDI Support in Directory Server 5.1 and 5.2

    Does anyone know where I can find documentation on whether Directory Server supports - JNDI -(java naming directory interface), and whether this is an industry standard that is outlined in an RFC somewhere?
    Thanks

    JNDI support is documented in Chapter 35 of the DSRK guide at http://docs.sun.com/source/816-6400-10/jndi.html
    JNDI is a part of J2SE, a Java Community Process specification. See http://www.jcp.org
    --Stephen                                                                                                                                                                                                                                                                                                                                                                                                                                   

  • Directory server 4.12 and 4.15 problem with Solaris 8

    Hi there,
    I have been having an ongoing problem with my read/write master
    directory server. It
    occasionally stops responding to bind attempts and queries. The current
    setup as is running
    on a Sunfire 280R with Solaris 8. Up until a few days ago I was running
    4.12, I upgraded this
    to 4.15 to see of the problem would go away. I am running several 4.13
    replicas on other
    Solaris 8 machines with no problems.
    The biggest problem is that this master directory server is needed for
    our Iplanet messaging
    server 5.1 implementation. Every time the directory fails you cannot log
    in to the messaging
    server. (there doesn't appear to be anyway of sending authentication to
    a read only server).
    Anyway I was just wanting to see if anyone else had the same problem or
    had fixed it and could
    provide some insight into how to fix it. Also any pointers on what to
    look for in the directory
    server error logs would be useful.
    I had an idea that it might have been running out of available
    connections so I set it to close idle
    connections after 300 seconds. Is there any docs on tuning the resources
    for the server or for
    identifying if you have a resource problem?
    Any help or ideas would be appreciated. Please contact me directly as
    well as to the newsgroup
    if possible.
    Thanks,
    Scott.
    Scott Lawson
    Systems Manager
    Department Of Information Services
    St. George's Hospital Medical School
    Tooting
    London SW17 0RE
    UK
    P: 44 (0)208 725 2896
    F: 44 (0)208 725 3583
    mailto:[email protected]
    http://www.sghms.ac.uk
    Your mouse has moved.
    Windows must be restarted for the change to take effect.
    Reboot now? [OK]
    __________________________________________________________________

    Scott Lawson <[email protected]> wrote in news:3BCAA419.E322F958
    @sghms.ac.uk:
    >
    I had an idea that it might have been running out of available
    connections so I set it to close idle
    connections after 300 seconds. Is there any docs on tuning the resources
    for the server or for
    identifying if you have a resource problem?4.15 hotfix solves a problem with FDs running out (apparently .... we are
    still testing0.
    /* Christopher Burke - Spam Mail to [email protected]
    |*
    \* Real mail to cburke(at)craznar(dot)com

  • Directory Server 6.1 and 2005Q4

    We are current running JES 2005Q4 (JES4) Directory Server:
    Sun Java(TM) System Directory Server/5.2_Patch_5 B2007.093.0303
    ns-slapd: B2007.213.1401
    We are very interested in the Identity Synchronization for Windows
    which comes as part of JES5' Directory Server 6.1.
    We are wondering if this version of the Directory Server can be run
    with the JES4 messaging and calendaring servers?
    If yes, are there any gotchas we should watch out for? More important,
    is it a good idea? And/or does anyone have any suggestions?
    Thanks!
    -- Bob

    Hi,
    As long as you can run comm_dssetup.pl against the directory install to set up all of the relevant schema and indexes, it should be fine.
    Messaging & calendar server aren't fussy about the directory version - just the data structure and speed (i.e. schema & indexes).
    Regards,
    Shane.

  • We are in the process of upgrading to Directory Server 5.1, and are currently using Netscape C SDK 4.0. Is it recommended (or required) that we update to the latest version (5.08) of the SDK as well?

     

    No it is not a requirement that your client application uses the latest version of the C-SDK. However some bugs have been fixed in the latest version of the C-SDK and also some new features are available... so I can only recommend you to use it.
    Regards,
    Ludovic.

  • How do I implement Directory server 5.1? Install it and then buy licences later?

    I am new to Directory Server 5.1 and need to install it as a pre-req to a 3rd party product.
    Is the server freeware? If not how much does it cost do I have to buy licences separately once I download the server?

    I believe, you can download develop and test on iPlanet Directory Server 5.1 for free. When you deploy in commercial production environment, you will need licenses. The licenses are per LDAP entry. So if you use more entries you pay more.

  • Sun java directory server and Active Directory

    We are using two different directory servers Sun java directory server and active directory.
    My question is how we can have password synchronization between these two directory servers.
    I have checked Sun Java[TM] System Identity Synchronization for Windows 1 2004Q3
    http://www.sun.com/download/products.xml?id=41537425
    It seems that it's supported platforms is only for solaris and windows , but I have installed my Sun java directory server on linux and obviously it doesn't work for me.
    I would be grateful if anyone can suggest a solution to work around this situation.
    I have checked identity manager , I would like to know that if I can do this using this product.
    http://www.sun.com/software/products/identity_mgr/specs.jsp
    --regards.
    Sara

    Yes RHEL 4 is a supported OS with DSEE 6.0.
    Identity Synchronization for Windows is a part of DSEE that allows synchronization of users, passwords and groups between Sun Directory Server and Active Directory bi-directionally without altering the users environments, ie it does not require that users change their current habits.
    Identity Manager is a complete identity management solution that is targetting enterprise work flow when it comes to user provisioning and de-provisioning, but also allows to build authentication and password change forms that will provision the passwords to many different systems including Sun Directory Server and Active Directory but also IBM mainframes, legacy applications, databases...
    If you are implementing a complete identity management solution, then go with Identity Manager. If you need a lightweight and fast solution for just synchronizing users and passwords between Sun DS and MS AD, Identity Synchronization for Windows should be your choice.
    Regards,
    Ludovic.

  • Changing IP Address and ports in Directory Server 5.1 SP 4 and 5.2 SP4

    I have installed multiple instance of Sun Directory Server 5.1 and 5.2 on ports 389 and 390,now I want to change the IP Address and ports, I am able to change the directory server port from 389 by editing the dse.ldif file, now I want to change the port 390 and the IP address same as directory server, can someone expert from the forum guide me.
    Thanks in Advance.
    Mukesh Kumar

    1) I don't know what you've typed in when installing... but I've never seen that message. Are you using any language specific characters ?
    Do you get the error after this screen ?
    <b>
    The suffix is the root of your directory tree. You may have more than
    one suffix.
    Suffix [dc=sun,dc=com]:
    </b>
    If yes, then this means that the value you typed in is not a valid DN... and you must enter a valid one.
    2)The Directory Server is installed under /usr/iplanet but the database is under /var/iplanet/ds5 and configuration is under /etc/iplanet/ds5 ...
    You can use symbolic links if you want to move things around.
    3) You mean you downloaded the tar.gx file of iDS 5.1 and install it on Solaris 9... No problem, I do this every day. As long as you have right to create directories and files, you should be able to install as anyone. If not, you should install as root and then let the server run as a special user.
    4) Solaris 9 comes with iDS5.1 packages already installed. But the server is not configured at all.
    Running directoryserver setup allows you to configure it and create the database, accounts...
    Running directoryserver uninstall remove the instance of the installed database... It doesn't remove the packages. You can start again a setup...
    By the way, I think that iDS 5.1 on Solaris 9 comes with the full documentation... May be you should start by reading it.
    Regards,
    Ludovic.

  • Change Directory server for Portal Server 6.2

    Hi there,
    I have the following problem with Portal Server 6.2 configuration which hopefully someone here will be able to help me with.
    Basically our current setup is the Sun Portal Server 6.2, ID server 6.1 and Directory server all sitting on one (Solaris 9) box. We now wish to separate the Portal / ID server components and the Directory Server component to separate boxes. In portal server 6.0 i think there was a pssetup tool which allowed configuration of a directory server which populated it with the necessary data for portal and ID server. The directory server we will be installing to will not necessarily be a clean install, i.e. it may already be populated with data.
    Is there some way therefore to re-configure the existing directory server to allow us to point our portal / ID server at it?
    Thanks in advance for any help
    Laurence.

    This can be done. You need to import the portal/identity server's schema into your new directory server and then export your existing directory server's content and import it into the new one.

Maybe you are looking for

  • Error while approving the request ..

    Hi , I have created a SOA composite where in the 1st level approver is manager and second level approval is a role . When i raise the request the task is assigned to the manager and manager approves it . Then the task is assigned to the Role . Howeve

  • HT201210 Why can't I change the location of my device backups?

    Why can't I change the location of my device backups? iTunes seems to force me to use my c:\ drive as the destination for all backups.  Background: I have set up my c:\ drive only for programs - all data is stored on separate drives - including my iT

  • Creating an exe file for java

    Hi all, any way to create the exe file using JBuilder 3? if possible how to do that? how about creating installation file for the application? thanks alot

  • If I downgrade from Mavericks back to Snow Leopard and external HD's to be recognised?

    I have had to reboot the system before after a problem but over the course of time since upgrading my iMac has been just unbearbly slow. I have tried so many ram fixes but none are working. I am saving up for a new mac but in that time I will need th

  • Helping my dad with mega photo project....

    He has about 35,000 pics from various trips over the years. Trouble is, they're on cards, on his Mac (20,000 approx.) and on an external hardive too. No surprise he's having problems with iPhoto now - confusing mess of events, duplicates, slow proces