Directory Server 5 SDK for C

Is anyone using the Directory Server 5 SDK for C?
I am looking for documentation on the product since Sun does not include this as part of the download and is not on the docs.sun.com site.
If you are successfully using this development environment, may I contact you directly to ask a few questions?

The LDAP C-SDK 6.0 will support these platforms.
It will be available along with Directory Server 6.0.

Similar Messages

Access read-only LDAP for username/password, Directory Server LDAP for rest

Hello! I keep trying to find documentation on the above, but thus far I have been unable to find something that explains this well (and my attempts at figuring out thus far have failed).
I have a read-only LDAP that is used University wide, and I am not allowed to change how it currently operates. It uses double-bind authentication in that you search for a user to get their DN, then bind to that DN with the users password to see if it was correct.
I'd like to use the above setup to verify a user's credential as well as return some basic information about them (name, email, etc). After this, I'd like to use another freshly installed Directory Server LDAP to manage the roles that seem to be needed for Portal Server (as I cannot write to the original LDAP).
Any help or advice on the above would be appreciated! Thank you.

The authentication you described is the default way LDAP authentication works.
AM Ldap auth-module allows you to 'pull' attributes from the LDAP server you're using for authentication and store it in it's 'amSDK' Directory Server - which is leveraged by Portal Server (if you're talking about Sun's Portal Server).
However this is only done if the profile is created (set 'dynamic profile generation' in auth - service).
As Portal Server does not support the new 'identity repsoistory API' of AM you have to stick to AM's legacy mode when using Portal Server.
To keep the the data in sync (if needed) you have to write a post-auth class.
-Bernhard

Directory server console for vista?

Hi there,
I am planning to manage sun directory server 5.2SP4 from my laptop which is a vista box, is there any DS console for vista available?
Cheers

Has nobody done this then ???
Id really like to admin my directory servers from my vista laptop without having to xdisplay console back all of the time.

Directory server switch for messaging

Hi,
We installed a new instance of Directory server 5.2 on a new Solaris box as the old box needs to be recycled. Both instances are DS5.2 with a patch difference.
Can anyone help me with, how to make the the messaging server switch from the old instance to new instance of directory server.
I am a directory person and do not know much about messaging.
Thanks,

First, you need to extract the configuration data from your old ldap server, per the documentation here:
http://docs.sun.com/app/docs/doc/816-6734-10
In fact, just follow this entire document, it'll help you through the whole process.

How to install directory server/client on Solaris 9 for dummys

Hi,
after reading hunderts of pages, after asking questions in forums without getting the right answers, i was able to install the directory server in our company.
Here is the summary i made for myself. Perhaps it helps others to avoid the same problems.
Set up a Directory Server (sun one ds 5.1)
Present situation:
-Nisplus is installed
-Solaris OS 9 sparc 64bit is installed
-DS5 Software is normally already installed in Solaris 9. Check off with 'pkginfo | grep IPLT*'
-Otherwise install from Solaris OS 9 Disc1 with 'pkgadd -d IPLTxxxx .'
-Software setup with '/usr/sbin/directoryserver setup'
     Install admin- and directory server.
     For Directory Server use port 389 (necessary for later use of SSL)
     For Admin Server use any empty port > 1024
     Run directoryserver as root (necessary for using port 389 and for -starting servers from console)
     Use default Directory Manager DN cn=Directory manager
     Use your domain as DIT (default information tree) example: dc=example, dc=com
     As second DIT, setup installs o=NetscapeRoot. Don't change this DIT at all!!!!!
The server stores all the default schemas there which are absolutely important for the directoy
server. Don't change anything there !
-Configure software with 'idsconfig'
     Preferred - and default server xxx.xxx.xxx.xxx (ip_adds of your directory server)
     Use default search scope one
     Use credential's Proxy
     Use authentication Simple (you may change this later if needed)
     All the rest should remain on default settings
     You will be asked for a proxy passwort
-Start the directoryserver console with '/usr/sbin/directoryserver startconsole'
-If it's not yet running, start the directory server from console or with command 'directoryserver -s instance_name start'
-If it's not yet running, start the admin server from console or with command 'directoyserver start-admin'
-On directoryserver's gui at configuraton/password set password encryption to 'unix crypt algorithm (CRYPT)'
Import Data
-Get Data from Nisplus with
     'niscat passwd.org_dir passwd.ldap'
     'niscat hosts.org_dir hosts.ldap'
     'niscat groups.org_dir groups.ldap'
     etc
-adjust the files. (try it out with one entry of a file only. You may delete this entry with the gui very easy if it's not successfull.
-hosts.ldap must look like
xxx.xxx.xxx.xxx machine1
xxx.xxx.xxx.xxx machine2
xxx.xxx.xxx.xxx machine3
     First value is the ip-address, second one is the hostname.
     If you have more than one hostname per machine, use a second line (don't write 2 names behind the ip-address like you did in nisplus!!!)
Change content of files into ldif format
-perl migrate_hosts.pl hosts.ldap hosts.ldif
-perl migrate passwd.pl passwd.ldap passwd.ldif
-You may download the above perl-Files from http://www.padl.com
Change the converted passwd.ldif File as follows:
-before change:
dn: uid=mario,ou=People,dc=krinfo,dc=ch
uid: mario
cn: mario
objectClass: account
objectClass: posixAccount
objectClass: top
userPassword: {crypt}6O9m3uK./T/rM
loginShell: /bin/bash
uidNumber: 1020
gidNumber: 14
homeDirectory: /home/mario
-after change:
dn: uid=mario,ou=People,dc=krinfo,dc=ch
uid: mario
cn: mario
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount <--- this line must be inserted
objectClass: top
userPassword: {crypt}6O9m3uK./T/rM
loginShell: /bin/bash
uidNumber: 1020
gidNumber: 14
homeDirectory: /home/mario
Insert the line for every entry in the passwd.ldif file
You may now import all these xxxx.ldif files into the directory server with
-ldapadd -h name_of_directoryserver -D "cn=Directory Manager" -w password -f XXXXX.ldif
You may use this commands later to import further data.
-Initialise a client
'ldapclient -a proxyDN=cn=proxyagent,ou=profile,dc=example,dc=com init xxx.xxx.xxx.xxx'
The xxx.xxx.xxx.xxx at the end is the ip address of the directory server
-This will make a client with data taken from the default profile from the directory server. This profile has been produced with the earlier command idsconfig and can be changed if needed.
-The System will ask you for the proxy password (given the first time in idsconfig dialog)
-You may now look at the produces files
in '/var/ldap/ldap_client_file' for the client settings
in '/var/ldap/ldap_client_cred' for the proxy settings
'ldapclient list' shows the settings of the client
With 'ldaplist -h' you may see all the existing entries with their objects.
Activate the client
-If it's not yet running, start '/usr/lib/ldap/ldap_cachemgr'
-All nisplus daemons/programs have been stopped by ldapclient command. If not, stop them manually.
-/etc/nsswitch.conf should have been copied from /etc/nsswitch.ldap from ldapclient too.
-If not, do it manually.
example
passwd: files ldap
group: files ldap
hosts ldap dns files
etc
I recommend to change the file '/etc/nsswitch.ldap' because the system oftens copies nsswitch.ldap to nsswitch.conf and if nsswitch.ldap is adapted, you must now change it again and again.
you may now check whether ldap is working fine with the following requests:
getent passwd username
getent hosts hostname
getent groups
getent network
These commands should give you the requested answer.
Be sure to clean:
/etc/hosts      inside is only your workstation and the directory server
/etc/passwd     only default and local entries
/etc/groups only default and local entries
etc
try a telnet to your own machine to check, whether password and automount of your home_dirctory works fine.
I failed here. All was working fine, but the password exchange did not because of credential/authentication problems.
Best regards and good luck
Mario

Directory Server 5.1 does not support Kerberos authentication.
Beside this there are some extensions in MS kerberos authentication that makes it almost impossible to have a MS client authenticate with something else than AD.
Regards,
Ludovic.

When I try to connect LDAP server with Directory certificate installed in Onboard Administrator , I get the below error message. Initiating Directory Settings diagnostic for LDAP server 10.0.0.2 port 636

10.0.0.2Accepting Directory Server certificate for /CN=qtp-ldap.oaqtp.com signed by /DC=com/DC=oaqtp/CN=qtp-ldap
Skipping certificate 1 (/CN=qtp-ldap.oaqtp.com): subject issuer mismatch
Certificate of Directory Server cannot be verified with the installed LDAP certificate.
Unable to establish SSL connection with directory server.
You may need to install a certificate for your server to allow SSL connections.
It says "Subject Issuer mismatch" .. What could be the reason ?
-Shibi Keyan

Well, it sounds like the certificate name is different than what you are trying to connect to. Can you try connecting to the DNS name instead? This sounds like a DNS and Certificate Name issue.
http://social.technet.microsoft.com/wiki/contents/articles/2980.ldap-over-ssl-ldaps-certificate.aspx
Kurt Hudson, Sr. Technical Writer AD DS, AD CS, PKI, Azure AD

Setup Java system directory server 6 client for user authentication

I am trying to set up a native LDAP client for sun directory server 6 for network based user authentication. I checked the sun doc for naming service (LDAP) and the documentation are for setting up LDAP client for directory server 5. Is there any documentation for setting up LDAP client for directory server 6? Or the documents for setting LDAP client for directory server 5 is still good for 6? Particularly, I want to use SSL communication between server and client.

Hi,
could be one of the other 'bad jokes' of DS/ldapclient because the documentation describes a lot of stuff about profiles etc. but: you need some special schema files to use the whole stuff and they are not installed with Solaris or DS (and they include the NisDomainObject). I had to search for them in the internet. They are also printed in the documentation. Save them in your server's config/schema directory as i.e. 61DUAConfigProfile.ldif and 62nisDomain.ldif and try idsconf again (maybe you have to cleanup something).
I test and prepare DS6 here, and we will use it in production too. I hadn't any problem with it and it has some important advantages over DS5.2. But we won't have a huge directory so I can't tell you anything more about it.
Regards
Jochem Ippers
Here are the ldifs:
61DUAConfigProfile.ldif:
dn: cn=schema
attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.0 NAME 'defaultServerList' DESC 'Default LDAP server host address used by a DUA' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.1 NAME 'defaultSearchBase' DESC 'Default LDAP base DN used by a DUA' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.2 NAME 'preferredServerList' DESC 'Preferred LDAP server host addresses to be used by a DUA' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.3 NAME 'searchTimeLimit' DESC 'Maximum time in seconds a DUA should allow for a search to complete' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.4 NAME 'bindTimeLimit' DESC 'Maximum time in seconds a DUA should allow for the bind operation to complete' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.5 NAME 'followReferrals' DESC 'Tells DUA if it should follow referrals returned by a DSA search result' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.6 NAME 'authenticationMethod' DESC 'A keystring which identifies the type of authentication method used to contact the DSA' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.7 NAME 'profileTTL' DESC 'Time to live, in seconds, before a client DUA should re-read this configuration profile' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.14 NAME 'serviceSearchDescriptor' DESC 'LDAP search descriptor list used by a DUA' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.9 NAME 'attributeMap' DESC 'Attribute mappings used by a DUA' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.10 NAME 'credentialLevel' DESC 'Identifies type of credentials a DUA should use when binding to the LDAP server' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.11 NAME 'objectclassMap' DESC 'Objectclass mappings used by a DUA' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.12 NAME 'defaultSearchScope' DESC 'Default search scope used by a DUA' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.13 NAME 'serviceCredentialLevel' DESC 'Identifies type of credentials a DUA should use when binding to the LDAP server for a specific service' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.15 NAME 'serviceAuthenticationMethod' DESC 'Authentication method used by a service of the DUA' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'user defined' )
objectClasses: ( 1.3.6.1.4.1.11.1.3.1.2.4 NAME 'DUAConfigProfile' SUP top STRUCTURAL DESC 'Abstraction of a base configuration for a DUA' MUST ( cn ) MAY ( defaultServerList $ preferredServerList $ defaultSearchBase $ defaultSearchScope $ searchTimeLimit $ bindTimeLimit $ credentialLevel $ authenticationMethod $ followReferrals $ serviceSearchDescriptor $ serviceCredentialLevel $ serviceAuthenticationMethod $ objectclassMap $ attributeMap $ profileTTL ) X-ORIGIN 'user defined' )
62nisDomain.ldif:
dn: cn=schema
attributeTypes: ( 1.3.6.1.1.1.1.30 NAME 'nisDomain' DESC 'NIS domain' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'user defined' )
objectClasses: ( 1.3.6.1.1.1.2.15 NAME 'nisDomainObject' SUP top STRUCTURAL MUST nisDomain X-ORIGIN 'user defined' )

Binding to directory server vs. OD replica

Can someone explain the practical differences between binding a server to an OD master vs. being a replica of that OD master?
Why would I bind a server instead of making a replica? Seems like the replica would always be easier to admin and would provide the same function...?

I'm wondering why someone would do this. Why bind one server to another vs. making that second server a replica?
The real issue is whether this server is going to provide authentication services to other clients.
In addition to not wanting all your data on a single machine, if you have many client systems it may overwhelm a single directory server. For these reasons you may create a replica (or number of replicas) that keep in sync with the master server and have a complete copy of the entire Open Directory database (all users, machines, groups, etc.)
These replicas can then be used to provide authentication services to client systems, as well as provide failover for the client in case this machine goes away for any reason.
In contrast there's no need for every client system to have the entire directory. If you have many machines, the number of update messages that get passed around and need to be replicated to every machine on the network would be cumbersome, at best.
Then there's also an element of security - the directory should have some level of protection since it includes data about every user, including their password and other personal details. If you replicate this to every machine then any user on your network could poke around the data at their leisure. Contrast that with a typical client machine that only has the account credentials for the current user.
So for any network you should create one master and at least one replica. Client systems should point to a replica and should not be Open Directory replicas themselves.

Iplanet Directory server 5.0 replication issue

Hi,
I'm currently running some test for replication with the OLD version of DS 5.0 on Windows XP
Running 2 Servers Master A and Consumer B, where A is the original who initialise B with Data then from there on Master A replicates changes to Consumer B.
My problem is here, I can initialise the the Data ( copying it from A to B ) no problem.
But when I make changes in A and wait for it to replication from A --> B.
it does nothing.
I followed MOST of the steps in the replication guide for Administrator, but have hit a wall.
Only part i did no understand is below:
//=============================================
Create the entry corresponding to the supplier bind DN, if it does not exist. This is the special entry that the supplier will use to bind.
In the Directory Server Console, click the Directory tab, and create an entry. For example you could use cn=Replication Manager,cn=config.
Specify a userPassword attribute-value pair.
If you have enabled password expiration, or intend to do so in future, disable the password expiration policy on this attribute, by adding the passwordExpirationTime attribute with a value of 20380119031407Z.
//=============================================
Therefore I used cn=Replication Manager,cn=config wheen it asked during the replication config setup.
I also used this when creating the Directory server instance for Master A and Consumer B.
Logs are below:
ConsumerB Error Log
[31/Oct/2008:11:29:44 +1300] - slapd started. Listening on all interfaces port 10264 for LDAP requests
[31/Oct/2008:11:29:44 +1300] - cos_cache_getref: no cos cache created
[31/Oct/2008:11:34:34 +1300] NSMMReplicationPlugin - multimaster_be_state_change: replica o=psbconexa.co.nz is going offline; disabling replication
[31/Oct/2008:11:34:34 +1300] - import userRoot: Index buffering enabled with bucket size 10
[31/Oct/2008:11:34:34 +1300] - import userRoot: Beginning import job...
[31/Oct/2008:11:34:35 +1300] - import userRoot: Workers finished; cleaning up...
[31/Oct/2008:11:34:37 +1300] - import userRoot: Workers cleaned up.
[31/Oct/2008:11:34:37 +1300] - import userRoot: Indexing complete. Post-processing...
[31/Oct/2008:11:34:37 +1300] - import userRoot: Flushing caches...
[31/Oct/2008:11:34:37 +1300] - import userRoot: Closing files...
[31/Oct/2008:11:34:37 +1300] - import userRoot: Import complete. Processed 3 entries in 3 seconds. (1.00 entries/sec)
[31/Oct/2008:11:34:37 +1300] NSMMReplicationPlugin - multimaster_be_state_change: replica o=psbconexa.co.nz is coming online; enabling replication
[31/Oct/2008:11:34:38 +1300] NSMMReplicationPlugin - repl_set_mtn_referrals: could not set referrals for replica o=psbconexa.co.nz: 53
ConsumerB Access Log:
[31/Oct/2008:11:36:32 +1300] conn=6 op=6 UNBIND
[31/Oct/2008:11:36:32 +1300] conn=6 op=6 fd=1320 closed - U1
[31/Oct/2008:11:36:38 +1300] conn=2 op=135 SRCH base="cn=ldbm database, cn=plugins, cn=config" scope=2 filter="(objectClass=nsBackendInstance)" attrs="nsslapd-suffix nsBackendSuffix"
[31/Oct/2008:11:36:38 +1300] conn=2 op=135 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=136 SRCH base="" scope=0 filter="(objectClass=*)" attrs="nsslapd-suffix nsBackendSuffix"
[31/Oct/2008:11:36:38 +1300] conn=2 op=136 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=137 SRCH base="" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="namingContexts"
[31/Oct/2008:11:36:38 +1300] conn=2 op=137 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=138 SRCH base="o=psbconexa.co.nz" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:38 +1300] conn=2 op=138 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=139 SRCH base="o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:38 +1300] conn=2 op=139 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=140 SRCH base="o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:38 +1300] conn=2 op=140 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=141 SRCH base="cn=config" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="nsslapd-privatenamespaces"
[31/Oct/2008:11:36:38 +1300] conn=2 op=141 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=142 SRCH base="cn=schema" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:38 +1300] conn=2 op=142 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=143 SRCH base="cn=monitor" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:38 +1300] conn=2 op=143 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=144 SRCH base="cn=monitor" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:38 +1300] conn=2 op=144 RESULT err=0 tag=101 nentries=0 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=145 SRCH base="cn=monitor" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:38 +1300] conn=2 op=145 RESULT err=0 tag=101 nentries=0 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=146 SRCH base="cn=config" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:38 +1300] conn=2 op=146 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=147 SRCH base="cn=config" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:38 +1300] conn=2 op=147 RESULT err=0 tag=101 nentries=4 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=148 ABANDON msgid=628
[31/Oct/2008:11:36:38 +1300] conn=2 op=149 SRCH base="" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="subschemaSubentry"
[31/Oct/2008:11:36:38 +1300] conn=2 op=149 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:38 +1300] conn=2 op=150 SRCH base="cn=schema" scope=0 filter="(objectClass=subschema)" attrs="* ldapSyntaxes"
[31/Oct/2008:11:36:38 +1300] conn=2 op=150 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:39 +1300] conn=2 op=151 SRCH base="" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="nscpEntryDN ldapSyntaxes nsUniqueId ldapSchemas passwordExpirationTime passwordRetryCount nsTimeLimit hasSubordinates modifiersName passwordAllowChangeTime numSubordinates copyingFrom nsRoleDN entryid passwordExpWarned nsIdleTimeout entrydn modifyTimestamp accountUnlockTime nsRole nsds5ReplConflict nsAccountLock passwordHistory retryCountResetTime parentid copiedFrom createTimestamp nsBackendSuffix nsSchemaCSN subschemaSubentry creatorsName aci nsSizeLimit dncomp nsLookThroughLimit *"
[31/Oct/2008:11:36:39 +1300] conn=2 op=151 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:39 +1300] conn=2 op=152 SRCH base="" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:39 +1300] conn=2 op=152 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:39 +1300] conn=2 op=153 SRCH base="cn=ldbm database, cn=plugins, cn=config" scope=2 filter="(objectClass=nsBackendInstance)" attrs="nsslapd-suffix nsBackendSuffix"
[31/Oct/2008:11:36:39 +1300] conn=2 op=153 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:39 +1300] conn=2 op=154 SRCH base="cn=ldbm database, cn=plugins, cn=config" scope=2 filter="(objectClass=nsBackendInstance)" attrs="nsslapd-suffix nsBackendSuffix"
[31/Oct/2008:11:36:39 +1300] conn=2 op=154 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:39 +1300] conn=2 op=155 SRCH base="o=psbconexa.co.nz" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs=ALL
[31/Oct/2008:11:36:39 +1300] conn=2 op=155 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:39 +1300] conn=2 op=156 SRCH base="" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:39 +1300] conn=2 op=156 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:39 +1300] conn=2 op=157 SRCH base="cn=ldbm database, cn=plugins, cn=config" scope=2 filter="(objectClass=nsBackendInstance)" attrs="nsslapd-suffix nsBackendSuffix"
[31/Oct/2008:11:36:39 +1300] conn=2 op=157 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:41 +1300] conn=2 op=158 SRCH base="ou=Ray001,o=psbconexa.co.nz" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:41 +1300] conn=2 op=158 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:41 +1300] conn=2 op=159 SRCH base="ou=Ray001,o=psbconexa.co.nz" scope=1 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[31/Oct/2008:11:36:41 +1300] conn=2 op=159 VLV 50:50:49:0 0:0 (0)
[31/Oct/2008:11:36:41 +1300] conn=2 op=159 RESULT err=0 tag=101 nentries=0 etime=0 notes=U
[31/Oct/2008:11:36:41 +1300] conn=2 op=160 SRCH base="cn=ldbm database, cn=plugins, cn=config" scope=2 filter="(objectClass=nsBackendInstance)" attrs="nsslapd-suffix nsBackendSuffix"
[31/Oct/2008:11:36:41 +1300] conn=2 op=160 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:41 +1300] conn=2 op=161 SRCH base="" scope=0 filter="(objectClass=*)" attrs="nsBackendSuffix"
[31/Oct/2008:11:36:41 +1300] conn=2 op=161 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:41 +1300] conn=2 op=162 SRCH base="cn=MCC ou=Ray001 o=psbconexa.co.nz, cn=userRoot, cn=ldbm database, cn=plugins, cn=config" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs=ALL
[31/Oct/2008:11:36:41 +1300] conn=2 op=162 RESULT err=32 tag=101 nentries=0 etime=0
[31/Oct/2008:11:36:48 +1300] conn=2 op=163 SRCH base="cn=config" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="nsslapd-accesslog nsslapd-accesslog-list"
[31/Oct/2008:11:36:48 +1300] conn=2 op=163 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:50 +1300] conn=2 op=164 SRCH base="cn=config" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="nsslapd-errorlog nsslapd-errorlog-list"
[31/Oct/2008:11:36:50 +1300] conn=2 op=164 RESULT err=0 tag=101 nentries=1 etime=0
[31/Oct/2008:11:36:52 +1300] conn=2 op=165 SRCH base="cn=config" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="nsslapd-auditlog nsslapd-auditlog-list"
[31/Oct/2008:11:36:52 +1300] conn=2 op=165 RESULT err=0 tag=101 nentries=1 etime=0
//=====================
MasterA Error Log:
There seem to have no update during the time i started teh replication? replication updated started at about 31/Oct/2008:11:36:XX but in the logs in is 1 min behind with nothing i believe is important.
but let me know if needed.

And here is the backward replication from consumer to master WHICH SHOULDN"T happen.......
Created a new entry organization called, TEST002 on consumer side, which did not appear of course, but appeared on the Master side????...........................................................................
Master log:
[05/Nov/2008:10:58:21 +1300] conn=13617 fd=2292 slot=2292 connection from 10.1.1.79 to 10.30.1.200
[05/Nov/2008:10:58:21 +1300] conn=13617 op=0 BIND dn="uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot" method=128 version=3
[05/Nov/2008:10:58:21 +1300] conn=13617 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot"
[05/Nov/2008:10:58:21 +1300] conn=13617 op=1 ADD dn="ou=TEST002,o=marketsite,o=psbconexa.co.nz"
[05/Nov/2008:10:58:21 +1300] conn=13617 op=1 RESULT err=0 tag=105 nentries=0 etime=0 csn=4910c57d000000050000
[05/Nov/2008:10:58:21 +1300] conn=13617 op=2 UNBIND
[05/Nov/2008:10:58:21 +1300] conn=13617 op=2 fd=2292 closed - U1
[05/Nov/2008:10:58:28 +1300] conn=13614 op=236 SRCH base="cn=ldbm database, cn=plugins, cn=config" scope=2 filter="(objectClass=nsBackendInstance)" attrs="nsslapd-suffix nsBackendSuffix"
[05/Nov/2008:10:58:28 +1300] conn=13614 op=236 RESULT err=0 tag=101 nentries=1 etime=0
[05/Nov/2008:10:58:28 +1300] conn=13614 op=237 SRCH base="" scope=0 filter="(objectClass=*)" attrs="nsslapd-suffix nsBackendSuffix"
[05/Nov/2008:10:58:28 +1300] conn=13614 op=237 RESULT err=0 tag=101 nentries=1 etime=0
[05/Nov/2008:10:58:28 +1300] conn=13614 op=238 SRCH base="cn=ldbm database, cn=plugins, cn=config" scope=2 filter="(objectClass=nsBackendInstance)" attrs="nsslapd-suffix nsBackendSuffix"
[05/Nov/2008:10:58:28 +1300] conn=13614 op=238 RESULT err=0 tag=101 nentries=1 etime=0
[05/Nov/2008:10:58:28 +1300] conn=13614 op=239 SRCH base="o=psbconexa.co.nz" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs=ALL
[05/Nov/2008:10:58:28 +1300] conn=13614 op=239 RESULT err=0 tag=101 nentries=1 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=240 SRCH base="o=marketsite,o=psbconexa.co.nz" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=240 RESULT err=0 tag=101 nentries=1 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=241 SRCH base="o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=241 RESULT err=0 tag=101 nentries=12 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=242 SRCH base="ou=Members,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=242 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=243 SRCH base="ou=Members,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=243 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=244 SRCH base="ou=Contacts,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=244 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=245 SRCH base="ou=Contacts,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=245 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=246 SRCH base="ou=Roles,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=246 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=247 SRCH base="ou=Roles,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=247 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=248 SRCH base="ou=TradingPartners,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=248 RESULT err=0 tag=101 nentries=18 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=249 ABANDON msgid=322
[05/Nov/2008:10:58:32 +1300] conn=13614 op=250 SRCH base="ou=Guests,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=250 RESULT err=0 tag=101 nentries=2 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=251 ABANDON msgid=324
[05/Nov/2008:10:58:32 +1300] conn=13614 op=252 SRCH base="ou=Config,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=252 RESULT err=0 tag=101 nentries=5 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=253 ABANDON msgid=326
[05/Nov/2008:10:58:32 +1300] conn=13614 op=254 SRCH base="ou=Services,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:32 +1300] conn=13614 op=254 RESULT err=0 tag=101 nentries=9 etime=0
[05/Nov/2008:10:58:32 +1300] conn=13614 op=255 ABANDON msgid=328
[05/Nov/2008:10:58:33 +1300] conn=13614 op=256 SRCH base="ou=People,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=256 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=257 SRCH base="ou=People,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=257 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=258 SRCH base="o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=258 SORT cn givenName o ou sn (12)
[05/Nov/2008:10:58:33 +1300] conn=13614 op=258 VLV 50:50:49:0 12:12 (0)
[05/Nov/2008:10:58:33 +1300] conn=13614 op=258 RESULT err=0 tag=101 nentries=12 etime=0 notes=U
[05/Nov/2008:10:58:33 +1300] conn=13614 op=259 SRCH base="ou=Config,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=259 RESULT err=0 tag=101 nentries=5 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=260 ABANDON msgid=333
[05/Nov/2008:10:58:33 +1300] conn=13614 op=261 SRCH base="ou=Contacts,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=261 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=262 SRCH base="ou=Contacts,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=262 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=263 SRCH base="ou=Guests,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=263 RESULT err=0 tag=101 nentries=2 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=264 ABANDON msgid=337
[05/Nov/2008:10:58:33 +1300] conn=13614 op=265 SRCH base="ou=Members,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=265 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=266 SRCH base="ou=Members,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=266 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=267 SRCH base="ou=People,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=267 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=268 SRCH base="ou=People,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=268 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=269 SRCH base="ou=Roles,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=269 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=270 SRCH base="ou=Roles,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=270 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=271 SRCH base="ou=Services,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=271 RESULT err=0 tag=101 nentries=9 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=272 ABANDON msgid=345
[05/Nov/2008:10:58:33 +1300] conn=13614 op=273 SRCH base="ou=TradingPartners,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=273 RESULT err=0 tag=101 nentries=18 etime=0
[05/Nov/2008:10:58:33 +1300] conn=13614 op=274 ABANDON msgid=347
[05/Nov/2008:10:58:33 +1300] conn=13614 op=275 SRCH base="o=marketsite,o=psbconexa.co.nz" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="nscpEntryDN ldapSyntaxes nsUniqueId ldapSchemas passwordExpirationTime passwordRetryCount nsTimeLimit hasSubordinates modifiersName passwordAllowChangeTime numSubordinates copyingFrom nsRoleDN entryid passwordExpWarned nsIdleTimeout entrydn modifyTimestamp accountUnlockTime nsRole nsds5ReplConflict nsAccountLock passwordHistory retryCountResetTime parentid copiedFrom createTimestamp nsBackendSuffix nsSchemaCSN subschemaSubentry creatorsName aci nsSizeLimit dncomp nsLookThroughLimit *"
[05/Nov/2008:10:58:33 +1300] conn=13614 op=275 RESULT err=0 tag=101 nentries=1 etime=0
///===========
Consumer log:
[05/Nov/2008:10:58:20 +1300] conn=1 op=449 ADD dn="ou=TEST002,o=marketsite,o=psbconexa.co.nz"
[05/Nov/2008:10:58:20 +1300] conn=1 op=449 RESULT err=10 tag=105 nentries=0 etime=0
[05/Nov/2008:10:58:20 +1300] conn=13 fd=1088 slot=1088 connection from 10.30.1.200 to 10.1.1.79
[05/Nov/2008:10:58:20 +1300] conn=13 op=0 BIND dn="cn=Directory Manager" method=128 version=3
[05/Nov/2008:10:58:20 +1300] conn=13 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager"
[05/Nov/2008:10:58:20 +1300] conn=13 op=1 SRCH base="" scope=0 filter="(objectClass=*)" attrs="supportedControl supportedExtension"
[05/Nov/2008:10:58:20 +1300] conn=13 op=1 RESULT err=0 tag=101 nentries=1 etime=0
[05/Nov/2008:10:58:20 +1300] conn=13 op=2 EXT oid="2.16.840.1.113730.3.5.3"
[05/Nov/2008:10:58:20 +1300] conn=13 op=2 RESULT err=0 tag=120 nentries=0 etime=0
[05/Nov/2008:10:58:20 +1300] conn=13 op=3 SRCH base="cn=schema" scope=0 filter="(objectClass=*)" attrs="nsSchemaCSN"
[05/Nov/2008:10:58:20 +1300] conn=13 op=3 RESULT err=0 tag=101 nentries=1 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=450 SRCH base="o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=450 RESULT err=0 tag=101 nentries=10 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=451 SRCH base="ou=Members,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=451 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=452 SRCH base="ou=Members,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=452 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=453 SRCH base="ou=Contacts,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=453 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=454 SRCH base="ou=Contacts,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=454 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=455 SRCH base="ou=Roles,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=455 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=456 SRCH base="ou=Roles,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=456 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=457 SRCH base="ou=TradingPartners,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=457 RESULT err=0 tag=101 nentries=18 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=458 ABANDON msgid=542
[05/Nov/2008:10:58:21 +1300] conn=1 op=459 SRCH base="ou=Guests,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=459 RESULT err=0 tag=101 nentries=2 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=460 ABANDON msgid=544
[05/Nov/2008:10:58:21 +1300] conn=1 op=461 SRCH base="ou=Config,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=461 RESULT err=0 tag=101 nentries=5 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=462 ABANDON msgid=546
[05/Nov/2008:10:58:21 +1300] conn=1 op=463 SRCH base="ou=Services,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=463 RESULT err=0 tag=101 nentries=9 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=464 ABANDON msgid=548
[05/Nov/2008:10:58:21 +1300] conn=1 op=465 SRCH base="ou=People,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=465 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=466 SRCH base="ou=People,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=466 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=467 SRCH base="o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=467 SORT cn givenName o ou sn (10)
[05/Nov/2008:10:58:21 +1300] conn=1 op=467 VLV 50:50:49:0 10:10 (0)
[05/Nov/2008:10:58:21 +1300] conn=1 op=467 RESULT err=0 tag=101 nentries=10 etime=0 notes=U
[05/Nov/2008:10:58:21 +1300] conn=1 op=468 SRCH base="ou=Config,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=468 RESULT err=0 tag=101 nentries=5 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=469 ABANDON msgid=553
[05/Nov/2008:10:58:21 +1300] conn=1 op=470 SRCH base="ou=Contacts,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=470 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=471 SRCH base="ou=Contacts,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=471 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=472 SRCH base="ou=Guests,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=472 RESULT err=0 tag=101 nentries=2 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=473 ABANDON msgid=557
[05/Nov/2008:10:58:21 +1300] conn=1 op=474 SRCH base="ou=Members,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=474 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=475 SRCH base="ou=Members,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=475 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=476 SRCH base="ou=People,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=476 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=477 SRCH base="ou=People,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=477 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=478 SRCH base="ou=Roles,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=478 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=479 SRCH base="ou=Roles,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=479 RESULT err=0 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=480 SRCH base="ou=Services,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=480 RESULT err=0 tag=101 nentries=9 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=481 ABANDON msgid=565
[05/Nov/2008:10:58:21 +1300] conn=1 op=482 SRCH base="ou=TradingPartners,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=482 RESULT err=0 tag=101 nentries=18 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=483 ABANDON msgid=567
[05/Nov/2008:10:58:21 +1300] conn=1 op=484 SRCH base="o=psbconexa.co.nz" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=484 RESULT err=0 tag=101 nentries=1 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=485 SRCH base="o=psbconexa.co.nz" scope=1 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=485 SORT cn givenName o ou sn (2)
[05/Nov/2008:10:58:21 +1300] conn=1 op=485 VLV 50:50:49:0 2:2 (0)
[05/Nov/2008:10:58:21 +1300] conn=1 op=485 RESULT err=0 tag=101 nentries=2 etime=0 notes=U
[05/Nov/2008:10:58:21 +1300] conn=1 op=486 SRCH base="o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=486 RESULT err=0 tag=101 nentries=10 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=487 ABANDON msgid=571
[05/Nov/2008:10:58:21 +1300] conn=1 op=488 SRCH base="cn=ldbm database, cn=plugins, cn=config" scope=2 filter="(objectClass=nsBackendInstance)" attrs="nsslapd-suffix nsBackendSuffix"
[05/Nov/2008:10:58:21 +1300] conn=1 op=488 RESULT err=0 tag=101 nentries=1 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=489 SRCH base="" scope=0 filter="(objectClass=*)" attrs="nsBackendSuffix"
[05/Nov/2008:10:58:21 +1300] conn=1 op=489 RESULT err=0 tag=101 nentries=1 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=490 SRCH base="cn=MCC o=psbconexa.co.nz, cn=userRoot, cn=ldbm database, cn=plugins, cn=config" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs=ALL
[05/Nov/2008:10:58:21 +1300] conn=1 op=490 RESULT err=32 tag=101 nentries=0 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=491 SRCH base="o=marketsite,o=psbconexa.co.nz" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=491 RESULT err=0 tag=101 nentries=1 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=492 SRCH base="o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=492 SORT cn givenName o ou sn (10)
[05/Nov/2008:10:58:21 +1300] conn=1 op=492 VLV 50:50:49:0 10:10 (0)
[05/Nov/2008:10:58:21 +1300] conn=1 op=492 RESULT err=0 tag=101 nentries=10 etime=0 notes=U
[05/Nov/2008:10:58:21 +1300] conn=1 op=493 SRCH base="ou=Config,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource)(objectClass=netscapeserver))" attrs="objectClass numSubordinates nsAccountLock"
[05/Nov/2008:10:58:21 +1300] conn=1 op=493 RESULT err=0 tag=101 nentries=5 etime=0
[05/Nov/2008:10:58:21 +1300] conn=1 op=494 ABANDON msgid=578
[05/Nov/2008:10:58:21 +1300] conn=1 op=495 SRCH base="ou=Contacts,o=marketsite,o=psbconexa.co.nz" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1))(objectClass=organization)(objectClass=organizationalunit)(objectClass=netscaperesource

Roles in iPlanet Directory Server v5.0 und JNDI.

Hi!
I have the following problem:
How can I find and change the Role object in iPlanet Directory Server v5.0 via JNDI? It's possible ?
Regards,
Andriy

Hi,
It is not necessary to go in such a way for going and adding the corresponding roles.
For eg
Here is an LDIF file which plays an important role in making the attributes.
Here is an sample fedup.ldif file
dn: uid=timb,ou=Customers,o=fedup.com
objectclass: customer
objectclass: inetorgperson
objectclass: organizationalPerson
objectclass: person
objectclass: top
cn: Tim Briggs
uid: timb
givenname: Tim
customerid: timb
sn: Briggs
facsimiletelephonenumber: 4101
telephonenumber: 4145
creatorsname: uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot
createtimestamp: 20000401084012Z
aci: (target="ldap:///uid=timb,ou=Customers,o=fedup.com")(targetattr="*")(version 3.0; acl "unknown"; allow (all) userdn = "ldap:///anyone": )
ou: Customers
mail: [email protected]
userpassword: bakru
modifiersname: uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot
modifytimeStamp: 20000502084001Z
Here I have sepecified userid as timb and password as bakru and with corresponding roles in aci.
After making the LDIF file you have to import it in Directory server.
For that you have to Iplanet Console menu, from there click on Import for the ldif file to get imported.
Or else you can go for ldapadd, ldapmodify commands.
Also if you are going to add new attributes which is not known by Directory server, Please follow these process.
Creation of our own USER SCHEMA Files:-
It is necessary for adding the attributes which are not defined in the
Netscape directory server. In the above, customerid which is defined in ldif
file is not existing in the directory server.
Here is the Schema file for attributes:(ie for defining for eg customer id).
The name of the file is slapd.user_at.conf:-
attribute customerid customerid-oid cis single
attribute packageid packageid-oid cis single
attribute receivedate receivedate-oid cis single
attribute shipdate shipdate-oid cis single
attribute shipperid shipperid-oid dn single
attribute receiveid receiveid-oid dn single
#Java Attributes
# Schema for storing java objects and java object references
attribute javaClassName 1.3.6.1.4.1.42.2.27.4.1.1 ces single
attribute javaCodebase 1.3.6.1.4.1.42.2.27.4.1.6 ces
attribute javaSerializedData 1.3.6.1.4.1.42.2.27.4.1.7 bin single
attribute javaRemoteLocation 1.3.6.1.4.1.42.2.27.4.1.8 ces single
attribute javaFactory 1.3.6.1.4.1.42.2.27.4.1.4 ces single
attribute javaReferenceAddress 1.3.6.1.4.1.42.2.27.4.1.3 ces
Here is Schema file for your own object classes:-
The name of the file is Slapd.user_oc.conf:-
In the similar way we assume that there are no "customer" class in the object classes
defined in the LDAP, so we will have to create our own "customer" Object class.
Also it extends inetOrgPerson to add some new attributes such as "customerid".
The object class of an entry specifies what attributes are required and what
attributes are allowed in a particular entry.
Also for eg, Package classes in the object class is created.
Here is the sample file for creating the above:-
objectclass package
oid package-oid
superior top
requires
packageid,
receiveid,
shipdate,
shipperid
allows
description,
ou,
receivedate
objectclass customer
oid customer-oid
superior inetorgperson
requires
customerid
allows
c
#JAVA Schema
# Schema for storing java objects and java object references
objectclass javaContainer
oid 1.3.6.1.4.1.42.2.27.4.2.1
superior top
requires
cn
objectclass javaObject
oid 1.3.6.1.4.1.42.2.27.4.2.4
superior top
requires
javaClassName
allows
javaCodebase
objectclass javaSerializedObject
oid 1.3.6.1.4.1.42.2.27.4.2.5
superior javaObject
requires
javaSerializedData
objectclass javaRemoteObject
oid 1.3.6.1.4.1.42.2.27.4.2.6
superior javaObject
requires
javaRemoteLocation
objectclass javaNamingReference
oid 1.3.6.1.4.1.42.2.27.4.2.7
superior javaObject
requires
javaReferenceAddress,
javaFactory
STEP 4: Loading the USER SCHEMA files in Directory Server:-
All the attributes created above should be added to the corresponding directory server,
in order to make it as a common attribute.
Steps for adding the User Schema files to the Directory Server:-
1. Copy the above user schema files to the appropriate instance of Netscape Directory Server
created above so that the existing LDIF file which is used in the Netscape directory
server is not appended or overwritten.
2. For eg, put it in "NetscapeServer/slapd-HostName/config" to replace the empty
files "slapd.user_at.conf" and "slapd.user_oc.conf" by default.
3. Then restart the Directory Server.
I hope this will help you.
Thanks
Bakrudeen
Technical Support Engineer
Sun MicroSystems Inc, India

OVD - Integration with Sun Java system Directory Server

Hi All,
I have the following iusse, i'm trying to configure OVD 11.1.1.3 with Sun Java System Directory Server adapter for enterprise user security but when I import Oracle ldif schema file (iPlanetSchema.ldif) I have the following error:
add attributetypes:
+( 1.3.6.1.4.1.42.2.27.8.1.5 NAME 'pwdCheckSyntax' EQUALITY integerMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE )+
modifying entry cn=schema
ldap_modify: Type or value exists
ldap_modify: additional info: attribute type pwdCheckSyntax: Does not match the OID "1.3.6.1.4.1.42.2.27.8.1.5". Another attribute type is already using the name or OID.
In the default Sun DS schema there is attribute with the same OID:
+../config/schema/00ds6pwp.ldif:+
attributeTypes: ( 1.3.6.1.4.1.42.2.27.8.1.5 NAME 'pwdCheckQuality' DESC 'Level of required quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 X-DS-USE 'internal' SINGLE-VALUE X-ORIGIN 'Password Policy for LDAP Directories Internet Draft' )
Is it possible?
I'm reading the following document:
http://download.oracle.com/docs/cd/E12839_01/oid.1111/e10046/adv_integrate.htm#CACIIIEG
Thanks in advance,
Zaic

Thank you very much. The name of the file is actually C:\WINDOWS\system32\productregistry.
I renamed that to productregistry BACKUP and I can now install the LDAP. Man, I should have posted this a week and a half ago when I first started having this issue. It would have prevented a few forehead dents from banging my head on the keyboard.
thanks again

Migrate from Sun One Directory Server 5.1 to 5.2

Greetings
I am trying to run the script provided with the 5.2 release MigrateInstance5; I have installed the server and have followed the instructions to a tee. I keep getting the error, Unable to start the Sun One Directory Server, when I run the script, I am at my wits end as this is supposed to be the easy step, I have to go from 4.2 to 5.2 next.
Please help.

Hello,
We upgraded our directory server version for several times.
If you want a secure method.
export your data.
Copy your schema file to the new install path, modify the information related to the old version and server (also the last line containing db number : keep only lines about the schema entry, it's ACI, objectclasse and attributes) and restart your directory.
Import your data. (you might use a script to clean your ldif file : empty attributes ...)
For the upgrade from 4.2 to 5.2 you will have to work a little bit more on the schema file as you have two of them instead of one. but the idea is the same.
edit your New schema file, keep only the following lines "
dn: cn=schema
objectClass: top
objectClass: ldapSubentry
objectClass: subschema
cn: schema
aci: ....
aci: ....
copy and paste your custom attributes and then objectclasses form the corresponding files.
On the import phase, check that you are not using objectclasses whiche were modified or suppressed.
I hope it was helpfull.

Sun ONE Directory SDK for C support on RHAs 4.0 and Win 2003 R2

What version of Sun One Directory SDK supported on RHAS 4.0 and Windows 2003 R2.
Please confirm.
Thanks,
Rahul

The C-SDK that will come with Directory Server Enterprise Edition 6 will support both RH AS 4 and Windows 2003.
But for today, I would say that the version in mozilla.org does support them.
We are currently contributing all of our changes, bug fixes and improvements to Mozilla.org and future versions of the Sun C-SDK will be directly built from Mozilla.org sources.
Ludovic.

H/w requirements for DIrectory server for 200,000 users

Hi,
I would like to implement Directory services for 200,000 users. How can I know whether iPlanet Directory 5.1 will support this many users or not? If supports, Which h/w I have to use?
If any one can let me know the formula to calculate users and h/w
Thanks

The directory server can handle many more users than 200K. The hardware requirements calculations are amply explained in the book "Solaris and LDAP Naming Services" by Bialaski. If you have iPlanet support contract they can provide you tuning information which includes this info.
You should remember the possibility of growth and load in terms of number of clients and peak requests per second. With your needs, my gut feeling is that even a Netra can host it. However, if it's an enterprise service you may want to go with at least 220 machines in a replicated configuration for load balancing and availability.
DISCLAIMER: Use these opinions at your own risk. You must do your own analysis and calculations to design a suitable physical/logical architecture.

Configuring a Directory Server for Digital IDs and Certificates

My company is moving toward using electronic signatures for internal documents. All of the users are on XP machines and have Acrobat Professional 8.0 installed. So far, I've been manually adding trusted IDs for each person who will be receiving signed documents that need to be validated. I'd like to make this a little easier by storing everyone's certificates on a server (Windows 2003) so that people can just go out there and add them all as one .fdf file. What I'm wondering is, what is the difference between doing it this way versus going through Acrobat and configuring a directory server? Will it work either way?
Thanks!
Anita

Hi,
Sorry for the late reply, regarding the error message: The DHCP services could not Contact Active Directory,
please check the below KB article to see if it could help here:
You are unable to authorize DHCP Server in Active Directory
http://support.microsoft.com/kb/303317/en-us
Reference for error ID 1059, and
error ID 10020.
For The specified server are already present in the directory services,
please take a look into the below Blog:
Active Directory DHCP authorisation issues
The method mentioned in the blog above is trying to move the old information that stored in AD, and then take an action of re-authorisation of the DHCP server.
Hope this may help
Best regards
Michael
If you have any feedback on our support, please click
here.
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Directory Server 5 SDK for C

Similar Messages

Maybe you are looking for