IPlanet directory server can't start in a user account - A bug?

Similar Messages

• Where can I get iPlanet Directory Server 4.1.3 for Linux

  Hello everyone,
  we are developing IMPS solution. but we need to support legacy system. How can we get a iPlanet Directory Server 4.1.3 for Linux for evaluation?
  Many thanks
  Billiken Xie

  Why you want to have NDS 4.11? Any version of the NDS 4.1x will support Solaris 2.6 and 8. This version is nolonger available in iplanet's site. I suggest you to get NDS 4.13 or later version. At iplanet's web site, you will find the latest version, 4.16. Also, you will find 4.13 from Solaris 8's CD ording from Sun's reseller.
  Lucas

• New To Iplanet app server.Can some one help me getting started by delpoying and calling one of each of these:JSP,Servlet,EJB.Tried with iplanet docs..didnt quite get it. thanx

   

  Hi,
  What is that you are trying to accomplish ? Is it deployment or
  trying to develop applications ? Are you getting any errors ? If so,
  please post them to help you. I think the documentation is the best place
  for you to begin with.
  Regards & Happy New Year
  Raj
  Arif Khan wrote:
  New To Iplanet app server.Can some one help me getting started by
  delpoying and calling one of each of these:JSP,Servlet,EJB.Tried with
  iplanet docs..didnt quite get it. thanx
  Try our New Web Based Forum at http://softwareforum.sun.com
  Includes Access to our Product Knowledge Base!

• Can`t install CA in iPlanet Directory Server 5.0 ??

  Hi All,
  i try to install a self-signed CA-certifikate, under "CA-Certs" in
  iPlanet Directory Server 5.0.
  The certificate is generated using the tool "ssleay" or from an
  Windows2000-CA.
  Always i get "the certificate specified is not a valid CA certificate,
  installation aborted"
  thanks in advance
  S. Horn

  Hi Sven
  I'm having a similar problem. I generated my self-signed cert. using keytool. Did u find an answer to ur query? If so please inform.
  regards
  Sikka

• Error while installing iplanet directory server 5.0

  Hi I am trying to install iPlanet directory server 5.0 on my local machine.My computer name doesnot contain any domain name.it is simply like "ERT3210".
  While installing Directory server it is asking for the computer name and if i give the computer name without domain it is not accepting.And i am unable to rename my computer name suffixing domain name as it is not contained in any domain..Now How can i give the computer name to install directory server?.Its very urgent for me.It will be great help if any one give reply.

  Start/Stop Directory Server and Start/Stop Admin Server are usually present in My Computer/Manage/Services, just start or stop the service.
  Assuming the install root directory is %LDAP_ROOT%
  You could always create program icons for
  1) start/stop dirrectory server
  %LDAP_ROOT%\slapd-%COMPUTERNAME%\start-slapd.exe
  %LDAP_ROOT%\slapd-%COMPUTERNAME%\stop-slapd.exe
  2) start/stop admin server
  %LDAP_ROOT%\start-admin.exe
  %LDAP_ROOT%\stop-admin.exe
  3) SUN ONE Console (iPlanet Console)
  %LDAP_ROOT%\startconsole.exe
  Gary

• Info about Japanese iPlanet Directory server

  I am evaluating Japanese localized version of directory server.
  I am not able to find any document which can tell me about the
  localization of this product.
  I have following questions:
  1. What level of localization is done. Has console localized ?
  Does log messages localized.
  2. What env variables I need to set to see console GUI in Japanese
  3. Do I need to set some env variables (like $LANG) before running the start script.
  It is urgent for me, if somebody can answer these or point me to some good doc, it will great
  help to me
  Thanks
  - Bharat

  Hi,
  Info about japanese iPlanet directory Server.
  Gateway is localized for English, Japanese, French, Spanish, and German. You can configure the gateway to support additional locales.
  Language files are stored in /usr/iplanet/servers/dsgw/html/lang and /usr/iplanet/servers/dsgw/config/lang, where lang is defined in RFC1766.
  For example, language files for Japanese are stored in /usr/iplanet/servers/dsgw/html/ja and /usr/iplanet/servers/dsgw/config/ja[true]).
  Support for the character sets necessary to render a particular locale (language) must be available in the browser's configuration.

• Solaris 8 and iPlanet Directory Server 5.1: Help

  Could anyone help with advice or where to find documentation of how to setup a Solaris 8 client machine to authenticate against iPlanet Directory Server 5.1? The only documentation (eg books, BluePrint articles) I can find cover iPlanet Directory 4.11 or 4.12 and a Solaris 8 client. Even the tools from the BluePrint Tools area at Sun only talk about using iPlanet Directory Server 4.11/12. Quite a lot seems to have change from iDS 4.12 to iDS5.1.
  Any help would be greatly appreciated.
  Thanks in advance,
  Stewart

  Hi Steven, I suppose that this question is identical to your other question: " Topic: solaris 8 client setup with solaris 9 ldap".
  So the answer will be the same.
  You may find what you are looking for in the following technical note: http://knowledgebase.iplanet.com/ikb/kb/articles/7966.html
  It is called: "Cookbook for Solaris 8 client with Directory Server 5.1/Solaris 9"
  Cheers / Damien.

• Question re how iPlanet Directory Server applies the Look Through Limit.

  I have a question on how iPlanet Directory Server applies the lookthrough limit...
  I am running an LDAP search on a 4.13 directory. The search filter is:
       "(&(rtrdaMaturityDate>=20020128)(rtrdaMaturityDate<=20020130))"
  rtrdaMaturityDate is an int, and indexed with pres,eq,sub
  There are 244680 entries where rtrdamaturityDate>=20020128
  383005 entries where rtrdaMaturityDate<=20020130
  484 entries which satisfy both conditions
  When the query is run as Directory Manager it just hangs (presumably it would complete eventually).
  When run as another user it gives a size limit error. The size limit and lookthrough limit on the directory are both 5000 . As the matching number of entries doesn't exceed the size limit, I think perhaps it is the lookthrough limit causing the problem...
  It looks as if it treats each part of the filter separately, building an candidate list for each, giving an error if both reach the look through limit. i.e. it does not realise that both parts of the filter could be treated together.
  Is this correct ?
  This theory is born out by the fact that if I change the value so the filter would logically return only the highest few values, the search works (i.e. as if the <= filter condition hit LTL, but the >= did not).
  Also, if I add another condition to give "(&(rtrdaIssuerBgNid=4403)(rtrdamaturityDate>=20020128)(rtrdaMaturityDate<=20020130))" then the search eventually correctly returns a single entry. (IssuerBgNid=4403 on its own gives 1004 entries).
  Can I therefore assume that a seach will only work if at least one condition in the filter gives a candidate list with less entries than the look through limit?
  Any advice on how to implement a range search like this would also be much appreciated.
  Thanks,
  Dave.

  The lookthrough limit is reached when the resulting candidate list contains more entries than the limit...
  Lookthrough limit has been implemented specifically to for Range filters (and OR filters) to avoid consuming too many resources.
  For your particular problem, you can increase the lookthrough limit... but it will affect all users and searches.
  Note that iPlanet Directory Server 5.x does provide a per User LookThrough Limit (and other limits as well), therefore you could just increase the lookthrough limit for the specific users performing these searches.
  Regards,
  Ludovic.

• Store Print & File Server on iPlanet Directory Server?

  I've a NT 4.0 server which I'm using as both a Print & File Server. Would I be able to use iPlanet Directory Server to do the same thing?
  If I can, please explain how? or direct me to where I can know how?
  If it can't be done, is there any other way(s) I can do it?
  Thanks!

  I don't understand. iDS is not a file and print server, it is a user data and user authentication server. Do you want to use iDS for your user authentication for file and print services instead of NT 4 domains? I don't think this is possible. What is possible is using iDS as your primary data store, and using iPlanet Meta Directory to sync changes from iDS to the NT 4 domain.

• Last Logon Time in Iplanet Directory Server 4.1

  Hi,
  It would be great help if any one of you could let me know the attribute in Iplanet Directory Server 4.1 to get the Last Logon Time of a particular account.
  The Directory Server is on solaris.
  Thanks

  Hari,
  You can try to find it from the logfiles.
  I actually designed a plugin for this type of thing, but it's not yet implemented. It would simply write a timestamp to a user's entry after every successful bind, among other things which I won't go into detail about now...
  Oletko suomessa?
  podzap

• Problem with iPlanet Directory server v5.1

  Hi all,
  We have upgraded (parallel) from Netscape Directory server v4.2 to iPlanet Directory Server v5.1
  Here are few issues that I�m experiencing.
  1. In the directory view, all accounts are displayed by the user ID rather then the Common Name like it used to be with the Netscape Directory Server.
  I can not find any options to change the view.
  2. When searching for the user, once user is found, i can not do the right click to be able to delete the user. (was able to in the older version).
  Any feedback will be greatly appreciated,
  Thanks

  I have a suggestion - try another means for administering your directory - use the console only for maintenance and tuning purposes. There are several products out there that are much better for day to day operations ...
  Otherwise - I think with 5.1 the view is based on the rdn of the entries - and I am not sure it is customizable. Additionally I know 5.2 solved your second issue - maybe the latest SP of 5.1 has solved it as well - though I don't really know ...
  -Chris Larivee

• Oracle Portal for LDAP Authentication using Iplanet directory server

  I have oracle portal on solaries machine and Iplanet directory server 5.1 on windows NT,
  Can i user portal user authentication Iplanet LDAP.
  Regards
  srinivas

  Yes You can. You have to provide the necessary info while running the ssoldap.sql.
  Vinodh R.

• Linux version of iPlanet Directory Server 5.0 planned?

  I'm wondering if there are plans to release a Linux version of iPlanet
  Directory Server 5.0?
  If so, any estimation on when it might be released?
  Jon

  I asked the same question and was told .....
  Subject: Re: iDS 5.0 is officially released
  Date: Tue, 15 May 2001 06:00:09 -0600
  From: Richard Megginson <[email protected]>
  To: [email protected]
  All I can say at the moment about Linux support is that we are
  currently
  evaluating our options.
  Peter Allmaker wrote:
  Swell. And the Linux version will release when???------------------
  Jonathan Eric Miller wrote:
  >
  I'm wondering if there are plans to release a Linux version of iPlanet
  Directory Server 5.0?
  If so, any estimation on when it might be released?
  Jon--
  Peter Allmaker
  MCLA Computer Science 413-662-5592
  Computer Support Services 413-662-5510

• Connect IPlanet Directory Server(5.0) with ADSI

  Has anyone ever had to connect to a iPlanet Directory Server 5.0 with ADSI?
  I can retrieve the entries(user's information), but I can't add the
  user-defined objClass and attributes to entries(user).
  If you know, please kindly to give me some hints about this.
  Many Thanks,
  Kat

  Make sure the user-defined schema is present on the server before you try to use it. Also you will need appropriate permissions for updating and will very likely need to bind before you try to update.

• Roles in iPlanet Directory Server v5.0 und JNDI.

  Hi!
  I have the following problem:
  How can I find and change the Role object in iPlanet Directory Server v5.0 via JNDI? It's possible ?
  Regards,
  Andriy

  Hi,
  It is not necessary to go in such a way for going and adding the corresponding roles.
  For eg
  Here is an LDIF file which plays an important role in making the attributes.
  Here is an sample fedup.ldif file
  dn: uid=timb,ou=Customers,o=fedup.com
  objectclass: customer
  objectclass: inetorgperson
  objectclass: organizationalPerson
  objectclass: person
  objectclass: top
  cn: Tim Briggs
  uid: timb
  givenname: Tim
  customerid: timb
  sn: Briggs
  facsimiletelephonenumber: 4101
  telephonenumber: 4145
  creatorsname: uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot
  createtimestamp: 20000401084012Z
  aci: (target="ldap:///uid=timb,ou=Customers,o=fedup.com")(targetattr="*")(version 3.0; acl "unknown"; allow (all) userdn = "ldap:///anyone": )
  ou: Customers
  mail: [email protected]
  userpassword: bakru
  modifiersname: uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot
  modifytimeStamp: 20000502084001Z
  Here I have sepecified userid as timb and password as bakru and with corresponding roles in aci.
  After making the LDIF file you have to import it in Directory server.
  For that you have to Iplanet Console menu, from there click on Import for the ldif file to get imported.
  Or else you can go for ldapadd, ldapmodify commands.
  Also if you are going to add new attributes which is not known by Directory server, Please follow these process.
  Creation of our own USER SCHEMA Files:-
  It is necessary for adding the attributes which are not defined in the
  Netscape directory server. In the above, customerid which is defined in ldif
  file is not existing in the directory server.
  Here is the Schema file for attributes:(ie for defining for eg customer id).
  The name of the file is slapd.user_at.conf:-
  attribute customerid customerid-oid cis single
  attribute packageid packageid-oid cis single
  attribute receivedate receivedate-oid cis single
  attribute shipdate shipdate-oid cis single
  attribute shipperid shipperid-oid dn single
  attribute receiveid receiveid-oid dn single
  #Java Attributes
  # Schema for storing java objects and java object references
  attribute javaClassName 1.3.6.1.4.1.42.2.27.4.1.1 ces single
  attribute javaCodebase 1.3.6.1.4.1.42.2.27.4.1.6 ces
  attribute javaSerializedData 1.3.6.1.4.1.42.2.27.4.1.7 bin single
  attribute javaRemoteLocation 1.3.6.1.4.1.42.2.27.4.1.8 ces single
  attribute javaFactory 1.3.6.1.4.1.42.2.27.4.1.4 ces single
  attribute javaReferenceAddress 1.3.6.1.4.1.42.2.27.4.1.3 ces
  Here is Schema file for your own object classes:-
  The name of the file is Slapd.user_oc.conf:-
  In the similar way we assume that there are no "customer" class in the object classes
  defined in the LDAP, so we will have to create our own "customer" Object class.
  Also it extends inetOrgPerson to add some new attributes such as "customerid".
  The object class of an entry specifies what attributes are required and what
  attributes are allowed in a particular entry.
  Also for eg, Package classes in the object class is created.
  Here is the sample file for creating the above:-
  objectclass package
  oid package-oid
  superior top
  requires
  packageid,
  receiveid,
  shipdate,
  shipperid
  allows
  description,
  ou,
  receivedate
  objectclass customer
  oid customer-oid
  superior inetorgperson
  requires
  customerid
  allows
  c
  #JAVA Schema
  # Schema for storing java objects and java object references
  objectclass javaContainer
  oid 1.3.6.1.4.1.42.2.27.4.2.1
  superior top
  requires
  cn
  objectclass javaObject
  oid 1.3.6.1.4.1.42.2.27.4.2.4
  superior top
  requires
  javaClassName
  allows
  javaCodebase
  objectclass javaSerializedObject
  oid 1.3.6.1.4.1.42.2.27.4.2.5
  superior javaObject
  requires
  javaSerializedData
  objectclass javaRemoteObject
  oid 1.3.6.1.4.1.42.2.27.4.2.6
  superior javaObject
  requires
  javaRemoteLocation
  objectclass javaNamingReference
  oid 1.3.6.1.4.1.42.2.27.4.2.7
  superior javaObject
  requires
  javaReferenceAddress,
  javaFactory
  STEP 4: Loading the USER SCHEMA files in Directory Server:-
  All the attributes created above should be added to the corresponding directory server,
  in order to make it as a common attribute.
  Steps for adding the User Schema files to the Directory Server:-
  1. Copy the above user schema files to the appropriate instance of Netscape Directory Server
  created above so that the existing LDIF file which is used in the Netscape directory
  server is not appended or overwritten.
  2. For eg, put it in "NetscapeServer/slapd-HostName/config" to replace the empty
  files "slapd.user_at.conf" and "slapd.user_oc.conf" by default.
  3. Then restart the Directory Server.
  I hope this will help you.
  Thanks
  Bakrudeen
  Technical Support Engineer
  Sun MicroSystems Inc, India