Urgent help on Sun One Directory server 5.1
Hi All,
Am trying to access sun one directory server using the JAVA api provided by the tool itself. Developed an application to access that server and perform several operation.
When I try to unassign a user from a group, all the users from that group are getting unassigned. Can there me any scenario in which this can happen. The user(no an admin user) who is used to connect to the LDAP server has all privileges to do operations on that group. More over this issue is very inconsistent, we could notice only once in separate environment (once per environment) and there hence cannot
be reproducible.
Below is snippet which remove a user from a group.
LDAPAttribute attr = new LDAPAttribute( "uniquemember", userEntryDN );
LDAPModification ldapMod = new LDAPModification( LDAPModification.DELETE, attr );
ldapConnection.modify( myEntryDN, ldapMod );
Any help on will be greatful.
Thanks in advance
-Sri
TTT
Similar Messages
-
Help!! How to install and use Sun ONE Directory Server Resource Kit 5.2
Hi ! Friend:
I have some problem on install and use Sun ONE Directory Server Resource Kit 5.2, when I execute "java DSRK", afterwards something like this : com.iplanet.install.until.wbResource::gerstring:resource bundle"locale.resources.S1DSRKResource" not found appeared in the window ,that's why?
Meanwhile ,can you give some data about it on how to use it ?
Thank you !You should be aware of the following characteristics of your directory when using this tool:
Size and number of entries.
Directory structure and access permissions.
Virtual attributes, class of service, and indexing.
Usage, types of access, and access patterns.
Post your error messages completely.
Thanks
--Britto -
Install Sun ONE Directory Server 5,2 & how to use it for authenticate user
Good afternoon, Excuse, are newbie in the scope I am learning and putting desire to him, this in my situation I am trying to install Sun ONE Directory Server 5,2 since I understand that this it is application LDAP for Solaris, ok I want to install it to authenticate user against the system, that is to say, to be able to acces the server entering with a created user from the data base of LDAP and make think user that his created in the system. But the documentation that I finds indicates the installation of Sun ONE Directory Server 5,2 but it not clearly about how to use it for authentication. Some one have any manual step by step of Sun ONE Directory Server 5,2 installation and how to make it for authentication systems users.
I read the forum seeking for anwser and i get confuse
Thanks for the help and sorry for any inconvenient
Message was edited by:
Aku_28
Message was edited by:
Aku_28I think that I found the Sun endorsed book locations for using LDAP accounts that don't use authentication besides "crypt". I now can use an account with a "ssha" password. It can be more than 8 characters long.
Chapter 14 System Administration Guide: Naming and Directory Services
Read page 201 which is the pam.conf file pam_ldap setups. I edited my "/etc/pam.conf" file to reflect this
Chapter 7 Directory Server 5.2 2005Q4 - Administration Guide
Read page 316-318 which has a graphical technique to specify password syntax. I set it up and then tried the password by running "su - brahms". It now requires a longer password than 8 characters and it is set up to use "ssha" for that UID entry "brahms". -
How to migrate Sun One directory server to a new physical server install
need help
We have to move our existing installation of sun on directory server 5.2 to a new physical server.
We have a new physical server with a new host name. I am trying to find an easiest way to take a snapshot of our existing server and put it on a new installation
So will installing sun one directory server , its shows me two choices either to create a new instance or copy configuration from a existing server
What do i choose and which is the fastest route to replicate my old server
Thanks a bunch in advance
SganbHi,
I'm glad you're still using the old, glorious Sun One Directory Server 5.2, because it brings me back a lot of memories... But are you seriously talking of the 'plain' version, with no patches/hot fixes on top? If that's the case, you're using of a software that has been developed in 2004 and released in Jan 2005! Just for you to be aware, in the last *8* (eight) years a considerable number (in the magnitude of 10^3) of bugs, security problems and performance issues has been identified and fixed...
However, to provide a better answer to your question, it would be important to understand the 'big picture' in terms of scenario and requirements:
1) Is this a critical 24x7 service for which you need to perform an on-line migration or you have a 'maintenance window' during which the service may be switched off?
2) Is the old server member of replication environment? If yes, how many masters/slaves do you have already? Shall the new server be part of this topology? What role shall it have?
3) Would it be possible to make the the old server able to communicate with the new server?
4) How big is the database that you've got to migrate? Do you have any requirement in terms of caches?
5) Do you take backups on a regularly basis and have in place working (*tested*) backup/restore procedures?
6) Is the new server conserving or changing the O.S. and architecture? [SPARC->SPARC, x86->x86, SPARC->x86, Solaris -> ? , 32 .vs. 64-bit? ]
7) What are the steps you did to 'install' the software on the new server?
Thanks,
Marco
P.S.: I don't wanna sound 'scaring' with all these questions, neither this should be intended as an 'hidden advertising' for Oracle Professional/Consulting Services, but the only way to not put in jeopardy your data is being aware of the risks, having the control of what's going on and ... possibly have a 'B' plan ;-)
P.S.S.: My last suggestion is to consider a migration to a later release AS SOON AS POSSIBLE; the latest is ODSEE 11.1.1.7, which is available here:
http://www.oracle.com/technetwork/middleware/downloads/oid-11g-161194.html
and seems to work pretty well ;-) -
How to encrypt password in Sun ONE directory server?
Hi,
I'm trying to perform an update to a password field in Sun ONE directory server using JNDI, but the stored password does not get encrypted by the directory server. I've searched the forum, and only found examples on how to do so for Active Directory. Please help.
ThanksYou didn't make mention of setting up ssl on the server side, so search these boards for openssl. Some nice person uploaded an nice example of how do use openssl to do this.
To get the ssl certs for the solaris-client ssl authentication ( tls:simple ) to work you will need to use netscape to connect to the ssl port to get the right format. There are comments in that same doc on how to do that. -
How to get certificate from sun one directory server
I have installed sun one directory server 5.2. Now in order to connect to the server through ldap protocol i need certificate on the client side.
How to get the certificate from the sun one directory server...??
( Earlier i tried the same procedure with active directory .and i got the certificate successfully ...as well as ldap authentication..but don't know what to do with the sun one..???)
Any tips on this issue will be helpful
thank youYou didn't make mention of setting up ssl on the server side, so search these boards for openssl. Some nice person uploaded an nice example of how do use openssl to do this.
To get the ssl certs for the solaris-client ssl authentication ( tls:simple ) to work you will need to use netscape to connect to the ssl port to get the right format. There are comments in that same doc on how to do that. -
Page size limitation on Sun ONE directory server 5.2
Hi All,
How do i know what is the Page size limitation on Sun ONE directory server 5.2?
How do i cahnage it?
Best Regards,
Ayelet Regev
[email protected]I enabled SSL in SUN ONE Directory Server 5.2, I use the following code to download the server certs,
Hashtable env = new Hashtable(11);
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldaps://bharatkumar.webm.webmethods.com:636/o=in");
env.put(Context.SECURITY_AUTHENTICATION, "EXTERNAL");
env.put(Context.SECURITY_PROTOCOL, "ssl");
try {
// Create initial context
DirContext ctx = new InitialDirContext(env);
System.out.println(ctx.lookup("ou=web"));
ctx.close();
} catch (NamingException e) {
e.printStackTrace();
But it throws the following error:
javax.naming.CommunicationException: SASL bind failed: bharat.com:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.
validator.ValidatorException: PKIX path building failed: sun.security.provider.c
ertpath.SunCertPathBuilderException: unable to find valid certification path to
requested target]
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:220)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2637)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193
How to rectify the above error?
Kindly Help me.
Thanks,
Bharat -
Backup of Sun ONE Directory Server 5.2
Hello,
I am new to Sun ONE Directory server and I installed a copy of version 5.2 on Windows 2000 server and want to ask for your help that how could I backup the LDAP server?
Since there is tool for backup of data but how could I recover if the server instance is failed?
Thanks in advanced.
PatHi Pat,
If you are new to the Directory Server, then it is recommended to study the documentation ;-).
Chapter 4 of the Administrators Guide discusses the backup and restore procedures.
See: http://docs.sun.com/source/816-6698-10/populate.html
If you cannot start the directory server because the database is corrupted, then you may want to use the off-line restore tools (e.g. bak2db).
Before you do anything, study the above chapter.
Bertold -
Domino R6 Sun ONE Directory Server 5.2 SSL Integration
We are trying to integrate Lotus Domino R6 server with the third party Sun ONE Directory Server 5.2.
We were successful in the integration without SSL.
Next we are trying to enable SSL communication between the two. We have configured the Certificates on both the servers. We get the following error on the Directory server (access logs).
[18/Jan/2005:16:57:14 +051800] conn=12903 op=-1 msgId=-1 - fd=161 slot=161 LDAPS
connection from 172.xx.xx.xxx to 172.xx.x.xx
[18/Jan/2005:16:57:14 +051800] conn=12903 op=-1 msgId=-1 - SSL error -8101 (Cert
ificate type not approved for application.); unauthenticated client CN=sun-dwc.xxxxxxxx
.com, OU=TCS, O=PGS, L=Bangalore, ST=Karnataka, C=IN; issuer CN=beTRUSTed M
achine CA - RSA Implementation, OU=beTRUSTed CAs, O=beTRUSTed
[18/Jan/2005:16:57:14 +051800] conn=12903 op=-1 msgId=-1 - closing - B1
[18/Jan/2005:16:57:14 +051800] conn=12903 op=-1 msgId=-1 - closed.
Can someone please help. Thanks.Hi
We had the same exact problem.
The thing is that Domino uses SASL to authenticate against the LDAP directory as soon as the option "make this domain available to notes client & internet authentication" is checked in directory assistance.
A workaround is to disable client authentication on the encryption tab of the sun directory server, but this is not what we want.
Did you find another solution ?
Thanks
Yann -
How to create Roles along with Entitlements in Sun One Directory Server?
i need to create roles in sun one directory server along with entitlements
please help me in this regardHi Logeshr,
Is the issue with deploying the webjobsever resolved ? If yes, could you share the work around so that it can help others who has similar issues.
Most possible causes for the issue could be Problems with Problems with Parallel build using MSBuild or
HeatDirectory failure on TFS with MSBUILD error MSB4166: Child node “3” exited prematurely
However, as you said it works fine in Visual studio , ensure your CI server has all of the latest updates to MS Build. If you're not current, you'll get a build error when .targets file processes at the end of the buildsequence.
Regards,
Shirisha Paderu -
Migrate from Sun One Directory Server 5.1 to 5.2
Greetings
I am trying to run the script provided with the 5.2 release MigrateInstance5; I have installed the server and have followed the instructions to a tee. I keep getting the error, Unable to start the Sun One Directory Server, when I run the script, I am at my wits end as this is supposed to be the easy step, I have to go from 4.2 to 5.2 next.
Please help.Hello,
We upgraded our directory server version for several times.
If you want a secure method.
export your data.
Copy your schema file to the new install path, modify the information related to the old version and server (also the last line containing db number : keep only lines about the schema entry, it's ACI, objectclasse and attributes) and restart your directory.
Import your data. (you might use a script to clean your ldif file : empty attributes ...)
For the upgrade from 4.2 to 5.2 you will have to work a little bit more on the schema file as you have two of them instead of one. but the idea is the same.
edit your New schema file, keep only the following lines "
dn: cn=schema
objectClass: top
objectClass: ldapSubentry
objectClass: subschema
cn: schema
aci: ....
aci: ....
copy and paste your custom attributes and then objectclasses form the corresponding files.
On the import phase, check that you are not using objectclasses whiche were modified or suppressed.
I hope it was helpfull. -
Migration of sun one directory server
Hello All,
There was sun one directory server is installed in windows server 2003..
unfortunately the machine got crashed, but we have the whole folder structure(MPS) in the hard disk.
Can any one help me how can i bring that server back with that files in another windows 2003 machine.
i.e how can i configure the files and start the server.
thanks in advance..
regards
KishoreI don't know exactly how is it in Windows environments, but in Unix if you have the whole product directories you only ought to copy them to other machine in the same directories, same owner, same permissions and it should work. I'm talking about DSSE 6.x, I don't know if for previous versions that's possible.
-
SSL on Sun One Directory Server
I am trying to establish SSL connection with Sun One Directory Server 5.2. However, I am unable to establish connection to the server using Microsoft LDP tool if i specify secure port 636. Unsecure connection is established successfully.
I followed the following steps to enable SSL/TLS on Sun One Server
1. Generate certificate request
2. Acquire SSL certificate from CA (used thawte site to obtain trial certificate by entering the certificate request)
3. Imported certificate to server (server-cert)
4. Trusting your Certificate Authority and all certificates it issues
5. Enable SSL on server
Do i require to add a client certificate to keytstore? From where should i obtain a client certificate? Please help.1. Try and make sure that the certificate is issued to the hostname. Similarly, connect from MS to DS using the DS's hostname, not IP.
2. Import CA root test certificate from thwate on both the DS certstore, as well as MS LDAP client's keystore.
3. If the purpose of certificates is only encryption, you may look at the client for an option to disable hostname verification.
4. No client cert is needed, unless you have configured LDAP for certificate based authentication.
Hope the above help.
Ankush
http://www.iamcg.net -
Adding a windows client to a sun one Directory server running on Win 2000
Hi,
I am a newbie to sun one directory server but i am familiar with windows active directory.
I have followed the instructions and installed Sun One Directory Server on Windows 2000 Server using a typical setup and create a domain and also created some users in that domain.
The next thing i wanted to do was to add a windows 2000 professional desktop on this domain and login with one of the user accounts. I tried to adding the computer to the domain via the "My Computer->Network Identification->Properties->Domain" option and gave the domain name as the one i created on the Sun One Directory Server, but i get an error saying that domain was not found.
Am i missing something here. Do i need to install some client piece on the windows 2000 desktop to add the box on the sun one domain and login in as one of the users.
Any help will be deeply appreciated?
Thanks,
Raj...yes, you can use samba for a windows client to login to ldap
http://www.samba.org/samba/docs/man/Samba-Guide/happy.html#id2536158
, but for windows XP clients you need to tweak the registry
http://www-jerry.oit.duke.edu/linux/docs/samba/winxp_client_registry_edit -
Migrating data from Sun ONE directory server into openLDAP
Hi,
I was to migrate the data from Sun ONE directory server into openldap. Has anybody done this or know about this. Can you please share the steps that needs to be done.
NOTE: I have exported the data into LDIF file but when I run with ldapadd into the open ldap
ldap_add: Invalid syntax (21)
additional info: objectClass: value #1 invalid per syntax
Are there specific schemas that i need. Where can I find them?
ThanksWhy would you want to migrate data into an OpenLDAP server ?Good Question, let me explain you my problem with Sun DS.
No Question DS is the better product (even Red Hat realized this).
Problem: DS is not a base Solaris 10 OS component, for patch support
you need some additional plan, now sun marketing nightmare comes ;o)
Every year service plans are changed (want a SJES or a DS or a DSEE ?)
so use solaris with OpenLDAP, or linus with NSDS.
Sun please give us a Solaris Core Component called LDAP Server (no need for trillions of entries).
joe
Maybe you are looking for
-
Is there any way to create a circular buffer using the INSERT ARRAY function?
I saw the example using the REPLACE ARRAY function, but it uses too much CPU power on my laptop. I'm using it for a very sensitive application and saw that the INSERT ARRAY function used much less CPU power. I am also not wiring the index on the INSE
-
Have tried everything to start an update but no luck, app is telling me to have atleast 4.3.5 software on my iphone to run. Any help would be appreciated!
-
SSL: Received fatal alert: certificate_unknown Problem
Hi all, first I read this thread http://forums.sun.com/thread.jspa?threadID=5385002 but I didnt help me so i startad a new one. I´m doing a client, server and thread implementation with ssl, i copied certifcates and keystores on the directories and s
-
Hi if I buy a apple product from argos does it still come with a year guarantee
Hi if I buy a apple product from argos will I still get the apple 1 year warrantee ?
-
How do I move music from my iPod to iTunes
I need to update my ipod software, but it says I have purchased music not in my itunes library. After (finally) locating the incriminating Ke$ha album, I cannot transfer it. I cannot drag it from my ipod, but it does not show up in my purchased music