<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 10/15/2014 05:29 PM, Clint Savage
wrote:<br>
</div>
<blockquote
cite="mid:CAO3ufTk9uaCtBfoqbCVa9YJ-RyqxYu8gj-BTSOXssai0EMmJaQ@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote">On Wed, Oct 15, 2014 at 5:04 PM, Rich
Megginson <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:rmeggins@redhat.com" target="_blank">rmeggins@redhat.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>
<div class="h5">
<div>On 10/15/2014 04:43 PM, Clint Savage wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote">On Wed, Oct 15, 2014
at 2:33 PM, Rich Megginson <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:rmeggins@redhat.com"
target="_blank">rmeggins@redhat.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote"
style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex"><span>On
10/15/2014 02:05 PM, Rob Crittenden
wrote:<br>
<blockquote class="gmail_quote"
style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
Clint Savage wrote:<br>
<blockquote class="gmail_quote"
style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
$ rpm -q ipa-server<br>
ipa-server-3.3.3-28.el7.centos.1.x86_64<br>
<br>
I was thinking that this might be an
issue with the rhel7 version. I'm<br>
going to be trying the same
migration tonight on rhel6. I know
the IPA<br>
version is older, and samba stuff
might not work as it does in 3.3. I<br>
haven't looked in RHEL 6.6 yet to
see what version of IPA is
available.<br>
</blockquote>
I tested using a fairly recent IPA
master build (4.1+). I'm not<br>
convinced it is related to any
specific version, but different
features<br>
are available so I thought I'd try to
duplicate on a more similar<br>
footing (apples to apples
comparision).<br>
<br>
The trick is to try to narrow down
what attribute the LDAP server thinks<br>
already exists. We don't get a very
nice error out of LDAP, like *what*<br>
attribute already exists, for example
:-(<br>
<br>
It may be possible to set the 389-ds
debug level to such that you get<br>
some decent output, but trying to find
the right balance of output can<br>
be challenging. See their FAQ
troubleshooting section.<br>
</blockquote>
<br>
</span><a moz-do-not-send="true"
href="http://www.port389.org/docs/389ds/FAQ/faq.html#troubleshooting"
target="_blank">http://www.port389.org/docs/389ds/FAQ/faq.html#troubleshooting</a><br>
<br>
Try the ARGS (Heavy trace output
debugging) level
<div>
<div><br>
<br>
<blockquote class="gmail_quote"
style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<br>
rob<br>
<br>
<br>
<blockquote class="gmail_quote"
style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
Clint<br>
<br>
On Wed, Oct 15, 2014 at 1:16 PM,
Rob Crittenden <<a
moz-do-not-send="true"
href="mailto:rcritten@redhat.com"
target="_blank">rcritten@redhat.com</a><br>
<mailto:<a
moz-do-not-send="true"
href="mailto:rcritten@redhat.com"
target="_blank">rcritten@redhat.com</a>>>
wrote:<br>
<br>
Ludwig Krispenz wrote:<br>
><br>
> On 10/14/2014 06:58 PM,
Clint Savage wrote:<br>
>> Hi all,<br>
>><br>
>> I've been working on
a migration plan using three
custom user<br>
>> objectClasses and
one group objectclass. In my
attempt, I've setup an<br>
>> openldap server with
the proper schemas, imported the
ldif and have<br>
>> records that look
something like this in ldif
format.<br>
>><br>
>><br>
-----------------------------------------------------------------------<br>
>><br>
>> dn:
dc=example,dc=com<br>
>> objectClass: top<br>
>> objectClass: domain<br>
>> dc: example<br>
>><br>
>> dn:
ou=Groups,dc=example,dc=com<br>
>> objectClass: top<br>
>> objectClass:
organizationalunit<br>
>> ou: Groups<br>
>><br>
>> dn:
ou=People,dc=example,dc=com<br>
>> objectClass: top<br>
>> objectClass:
organizationalunit<br>
>> ou: People<br>
>><br>
>> dn:
uid=amyengh,ou=People,dc=example,dc=com<br>
>> objectClass:
inetOrgPerson<br>
>> objectClass:
posixAccount<br>
>> objectClass: top<br>
>> objectClass:
organizationalPerson<br>
>> objectClass: person<br>
>> objectClass:
radiusProfile<br>
>> objectClass:
sambaSamAccount<br>
>> objectClass:
customPersonAttributes<br>
>> cn: Amy Engh<br>
>> gidNumber:
1141801056<br>
>> homeDirectory:
/home/amyengh<br>
>> sn: Engh<br>
>> uid: amyengh<br>
>> uidNumber:
1141801056<br>
>> displayName: Amy
Engh<br>
>> givenName: Amy<br>
>> loginShell:
/sbin/nologin<br>
>> mail: <a
moz-do-not-send="true"
href="mailto:amyengh@attask.com"
target="_blank">amyengh@attask.com</a>
<mailto:<a
moz-do-not-send="true"
href="mailto:amyengh@attask.com"
target="_blank">amyengh@attask.com</a>><br>
<mailto:<a
moz-do-not-send="true"
href="mailto:amyengh@attask.com"
target="_blank">amyengh@attask.com</a>
<mailto:<a
moz-do-not-send="true"
href="mailto:amyengh@attask.com"
target="_blank">amyengh@attask.com</a>>><br>
>> userPassword::
REDACTED<br>
>> dialupAccess: yes<br>
>>
radiusTunnelMediumType: IEEE-802<br>
>>
radiusTunnelPrivateGroupId: 1421<br>
>> radiusTunnelType:
VLAN<br>
>> emailPassword::
REDACTED<br>
>> sambaAcctFlags: [U
]<br>
>> sambaLMPassword:
REDACTED<br>
>> sambaNTPassword:
REDACTED<br>
>>
sambaPasswordHistory:<br>
>>
000000000000000000000000000000000000000000000000000000<br>
>> 0000000000<br>
>> sambaPwdLastSet:
1402698001<br>
>> sambaSID:
S-1-5-21-2332447373-4108748234-3602490535-3146<br>
>><br>
>> dn:
cn=amyengh,ou=Groups,dc=example,dc=com<br>
>> objectClass: top<br>
>> objectClass:
posixGroup<br>
>> cn: amyengh<br>
>> gidNumber:
1141801056<br>
>> memberUid: amyengh<br>
>><br>
>>
--------------------------------------------------------------------<br>
>><br>
>> I then run the
migration (with or without compat
makes no difference)<br>
>> and get the
following:<br>
>><br>
>> ipa migrate-ds
--with-compat
--user-container="ou=People"<br>
>>
--group-container="ou=Groups"
--user-objectclass=posixAccount<br>
>>
--group-objectclass=posixgroup <a
moz-do-not-send="true">ldap://</a><a
moz-do-not-send="true"
href="http://192.168.122.210"
target="_blank">192.168.122.210</a><br>
<<a moz-do-not-send="true"
href="http://192.168.122.210"
target="_blank">http://192.168.122.210</a>><br>
>> <<a
moz-do-not-send="true"
href="http://192.168.122.210"
target="_blank">http://192.168.122.210</a>>
--bind-dn="cn=Manager,dc=example,dc=com"<br>
>> Password:<br>
>> -----------<br>
>> migrate-ds:<br>
>> -----------<br>
>> Migrated:<br>
>> Failed user:<br>
>> amyengh: Type or
value exists:<br>
>> Failed group:<br>
>> amyengh: This
entry already exists.<br>
> "type or value exists"
and "This entry already exists"
are just<br>
> explanations of the ldap
return code, do you see anything
in the 389 ds<br>
> error logs ?<br>
<br>
I doubt that he would see any
errors.<br>
<br>
The entry already existing is
because this isn't his first
migration, it<br>
is unrelated.<br>
<br>
I'm not able to reproduce
this. What version of IPA is it?<br>
<br>
rob<br>
<br>
--<br>
Manage your subscription for
the Freeipa-users mailing list:<br>
<a moz-do-not-send="true"
href="https://www.redhat.com/mailman/listinfo/freeipa-users"
target="_blank">https://www.redhat.com/mailman/listinfo/freeipa-users</a><br>
Go To <a
moz-do-not-send="true"
href="http://freeipa.org"
target="_blank">http://freeipa.org</a>
for more info on the project<br>
<br>
<br>
</blockquote>
</blockquote>
<br>
-- <br>
Manage your subscription for the
Freeipa-users mailing list:<br>
<a moz-do-not-send="true"
href="https://www.redhat.com/mailman/listinfo/freeipa-users"
target="_blank">https://www.redhat.com/mailman/listinfo/freeipa-users</a><br>
Go To <a moz-do-not-send="true"
href="http://freeipa.org"
target="_blank">http://freeipa.org</a>
for more info on the project<br>
</div>
</div>
</blockquote>
</div>
<br>
This is what I get in the logs when running
the migration:<br>
<br>
==> access <==<br>
[15/Oct/2014:18:35:46 -0400] conn=8 op=166
SRCH base="idnsName=_tcp,idnsname=<a
moz-do-not-send="true"
href="http://example.com" target="_blank">example.com</a>,cn=dns,dc=example,dc=com"
scope=0 filter="(objectClass=idnsRecord)"
attrs=ALL<br>
[15/Oct/2014:18:35:46 -0400] conn=8 op=166
RESULT err=32 tag=101 nentries=0 etime=0<br>
[15/Oct/2014:18:35:48 -0400] conn=606 fd=79
slot=79 connection from 192.168.122.200 to
192.168.122.200<br>
[15/Oct/2014:18:35:48 -0400] conn=4 op=960
SRCH base="dc=example,dc=com" scope=2
filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal))(krbPrincipalName=krbtgt/<a
moz-do-not-send="true"
href="mailto:EXAMPLE.COM@EXAMPLE.COM"
target="_blank">EXAMPLE.COM@EXAMPLE.COM</a>))"
attrs="krbPrincipalName krbCanonicalName
ipaKrbPrincipalAlias krbUPEnabled
krbPrincipalKey krbTicketPolicyReference
krbPrincipalExpiration krbPasswordExpiration
krbPwdPolicyReference krbPrincipalType
krbPwdHistory krbLastPwdChange
krbPrincipalAliases krbLastSuccessfulAuth
krbLastFailedAuth krbLoginFailedCount
krbExtraData krbLastAdminUnlock
krbObjectReferences krbTicketFlags
krbMaxTicketLife krbMaxRenewableAge
nsAccountLock passwordHistory ipaKrbAuthzData
ipaUserAuthType objectClass"<br>
[15/Oct/2014:18:35:48 -0400] conn=4 op=960
RESULT err=0 tag=101 nentries=1 etime=0<br>
[15/Oct/2014:18:35:48 -0400] conn=4 op=961
SRCH base="dc=example,dc=com" scope=2
filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal)(objectClass=ipakrbprincipal))(|(ipaKrbPrincipalAlias=ldap/<a
moz-do-not-send="true"
href="mailto:ipa7.example.com@EXAMPLE.COM"
target="_blank">ipa7.example.com@EXAMPLE.COM</a>)(krbPrincipalName=ldap/<a
moz-do-not-send="true"
href="mailto:ipa7.example.com@EXAMPLE.COM"
target="_blank">ipa7.example.com@EXAMPLE.COM</a>)))"
attrs="krbPrincipalName krbCanonicalName
ipaKrbPrincipalAlias krbUPEnabled
krbPrincipalKey krbTicketPolicyReference
krbPrincipalExpiration krbPasswordExpiration
krbPwdPolicyReference krbPrincipalType
krbPwdHistory krbLastPwdChange
krbPrincipalAliases krbLastSuccessfulAuth
krbLastFailedAuth krbLoginFailedCount
krbExtraData krbLastAdminUnlock
krbObjectReferences krbTicketFlags
krbMaxTicketLife krbMaxRenewableAge
nsAccountLock passwordHistory ipaKrbAuthzData
ipaUserAuthType objectClass"<br>
[15/Oct/2014:18:35:48 -0400] conn=4 op=961
RESULT err=0 tag=101 nentries=1 etime=0<br>
[15/Oct/2014:18:35:48 -0400] conn=4 op=962
SRCH base="cn=<a moz-do-not-send="true"
href="http://EXAMPLE.COM" target="_blank">EXAMPLE.COM</a>,cn=kerberos,dc=example,dc=com"
scope=0
filter="(objectClass=krbticketpolicyaux)"
attrs="krbMaxTicketLife krbMaxRenewableAge
krbTicketFlags"<br>
[15/Oct/2014:18:35:48 -0400] conn=4 op=962
RESULT err=0 tag=101 nentries=1 etime=0<br>
[15/Oct/2014:18:35:48 -0400] conn=4 op=963
SRCH base="dc=example,dc=com" scope=2
filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal))(krbPrincipalName=HTTP/<a
moz-do-not-send="true"
href="mailto:ipa7.example.com@EXAMPLE.COM"
target="_blank">ipa7.example.com@EXAMPLE.COM</a>))"
attrs="krbPrincipalName krbCanonicalName
ipaKrbPrincipalAlias krbUPEnabled
krbPrincipalKey krbTicketPolicyReference
krbPrincipalExpiration krbPasswordExpiration
krbPwdPolicyReference krbPrincipalType
krbPwdHistory krbLastPwdChange
krbPrincipalAliases krbLastSuccessfulAuth
krbLastFailedAuth krbLoginFailedCount
krbExtraData krbLastAdminUnlock
krbObjectReferences krbTicketFlags
krbMaxTicketLife krbMaxRenewableAge
nsAccountLock passwordHistory ipaKrbAuthzData
ipaUserAuthType objectClass"<br>
[15/Oct/2014:18:35:48 -0400] conn=4 op=963
RESULT err=0 tag=101 nentries=1 etime=0<br>
[15/Oct/2014:18:35:48 -0400] conn=4 op=964
SRCH base="cn=<a moz-do-not-send="true"
href="http://EXAMPLE.COM" target="_blank">EXAMPLE.COM</a>,cn=kerberos,dc=example,dc=com"
scope=0
filter="(objectClass=krbticketpolicyaux)"
attrs="krbMaxTicketLife krbMaxRenewableAge
krbTicketFlags"<br>
[15/Oct/2014:18:35:48 -0400] conn=4 op=964
RESULT err=0 tag=101 nentries=1 etime=0<br>
[15/Oct/2014:18:35:48 -0400] conn=4 op=965
SRCH base="dc=example,dc=com" scope=2
filter="(&(objectClass=ipaKrb5DelegationACL)(memberPrincipal=HTTP/<a
moz-do-not-send="true"
href="mailto:ipa7.example.com@EXAMPLE.COM"
target="_blank">ipa7.example.com@EXAMPLE.COM</a>))"
attrs="objectClass memberPrincipal"<br>
[15/Oct/2014:18:35:48 -0400] conn=4 op=965
RESULT err=0 tag=101 nentries=1 etime=0<br>
[15/Oct/2014:18:35:48 -0400] conn=4 op=966
SRCH base="dc=example,dc=com" scope=2
filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal))(krbPrincipalName=<a
moz-do-not-send="true"
href="mailto:admin@EXAMPLE.COM"
target="_blank">admin@EXAMPLE.COM</a>))"
attrs="krbPrincipalName krbCanonicalName
ipaKrbPrincipalAlias krbUPEnabled
krbPrincipalKey krbTicketPolicyReference
krbPrincipalExpiration krbPasswordExpiration
krbPwdPolicyReference krbPrincipalType
krbPwdHistory krbLastPwdChange
krbPrincipalAliases krbLastSuccessfulAuth
krbLastFailedAuth krbLoginFailedCount
krbExtraData krbLastAdminUnlock
krbObjectReferences krbTicketFlags
krbMaxTicketLife krbMaxRenewableAge
nsAccountLock passwordHistory ipaKrbAuthzData
ipaUserAuthType objectClass"<br>
[15/Oct/2014:18:35:48 -0400] conn=4 op=966
RESULT err=0 tag=101 nentries=1 etime=0<br>
[15/Oct/2014:18:35:48 -0400] conn=4 op=967
SRCH base="cn=<a moz-do-not-send="true"
href="http://EXAMPLE.COM" target="_blank">EXAMPLE.COM</a>,cn=kerberos,dc=example,dc=com"
scope=0
filter="(objectClass=krbticketpolicyaux)"
attrs="krbMaxTicketLife krbMaxRenewableAge
krbTicketFlags"<br>
[15/Oct/2014:18:35:48 -0400] conn=4 op=967
RESULT err=0 tag=101 nentries=1 etime=0<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=0
BIND dn="" method=sasl version=3 mech=GSSAPI<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=0
RESULT err=14 tag=97 nentries=0 etime=0, SASL
bind in progress<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=1
BIND dn="" method=sasl version=3 mech=GSSAPI<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=1
RESULT err=14 tag=97 nentries=0 etime=0, SASL
bind in progress<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=2
BIND dn="" method=sasl version=3 mech=GSSAPI<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=2
RESULT err=0 tag=97 nentries=0 etime=0
dn="uid=admin,cn=users,cn=accounts,dc=example,dc=com"<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=3
SRCH
base="cn=ipaconfig,cn=etc,dc=example,dc=com"
scope=0 filter="(objectClass=*)" attrs=ALL<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=3
RESULT err=0 tag=101 nentries=1 etime=0<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=4
SRCH
base="cn=ipausers,cn=groups,cn=accounts,dc=example,dc=com"
scope=0 filter="(objectClass=*)"
attrs="gidNumber cn"<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=4
RESULT err=0 tag=101 nentries=1 etime=0<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=5
SRCH base="cn=UPG
Definition,cn=Definitions,cn=Managed
Entries,cn=etc,dc=example,dc=com" scope=0
filter="(objectClass=*)" attrs="* aci"<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=5
RESULT err=0 tag=101 nentries=1 etime=0<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=6
SRCH
base="cn=ipaconfig,cn=etc,dc=example,dc=com"
scope=0 filter="(objectClass=*)" attrs=ALL<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=6
RESULT err=0 tag=101 nentries=1 etime=0<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=7
SRCH
base="cn=users,cn=accounts,dc=example,dc=com"
scope=2
filter="(&(objectClass=krbprincipalaux)(krbPrincipalName=<a
moz-do-not-send="true"
href="mailto:amyengh@EXAMPLE.COM"
target="_blank">amyengh@EXAMPLE.COM</a>))"
attrs=""<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=7
RESULT err=0 tag=101 nentries=1 etime=0<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=8 ADD
dn="uid=amyengh,cn=users,cn=accounts,dc=example,dc=com",
add values for type objectClass failed<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=8
RESULT err=20 tag=105 nentries=0 etime=0<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=9
SRCH
base="cn=ipausers,cn=groups,cn=accounts,dc=example,dc=com"
scope=0 filter="(objectClass=*)"
attrs="gidNumber cn"<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=9
RESULT err=0 tag=101 nentries=1 etime=0<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=10
SRCH base="cn=UPG
Definition,cn=Definitions,cn=Managed
Entries,cn=etc,dc=example,dc=com" scope=0
filter="(objectClass=*)" attrs="* aci"<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=10
RESULT err=0 tag=101 nentries=1 etime=0<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=11
ADD
dn="cn=amyengh,cn=groups,cn=accounts,dc=example,dc=com"<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=11
RESULT err=68 tag=105 nentries=0 etime=0<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=12
SRCH
base="cn=users,cn=accounts,dc=example,dc=com"
scope=2
filter="(&(objectClass=posixAccount)(!(memberOf=cn=ipausers,cn=groups,cn=accounts,dc=example,dc=com)))"
attrs=""<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=12
RESULT err=0 tag=101 nentries=0 etime=0<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=13
UNBIND<br>
[15/Oct/2014:18:35:48 -0400] conn=606 op=13
fd=79 closed - U1<br>
<br>
</div>
<div class="gmail_extra">It kind of looks like
there's some sort of failure with my gidNumber
or cn, but both the user and group objects
have these values. Any idea what is going on
there?<br>
</div>
</div>
</blockquote>
<br>
</div>
</div>
Did you enable the ARGS level error logging in the
errors log? If so, what's in the errors log?<br>
<br>
</div>
<br>
--<br>
Manage your subscription for the Freeipa-users mailing
list:<br>
<a moz-do-not-send="true"
href="https://www.redhat.com/mailman/listinfo/freeipa-users"
target="_blank">https://www.redhat.com/mailman/listinfo/freeipa-users</a><br>
Go To <a moz-do-not-send="true" href="http://freeipa.org"
target="_blank">http://freeipa.org</a> for more info on
the project<br>
</blockquote>
</div>
<br>
Ha! I debated sending the error logs. I think Dmitri may be
right about the group value. I'll try that too.<br>
</div>
</div>
</blockquote>
<br>
Looks like the errors log was truncated. Can you put it on some
file sharing site? If not, just email it to me directly.<br>
<br>
<blockquote
cite="mid:CAO3ufTk9uaCtBfoqbCVa9YJ-RyqxYu8gj-BTSOXssai0EMmJaQ@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_extra"><br>
<br>
==> errors <==<br>
[15/Oct/2014:18:35:46 -0400] - SRCH base="(null)" scope=0
deref=0 sizelimit=0 timelimit=0 attrsonly=0
filter="(objectClass=idnsRecord)" attrs=ALL<br>
[15/Oct/2014:18:35:46 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:46 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - SRCH base="(null)" scope=2
deref=0 sizelimit=0 timelimit=300 attrsonly=0
filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal))(krbPrincipalName=krbtgt/<a
moz-do-not-send="true" href="mailto:EXAMPLE.COM@EXAMPLE.COM">EXAMPLE.COM@EXAMPLE.COM</a>))"
attrs="krbPrincipalName krbCanonicalName ipaKrbPrincipalAlias
krbUPEnabled krbPrincipalKey krbTicketPolicyReference
krbPrincipalExpiration krbPasswordExpiration
krbPwdPolicyReference krbPrincipalType krbPwdHistory
krbLastPwdChange krbPrincipalAliases krbLastSuccessfulAuth
krbLastFailedAuth krbLoginFailedCount krbExtraData
krbLastAdminUnlock krbObjectReferences krbTicketFlags
krbMaxTicketLife krbMaxRenewableAge nsAccountLock
passwordHistory ipaKrbAuthzData ipaUserAuthType objectClass"<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0xa<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - SRCH base="(null)" scope=2
deref=0 sizelimit=0 timelimit=300 attrsonly=0
filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal)(objectClass=ipakrbprincipal))(|(ipaKrbPrincipalAlias=ldap/<a
moz-do-not-send="true"
href="mailto:ipa7.example.com@EXAMPLE.COM">ipa7.example.com@EXAMPLE.COM</a>)(krbPrincipalName=ldap/<a
moz-do-not-send="true"
href="mailto:ipa7.example.com@EXAMPLE.COM">ipa7.example.com@EXAMPLE.COM</a>)))"
attrs="krbPrincipalName krbCanonicalName ipaKrbPrincipalAlias
krbUPEnabled krbPrincipalKey krbTicketPolicyReference
krbPrincipalExpiration krbPasswordExpiration
krbPwdPolicyReference krbPrincipalType krbPwdHistory
krbLastPwdChange krbPrincipalAliases krbLastSuccessfulAuth
krbLastFailedAuth krbLoginFailedCount krbExtraData
krbLastAdminUnlock krbObjectReferences krbTicketFlags
krbMaxTicketLife krbMaxRenewableAge nsAccountLock
passwordHistory ipaKrbAuthzData ipaUserAuthType objectClass"<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0xa<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - SRCH base="(null)" scope=0
deref=0 sizelimit=0 timelimit=300 attrsonly=0
filter="(objectClass=krbticketpolicyaux)"
attrs="krbMaxTicketLife krbMaxRenewableAge krbTicketFlags"<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - SRCH base="(null)" scope=2
deref=0 sizelimit=0 timelimit=300 attrsonly=0
filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal))(krbPrincipalName=HTTP/<a
moz-do-not-send="true"
href="mailto:ipa7.example.com@EXAMPLE.COM">ipa7.example.com@EXAMPLE.COM</a>))"
attrs="krbPrincipalName krbCanonicalName ipaKrbPrincipalAlias
krbUPEnabled krbPrincipalKey krbTicketPolicyReference
krbPrincipalExpiration krbPasswordExpiration
krbPwdPolicyReference krbPrincipalType krbPwdHistory
krbLastPwdChange krbPrincipalAliases krbLastSuccessfulAuth
krbLastFailedAuth krbLoginFailedCount krbExtraData
krbLastAdminUnlock krbObjectReferences krbTicketFlags
krbMaxTicketLife krbMaxRenewableAge nsAccountLock
passwordHistory ipaKrbAuthzData ipaUserAuthType objectClass"<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0xa<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - SRCH base="(null)" scope=0
deref=0 sizelimit=0 timelimit=300 attrsonly=0
filter="(objectClass=krbticketpolicyaux)"
attrs="krbMaxTicketLife krbMaxRenewableAge krbTicketFlags"<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - SRCH base="(null)" scope=2
deref=0 sizelimit=0 timelimit=300 attrsonly=0
filter="(&(objectClass=ipaKrb5DelegationACL)(memberPrincipal=HTTP/<a
moz-do-not-send="true"
href="mailto:ipa7.example.com@EXAMPLE.COM">ipa7.example.com@EXAMPLE.COM</a>))"
attrs="objectClass memberPrincipal"<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - SRCH base="(null)" scope=2
deref=0 sizelimit=0 timelimit=300 attrsonly=0
filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal))(krbPrincipalName=<a
moz-do-not-send="true" href="mailto:admin@EXAMPLE.COM">admin@EXAMPLE.COM</a>))"
attrs="krbPrincipalName krbCanonicalName ipaKrbPrincipalAlias
krbUPEnabled krbPrincipalKey krbTicketPolicyReference
krbPrincipalExpiration krbPasswordExpiration
krbPwdPolicyReference krbPrincipalType krbPwdHistory
krbLastPwdChange krbPrincipalAliases krbLastSuccessfulAuth
krbLastFailedAuth krbLoginFailedCount krbExtraData
krbLastAdminUnlock krbObjectReferences krbTicketFlags
krbMaxTicketLife krbMaxRenewableAge nsAccountLock
passwordHistory ipaKrbAuthzData ipaUserAuthType objectClass"<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0xa<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - SRCH base="(null)" scope=0
deref=0 sizelimit=0 timelimit=300 attrsonly=0
filter="(objectClass=krbticketpolicyaux)"
attrs="krbMaxTicketLife krbMaxRenewableAge krbTicketFlags"<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
frontend-internal<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
frontend-internal<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
frontend-internal<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
frontend-internal<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
frontend-internal<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
frontend-internal<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
frontend-internal<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
frontend-internal<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
frontend-internal<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
frontend-internal<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0xa<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - krbLastSuccessfulAuth:
20141015223548Z<br>
[15/Oct/2014:18:35:48 -0400] - replace:
krbLastSuccessfulAuth<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - modifiersname: cn=IPA
Lockout,cn=plugins,cn=config<br>
[15/Oct/2014:18:35:48 -0400] - replace: modifiersname<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - modifytimestamp:
20141015223548Z<br>
[15/Oct/2014:18:35:48 -0400] - replace: modifytimestamp<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - krbLastSuccessfulAuth:
20141015223548Z<br>
[15/Oct/2014:18:35:48 -0400] - replace:
krbLastSuccessfulAuth<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - modifiersname: cn=IPA
Lockout,cn=plugins,cn=config<br>
[15/Oct/2014:18:35:48 -0400] - replace: modifiersname<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - modifytimestamp:
20141015223548Z<br>
[15/Oct/2014:18:35:48 -0400] - replace: modifytimestamp<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - krbLastSuccessfulAuth:
20141015223548Z<br>
[15/Oct/2014:18:35:48 -0400] - replace:
krbLastSuccessfulAuth<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - modifiersname: cn=IPA
Lockout,cn=plugins,cn=config<br>
[15/Oct/2014:18:35:48 -0400] - replace: modifiersname<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - modifytimestamp:
20141015223548Z<br>
[15/Oct/2014:18:35:48 -0400] - replace: modifytimestamp<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - entryusn: 3439<br>
[15/Oct/2014:18:35:48 -0400] - replace: entryusn<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - index_addordel_values_ext_sv
indexmask 0x2<br>
[15/Oct/2014:18:35:48 -0400] - index_addordel_values_ext_sv
indexmask 0x2<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - krbLastSuccessfulAuth:
20141015223548Z<br>
[15/Oct/2014:18:35:48 -0400] - replace:
krbLastSuccessfulAuth<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - modifiersname: cn=IPA
Lockout,cn=plugins,cn=config<br>
[15/Oct/2014:18:35:48 -0400] - replace: modifiersname<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - modifytimestamp:
20141015223548Z<br>
[15/Oct/2014:18:35:48 -0400] - replace: modifytimestamp<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - krbLastSuccessfulAuth:
20141015223548Z<br>
[15/Oct/2014:18:35:48 -0400] - replace:
krbLastSuccessfulAuth<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - modifiersname: cn=IPA
Lockout,cn=plugins,cn=config<br>
[15/Oct/2014:18:35:48 -0400] - replace: modifiersname<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - modifytimestamp:
20141015223548Z<br>
[15/Oct/2014:18:35:48 -0400] - replace: modifytimestamp<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - krbLastSuccessfulAuth:
20141015223548Z<br>
[15/Oct/2014:18:35:48 -0400] - replace:
krbLastSuccessfulAuth<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - modifiersname: cn=IPA
Lockout,cn=plugins,cn=config<br>
[15/Oct/2014:18:35:48 -0400] - replace: modifiersname<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - modifytimestamp:
20141015223548Z<br>
[15/Oct/2014:18:35:48 -0400] - replace: modifytimestamp<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - entryusn: 3440<br>
[15/Oct/2014:18:35:48 -0400] - replace: entryusn<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - index_addordel_values_ext_sv
indexmask 0x2<br>
[15/Oct/2014:18:35:48 -0400] - index_addordel_values_ext_sv
indexmask 0x2<br>
[15/Oct/2014:18:35:48 -0400] - SRCH base="(null)" scope=0
deref=0 sizelimit=10 timelimit=2 attrsonly=0
filter="(objectClass=*)" attrs=ALL<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - krbLastSuccessfulAuth:
20141015223548Z<br>
[15/Oct/2014:18:35:48 -0400] - replace:
krbLastSuccessfulAuth<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - modifiersname: cn=IPA
Lockout,cn=plugins,cn=config<br>
[15/Oct/2014:18:35:48 -0400] - replace: modifiersname<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - modifytimestamp:
20141015223548Z<br>
[15/Oct/2014:18:35:48 -0400] - replace: modifytimestamp<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - krbLastSuccessfulAuth:
20141015223548Z<br>
[15/Oct/2014:18:35:48 -0400] - replace:
krbLastSuccessfulAuth<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - modifiersname: cn=IPA
Lockout,cn=plugins,cn=config<br>
[15/Oct/2014:18:35:48 -0400] - replace: modifiersname<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - modifytimestamp:
20141015223548Z<br>
[15/Oct/2014:18:35:48 -0400] - replace: modifytimestamp<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - krbLastSuccessfulAuth:
20141015223548Z<br>
[15/Oct/2014:18:35:48 -0400] - replace:
krbLastSuccessfulAuth<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - modifiersname: cn=IPA
Lockout,cn=plugins,cn=config<br>
[15/Oct/2014:18:35:48 -0400] - replace: modifiersname<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - modifytimestamp:
20141015223548Z<br>
[15/Oct/2014:18:35:48 -0400] - replace: modifytimestamp<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - entryusn: 3441<br>
[15/Oct/2014:18:35:48 -0400] - replace: entryusn<br>
[15/Oct/2014:18:35:48 -0400] - -<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - index_addordel_values_ext_sv
indexmask 0x2<br>
[15/Oct/2014:18:35:48 -0400] - index_addordel_values_ext_sv
indexmask 0x2<br>
[15/Oct/2014:18:35:48 -0400] - SRCH base="(null)" scope=0
deref=0 sizelimit=100 timelimit=2 attrsonly=0
filter="(objectClass=*)" attrs="gidNumber cn"<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - SRCH base="(null)" scope=0
deref=0 sizelimit=0 timelimit=0 attrsonly=0
filter="(objectClass=*)" attrs="* aci"<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - SRCH base="(null)" scope=0
deref=0 sizelimit=10 timelimit=2 attrsonly=0
filter="(objectClass=*)" attrs=ALL<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - SRCH base="(null)" scope=2
deref=0 sizelimit=100 timelimit=2 attrsonly=0
filter="(&(objectClass=krbprincipalaux)(krbPrincipalName=<a
moz-do-not-send="true" href="mailto:amyengh@EXAMPLE.COM">amyengh@EXAMPLE.COM</a>))"
attrs=""<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0xa<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - do_add: dn
(uid=amyengh,cn=users,cn=accounts,dc=example,dc=com)<br>
[15/Oct/2014:18:35:48 -0400] - SRCH base="(null)" scope=0
deref=0 sizelimit=100 timelimit=2 attrsonly=0
filter="(objectClass=*)" attrs="gidNumber cn"<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - SRCH base="(null)" scope=0
deref=0 sizelimit=0 timelimit=0 attrsonly=0
filter="(objectClass=*)" attrs="* aci"<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - do_add: dn
(cn=amyengh,cn=groups,cn=accounts,dc=example,dc=com)<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - removing entire attribute
hassubordinates<br>
[15/Oct/2014:18:35:48 -0400] - removing entire attribute
numsubordinates<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - SRCH base="(null)" scope=2
deref=0 sizelimit=100 timelimit=0 attrsonly=0
filter="(&(objectClass=posixAccount)(!(memberOf=cn=ipausers,cn=groups,cn=accounts,dc=example,dc=com)))"
attrs=""<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree selected backend :
userRoot<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - indextype: "eq" indexmask:
0x2<br>
[15/Oct/2014:18:35:48 -0400] - mapping tree release backend :
userRoot<br>
<br>
</div>
</div>
</blockquote>
<br>
</body>
</html>