<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<br>
<br>
<div class="moz-cite-prefix">On 28.04.2016 08:00, Barry wrote:<br>
</div>
<blockquote
cite="mid:CAELz9dtVZqt8bS=yWEHDWN526=YDvDfgrRANJurVosV-ie6Mhw@mail.gmail.com"
type="cite">
<div dir="ltr">
<div>NOT work tried ..cannot bind the command 389 or 636 ,,,but
telnet work</div>
<div><br>
</div>
<div>EOFnsslapd-security: offreplace:
nsslapd-securitychangetype: modifydn: cn=configldapmodify -h
ms -p 636 -D cn="Directory Manager" -w << EOF</div>
<div><br>
</div>
<div>ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)</div>
<div><br>
</div>
</div>
</blockquote>
can you please try to put FQDN name of LDAP server to option -h ?<br>
I have doubts that -h 'ms' is server name<br>
<br>
Martin<br>
<br>
<blockquote
cite="mid:CAELz9dtVZqt8bS=yWEHDWN526=YDvDfgrRANJurVosV-ie6Mhw@mail.gmail.com"
type="cite">
<div class="gmail_extra"><br>
<div class="gmail_quote">2016-04-27 19:29 GMT+08:00 <span
dir="ltr"><<a moz-do-not-send="true"
href="mailto:barrykfl@gmail.com" target="_blank">barrykfl@gmail.com</a>></span>:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<p dir="ltr">thx let me try as i dont want stop dirsrv but
live disable nsslapd security.</p>
<div class="HOEnZb">
<div class="h5">
<div class="gmail_quote">2016年4月27日 下午7:26 於 "David
Kupka" <<a moz-do-not-send="true"
href="mailto:dkupka@redhat.com" target="_blank">dkupka@redhat.com</a>>
寫道:<br type="attribution">
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">On
27/04/16 13:15, <a moz-do-not-send="true"
href="mailto:barrykfl@gmail.com" target="_blank">barrykfl@gmail.com</a>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
Do u meant use ldapmodify?<br>
I tried update the dse.ldif but it will fall back
after a while.<br>
<br>
2016年4月27日 下午7:10 於 "David Kupka" <<a
moz-do-not-send="true"
href="mailto:dkupka@redhat.com" target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:dkupka@redhat.com">dkupka@redhat.com</a></a><br>
<mailto:<a moz-do-not-send="true"
href="mailto:dkupka@redhat.com" target="_blank">dkupka@redhat.com</a>>>
寫道:<br>
<br>
On 27/04/16 12:48, <a moz-do-not-send="true"
href="mailto:barrykfl@gmail.com" target="_blank">barrykfl@gmail.com</a>
<mailto:<a moz-do-not-send="true"
href="mailto:barrykfl@gmail.com" target="_blank">barrykfl@gmail.com</a>>
wrote:<br>
<br>
Hi:<br>
<br>
Without restarting dirsrv possible do that
?<br>
<br>
<br>
thx Regards<br>
<br>
barry<br>
<br>
<br>
<br>
<br>
Hello Barry,<br>
<br>
this ldapsearch should list all attributes
that needs restart after<br>
modification:<br>
<br>
$ ldapsearch -D "cn=Directory Manager" -w
Secret123 -b cn=config<br>
nsslapd-requiresrestart<br>
<br>
I don't see nsslapd-security listed so it
should be possible to change it in<br>
runtime.<br>
<br>
--<br>
David Kupka<br>
<br>
</blockquote>
<br>
Yes, I mean ldapmodify.<br>
<br>
Editing dse.ldif while dirsrv is running has no
effect because it is read only at start and written
at least before exit.<br>
<br>
If you REALLY need to edit dse.ldif be sure to stop
dirsrv then edit it and start dirsrv again.<br>
<br>
-- <br>
David Kupka<br>
</blockquote>
</div>
</div>
</div>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
</blockquote>
<br>
</body>
</html>