From vtingey at msl.ubc.ca Tue Nov 3 00:18:59 2009 From: vtingey at msl.ubc.ca (Vince Tingey) Date: Mon, 02 Nov 2009 16:18:59 -0800 Subject: [389-users] Easy way to add an object class value to all users Message-ID: <4AEF76F3.1090902@msl.ubc.ca> Hi Everyone, Is there an easy way to add an object class value to all the users in my 389 Directory Server? Thank you, -- Vince -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael at stroeder.com Tue Nov 3 06:47:23 2009 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Tue, 03 Nov 2009 07:47:23 +0100 Subject: [389-users] Easy way to add an object class value to all users In-Reply-To: <4AEF76F3.1090902@msl.ubc.ca> References: <4AEF76F3.1090902@msl.ubc.ca> Message-ID: <4AEFD1FB.7030104@stroeder.com> Vince Tingey wrote: > Is there an easy way to add an object class value to all the users in my > 389 Directory Server? I'd say yes. But what "easy" means to you depends on your skills. You could generate a LDIF file containing change records for all your entries. Or even better use your favourite scripting language to do the modifications with the help of a decent LDAP module. Ciao, Michael. -- Michael Str?der E-Mail: michael at stroeder.com http://www.stroeder.com From mitja.mihelic at arnes.si Tue Nov 3 14:13:38 2009 From: mitja.mihelic at arnes.si (=?UTF-8?B?TWl0amEgTWloZWxpxI0=?=) Date: Tue, 03 Nov 2009 15:13:38 +0100 Subject: [389-users] Replication: update of supplier via referral from consumer not working In-Reply-To: <4AE998DA.2070907@redhat.com> References: <4AE9688F.6060408@arnes.si> <4AE998DA.2070907@redhat.com> Message-ID: <4AF03A92.4060703@arnes.si> Rich Megginson wrote: > Mitja Miheli? wrote: >> >> I have entered "ldap://supplier.example.com:389/dc=example, dc=com" >> in the "Current URLs for referrals (Optional)" field. > Why? Replication sets the referrals automatically - that's why the > console lists this field as (Optional). Don't use these referrals > unless you have to. Deleted the referral. > > Secondly, you have a space in there - use dc=example,dc=com instead. > If you need to have spaces and other meta-characters in the LDAP URL, > see http://www.ietf.org/rfc/rfc4516.txt The space crept in there at the directory server creation. There was no need for that space so I removed it by recreating the base suffix. After that everything fell into place. Thank you for your help Rich! Redards, Mitja Miheli? From mitja.mihelic at arnes.si Tue Nov 3 14:20:57 2009 From: mitja.mihelic at arnes.si (=?ISO-8859-1?Q?Mitja_Mihelic=28?=) Date: Tue, 03 Nov 2009 15:20:57 +0100 Subject: [389-users] added schema not showing up in admin console In-Reply-To: <1253379794.24448.6.camel@minibox.poolofdespair.net> References: <1253379794.24448.6.camel@minibox.poolofdespair.net> Message-ID: <4AF03C49.8000208@arnes.si> Hi Mike! Did you run the schema-reload.pl script ? It is described at the following page, near the bottom: http://directory.fedoraproject.org/wiki/Dynamically_Reload_Schema -- Mitja Mike Clayton wrote: > I am trying to configure bind to talk directly to 389-ds, i have > converted the dnszone.schema file that ships with bind-sdb to ldif > using: > > perl ol-schema-migrate.pl -b /etc/openldap/schema/dnszone.schema > >> /etc/dirsrv/slapd-dc0/schema/61bind-dns.ldif >> > > and restarted the dirsrv service. but i can't seem to find an object > class or anything for dnsZone. i looked in the logs and did not see any > mention of dnsZone. Have i missed something or am i just not looking in > the right places > > Mike > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > From jensadne at pvv.ntnu.no Tue Nov 3 17:03:30 2009 From: jensadne at pvv.ntnu.no (Jens =?utf8?B?w4VkbmU=?= Rydland) Date: Tue, 3 Nov 2009 18:03:30 +0100 Subject: [389-users] Admin-console doesn't work after upgrade Message-ID: <20091103170330.GB23172@pvv.ntnu.no> Hi, recently our LDAP server (CentOS 5.4) got upgraded, so we no longer have the command fedora-idm-console, but instead have gotten 389-console. The LDAP service it self works flawlessly, but when trying to open the admin console it fails with "netscape.ldap.LDAPException: error result (32); No such object" Running "service dirsrv-admin status" returns that the admin server is running, and running 389-console with -D indicates that the server indeed replies. So, is there some extra configuration needed after upgrading, such as running setup-ds-admin.pl again? If so, where can I look up the information provided on the initial setup? This is using 389-ds version 1.1.3, CentOS 5.4, Java 1.6.0 (OpenJDK Runtime Environment (build 1.6.0-b09)) -- mvh Jens ?dne Rydland From rmeggins at redhat.com Tue Nov 3 17:28:19 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Tue, 03 Nov 2009 10:28:19 -0700 Subject: [389-users] Admin-console doesn't work after upgrade In-Reply-To: <20091103170330.GB23172@pvv.ntnu.no> References: <20091103170330.GB23172@pvv.ntnu.no> Message-ID: <4AF06833.7090704@redhat.com> Jens ?dne Rydland wrote: > Hi, > recently our LDAP server (CentOS 5.4) got upgraded, so we no longer have > the command fedora-idm-console, but instead have gotten 389-console. The > LDAP service it self works flawlessly, but when trying to open the admin > console it fails with > > "netscape.ldap.LDAPException: error result (32); No such object" > > Running "service dirsrv-admin status" returns that the admin server is > running, and running 389-console with -D indicates that the server > indeed replies. > > So, is there some extra configuration needed after upgrading, such as > running setup-ds-admin.pl again? Yes. You always have to run setup-ds-admin.pl -u after an upgrade, to refresh the console information. http://directory.fedoraproject.org/wiki/Install_Guide#Upgrading Note that 389-ds-base 1.2.2 and 389-admin 1.1.8 and earlier have a bug in that they do not update the console information properly. If you run into this problem, you might consider upgrading to 389-ds-base 1.2.3 and 389-admin 1.1.9 which you can find in the testing repo. http://directory.fedoraproject.org/wiki/Release_Notes > If so, where can I look up the > information provided on the initial setup? > > This is using 389-ds version 1.1.3, CentOS 5.4, Java 1.6.0 (OpenJDK > Runtime Environment (build 1.6.0-b09)) > > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From vtingey at msl.ubc.ca Tue Nov 3 17:34:25 2009 From: vtingey at msl.ubc.ca (Vince Tingey) Date: Tue, 03 Nov 2009 09:34:25 -0800 Subject: [389-users] Easy way to add an object class value to all users In-Reply-To: <4AEFD1FB.7030104@stroeder.com> References: <4AEF76F3.1090902@msl.ubc.ca> <4AEFD1FB.7030104@stroeder.com> Message-ID: <4AF069A1.6030509@msl.ubc.ca> Hi Michael, Yeh I thought I would have to resort to something like that. Generating a huge LDIF file containing change records for each user was what I was hoping to avoid or find some shortcut for... I guess I'm going to have to look at writing a PHP script now or something. Too bad I can't just select all the users in the Java console and add the class... Thanks, - Vince Michael Str?der wrote: > Vince Tingey wrote: > >> Is there an easy way to add an object class value to all the users in my >> 389 Directory Server? >> > > I'd say yes. But what "easy" means to you depends on your skills. > > You could generate a LDIF file containing change records for all your entries. > Or even better use your favourite scripting language to do the modifications > with the help of a decent LDAP module. > > Ciao, Michael. > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael at stroeder.com Tue Nov 3 19:41:15 2009 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Tue, 03 Nov 2009 20:41:15 +0100 Subject: [389-users] Easy way to add an object class value to all users In-Reply-To: <4AF069A1.6030509@msl.ubc.ca> References: <4AEF76F3.1090902@msl.ubc.ca> <4AEFD1FB.7030104@stroeder.com> <4AF069A1.6030509@msl.ubc.ca> Message-ID: <4AF0875B.1060209@stroeder.com> Vince Tingey wrote:> > Michael Str?der wrote: >> Vince Tingey wrote: >> >>> Is there an easy way to add an object class value to all the users in my >>> 389 Directory Server? >>> >> I'd say yes. But what "easy" means to you depends on your skills. >> >> You could generate a LDIF file containing change records for all your entries. >> Or even better use your favourite scripting language to do the modifications >> with the help of a decent LDAP module. > > Yeh I thought I would have to resort to something like that. Generating > a huge LDIF file containing change records for each user was what I was > hoping to avoid or find some shortcut for... It's not that hard. > I guess I'm going to have to look at writing a PHP script now or > something. Too bad I can't just select all the users in the Java > console and add the class... Depending on the schema you might have to add some attributes too... Ciao, Michael. From jensadne at pvv.ntnu.no Wed Nov 4 13:53:49 2009 From: jensadne at pvv.ntnu.no (Jens =?utf8?B?w4VkbmU=?= Rydland) Date: Wed, 4 Nov 2009 14:53:49 +0100 Subject: [389-users] Admin-console doesn't work after upgrade In-Reply-To: <4AF06833.7090704@redhat.com> References: <20091103170330.GB23172@pvv.ntnu.no> <4AF06833.7090704@redhat.com> Message-ID: <20091104135348.GC23172@pvv.ntnu.no> On Tue, Nov 03, 2009 at 10:28:19AM -0700, Rich Megginson wrote: > Jens ?dne Rydland wrote: >> Hi, recently our LDAP server (CentOS 5.4) got upgraded, so we no longer >> have >> the command fedora-idm-console, but instead have gotten 389-console. The >> LDAP service it self works flawlessly, but when trying to open the admin >> console it fails with >> >> "netscape.ldap.LDAPException: error result (32); No such object" >> >> Running "service dirsrv-admin status" returns that the admin server is >> running, and running 389-console with -D indicates that the server >> indeed replies. >> >> So, is there some extra configuration needed after upgrading, such as >> running setup-ds-admin.pl again? > Yes. You always have to run setup-ds-admin.pl -u after an upgrade, to > refresh the console information. > http://directory.fedoraproject.org/wiki/Install_Guide#Upgrading > Note that 389-ds-base 1.2.2 and 389-admin 1.1.8 and earlier have a bug > in that they do not update the console information properly. If you run > into this problem, you might consider upgrading to 389-ds-base 1.2.3 and > 389-admin 1.1.9 which you can find in the testing repo. > http://directory.fedoraproject.org/wiki/Release_Notes Right. And when I try to run setup-ds-admin.pl -u I'm asked about misc. information that I don't have readily available, but most of it is auto-filled in, and I guess it stored in some configuration file from the previous time the admin-server was set up? Seems like no matter what I enter it returns "Error: No such object" or "Error: Invalid credentials". At least the last one I suppose means it managed to connect to the LDAP server, but got the wrong admin password or something? If it is the wrong password, how can I reset it? -- regards, Jens ?dne Rydland From rmeggins at redhat.com Wed Nov 4 14:22:53 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Wed, 04 Nov 2009 07:22:53 -0700 Subject: [389-users] Admin-console doesn't work after upgrade In-Reply-To: <20091104135348.GC23172@pvv.ntnu.no> References: <20091103170330.GB23172@pvv.ntnu.no> <4AF06833.7090704@redhat.com> <20091104135348.GC23172@pvv.ntnu.no> Message-ID: <4AF18E3D.7050802@redhat.com> Jens ?dne Rydland wrote: > On Tue, Nov 03, 2009 at 10:28:19AM -0700, Rich Megginson wrote: > >> Jens ?dne Rydland wrote: >> >>> Hi, recently our LDAP server (CentOS 5.4) got upgraded, so we no longer >>> have >>> the command fedora-idm-console, but instead have gotten 389-console. The >>> LDAP service it self works flawlessly, but when trying to open the admin >>> console it fails with >>> >>> "netscape.ldap.LDAPException: error result (32); No such object" >>> >>> Running "service dirsrv-admin status" returns that the admin server is >>> running, and running 389-console with -D indicates that the server >>> indeed replies. >>> >>> So, is there some extra configuration needed after upgrading, such as >>> running setup-ds-admin.pl again? >>> > > >> Yes. You always have to run setup-ds-admin.pl -u after an upgrade, to >> refresh the console information. >> http://directory.fedoraproject.org/wiki/Install_Guide#Upgrading >> Note that 389-ds-base 1.2.2 and 389-admin 1.1.8 and earlier have a bug >> in that they do not update the console information properly. If you run >> into this problem, you might consider upgrading to 389-ds-base 1.2.3 and >> 389-admin 1.1.9 which you can find in the testing repo. >> http://directory.fedoraproject.org/wiki/Release_Notes >> > > Right. And when I try to run setup-ds-admin.pl -u I'm asked about misc. > information that I don't have readily available, but most of it is > auto-filled in, and I guess it stored in some configuration file from > the previous time the admin-server was set up? > Right. /etc/dirsrv/admin-serv/adm.conf mostly. The only information you must provide is the admin password. Everything else should be auto-filled in. > Seems like no matter what I enter it returns "Error: No such object" or > "Error: Invalid credentials". At least the last one I suppose means it > managed to connect to the LDAP server, but got the wrong admin password > or something? If it is the wrong password, how can I reset it? Do you use the console? What username and password do you use? I suppose you could also use the directory manager DN and password for your configuration directory server (the server that holds the o=NetscapeRoot information). -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From rmeggins at redhat.com Wed Nov 4 14:24:05 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Wed, 04 Nov 2009 07:24:05 -0700 Subject: [389-users] AD2008 on 64 bit windows, 389 Directory Server passwords... In-Reply-To: <4AE078DB.6070808@itasoftware.com> References: <4ADF7A63.7090802@itasoftware.com> <4AE06955.5030405@redhat.com> <4AE078DB.6070808@itasoftware.com> Message-ID: <4AF18E85.8030400@redhat.com> Anne Cross wrote: > Rich Megginson wrote: >> Anne Cross wrote: >>> I'm trying to sync passwords from 389 to Active Directory. >>> >>> If we import users from AD, then try to change their passwords, the >>> replication locks up. >> Can you be more specific? Have you tried the replication log level >> (which also logs winsync data) - >> http://directory.fedoraproject.org/wiki/FAQ#Troubleshooting > I turned on replication logging through the GUI, which set it to 8192, > much as the ldapmodify would have. > > What we see on the AD side is that the replication manager says, > effectively, "Change the password," and then it *appears* that the > replication manager account attempts to change users to the become to > the user whose password is being changed; then, the software attempts > to change the password, which fails. the bad password attempt counter > increments, and the replication manager account appears to log out. > > On the Directory Server side, we see everything connect, the user is > resolved on both sides, and then after about 15 minutes, the > connection disconnects due to idleness. > > This is the log of the user add using a cleartext password on the ldap > side: > > [22/Oct/2009:11:06:03 -0400] NSMMReplicationPlugin - > agmt="cn=ita4windc2" (ita4windc2:636): windows_replay_update: Looking > at add operation local > dn="uid=juniper,ou=Employees,ou=Users,ou=People,dc=itasoftware,dc=com" > (ours,user,not group) > [22/Oct/2009:11:06:03 -0400] NSMMReplicationPlugin - > agmt="cn=ita4windc2" (ita4windc2:636): map_entry_dn_outbound: looking > for AD entry for DS > dn="uid=juniper,ou=Employees,ou=Users,ou=People,dc=itasoftware,dc=com" > guid="(null)" > [22/Oct/2009:11:06:03 -0400] NSMMReplicationPlugin - > agmt="cn=ita4windc2" (ita4windc2:636): map_entry_dn_outbound: looking > for AD entry for DS > dn="uid=juniper,ou=Employees,ou=Users,ou=People,dc=itasoftware,dc=com" > username="juniper" > [22/Oct/2009:11:06:03 -0400] NSMMReplicationPlugin - > agmt="cn=ita4windc2" (ita4windc2:636): map_entry_dn_outbound: entry > not found - rc 0 > [22/Oct/2009:11:06:03 -0400] NSMMReplicationPlugin - > agmt="cn=ita4windc2" (ita4windc2:636): windows_replay_update: > Processing add operation local > dn="uid=juniper,ou=Employees,ou=Users,ou=People,dc=itasoftware,dc=com" > remote dn="cn=Juniper > Cross,ou=Employees,ou=Users,ou=People,dc=corp,dc=itasoftware,dc=com" > [22/Oct/2009:11:06:03 -0400] NSMMReplicationPlugin - > agmt="cn=ita4windc2" (ita4windc2:636): process_replay_add: > dn="cn=Juniper > Cross,ou=Employees,ou=Users,ou=People,dc=corp,dc=itasoftware,dc=com" > (not present,add allowed) > [22/Oct/2009:11:06:03 -0400] NSMMReplicationPlugin - > agmt="cn=ita4windc2" (ita4windc2:636): Received result code 0 () for > add operation > > That's it, until ten minutes later when I tried to change the password: > > [22/Oct/2009:11:16:02 -0400] agmt="cn=ita4windc2" (ita4windc2:636) - > load next: anchorcsn=4ae073560000104d0000 > [22/Oct/2009:11:16:02 -0400] agmt="cn=ita4windc2" (ita4windc2:636) - > load=3 rec=7 csn=4ae075280000104d0000 > [22/Oct/2009:11:16:02 -0400] NSMMReplicationPlugin - > agmt="cn=ita4windc2" (ita4windc2:636): windows_replay_update: Looking > at modify operation local > dn="uid=juniper,ou=employees,ou=users,ou=people,dc=itasoftware,dc=com" > (ours,user,not group) > [22/Oct/2009:11:16:02 -0400] NSMMReplicationPlugin - > agmt="cn=ita4windc2" (ita4windc2:636): map_entry_dn_outbound: looking > for AD entry for DS > dn="uid=juniper,ou=Employees,ou=Users,ou=People,dc=itasoftware,dc=com" > guid="(null)" > [22/Oct/2009:11:16:02 -0400] NSMMReplicationPlugin - > agmt="cn=ita4windc2" (ita4windc2:636): map_entry_dn_outbound: looking > for AD entry for DS > dn="uid=juniper,ou=Employees,ou=Users,ou=People,dc=itasoftware,dc=com" > username="juniper" > [22/Oct/2009:11:16:02 -0400] NSMMReplicationPlugin - > agmt="cn=ita4windc2" (ita4windc2:636): map_entry_dn_outbound: found AD > entry dn="CN=Juniper > Cross,OU=Employees,OU=Users,OU=People,DC=corp,DC=itasoftware,DC=com" > [22/Oct/2009:11:16:02 -0400] NSMMReplicationPlugin - > agmt="cn=ita4windc2" (ita4windc2:636): windows_replay_update: > Processing modify operation local > dn="uid=juniper,ou=employees,ou=users,ou=people,dc=itasoftware,dc=com" > remote dn="CN=Juniper > Cross,OU=Employees,OU=Users,OU=People,DC=corp,DC=itasoftware,DC=com" > > Nada. The badPwdCounter just increments, and the password remains unset. > >>> If we create the users on 389, and sync them back to AD, the >>> password field passed back is blank in Windows. >> When you create the users on 389, are you using the clear text >> password in the userPassword field? > We were not. I created a test user with a cleartext password this > morning, and the result has been functionally identical - the > badPwdCounter increments, and the user password remains blank on the > AD side of things. > >>> >>> Passsync isn't going to work because we're running 64bit Windows, so >>> we can't sync the passwords *from* AD. I got this working earlier, >>> but that was with FDS in a test instance several months ago, and I >>> didn't write down what I did. (And I am kicking myself over that.) >>> We can live without people changing their passwords on AD as long as >>> we *can* sync passwords down from 389. >> We are working on 64-bit Windows support. > Oh, hurrah! Are you also going to change it so that passsync doesn't > store the password in cleartext in the registry? Our Windows admin > just about took my head off when he found that. :/ I'll see if I can > get him to let me use the administrator account on Windows to test > with, though. 64-bit Windows Server 2008 PassSync is now available - version 1.1.2 - http://directory.fedoraproject.org/wiki/Release_Notes > > -- juniper > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From james.roman at ssaihq.com Wed Nov 4 14:56:53 2009 From: james.roman at ssaihq.com (James Roman) Date: Wed, 04 Nov 2009 09:56:53 -0500 Subject: [389-users] Links for new passsync files Message-ID: <4AF19635.6090302@ssaihq.com> I am unable to download the 1.2.1 versions of the passsync msi files. I could really use the x86_64 version. From rmeggins at redhat.com Wed Nov 4 15:03:38 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Wed, 04 Nov 2009 08:03:38 -0700 Subject: [389-users] Links for new passsync files In-Reply-To: <4AF19635.6090302@ssaihq.com> References: <4AF19635.6090302@ssaihq.com> Message-ID: <4AF197CA.9030104@redhat.com> James Roman wrote: > I am unable to download the 1.2.1 versions of the passsync msi files. > I could really use the x86_64 version. Sorry about that. The links have been updated. Feedback is welcome. > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From jensadne at unicornis.no Wed Nov 4 15:28:23 2009 From: jensadne at unicornis.no (Jens =?utf8?B?w4VkbmU=?= Rydland) Date: Wed, 4 Nov 2009 16:28:23 +0100 Subject: [389-users] Admin-console doesn't work after upgrade In-Reply-To: <4AF18E3D.7050802@redhat.com> References: <20091103170330.GB23172@pvv.ntnu.no> <4AF06833.7090704@redhat.com> <20091104135348.GC23172@pvv.ntnu.no> <4AF18E3D.7050802@redhat.com> Message-ID: <20091104152823.GD23172@pvv.ntnu.no> On Wed, Nov 04, 2009 at 07:22:53AM -0700, Rich Megginson wrote: > Jens ?dne Rydland wrote: >> Right. And when I try to run setup-ds-admin.pl -u I'm asked about misc. >> information that I don't have readily available, but most of it is >> auto-filled in, and I guess it stored in some configuration file from >> the previous time the admin-server was set up? > Right. /etc/dirsrv/admin-serv/adm.conf mostly. The only information > you must provide is the admin password. Everything else should be > auto-filled in. Yes, everything is auto-filled in, except that when using just the auto-filled in information I get the error "Invalid credentials". So I suspected that I had somehow gotten the password wrong, and tried resetting it, but this didn't help. >> Seems like no matter what I enter it returns "Error: No such object" or >> "Error: Invalid credentials". At least the last one I suppose means it >> managed to connect to the LDAP server, but got the wrong admin password >> or something? If it is the wrong password, how can I reset it? > Do you use the console? What username and password do you use? I > suppose you could also use the directory manager DN and password for > your configuration directory server (the server that holds the > o=NetscapeRoot information). Using the console isn't possible as the console doesn't start, as stated in my first message in this thread. That is, I can't login with the console at least, it fails with "netscape.ldap.LDAPException: error result (32); No such object". I use the same username and password for the console that I've always used, and this is the same as what I enter when running setup-ds-admin.pl, which is rejected with "Error: Invalid credentials". I have also tried resetting this password following the howto at http://directory.fedoraproject.org/wiki/Howto:ResetDirMgrPassword, but this didn't help either. -- regards, Jens ?dne Rydland From rmeggins at redhat.com Wed Nov 4 15:34:40 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Wed, 04 Nov 2009 08:34:40 -0700 Subject: [389-users] Admin-console doesn't work after upgrade In-Reply-To: <20091104152823.GD23172@pvv.ntnu.no> References: <20091103170330.GB23172@pvv.ntnu.no> <4AF06833.7090704@redhat.com> <20091104135348.GC23172@pvv.ntnu.no> <4AF18E3D.7050802@redhat.com> <20091104152823.GD23172@pvv.ntnu.no> Message-ID: <4AF19F10.6020100@redhat.com> Jens ?dne Rydland wrote: > On Wed, Nov 04, 2009 at 07:22:53AM -0700, Rich Megginson wrote: > >> Jens ?dne Rydland wrote: >> >>> Right. And when I try to run setup-ds-admin.pl -u I'm asked about misc. >>> information that I don't have readily available, but most of it is >>> auto-filled in, and I guess it stored in some configuration file from >>> the previous time the admin-server was set up? >>> > > >> Right. /etc/dirsrv/admin-serv/adm.conf mostly. The only information >> you must provide is the admin password. Everything else should be >> auto-filled in. >> > > Yes, everything is auto-filled in, except that when using just the > auto-filled in information I get the error "Invalid credentials". So I > suspected that I had somehow gotten the password wrong, and tried > resetting it, but this didn't help. > > >>> Seems like no matter what I enter it returns "Error: No such object" or >>> "Error: Invalid credentials". At least the last one I suppose means it >>> managed to connect to the LDAP server, but got the wrong admin password >>> or something? If it is the wrong password, how can I reset it? >>> > > >> Do you use the console? What username and password do you use? I >> suppose you could also use the directory manager DN and password for >> your configuration directory server (the server that holds the >> o=NetscapeRoot information). >> > > Using the console isn't possible as the console doesn't start, as stated > in my first message in this thread. That is, I can't login with the > console at least, it fails with > "netscape.ldap.LDAPException: error result (32); No such object". > > I use the same username and password for the console that I've always > used, and this is the same as what I enter when running > setup-ds-admin.pl, which is rejected with "Error: Invalid credentials". > Try this: ldapsearch -x -h configdshostname -D "uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot" -w "consoleuserpassword" -s base -b "o=netscaperoot" The -D binddn should be the same as what's in /etc/dirsrv/admin-serv/adm.conf If this command gives you Invalid credentials, then you have most likely forgotten your console admin password, which is _not_ the same as the directory manager password, which is why following the directions below did not do anything. If you need to reset your console admin password, do something like this: ldapmodify -x -h configdshostname -D "cn=directory manager" -w dirmgrpassword dn: uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot changetype: modify replace: userPassword userPassword: thenewpassword > I have also tried resetting this password following the howto at > http://directory.fedoraproject.org/wiki/Howto:ResetDirMgrPassword, but > this didn't help either. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From jensadne at pvv.ntnu.no Wed Nov 4 15:53:07 2009 From: jensadne at pvv.ntnu.no (Jens =?utf8?B?w4VkbmU=?= Rydland) Date: Wed, 4 Nov 2009 16:53:07 +0100 Subject: [389-users] Admin-console doesn't work after upgrade In-Reply-To: <4AF19F10.6020100@redhat.com> References: <20091103170330.GB23172@pvv.ntnu.no> <4AF06833.7090704@redhat.com> <20091104135348.GC23172@pvv.ntnu.no> <4AF18E3D.7050802@redhat.com> <20091104152823.GD23172@pvv.ntnu.no> <4AF19F10.6020100@redhat.com> Message-ID: <20091104155307.GE23172@pvv.ntnu.no> On Wed, Nov 04, 2009 at 08:34:40AM -0700, Rich Megginson wrote: > Try this: > ldapsearch -x -h configdshostname -D "uid=admin, ou=Administrators, > ou=TopologyManagement, o=NetscapeRoot" -w "consoleuserpassword" -s base > -b "o=netscaperoot" > > The -D binddn should be the same as what's in > /etc/dirsrv/admin-serv/adm.conf > > If this command gives you Invalid credentials, then you have most likely > forgotten your console admin password, which is _not_ the same as the > directory manager password, which is why following the directions below > did not do anything. > > If you need to reset your console admin password, do something like this: > ldapmodify -x -h configdshostname -D "cn=directory manager" -w > dirmgrpassword > dn: uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot > changetype: modify > replace: userPassword > userPassword: thenewpassword Ah, yes, that fixed it, now the console works, thank you. -- regards, Jens ?dne Rydland From okelet at gmail.com Wed Nov 4 15:55:23 2009 From: okelet at gmail.com (=?UTF-8?Q?Juan_Asensio_S=C3=A1nchez?=) Date: Wed, 4 Nov 2009 16:55:23 +0100 Subject: [389-users] repl_set_mtn_referrals: could not set referrals for replica In-Reply-To: <52a9d2e30910260233q57b11506o6ae2cd5bb8443d8f@mail.gmail.com> References: <52a9d2e30910160354y3b394a18ma6bbe46339eee202@mail.gmail.com> <4ADCC852.70203@redhat.com> <52a9d2e30910260233q57b11506o6ae2cd5bb8443d8f@mail.gmail.com> Message-ID: <52a9d2e30911040755m29b98279q23cb98d21efc55ad@mail.gmail.com> Hi Well, I dit solve this issue adding the URLs of the referrals to the list of referrals in the replica, not only in the suffix configuration. After this, those log messages did not appear anymore, and the referrals are returned correctly when trying to modify an entry that should return a referral. Hope this can help anyone. Regards. El d?a 26 de octubre de 2009 10:33, Juan Asensio S?nchez escribi?: > Hi again > > What's the difference between the referrals specified in the suffixes > and the referrals specified in a replica? We have had ever the > referrals specified in the suffix. Do you mean to set them too in the > replica? > > Regards. > > (Testing 389DS 1.2.3, having problems with schema syntaxes...) > > > 2009/10/19 Rich Megginson : >> Juan Asensio S?nchez wrote: >>> >>> Hi >>> >>> We are having problems with replication. We have four master servers >>> replicating one database (database 1), and two other servers in other >>> building that are masters of other database (database 2). Replication >>> between the databases of the others are in hub mode (server1 of >>> building1 with server1 of building1, and server2 of building1 with >>> server2 of building2; server3 and server4 of building1 only have >>> agreements with server1 and server2 of building1). Yesterday we had to >>> remove the replica of server4 of database 1. Next, we did ree-enable >>> the replica and the replication agreements, but the replica was >>> enabled with a different id than before. Now, we have this error on >>> all servers, although replication is working fine: >>> >>> [16/Oct/2009:12:44:39 +0200] NSMMReplicationPlugin - >>> repl_set_mtn_referrals: could not set referrals for replica >>> dc=domain,dc=local: 1 >>> >> >> I don't think this is a critical error. ?You can manually set the referrals >> to use - in the console for the Replica config, at the bottom of that window >> (under the Supplier DN area) you can specify the referrals to use. ?However, >> you will have to manage these manually - they are not set automatically like >> the regular replication referrals are. >> >>> (dc=domain,dc=local is the prefix that owns the database 1). I don't >>> know if this error is critical, but i don't like to see errors in the >>> log (call me fool if you want). I have read some posts: >>> >>> - http://blogs.sun.com/marcos/entry/on_cleanruv >>> - http://blogs.sun.com/piotr/entry/how_to_clean_ruv_s >>> >>> All about Sun, but i am not sure if this will work, or if it is >>> dangerous because it says that the solution is unsupported and >>> irreversible. How can I get rid of this message? is it critical? >>> >> >> You could try using that. ?I would suggest backing up all of your data and >> config first. >>> >>> Regards and thanks in advance. >>> >>> -- >>> 389 users mailing list >>> 389-users at redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> >> >> >> >> -- >> 389 users mailing list >> 389-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> > From okelet at gmail.com Wed Nov 4 15:56:45 2009 From: okelet at gmail.com (=?UTF-8?Q?Juan_Asensio_S=C3=A1nchez?=) Date: Wed, 4 Nov 2009 16:56:45 +0100 Subject: [389-users] Query blocking server In-Reply-To: <52a9d2e30910280058jf1d2241n66d48b66b04a5d50@mail.gmail.com> References: <52a9d2e30910260847t17049d86m8c76e73a834ea66f@mail.gmail.com> <4AE5C5B5.5030505@redhat.com> <52a9d2e30910270506hf227c89g436801fb4bb955d4@mail.gmail.com> <1601b8650910270613y7b866090w79902cfc3888fc4b@mail.gmail.com> <52a9d2e30910270639h66e62e22s1cf58b0b42e79e4@mail.gmail.com> <4AE6FF3C.7010606@redhat.com> <52a9d2e30910270715p585a99f1jdb9c668b6a5c97f3@mail.gmail.com> <1601b8650910270809u305b948et80f68b5b3ca186e4@mail.gmail.com> <52a9d2e30910280058jf1d2241n66d48b66b04a5d50@mail.gmail.com> Message-ID: <52a9d2e30911040756y4543d25dhe655222a2cb7e352@mail.gmail.com> Hi I am already having poor performance when running this query. Any more ideas to try? Could be related due to the data is across almost 30 different databases? Regards. El d?a 28 de octubre de 2009 08:58, Juan Asensio S?nchez escribi?: > 2009/10/27 Andrey Ivanov : >> 6 minutes for 25000 entries is obviously too much. On our server? (HP of two >> years old ang 2Go of memory)? 8300 entries are returned in 0.77 seconds (the >> filter is almost like yours - "(&(uid=*)(objectClass=inetOrgPerson))"). >> There is certainly some problem either with the disk access or with the >> memory sizing or with the indexed searches in your configuration... Do you >> have the PRESENCE index on uid? >> > > For one moment I thought UID was not indexed, but I checked twice it > is indexed. These are all the attributes indexed in out databases: > > ?aci: > ? ?system: true > ? ?type: [pres] > > ?entryDN: > ? ?system: true > ? ?type: [eq] > > ?nscpEntryDN: > ? ?system: true > ? ?type: [eq] > > ?nsds5ReplConflict: > ? ?system: true > ? ?type: [eq, pres] > > ?nsUniqueId: > ? ?system: true > ? ?type: [eq] > > ?numSubordinates: > ? ?system: true > ? ?type: [pres] > > ?objectClass: > ? ?system: true > ? ?type: [eq, pres] > > ?parentID: > ? ?system: true > ? ?type: [eq] > > ?cn: > ? ?system: false > ? ?type: [pres, eq, sub] > > ?displayName: > ? ?system: false > ? ?type: [pres, eq, sub] > > ?gidNumber: > ? ?system: false > ? ?type: [pres, eq] > > ?givenName: > ? ?system: false > ? ?type: [pres, eq, sub] > > ?mail: > ? ?system: false > ? ?type: [pres, eq, sub] > > ?mailAlternateAddress: > ? ?system: false > ? ?type: [pres, eq, sub] > > ?memberOf: > ? ?system: false > ? ?type: [eq] > > ?memberUid: > ? ?system: false > ? ?type: [eq] > > ?ntUniqueId: > ? ?system: false > ? ?type: [eq] > > ?ntUserDomainId: > ? ?system: false > ? ?type: [eq] > > ?o: > ? ?system: false > ? ?type: [pres, eq, sub] > > ?ou: > ? ?system: false > ? ?type: [pres, eq, sub] > > ?sambaDomainName: > ? ?system: false > ? ?type: [pres, eq] > > ?sambaGroupType: > ? ?system: false > ? ?type: [pres, eq] > > ?sambaPrimaryGroupSID: > ? ?system: false > ? ?type: [pres, eq] > > ?sambaSID: > ? ?system: false > ? ?type: [pres, eq] > > ?sambaSIDList: > ? ?system: false > ? ?type: [pres, eq] > > ?seeAlso: > ? ?system: false > ? ?type: [pres, eq, sub] > > ?sn: > ? ?system: false > ? ?type: [pres, eq, sub] > > ?telephoneNumber: > ? ?system: false > ? ?type: [pres, eq, sub] > > ?uid: > ? ?system: false > ? ?type: [pres, eq, sub] > > ?uidNumber: > ? ?system: false > ? ?type: [pres, eq] > > ?uniqueMember: > ? ?system: false > ? ?type: [pres, eq, sub] > > (This is part of a file we use to define database indexes, adding or > removing necessary attributes to the default indexes). > > Regards. > From rmeggins at redhat.com Wed Nov 4 16:23:46 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Wed, 04 Nov 2009 09:23:46 -0700 Subject: [389-users] Query blocking server In-Reply-To: <52a9d2e30911040756y4543d25dhe655222a2cb7e352@mail.gmail.com> References: <52a9d2e30910260847t17049d86m8c76e73a834ea66f@mail.gmail.com> <4AE5C5B5.5030505@redhat.com> <52a9d2e30910270506hf227c89g436801fb4bb955d4@mail.gmail.com> <1601b8650910270613y7b866090w79902cfc3888fc4b@mail.gmail.com> <52a9d2e30910270639h66e62e22s1cf58b0b42e79e4@mail.gmail.com> <4AE6FF3C.7010606@redhat.com> <52a9d2e30910270715p585a99f1jdb9c668b6a5c97f3@mail.gmail.com> <1601b8650910270809u305b948et80f68b5b3ca186e4@mail.gmail.com> <52a9d2e30910280058jf1d2241n66d48b66b04a5d50@mail.gmail.com> <52a9d2e30911040756y4543d25dhe655222a2cb7e352@mail.gmail.com> Message-ID: <4AF1AA92.1040309@redhat.com> Juan Asensio S?nchez wrote: > Hi > > I am already having poor performance when running this query. Any more > ideas to try? Could be related due to the data is across almost 30 > different databases? > Could be. What do you mean by "30 different databases"? Chaining? Sub-suffixes? Can you provide more details? Note that index configuration is specific to a database - so if you have sub-suffixes with their own databases, you will have to make sure your attributes are indexed correctly in all of those databases. > Regards. > > > El d?a 28 de octubre de 2009 08:58, Juan Asensio S?nchez > escribi?: > >> 2009/10/27 Andrey Ivanov : >> >>> 6 minutes for 25000 entries is obviously too much. On our server (HP of two >>> years old ang 2Go of memory) 8300 entries are returned in 0.77 seconds (the >>> filter is almost like yours - "(&(uid=*)(objectClass=inetOrgPerson))"). >>> There is certainly some problem either with the disk access or with the >>> memory sizing or with the indexed searches in your configuration... Do you >>> have the PRESENCE index on uid? >>> >>> >> For one moment I thought UID was not indexed, but I checked twice it >> is indexed. These are all the attributes indexed in out databases: >> >> aci: >> system: true >> type: [pres] >> >> entryDN: >> system: true >> type: [eq] >> >> nscpEntryDN: >> system: true >> type: [eq] >> >> nsds5ReplConflict: >> system: true >> type: [eq, pres] >> >> nsUniqueId: >> system: true >> type: [eq] >> >> numSubordinates: >> system: true >> type: [pres] >> >> objectClass: >> system: true >> type: [eq, pres] >> >> parentID: >> system: true >> type: [eq] >> >> cn: >> system: false >> type: [pres, eq, sub] >> >> displayName: >> system: false >> type: [pres, eq, sub] >> >> gidNumber: >> system: false >> type: [pres, eq] >> >> givenName: >> system: false >> type: [pres, eq, sub] >> >> mail: >> system: false >> type: [pres, eq, sub] >> >> mailAlternateAddress: >> system: false >> type: [pres, eq, sub] >> >> memberOf: >> system: false >> type: [eq] >> >> memberUid: >> system: false >> type: [eq] >> >> ntUniqueId: >> system: false >> type: [eq] >> >> ntUserDomainId: >> system: false >> type: [eq] >> >> o: >> system: false >> type: [pres, eq, sub] >> >> ou: >> system: false >> type: [pres, eq, sub] >> >> sambaDomainName: >> system: false >> type: [pres, eq] >> >> sambaGroupType: >> system: false >> type: [pres, eq] >> >> sambaPrimaryGroupSID: >> system: false >> type: [pres, eq] >> >> sambaSID: >> system: false >> type: [pres, eq] >> >> sambaSIDList: >> system: false >> type: [pres, eq] >> >> seeAlso: >> system: false >> type: [pres, eq, sub] >> >> sn: >> system: false >> type: [pres, eq, sub] >> >> telephoneNumber: >> system: false >> type: [pres, eq, sub] >> >> uid: >> system: false >> type: [pres, eq, sub] >> >> uidNumber: >> system: false >> type: [pres, eq] >> >> uniqueMember: >> system: false >> type: [pres, eq, sub] >> >> (This is part of a file we use to define database indexes, adding or >> removing necessary attributes to the default indexes). >> >> Regards. >> >> > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From rmeggins at redhat.com Wed Nov 4 16:39:01 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Wed, 04 Nov 2009 09:39:01 -0700 Subject: [389-users] Announcing testing release of 389 1.2.4 Message-ID: <4AF1AE25.9040703@redhat.com> The 389 team is pleased to announce that the 389 Directory Server version 1.2.4 is available for testing. The packages are available from the testing repositories, not the official release repositories yet. We are seeking feedback. There is one new package available for testing: * 389-ds-base-1.2.4 NOTE: The best way to provide feedback is through the Fedora Updates System. If you have a Fedora Updates account, go here: ***** Your Feedback is Important! ***** The best way to provide feedback is via the Fedora Update system. If you have an account, go here: * https://admin.fedoraproject.org/updates/F10/FEDORA-2009-11023 * OR * https://admin.fedoraproject.org/updates/F11/FEDORA-2009-10901 * scroll down to the bottom of the page, and click on the Add a comment >> link * select one of the Works for me or Does not work radio buttons, add text, and click on the Add Comment button If you are using a build on another platform, just send us an email to 389-users at redhat.com. If you find a bug, or would like to see a new feature, you can enter it here - https://bugzilla.redhat.com/enter_bug.cgi?product=389 Instructions for installing these from the testing repositories: yum install --enablerepo=updates-testing 389-ds # Fedora new install yum upgrade --enablerepo=updates-testing 389-ds-base # Fedora upgrade or EL5 yum install --enablerepo=dirsrv-testing --enablerepo=idmcommon-testing 389-ds # new install yum upgrade --enablerepo=dirsrv-testing --enablerepo=idmcommon-testing 389-ds-base # upgrade See http://port389.org/wiki/Download for more information about setting up yum access. Release Notes: http://port389.org/wiki/Release_Notes Install Guide: http://port389.org/wiki/Install_Guide Download: http://port389.org/wiki/Download === Notes === NOTE: If using the FC6 (EL5) packages, _you must update your yum repo files_ - the URLs have changed. See http://port389.org/wiki/Download for more information. NOTE: Fedora versions below 10 are no longer supported. If you are running Fedora 9 or earlier, you should upgrade. NOTE: This release is branded as '''389'''. All of the RPMs have been marked as obsoleting their Fedora DS counterparts. When upgrading via yum, you must use yum '''upgrade''' (not update) so that the obsoletes will be processed. NOTE: If you are using the console, after installing the updates, you must run '''setup-ds-admin.pl -u''' to refresh your console and admin server configuration with the new version information. 1.2.4 fixes some bugs related to update - it will remove old Fedora servers from the console, and will preserve TLS/SSL configuration. See the buglist below. NOTE: '''389-console''' is the command to run the console. This replaces fedora-idm-console. === New features === * Support for Salted MD5 (SMD5) passwords - primarily for migration - do not use SMD5 for new passwords - use SSHA256 and higher === Bugs Fixed === This release contains a couple of bug fixes. The complete list of bugs fixed is found at the link below. Note that bugs marked as MODIFIED have been fixed but are still in testing. * Tracking bug for 1.2.4 release - [https://bugzilla.redhat.com/showdependencytree.cgi?id=531879&hide_resolved=0 https://bugzilla.redhat.com/showdependencytree.cgi?id=531879&hide_resolved=0] ** [https://bugzilla.redhat.com/show_bug.cgi?id=221905 221905] Add SMD5 password support ** [https://bugzilla.redhat.com/show_bug.cgi?id=529258 529258] upgrade should remove duplicate and obsolete schema from 99user.ldif -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From okelet at gmail.com Wed Nov 4 17:00:01 2009 From: okelet at gmail.com (=?UTF-8?Q?Juan_Asensio_S=C3=A1nchez?=) Date: Wed, 4 Nov 2009 18:00:01 +0100 Subject: [389-users] Query blocking server In-Reply-To: <4AF1AA92.1040309@redhat.com> References: <52a9d2e30910260847t17049d86m8c76e73a834ea66f@mail.gmail.com> <52a9d2e30910270506hf227c89g436801fb4bb955d4@mail.gmail.com> <1601b8650910270613y7b866090w79902cfc3888fc4b@mail.gmail.com> <52a9d2e30910270639h66e62e22s1cf58b0b42e79e4@mail.gmail.com> <4AE6FF3C.7010606@redhat.com> <52a9d2e30910270715p585a99f1jdb9c668b6a5c97f3@mail.gmail.com> <1601b8650910270809u305b948et80f68b5b3ca186e4@mail.gmail.com> <52a9d2e30910280058jf1d2241n66d48b66b04a5d50@mail.gmail.com> <52a9d2e30911040756y4543d25dhe655222a2cb7e352@mail.gmail.com> <4AF1AA92.1040309@redhat.com> Message-ID: <52a9d2e30911040900t17eab433hae0a97c24d857826@mail.gmail.com> Hi Yes, we have 30 different sub-suffixes, each with its own database, that are replicated over 30 differents centers (buildings). The same indexes (shown in a previous post) have been applied to all databases, included userroot, and all databases have been reindexed with those indexes. But that search keeps taking so long time (more than 6 minutes to return about 30000 objects, as said before). Regards. 2009/11/4 Rich Megginson : > Juan Asensio S?nchez wrote: >> >> Hi >> >> I am already having poor performance when running this query. Any more >> ideas to try? Could be related due to the data is across almost 30 >> different databases? >> > > Could be. ?What do you mean by "30 different databases"? ?Chaining? > ?Sub-suffixes? ?Can you provide more details? ?Note that index configuration > is specific to a database - so if you have sub-suffixes with their own > databases, you will have to make sure your attributes are indexed correctly > in all of those databases. >> >> Regards. >> >> >> El d?a 28 de octubre de 2009 08:58, Juan Asensio S?nchez >> escribi?: >> >>> >>> 2009/10/27 Andrey Ivanov : >>> >>>> >>>> 6 minutes for 25000 entries is obviously too much. On our server ?(HP of >>>> two >>>> years old ang 2Go of memory) ?8300 entries are returned in 0.77 seconds >>>> (the >>>> filter is almost like yours - "(&(uid=*)(objectClass=inetOrgPerson))"). >>>> There is certainly some problem either with the disk access or with the >>>> memory sizing or with the indexed searches in your configuration... Do >>>> you >>>> have the PRESENCE index on uid? >>>> >>>> >>> >>> For one moment I thought UID was not indexed, but I checked twice it >>> is indexed. These are all the attributes indexed in out databases: >>> >>> ?aci: >>> ? system: true >>> ? type: [pres] >>> >>> ?entryDN: >>> ? system: true >>> ? type: [eq] >>> >>> ?nscpEntryDN: >>> ? system: true >>> ? type: [eq] >>> >>> ?nsds5ReplConflict: >>> ? system: true >>> ? type: [eq, pres] >>> >>> ?nsUniqueId: >>> ? system: true >>> ? type: [eq] >>> >>> ?numSubordinates: >>> ? system: true >>> ? type: [pres] >>> >>> ?objectClass: >>> ? system: true >>> ? type: [eq, pres] >>> >>> ?parentID: >>> ? system: true >>> ? type: [eq] >>> >>> ?cn: >>> ? system: false >>> ? type: [pres, eq, sub] >>> >>> ?displayName: >>> ? system: false >>> ? type: [pres, eq, sub] >>> >>> ?gidNumber: >>> ? system: false >>> ? type: [pres, eq] >>> >>> ?givenName: >>> ? system: false >>> ? type: [pres, eq, sub] >>> >>> ?mail: >>> ? system: false >>> ? type: [pres, eq, sub] >>> >>> ?mailAlternateAddress: >>> ? system: false >>> ? type: [pres, eq, sub] >>> >>> ?memberOf: >>> ? system: false >>> ? type: [eq] >>> >>> ?memberUid: >>> ? system: false >>> ? type: [eq] >>> >>> ?ntUniqueId: >>> ? system: false >>> ? type: [eq] >>> >>> ?ntUserDomainId: >>> ? system: false >>> ? type: [eq] >>> >>> ?o: >>> ? system: false >>> ? type: [pres, eq, sub] >>> >>> ?ou: >>> ? system: false >>> ? type: [pres, eq, sub] >>> >>> ?sambaDomainName: >>> ? system: false >>> ? type: [pres, eq] >>> >>> ?sambaGroupType: >>> ? system: false >>> ? type: [pres, eq] >>> >>> ?sambaPrimaryGroupSID: >>> ? system: false >>> ? type: [pres, eq] >>> >>> ?sambaSID: >>> ? system: false >>> ? type: [pres, eq] >>> >>> ?sambaSIDList: >>> ? system: false >>> ? type: [pres, eq] >>> >>> ?seeAlso: >>> ? system: false >>> ? type: [pres, eq, sub] >>> >>> ?sn: >>> ? system: false >>> ? type: [pres, eq, sub] >>> >>> ?telephoneNumber: >>> ? system: false >>> ? type: [pres, eq, sub] >>> >>> ?uid: >>> ? system: false >>> ? type: [pres, eq, sub] >>> >>> ?uidNumber: >>> ? system: false >>> ? type: [pres, eq] >>> >>> ?uniqueMember: >>> ? system: false >>> ? type: [pres, eq, sub] >>> >>> (This is part of a file we use to define database indexes, adding or >>> removing necessary attributes to the default indexes). >>> >>> Regards. >>> >>> >> >> -- >> 389 users mailing list >> 389-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> > > > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > From luke-fds at schierer.org Wed Nov 4 19:36:40 2009 From: luke-fds at schierer.org (Luke Schierer) Date: Wed, 4 Nov 2009 14:36:40 -0500 (EST) Subject: [389-users] Links for new passsync files In-Reply-To: <4AF197CA.9030104@redhat.com> References: <4AF19635.6090302@ssaihq.com> <4AF197CA.9030104@redhat.com> Message-ID: <1665befc9bda9f3e442aaff3226a399d.squirrel@webmail.twocrazyguys.net> > James Roman wrote: >> I am unable to download the 1.2.1 versions of the passsync msi files. >> I could really use the x86_64 version. > Sorry about that. The links have been updated. > Feedback is welcome. Could we also please have a 1.2.x version of the console for windows? Thanks! Luke From rmeggins at redhat.com Wed Nov 4 19:55:52 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Wed, 04 Nov 2009 12:55:52 -0700 Subject: [389-users] Links for new passsync files In-Reply-To: <1665befc9bda9f3e442aaff3226a399d.squirrel@webmail.twocrazyguys.net> References: <4AF19635.6090302@ssaihq.com> <4AF197CA.9030104@redhat.com> <1665befc9bda9f3e442aaff3226a399d.squirrel@webmail.twocrazyguys.net> Message-ID: <4AF1DC48.8000508@redhat.com> Luke Schierer wrote: >> James Roman wrote: >> >>> I am unable to download the 1.2.1 versions of the passsync msi files. >>> I could really use the x86_64 version. >>> >> Sorry about that. The links have been updated. >> Feedback is welcome. >> > > Could we also please have a 1.2.x version of the console for windows? > Yep - working on it as I type . . . > Thanks! > > Luke > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From glenn at mail.txwes.edu Thu Nov 5 15:16:03 2009 From: glenn at mail.txwes.edu (Glenn) Date: Thu, 5 Nov 2009 10:16:03 -0500 Subject: [389-users] DSGW error with Macintosh Safari Message-ID: <20091105145530.M51288@mail.txwes.edu> We are using Fedora Directory 1.0.4 with Red Hat EL4. We use the Directory Gateway, and it works fine with Windows-based browers including Internet Explorer and Firefox. However, when we try to use Safari on a Macintosh computer, we get an error headed by the ominous "Problem". The error message is, "The charset is not supported (ISO_8859-1)". This appears whenever we try to authenticate or search the directory. The Googling I've done so far indicates that Safari might not be sending form data to the directory server whenever data is entered into a form, such as authentication credentials or search terms. We do not have a java expert in- house, so I'm hoping there is some simple tweak I can do to fix this. The Mac used for testing is a MacMini 1.1 running Mac OSX 10.4.11 and Safari 3.2.1 (4525.27.1). Thanks. -G. From glenn at mail.txwes.edu Thu Nov 5 17:02:09 2009 From: glenn at mail.txwes.edu (Glenn) Date: Thu, 5 Nov 2009 12:02:09 -0500 Subject: [389-users] Windows Console Quit Working Message-ID: <20091105165531.M1912@mail.txwes.edu> Sorry to be such a pest, but now I have another problem. The Windows console, which worked fine on my computer for two years, suddenly quit. I installed the latest console, but it does the same thing. It starts up fine and displays the login window. After I enter login credentials, the DOS window hangs. I'm copying the contents of the DOS window below. Any ideas appreciated. We are using Fedora Directory 1.0.4 on RHEL4. Thanks. -G. C:\Program Files\Fedora Identity Management Console>echo off C:\Program Files\Fedora Identity Management Console>"java" "- Djava.library.path= ." -cp "./jss4.jar;./ldapjdk.jar;./idm-console-base.jar;./idm-console- mcc.jar;./ idm-console-mcc_en.jar;./idm-console-nmclf.jar;./idm-console- nmclf_en.jar;./fedo ra-idm-console_en.jar" -Djava.util.prefs.systemRoot=/.fedora-idm-console - Djava. util.prefs.userRoot=/.fedora-idm-console com.netscape.management.client.console. Console Exception in thread "main" java.lang.UnsatisfiedLinkError: C:\Program Files\Fedo ra Identity Management Console\jss4.dll: The specified procedure could not be fo und at java.lang.ClassLoader$NativeLibrary.load(Native Method) at java.lang.ClassLoader.loadLibrary0(Unknown Source) at java.lang.ClassLoader.loadLibrary(Unknown Source) at java.lang.Runtime.loadLibrary0(Unknown Source) at java.lang.System.loadLibrary(Unknown Source) at org.mozilla.jss.CryptoManager.loadNativeLibraries (CryptoManager.java: 1339) at org.mozilla.jss.CryptoManager.initialize(CryptoManager.java:827) at org.mozilla.jss.CryptoManager.initialize(CryptoManager.java:800) at com.netscape.management.client.util.UtilConsoleGlobals.initJSS (Unknow n Source) at com.netscape.management.client.comm.HttpsChannel.(Unknown Sou rce) at com.netscape.management.client.comm.HttpManager.createChannel (Unknown Source) at com.netscape.management.client.comm.CommManager.send(Unknown Source) at com.netscape.management.client.comm.CommManager.send(Unknown Source) at com.netscape.management.client.comm.HttpManager.get(Unknown Source) at com.netscape.management.client.console.Console.invoke_task(Unknown So urce) at com.netscape.management.client.console.Console.authenticate_user (Unkn own Source) at com.netscape.management.client.console.Console.(Unknown Source) at com.netscape.management.client.console.Console.main(Unknown Source) From james.roman at ssaihq.com Thu Nov 5 17:22:39 2009 From: james.roman at ssaihq.com (James Roman) Date: Thu, 05 Nov 2009 12:22:39 -0500 Subject: [389-users] Links for new passsync files In-Reply-To: <4AF197CA.9030104@redhat.com> References: <4AF19635.6090302@ssaihq.com> <4AF197CA.9030104@redhat.com> Message-ID: <4AF309DF.9030805@ssaihq.com> Very first impression during installation. There is a weird chicken and egg problem. Installation fails because it can not start the passsync service. Service start-up fails because it can not establish an SSL connection. NSS database for SSL needs to be in the directory that is created during the install process. So you have to create a NSS database ahead of time, initiate the install process, when the service start up fails, drop your NSS database into the folder "389 directory password synchronization" folder and then hit "retry" to start up the service so that the installation completes successfully. Rich Megginson wrote: > James Roman wrote: >> I am unable to download the 1.2.1 versions of the passsync msi files. >> I could really use the x86_64 version. > Sorry about that. The links have been updated. > Feedback is welcome. >> >> -- >> 389 users mailing list >> 389-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users > > ------------------------------------------------------------------------ > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > From morenisco at noc-root.net Thu Nov 5 17:48:04 2009 From: morenisco at noc-root.net (Morenisco) Date: Thu, 5 Nov 2009 10:48:04 -0700 (MST) Subject: [389-users] Is there any SSO free implementation that works with Project-389? Message-ID: <23855.148.87.1.170.1257443284.squirrel@box427.bluehost.com> Hi, Well, I have experience with OID and the SSO that comes with the infrastructure (Oracle Internet Directory), and I would like to know if there is any single sign on free implementation that I could use with Project-389. I'm thinking about the followin event: when a person needs to change his own password, after have created his/her user account, and get login to some systems with the same credentials that are in the directory. Thats' all, thanks! -- Morenisco. Centro de Difusi?n de Software Libre. http://www.cdsl.cl http://trabajosfloss.cdsl.cl Blog: http://morenisco.noc-root.net From rmeggins at redhat.com Thu Nov 5 18:10:46 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Thu, 05 Nov 2009 11:10:46 -0700 Subject: [389-users] Links for new passsync files In-Reply-To: <4AF309DF.9030805@ssaihq.com> References: <4AF19635.6090302@ssaihq.com> <4AF197CA.9030104@redhat.com> <4AF309DF.9030805@ssaihq.com> Message-ID: <4AF31526.8010803@redhat.com> James Roman wrote: > Very first impression during installation. There is a weird chicken > and egg problem. Installation fails because it can not start the > passsync service. Service start-up fails because it can not establish > an SSL connection. NSS database for SSL needs to be in the directory > that is created during the install process. So you have to create a > NSS database ahead of time, initiate the install process, when the > service start up fails, drop your NSS database into the folder "389 > directory password synchronization" folder and then hit "retry" to > start up the service so that the installation completes successfully. What platform? What you are describing was a bug in the PassSync 1.1.1 package that should have been fixed in 1.1.2. If you are sure you're using the 1.1.2 package, then try this: open a cmd window msiexec /i \path\to\389-PassSync-1.1.2-x86_64.msi /l*v inst.log check inst.log for sensitive information paste inst.log to fpaste.org and email the link to the list > > Rich Megginson wrote: >> James Roman wrote: >>> I am unable to download the 1.2.1 versions of the passsync msi >>> files. I could really use the x86_64 version. >> Sorry about that. The links have been updated. >> Feedback is welcome. >>> >>> -- >>> 389 users mailing list >>> 389-users at redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> ------------------------------------------------------------------------ >> >> -- >> 389 users mailing list >> 389-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From james.roman at ssaihq.com Thu Nov 5 19:45:46 2009 From: james.roman at ssaihq.com (James Roman) Date: Thu, 05 Nov 2009 14:45:46 -0500 Subject: [389-users] Links for new passsync files In-Reply-To: <4AF31526.8010803@redhat.com> References: <4AF19635.6090302@ssaihq.com> <4AF197CA.9030104@redhat.com> <4AF309DF.9030805@ssaihq.com> <4AF31526.8010803@redhat.com> Message-ID: <4AF32B6A.1010702@ssaihq.com> Windows Server 2003 R2. The package is labeled 1.1.2-x86_64. I've already got it installed on both of my x86_64 domain controllers. I won't get the chance to delete it to test it until the weekend. Rich Megginson wrote: > James Roman wrote: >> Very first impression during installation. There is a weird chicken >> and egg problem. Installation fails because it can not start the >> passsync service. Service start-up fails because it can not establish >> an SSL connection. NSS database for SSL needs to be in the directory >> that is created during the install process. So you have to create a >> NSS database ahead of time, initiate the install process, when the >> service start up fails, drop your NSS database into the folder "389 >> directory password synchronization" folder and then hit "retry" to >> start up the service so that the installation completes successfully. > What platform? What you are describing was a bug in the PassSync > 1.1.1 package that should have been fixed in 1.1.2. If you are sure > you're using the 1.1.2 package, then try this: > > open a cmd window > msiexec /i \path\to\389-PassSync-1.1.2-x86_64.msi /l*v inst.log > check inst.log for sensitive information > paste inst.log to fpaste.org and email the link to the list >> >> Rich Megginson wrote: >>> James Roman wrote: >>>> I am unable to download the 1.2.1 versions of the passsync msi >>>> files. I could really use the x86_64 version. >>> Sorry about that. The links have been updated. >>> Feedback is welcome. >>>> >>>> -- >>>> 389 users mailing list >>>> 389-users at redhat.com >>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> >>> ------------------------------------------------------------------------ >>> >>> >>> -- >>> 389 users mailing list >>> 389-users at redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> >> >> -- >> 389 users mailing list >> 389-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users > > ------------------------------------------------------------------------ > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > From rmeggins at redhat.com Thu Nov 5 20:05:27 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Thu, 05 Nov 2009 13:05:27 -0700 Subject: [389-users] Links for new passsync files In-Reply-To: <4AF32B6A.1010702@ssaihq.com> References: <4AF19635.6090302@ssaihq.com> <4AF197CA.9030104@redhat.com> <4AF309DF.9030805@ssaihq.com> <4AF31526.8010803@redhat.com> <4AF32B6A.1010702@ssaihq.com> Message-ID: <4AF33007.80603@redhat.com> James Roman wrote: > Windows Server 2003 R2. The package is labeled 1.1.2-x86_64. I've > already got it installed on both of my x86_64 domain controllers. I > won't get the chance to delete it to test it until the weekend. Hmm - I tested the 1.1.2 packages on Windows Server 2003 32-bit and Windows Server 2008 64-bit - the passsync service failed to start, but installation completed. Has anyone else had this experience with the 1.1.2 packages? > > Rich Megginson wrote: >> James Roman wrote: >>> Very first impression during installation. There is a weird chicken >>> and egg problem. Installation fails because it can not start the >>> passsync service. Service start-up fails because it can not >>> establish an SSL connection. NSS database for SSL needs to be in the >>> directory that is created during the install process. So you have to >>> create a NSS database ahead of time, initiate the install process, >>> when the service start up fails, drop your NSS database into the >>> folder "389 directory password synchronization" folder and then hit >>> "retry" to start up the service so that the installation completes >>> successfully. >> What platform? What you are describing was a bug in the PassSync >> 1.1.1 package that should have been fixed in 1.1.2. If you are sure >> you're using the 1.1.2 package, then try this: >> >> open a cmd window >> msiexec /i \path\to\389-PassSync-1.1.2-x86_64.msi /l*v inst.log >> check inst.log for sensitive information >> paste inst.log to fpaste.org and email the link to the list >>> >>> Rich Megginson wrote: >>>> James Roman wrote: >>>>> I am unable to download the 1.2.1 versions of the passsync msi >>>>> files. I could really use the x86_64 version. >>>> Sorry about that. The links have been updated. >>>> Feedback is welcome. >>>>> >>>>> -- >>>>> 389 users mailing list >>>>> 389-users at redhat.com >>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>>> >>>> ------------------------------------------------------------------------ >>>> >>>> >>>> -- >>>> 389 users mailing list >>>> 389-users at redhat.com >>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>>> >>> >>> -- >>> 389 users mailing list >>> 389-users at redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> ------------------------------------------------------------------------ >> >> -- >> 389 users mailing list >> 389-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From cbryant-ical at corp.usa.net Thu Nov 5 22:40:01 2009 From: cbryant-ical at corp.usa.net (Chris Bryant) Date: Thu, 5 Nov 2009 17:40:01 -0500 Subject: [389-users] Problem browsing LDAP with Outlook Message-ID: When configuring Microsoft Outlook (not Outlook Express) to access an LDAP directory, there is an option to 'Enable Browsing (requires server support)'. If this option is chosen and the directory server supports it, then you should be able to open the LDAP address book and page up and down through the results. I have been unable to get this working properly with 389 DS. When I try to browse from Outlook against the 389 DS directory, I am able to see the first page of results perfectly. However, if I move to the next page, only the first object returned will have any attributes included, and all of the rest of the objects in the page will have no attributes. I have a test perl script that duplicates this functionality as well. I can get this to work properly with an older version of Netscape Directory Server, and I can get it working with OpenDS. Since 389 DS advertises support for the controls that are required for this to work, just like the other two servers, then I would expect it to work there also. Has anyone out there gotten this to work with 389 DS? If so, can you share if there was anything special that you needed to do to get this to work? I'm trying to determine if this is a bug in the server, or if I'm just missing something in the configuration. Thanks, Chris USA.NET You Run Your Business. We'll Run Your Email. This message is for the sole use of the intended recipient(s) and may contain confidential and/or privileged information of USA.NET, Inc. Any unauthorized review, use, copying, disclosure, or distribution is prohibited. If you are not the intended recipient, please immediately contact the sender by reply email and delete all copies of the original message. -------------- next part -------------- An HTML attachment was scrubbed... URL: From theiosx at gmail.com Fri Nov 6 09:20:13 2009 From: theiosx at gmail.com (Jesster Leight) Date: Fri, 6 Nov 2009 15:20:13 +0600 Subject: [389-users] Administration URL Message-ID: Where i can find Administration URL for 389-console ? After configuration with script /usr/sbin/setup-ds-admin.pl, nothing information about Administration URL : ----- Are you ready to set up your servers? [yes]: Creating directory server . . . Your new DS instance 'satellite' was successfully created. Creating the configuration directory server . . . Beginning Admin Server creation . . . Creating Admin Server files and directories . . . Updating adm.conf . . . Updating admpw . . . Registering admin server with the configuration directory server . . . Updating adm.conf with information from configuration directory server . . . Updating the configuration for the httpd engine . . . Starting admin server . . . The admin server was successfully started. Admin server was successfully created, configured, and started. Exiting . . . Log file is '/tmp/setup5Y5efv.log' -------------- next part -------------- An HTML attachment was scrubbed... URL: From okelet at gmail.com Fri Nov 6 09:22:31 2009 From: okelet at gmail.com (=?UTF-8?Q?Juan_Asensio_S=C3=A1nchez?=) Date: Fri, 6 Nov 2009 10:22:31 +0100 Subject: [389-users] Administration URL In-Reply-To: References: Message-ID: <52a9d2e30911060122n2a535517i8c8a3395aa0126f0@mail.gmail.com> It is the server name and the administration port specified during configuration. If you don't remember which is it, do "netstat -ptan". Regards. 2009/11/6 Jesster Leight : > Where i can find Administration URL for 389-console ? > After configuration with script /usr/sbin/setup-ds-admin.pl, nothing > information about Administration URL : > ----- > Are you ready to set up your servers? [yes]: > Creating directory server . . . > Your new DS instance 'satellite' was successfully created. > Creating the configuration directory server . . . > Beginning Admin Server creation . . . > Creating Admin Server files and directories . . . > Updating adm.conf . . . > Updating admpw . . . > Registering admin server with the configuration directory server . . . > Updating adm.conf with information from configuration directory server . . . > Updating the configuration for the httpd engine . . . > Starting admin server . . . > The admin server was successfully started. > Admin server was successfully created, configured, and started. > Exiting . . . > Log file is '/tmp/setup5Y5efv.log' > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > From theiosx at gmail.com Fri Nov 6 09:25:58 2009 From: theiosx at gmail.com (Jesster Leight) Date: Fri, 6 Nov 2009 15:25:58 +0600 Subject: [389-users] Administration URL In-Reply-To: <52a9d2e30911060122n2a535517i8c8a3395aa0126f0@mail.gmail.com> References: <52a9d2e30911060122n2a535517i8c8a3395aa0126f0@mail.gmail.com> Message-ID: Hello! Thanks for answer! Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:1290 0.0.0.0:* LISTEN 1829/python tcp 0 0 0.0.0.0:54091 0.0.0.0:* LISTEN 1213/rpc.statd tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1197/rpcbind tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN 1579/tnslsnr tcp 0 0 0.0.0.0:1521 0.0.0.0:* LISTEN 1579/tnslsnr tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN 2275/dnsmasq tcp 0 0 0.0.0.0:5269 0.0.0.0:* LISTEN 2018/s2s tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1525/sshd tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1284/cupsd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1715/sendmail: acce tcp 0 0 127.0.0.1:25151 0.0.0.0:* LISTEN 2302/python tcp 0 0 127.0.0.1:32000 0.0.0.0:* LISTEN 2187/java tcp 0 0 0.0.0.0:5347 0.0.0.0:* LISTEN 1901/router tcp 0 0 0.0.0.0:9830 0.0.0.0:* LISTEN 8932/httpd.worker tcp 0 0 0.0.0.0:5222 0.0.0.0:* LISTEN 1979/c2s tcp 0 0 0.0.0.0:56007 0.0.0.0:* LISTEN 1686/xe_d000_XE tcp 0 0 10.1.10.211:57118 74.125.87.17:80 ESTABLISHED 3579/firefox tcp 0 0 10.1.10.211:52615 10.1.10.211:1521 ESTABLISHED 1829/python tcp 0 0 10.1.10.211:1521 10.1.10.211:52634 ESTABLISHED 2442/oracleXE tcp 0 0 127.0.0.1:32000 127.0.0.1:31000 ESTABLISHED 2183/rhnsearchd tcp 0 0 10.1.10.211:1521 10.1.10.211:52636 ESTABLISHED 2471/oracleXE tcp 0 0 10.1.10.211:1521 10.1.10.211:46949 ESTABLISHED 12499/oracleXE tcp 0 0 10.1.10.211:1521 10.1.10.211:59407 ESTABLISHED 8280/oracleXE tcp 0 0 10.1.10.211:1521 10.1.10.211:46947 ESTABLISHED 12495/oracleXE tcp 0 0 10.1.10.211:1521 10.1.10.211:39255 ESTABLISHED 14876/oracleXE tcp 0 0 10.1.10.211:52625 10.1.10.211:1521 ESTABLISHED 2081/perl tcp 0 0 10.1.10.211:1521 10.1.10.211:46948 ESTABLISHED 12497/oracleXE tcp 0 0 10.1.10.211:1521 10.1.10.211:52622 ESTABLISHED 2044/oracleXE tcp 0 0 10.1.10.211:5222 10.1.10.211:56682 ESTABLISHED 1979/c2s tcp 0 0 10.1.10.211:1521 10.1.10.211:52613 ESTABLISHED 1579/tnslsnr tcp 0 0 10.1.10.211:1521 10.1.10.211:46951 ESTABLISHED 12503/oracleXE tcp 0 0 10.1.10.211:59407 10.1.10.211:1521 ESTABLISHED 1859/httpd tcp 0 0 10.1.10.211:1521 10.1.10.211:52625 ESTABLISHED 2093/oracleXE tcp 0 0 10.1.10.211:1521 10.1.10.211:52615 ESTABLISHED 1828/oracleXE tcp 0 0 127.0.0.1:48952 127.0.0.1:5347 ESTABLISHED 1979/c2s tcp 0 0 10.1.10.211:39255 10.1.10.211:1521 ESTABLISHED 1862/httpd tcp 0 0 10.1.10.211:57117 74.125.87.17:80 ESTABLISHED 3579/firefox tcp 0 0 10.1.10.211:1521 10.1.10.211:42756 ESTABLISHED 30065/oracleXE tcp 1 0 127.0.0.1:56618 127.0.0.1:25 CLOSE_WAIT 2081/perl tcp 0 0 10.1.10.211:1521 10.1.10.211:52637 ESTABLISHED 2473/oracleXE tcp 0 0 10.1.10.211:1521 10.1.10.211:54993 ESTABLISHED 10776/oracleXE tcp 0 0 127.0.0.1:5347 127.0.0.1:48950 ESTABLISHED 1901/router tcp 0 0 10.1.10.211:52622 10.1.10.211:1521 ESTABLISHED 2036/perl tcp 0 0 10.1.10.211:1521 10.1.10.211:52638 ESTABLISHED 2480/oracleXE tcp 0 0 10.1.10.211:39715 74.125.87.18:80 ESTABLISHED 3579/firefox tcp 1 0 10.1.10.211:41044 10.1.77.153:80 CLOSE_WAIT 7629/java tcp 0 0 127.0.0.1:48950 127.0.0.1:5347 ESTABLISHED 1940/sm tcp 0 0 127.0.0.1:48951 127.0.0.1:5347 ESTABLISHED 2018/s2s tcp 0 0 10.1.10.211:1521 10.1.10.211:46950 ESTABLISHED 12501/oracleXE tcp 1 0 127.0.0.1:56619 127.0.0.1:25 CLOSE_WAIT 2113/perl tcp 0 0 10.1.10.211:52613 10.1.10.211:1521 ESTABLISHED 1636/xe_pmon_XE tcp 0 0 127.0.0.1:5347 127.0.0.1:48952 ESTABLISHED 1901/router tcp 0 0 10.1.10.211:56682 10.1.10.211:5222 ESTABLISHED 1829/python tcp 0 0 10.1.10.211:54993 10.1.10.211:1521 ESTABLISHED 1860/httpd tcp 0 0 127.0.0.1:5347 127.0.0.1:48951 ESTABLISHED 1901/router tcp 0 0 ::ffff:127.0.0.1:2828 :::* LISTEN 2187/java tcp 0 0 :::111 :::* LISTEN 1197/rpcbind tcp 0 0 :::80 :::* LISTEN 1848/httpd tcp 0 0 :::22 :::* LISTEN 1525/sshd tcp 0 0 ::1:631 :::* LISTEN 1284/cupsd tcp 0 0 :::443 :::* LISTEN 1848/httpd tcp 0 0 :::389 :::* LISTEN 8832/ns-slapd tcp 0 0 ::ffff:127.0.0.1:8005 :::* LISTEN 1808/java tcp 0 0 ::ffff:10.1.10.211:46948 ::ffff:10.1.10.211:1521 ESTABLISHED 1808/java tcp 1 0 ::ffff:10.1.10.211:41050 ::ffff:10.1.77.153:80 CLOSE_WAIT 7629/java tcp 0 0 ::ffff:10.1.10.211:46947 ::ffff:10.1.10.211:1521 ESTABLISHED 1808/java tcp 1 0 ::ffff:10.1.10.211:41071 ::ffff:10.1.77.153:80 CLOSE_WAIT 7629/java tcp 0 0 ::ffff:10.1.10.211:52636 ::ffff:10.1.10.211:1521 ESTABLISHED 2187/java tcp 1 0 ::ffff:10.1.10.211:41051 ::ffff:10.1.77.153:80 CLOSE_WAIT 7629/java tcp 1 0 ::ffff:10.1.10.211:41056 ::ffff:10.1.77.153:80 CLOSE_WAIT 7629/java tcp 1 0 ::ffff:10.1.10.211:41060 ::ffff:10.1.77.153:80 CLOSE_WAIT 7629/java tcp 0 0 ::ffff:10.1.10.211:46951 ::ffff:10.1.10.211:1521 ESTABLISHED 1808/java tcp 0 0 ::ffff:10.1.10.211:42756 ::ffff:10.1.10.211:1521 ESTABLISHED 2187/java tcp 0 0 ::ffff:127.0.0.1:31000 ::ffff:127.0.0.1:32000 ESTABLISHED 2187/java tcp 1 0 ::ffff:10.1.10.211:41046 ::ffff:10.1.77.153:80 CLOSE_WAIT 7629/java tcp 0 0 ::ffff:10.1.10.211:52637 ::ffff:10.1.10.211:1521 ESTABLISHED 2187/java tcp 0 0 ::ffff:10.1.10.211:46950 ::ffff:10.1.10.211:1521 ESTABLISHED 1808/java tcp 1 0 ::ffff:10.1.10.211:41047 ::ffff:10.1.77.153:80 CLOSE_WAIT 7629/java tcp 0 0 ::ffff:10.1.10.211:46949 ::ffff:10.1.10.211:1521 ESTABLISHED 1808/java tcp 0 0 ::ffff:10.1.10.211:52638 ::ffff:10.1.10.211:1521 ESTABLISHED 2187/java tcp 0 0 ::ffff:10.1.10.211:52634 ::ffff:10.1.10.211:1521 ESTABLISHED 2187/java Which process name ? 2009/11/6 Juan Asensio S?nchez > It is the server name and the administration port specified during > configuration. If you don't remember which is it, do "netstat -ptan". > > Regards. > > 2009/11/6 Jesster Leight : > > Where i can find Administration URL for 389-console ? > > After configuration with script /usr/sbin/setup-ds-admin.pl, nothing > > information about Administration URL : > > ----- > > Are you ready to set up your servers? [yes]: > > Creating directory server . . . > > Your new DS instance 'satellite' was successfully created. > > Creating the configuration directory server . . . > > Beginning Admin Server creation . . . > > Creating Admin Server files and directories . . . > > Updating adm.conf . . . > > Updating admpw . . . > > Registering admin server with the configuration directory server . . . > > Updating adm.conf with information from configuration directory server . > . . > > Updating the configuration for the httpd engine . . . > > Starting admin server . . . > > The admin server was successfully started. > > Admin server was successfully created, configured, and started. > > Exiting . . . > > Log file is '/tmp/setup5Y5efv.log' > > > > -- > > 389 users mailing list > > 389-users at redhat.com > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- An HTML attachment was scrubbed... URL: From okelet at gmail.com Fri Nov 6 10:27:58 2009 From: okelet at gmail.com (=?UTF-8?Q?Juan_Asensio_S=C3=A1nchez?=) Date: Fri, 6 Nov 2009 11:27:58 +0100 Subject: [389-users] Administration URL In-Reply-To: References: <52a9d2e30911060122n2a535517i8c8a3395aa0126f0@mail.gmail.com> Message-ID: <52a9d2e30911060227p1b61c1afq8a19b20f8114fce6@mail.gmail.com> It should be this: tcp 0 0 0.0.0.0:9830 0.0.0.0:* LISTEN 8932/httpd.worker So you should try connect to the console with the URL http://server:9830. Regards. 2009/11/6 Jesster Leight : > Hello! Thanks for answer! > > Active Internet connections (servers and established) > Proto Recv-Q Send-Q Local Address?????????????? Foreign Address > State?????? PID/Program name > tcp??????? 0????? 0 0.0.0.0:1290??????????????? 0.0.0.0:* > LISTEN????? 1829/python > tcp??????? 0????? 0 0.0.0.0:54091?????????????? 0.0.0.0:* > LISTEN????? 1213/rpc.statd > tcp??????? 0????? 0 0.0.0.0:111???????????????? 0.0.0.0:* > LISTEN????? 1197/rpcbind > tcp??????? 0????? 0 127.0.0.1:8080????????????? 0.0.0.0:* > LISTEN????? 1579/tnslsnr > tcp??????? 0????? 0 0.0.0.0:1521??????????????? 0.0.0.0:* > LISTEN????? 1579/tnslsnr > tcp??????? 0????? 0 192.168.122.1:53??????????? 0.0.0.0:* > LISTEN????? 2275/dnsmasq > tcp??????? 0????? 0 0.0.0.0:5269??????????????? 0.0.0.0:* > LISTEN????? 2018/s2s > tcp??????? 0????? 0 0.0.0.0:22????????????????? 0.0.0.0:* > LISTEN????? 1525/sshd > tcp??????? 0????? 0 127.0.0.1:631?????????????? 0.0.0.0:* > LISTEN????? 1284/cupsd > tcp??????? 0????? 0 127.0.0.1:25??????????????? 0.0.0.0:* > LISTEN????? 1715/sendmail: acce > tcp??????? 0????? 0 127.0.0.1:25151???????????? 0.0.0.0:* > LISTEN????? 2302/python > tcp??????? 0????? 0 127.0.0.1:32000???????????? 0.0.0.0:* > LISTEN????? 2187/java > tcp??????? 0????? 0 0.0.0.0:5347??????????????? 0.0.0.0:* > LISTEN????? 1901/router > tcp??????? 0????? 0 0.0.0.0:9830??????????????? 0.0.0.0:* > LISTEN????? 8932/httpd.worker > tcp??????? 0????? 0 0.0.0.0:5222??????????????? 0.0.0.0:* > LISTEN????? 1979/c2s > tcp??????? 0????? 0 0.0.0.0:56007?????????????? 0.0.0.0:* > LISTEN????? 1686/xe_d000_XE > tcp??????? 0????? 0 10.1.10.211:57118?????????? 74.125.87.17:80 > ESTABLISHED 3579/firefox > tcp??????? 0????? 0 10.1.10.211:52615?????????? 10.1.10.211:1521 > ESTABLISHED 1829/python > tcp??????? 0????? 0 10.1.10.211:1521??????????? 10.1.10.211:52634 > ESTABLISHED 2442/oracleXE > tcp??????? 0????? 0 127.0.0.1:32000???????????? 127.0.0.1:31000 > ESTABLISHED 2183/rhnsearchd > tcp??????? 0????? 0 10.1.10.211:1521??????????? 10.1.10.211:52636 > ESTABLISHED 2471/oracleXE > tcp??????? 0????? 0 10.1.10.211:1521??????????? 10.1.10.211:46949 > ESTABLISHED 12499/oracleXE > tcp??????? 0????? 0 10.1.10.211:1521??????????? 10.1.10.211:59407 > ESTABLISHED 8280/oracleXE > tcp??????? 0????? 0 10.1.10.211:1521??????????? 10.1.10.211:46947 > ESTABLISHED 12495/oracleXE > tcp??????? 0????? 0 10.1.10.211:1521??????????? 10.1.10.211:39255 > ESTABLISHED 14876/oracleXE > tcp??????? 0????? 0 10.1.10.211:52625?????????? 10.1.10.211:1521 > ESTABLISHED 2081/perl > tcp??????? 0????? 0 10.1.10.211:1521??????????? 10.1.10.211:46948 > ESTABLISHED 12497/oracleXE > tcp??????? 0????? 0 10.1.10.211:1521??????????? 10.1.10.211:52622 > ESTABLISHED 2044/oracleXE > tcp??????? 0????? 0 10.1.10.211:5222??????????? 10.1.10.211:56682 > ESTABLISHED 1979/c2s > tcp??????? 0????? 0 10.1.10.211:1521??????????? 10.1.10.211:52613 > ESTABLISHED 1579/tnslsnr > tcp??????? 0????? 0 10.1.10.211:1521??????????? 10.1.10.211:46951 > ESTABLISHED 12503/oracleXE > tcp??????? 0????? 0 10.1.10.211:59407?????????? 10.1.10.211:1521 > ESTABLISHED 1859/httpd > tcp??????? 0????? 0 10.1.10.211:1521??????????? 10.1.10.211:52625 > ESTABLISHED 2093/oracleXE > tcp??????? 0????? 0 10.1.10.211:1521??????????? 10.1.10.211:52615 > ESTABLISHED 1828/oracleXE > tcp??????? 0????? 0 127.0.0.1:48952???????????? 127.0.0.1:5347 > ESTABLISHED 1979/c2s > tcp??????? 0????? 0 10.1.10.211:39255?????????? 10.1.10.211:1521 > ESTABLISHED 1862/httpd > tcp??????? 0????? 0 10.1.10.211:57117?????????? 74.125.87.17:80 > ESTABLISHED 3579/firefox > tcp??????? 0????? 0 10.1.10.211:1521??????????? 10.1.10.211:42756 > ESTABLISHED 30065/oracleXE > tcp??????? 1????? 0 127.0.0.1:56618???????????? 127.0.0.1:25 > CLOSE_WAIT? 2081/perl > tcp??????? 0????? 0 10.1.10.211:1521??????????? 10.1.10.211:52637 > ESTABLISHED 2473/oracleXE > tcp??????? 0????? 0 10.1.10.211:1521??????????? 10.1.10.211:54993 > ESTABLISHED 10776/oracleXE > tcp??????? 0????? 0 127.0.0.1:5347????????????? 127.0.0.1:48950 > ESTABLISHED 1901/router > tcp??????? 0????? 0 10.1.10.211:52622?????????? 10.1.10.211:1521 > ESTABLISHED 2036/perl > tcp??????? 0????? 0 10.1.10.211:1521??????????? 10.1.10.211:52638 > ESTABLISHED 2480/oracleXE > tcp??????? 0????? 0 10.1.10.211:39715?????????? 74.125.87.18:80 > ESTABLISHED 3579/firefox > tcp??????? 1????? 0 10.1.10.211:41044?????????? 10.1.77.153:80 > CLOSE_WAIT? 7629/java > tcp??????? 0????? 0 127.0.0.1:48950???????????? 127.0.0.1:5347 > ESTABLISHED 1940/sm > tcp??????? 0????? 0 127.0.0.1:48951???????????? 127.0.0.1:5347 > ESTABLISHED 2018/s2s > tcp??????? 0????? 0 10.1.10.211:1521??????????? 10.1.10.211:46950 > ESTABLISHED 12501/oracleXE > tcp??????? 1????? 0 127.0.0.1:56619???????????? 127.0.0.1:25 > CLOSE_WAIT? 2113/perl > tcp??????? 0????? 0 10.1.10.211:52613?????????? 10.1.10.211:1521 > ESTABLISHED 1636/xe_pmon_XE > tcp??????? 0????? 0 127.0.0.1:5347????????????? 127.0.0.1:48952 > ESTABLISHED 1901/router > tcp??????? 0????? 0 10.1.10.211:56682?????????? 10.1.10.211:5222 > ESTABLISHED 1829/python > tcp??????? 0????? 0 10.1.10.211:54993?????????? 10.1.10.211:1521 > ESTABLISHED 1860/httpd > tcp??????? 0????? 0 127.0.0.1:5347????????????? 127.0.0.1:48951 > ESTABLISHED 1901/router > tcp??????? 0????? 0 ::ffff:127.0.0.1:2828?????? :::* > LISTEN????? 2187/java > tcp??????? 0????? 0 :::111????????????????????? :::* > LISTEN????? 1197/rpcbind > tcp??????? 0????? 0 :::80?????????????????????? :::* > LISTEN????? 1848/httpd > tcp??????? 0????? 0 :::22?????????????????????? :::* > LISTEN????? 1525/sshd > tcp??????? 0????? 0 ::1:631???????????????????? :::* > LISTEN????? 1284/cupsd > tcp??????? 0????? 0 :::443????????????????????? :::* > LISTEN????? 1848/httpd > tcp??????? 0????? 0 :::389????????????????????? :::* > LISTEN????? 8832/ns-slapd > tcp??????? 0????? 0 ::ffff:127.0.0.1:8005?????? :::* > LISTEN????? 1808/java > tcp??????? 0????? 0 ::ffff:10.1.10.211:46948??? ::ffff:10.1.10.211:1521 > ESTABLISHED 1808/java > tcp??????? 1????? 0 ::ffff:10.1.10.211:41050??? ::ffff:10.1.77.153:80 > CLOSE_WAIT? 7629/java > tcp??????? 0????? 0 ::ffff:10.1.10.211:46947??? ::ffff:10.1.10.211:1521 > ESTABLISHED 1808/java > tcp??????? 1????? 0 ::ffff:10.1.10.211:41071??? ::ffff:10.1.77.153:80 > CLOSE_WAIT? 7629/java > tcp??????? 0????? 0 ::ffff:10.1.10.211:52636??? ::ffff:10.1.10.211:1521 > ESTABLISHED 2187/java > tcp??????? 1????? 0 ::ffff:10.1.10.211:41051??? ::ffff:10.1.77.153:80 > CLOSE_WAIT? 7629/java > tcp??????? 1????? 0 ::ffff:10.1.10.211:41056??? ::ffff:10.1.77.153:80 > CLOSE_WAIT? 7629/java > tcp??????? 1????? 0 ::ffff:10.1.10.211:41060??? ::ffff:10.1.77.153:80 > CLOSE_WAIT? 7629/java > tcp??????? 0????? 0 ::ffff:10.1.10.211:46951??? ::ffff:10.1.10.211:1521 > ESTABLISHED 1808/java > tcp??????? 0????? 0 ::ffff:10.1.10.211:42756??? ::ffff:10.1.10.211:1521 > ESTABLISHED 2187/java > tcp??????? 0????? 0 ::ffff:127.0.0.1:31000????? ::ffff:127.0.0.1:32000 > ESTABLISHED 2187/java > tcp??????? 1????? 0 ::ffff:10.1.10.211:41046??? ::ffff:10.1.77.153:80 > CLOSE_WAIT? 7629/java > tcp??????? 0????? 0 ::ffff:10.1.10.211:52637??? ::ffff:10.1.10.211:1521 > ESTABLISHED 2187/java > tcp??????? 0????? 0 ::ffff:10.1.10.211:46950??? ::ffff:10.1.10.211:1521 > ESTABLISHED 1808/java > tcp??????? 1????? 0 ::ffff:10.1.10.211:41047??? ::ffff:10.1.77.153:80 > CLOSE_WAIT? 7629/java > tcp??????? 0????? 0 ::ffff:10.1.10.211:46949??? ::ffff:10.1.10.211:1521 > ESTABLISHED 1808/java > tcp??????? 0????? 0 ::ffff:10.1.10.211:52638??? ::ffff:10.1.10.211:1521 > ESTABLISHED 2187/java > tcp??????? 0????? 0 ::ffff:10.1.10.211:52634??? ::ffff:10.1.10.211:1521 > ESTABLISHED 2187/java > > Which process name ? > > 2009/11/6 Juan Asensio S?nchez >> >> It is the server name and the administration port specified during >> configuration. If you don't remember which is it, do "netstat -ptan". >> >> Regards. >> >> 2009/11/6 Jesster Leight : >> > Where i can find Administration URL for 389-console ? >> > After configuration with script /usr/sbin/setup-ds-admin.pl, nothing >> > information about Administration URL : >> > ----- >> > Are you ready to set up your servers? [yes]: >> > Creating directory server . . . >> > Your new DS instance 'satellite' was successfully created. >> > Creating the configuration directory server . . . >> > Beginning Admin Server creation . . . >> > Creating Admin Server files and directories . . . >> > Updating adm.conf . . . >> > Updating admpw . . . >> > Registering admin server with the configuration directory server . . . >> > Updating adm.conf with information from configuration directory server . >> > . . >> > Updating the configuration for the httpd engine . . . >> > Starting admin server . . . >> > The admin server was successfully started. >> > Admin server was successfully created, configured, and started. >> > Exiting . . . >> > Log file is '/tmp/setup5Y5efv.log' >> > >> > -- >> > 389 users mailing list >> > 389-users at redhat.com >> > https://www.redhat.com/mailman/listinfo/fedora-directory-users >> > >> > >> >> -- >> 389 users mailing list >> 389-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > From d.alexander at lse.ac.uk Fri Nov 6 11:26:59 2009 From: d.alexander at lse.ac.uk (Derek Alexander) Date: Fri, 06 Nov 2009 11:26:59 +0000 Subject: [389-users] valid password characters? Message-ID: <4AF40803.8070809@lse.ac.uk> Hi, Just got this error message back from FDS. "LDAP: error code 19 - The value is not 7-bit clean" Looks like it was due to the user putting the following character in their password: '?' What are the constraints on valid characters in passwords? Have tried searching but don't see anything documented on the password policy or syntax pages. Cheers, Derek Please access the attached hyperlink for an important electronic communications disclaimer: http://www.lse.ac.uk/collections/secretariat/legal/disclaimer.htm From hartmann at fas.harvard.edu Fri Nov 6 13:15:43 2009 From: hartmann at fas.harvard.edu (Tim Hartmann) Date: Fri, 06 Nov 2009 08:15:43 -0500 Subject: [389-users] Attribute Rewrite / overlay? Message-ID: <4AF4217F.2030206@fas.harvard.edu> Hi, We've run into a situation where we are looking at chaining our directory with another directory, but need to rewrite one of the attributes? We need "cn: Joe User" to show up as "displayName: Joe User" In my research I noticed a feature which looked like it did that in openldap, and was hoping there was something similar in 389. http://www.openldap.org/doc/admin24/overlays.html#Rewrite/Remap I've dug into ACI's Views and COS and nothing seems to do remapping, though this thread gave me hope, but doesn't seems like it's quite what I'm looking for... http://www.mail-archive.com/fedora-directory-users at redhat.com/msg09764.html Has anyone done attribute remapping with 389 or is that still in the roadmap? Thanks! Tim From rmeggins at redhat.com Fri Nov 6 14:20:13 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Fri, 06 Nov 2009 07:20:13 -0700 Subject: [389-users] Attribute Rewrite / overlay? In-Reply-To: <4AF4217F.2030206@fas.harvard.edu> References: <4AF4217F.2030206@fas.harvard.edu> Message-ID: <4AF4309D.8000608@redhat.com> Tim Hartmann wrote: > Hi, > > We've run into a situation where we are looking at chaining our > directory with another directory, but need to rewrite one of the > attributes? We need "cn: Joe User" to show up as "displayName: Joe > User" In my research I noticed a feature which looked like it did > that in openldap, and was hoping there was something similar in 389. > http://www.openldap.org/doc/admin24/overlays.html#Rewrite/Remap > > I've dug into ACI's Views and COS and nothing seems to do remapping, > though this thread gave me hope, but doesn't seems like it's quite > what I'm looking for... > http://www.mail-archive.com/fedora-directory-users at redhat.com/msg09764.html > > > Has anyone done attribute remapping with 389 or is that still in the > roadmap? Sorry - still on the roadmap. > > Thanks! > > Tim > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From rmeggins at redhat.com Fri Nov 6 14:23:02 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Fri, 06 Nov 2009 07:23:02 -0700 Subject: [389-users] valid password characters? In-Reply-To: <4AF40803.8070809@lse.ac.uk> References: <4AF40803.8070809@lse.ac.uk> Message-ID: <4AF43146.3030903@redhat.com> Derek Alexander wrote: > Hi, > > Just got this error message back from FDS. > > "LDAP: error code 19 - The value is not 7-bit clean" > > Looks like it was due to the user putting the following character in their password: '?' > > What are the constraints on valid characters in passwords? > There is a 7-bit password checking plugin - this plugin rejects passwords that contain characters that use more than 7-bits (i.e. plain old ASCII). It used to be that older authentication systems/operating systems would barf on 8-bit passwords, but I don't think that is the case any longer. You can disable the the 7-bit plugin to allow 8-bit passwords. > Have tried searching but don't see anything documented on the password policy or syntax pages. > It's not really part of the password syntax stuff. > Cheers, > Derek > > Please access the attached hyperlink for an important electronic communications disclaimer: http://www.lse.ac.uk/collections/secretariat/legal/disclaimer.htm > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From rmeggins at redhat.com Fri Nov 6 14:29:24 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Fri, 06 Nov 2009 07:29:24 -0700 Subject: [389-users] Windows Console Quit Working In-Reply-To: <20091105165531.M1912@mail.txwes.edu> References: <20091105165531.M1912@mail.txwes.edu> Message-ID: <4AF432C4.3020209@redhat.com> Glenn wrote: > Sorry to be such a pest, but now I have another problem. The Windows > console, which worked fine on my computer for two years, suddenly quit. I > installed the latest console, but it does the same thing.It starts up fine > and displays the login window. After I enter login credentials, the DOS > window hangs. I'm copying the contents of the DOS window below. Any ideas > appreciated. We are using Fedora Directory 1.0.4 on RHEL4. Thanks. -G. > Something must have changed. Did you update Firefox on the machine? What else might have changed? > C:\Program Files\Fedora Identity Management Console>echo off > > C:\Program Files\Fedora Identity Management Console>"java" "- > Djava.library.path= > ." -cp "./jss4.jar;./ldapjdk.jar;./idm-console-base.jar;./idm-console- > mcc.jar;./ > idm-console-mcc_en.jar;./idm-console-nmclf.jar;./idm-console- > nmclf_en.jar;./fedo > ra-idm-console_en.jar" -Djava.util.prefs.systemRoot=/.fedora-idm-console - > Djava. > util.prefs.userRoot=/.fedora-idm-console > com.netscape.management.client.console. > Console > Exception in thread "main" java.lang.UnsatisfiedLinkError: C:\Program > Files\Fedo > ra Identity Management Console\jss4.dll: The specified procedure could not be > fo > und > at java.lang.ClassLoader$NativeLibrary.load(Native Method) > at java.lang.ClassLoader.loadLibrary0(Unknown Source) > at java.lang.ClassLoader.loadLibrary(Unknown Source) > at java.lang.Runtime.loadLibrary0(Unknown Source) > at java.lang.System.loadLibrary(Unknown Source) > at org.mozilla.jss.CryptoManager.loadNativeLibraries > (CryptoManager.java: > 1339) > at org.mozilla.jss.CryptoManager.initialize(CryptoManager.java:827) > at org.mozilla.jss.CryptoManager.initialize(CryptoManager.java:800) > at com.netscape.management.client.util.UtilConsoleGlobals.initJSS > (Unknow > n Source) > at com.netscape.management.client.comm.HttpsChannel.(Unknown > Sou > rce) > at com.netscape.management.client.comm.HttpManager.createChannel > (Unknown > Source) > at com.netscape.management.client.comm.CommManager.send(Unknown > Source) > at com.netscape.management.client.comm.CommManager.send(Unknown > Source) > at com.netscape.management.client.comm.HttpManager.get(Unknown Source) > at com.netscape.management.client.console.Console.invoke_task(Unknown > So > urce) > at com.netscape.management.client.console.Console.authenticate_user > (Unkn > own Source) > at com.netscape.management.client.console.Console.(Unknown > Source) > > at com.netscape.management.client.console.Console.main(Unknown Source) > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From psundaram at wgen.net Fri Nov 6 18:17:16 2009 From: psundaram at wgen.net (Prashanth Sundaram) Date: Fri, 06 Nov 2009 13:17:16 -0500 Subject: [389-users] Perl/python script to sync with AD Message-ID: Dear All, I finally got the 389-ds working with PAM-PTA and everything looks fine so far. I am investigating on scripting the AD sync using perl/python/ldapscripts(shell). Anybody has any advice on the choice. I see perl?s Net:LDAP is pretty comprehensive with easy to use functions, but just in case if your opinion differs. I have a Perl script which partially does the job and wouldn't mind sharing if you want to take a peep. requirements: 1. Sync one-way from AD --> LDAP with only posix attributes. 2. Disable/delete accounts in ldap if disabled/deleted in AD. 3. Sync Groups and its members. PS: I am a newbie with scripting. Thanks, Prashanth -------------- next part -------------- An HTML attachment was scrubbed... URL: From rmeggins at redhat.com Fri Nov 6 18:56:56 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Fri, 06 Nov 2009 11:56:56 -0700 Subject: [389-users] Perl/python script to sync with AD In-Reply-To: References: Message-ID: <4AF47178.3080804@redhat.com> Prashanth Sundaram wrote: > Dear All, > > I finally got the 389-ds working with PAM-PTA and everything looks > fine so far. I am investigating on scripting the AD sync using > perl/python/ldapscripts(shell). Anybody has any advice on the choice. > I see perl?s Net:LDAP is pretty comprehensive with easy to use > functions, but just in case if your opinion differs. I have a Perl > script which partially does the job and wouldn't mind sharing if you > want to take a peep. > > requirements: > > 1. Sync one-way from AD --> LDAP with only posix attributes. > 2. Disable/delete accounts in ldap if disabled/deleted in AD. > 3. Sync Groups and its members. > Sounds very nice. I'm sure the 389 community would be interested. Is the code available on the web somewhere? What is the license? I have a python-ldap module which implements support for the AD DirSync control (which is what 389 winsync uses to get changes from AD). It is available here - http://github.com/richm/scripts - dirsyncctrl.py If you need a place to keep track of your code, I recommend github. > > 1. > > > > PS: I am a newbie with scripting. > > Thanks, > Prashanth > > > > ------------------------------------------------------------------------ > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From glenn at mail.txwes.edu Fri Nov 6 19:32:25 2009 From: glenn at mail.txwes.edu (Glenn) Date: Fri, 6 Nov 2009 14:32:25 -0500 Subject: [389-users] Windows Console Quit Working In-Reply-To: <4AF432C4.3020209@redhat.com> References: <20091105165531.M1912@mail.txwes.edu> <4AF432C4.3020209@redhat.com> Message-ID: <20091106172145.M18740@mail.txwes.edu> I fixed this by adding the path of my Java installation to the path statement in the batch file that starts the console. It appears that Java installs java.exe in c:\windows\system32 as well as in c:\program files\java\jre6 \bin. The system32 folder is in the normal system path, so I guess Java is normally started from the system32 folder. For some reason, the console can't find the required libraries when Java is started from c:\windows\system32. Here is the relevant line from fedora-idm-console.bat with my addition: set PATH=%BASEPATH%;c:\program files\java\jre6\bin;%PATH% -G. ---------- Original Message ----------- From: Rich Megginson To: "General discussion list for the 389 Directory server project." Sent: Fri, 06 Nov 2009 07:29:24 -0700 Subject: Re: [389-users] Windows Console Quit Working > Glenn wrote: > > Sorry to be such a pest, but now I have another problem. The Windows > > console, which worked fine on my computer for two years, suddenly quit. I > > installed the latest console, but it does the same thing.It starts up fine > > and displays the login window. After I enter login credentials, the DOS > > window hangs. I'm copying the contents of the DOS window below. Any ideas > > appreciated. We are using Fedora Directory 1.0.4 on RHEL4. Thanks. -G. > > > Something must have changed. Did you update Firefox on the machine? > What else might have changed? > > C:\Program Files\Fedora Identity Management Console>echo off > > > > C:\Program Files\Fedora Identity Management Console>"java" "- > > Djava.library.path= > > ." -cp "./jss4.jar;./ldapjdk.jar;./idm-console-base.jar;./idm-console- > > mcc.jar;./ > > idm-console-mcc_en.jar;./idm-console-nmclf.jar;./idm-console- > > nmclf_en.jar;./fedo > > ra-idm-console_en.jar" -Djava.util.prefs.systemRoot=/.fedora-idm-console - > > Djava. > > util.prefs.userRoot=/.fedora-idm-console > > com.netscape.management.client.console. > > Console > > Exception in thread "main" java.lang.UnsatisfiedLinkError: C:\Program > > Files\Fedo > > ra Identity Management Console\jss4.dll: The specified procedure could not be > > fo > > und > > at java.lang.ClassLoader$NativeLibrary.load(Native Method) > > at java.lang.ClassLoader.loadLibrary0(Unknown Source) > > at java.lang.ClassLoader.loadLibrary(Unknown Source) > > at java.lang.Runtime.loadLibrary0(Unknown Source) > > at java.lang.System.loadLibrary(Unknown Source) > > at org.mozilla.jss.CryptoManager.loadNativeLibraries > > (CryptoManager.java: > > 1339) > > at org.mozilla.jss.CryptoManager.initialize (CryptoManager.java:827) > > at org.mozilla.jss.CryptoManager.initialize (CryptoManager.java:800) > > at com.netscape.management.client.util.UtilConsoleGlobals.initJSS > > (Unknow > > n Source) > > at com.netscape.management.client.comm.HttpsChannel. (Unknown > > Sou > > rce) > > at com.netscape.management.client.comm.HttpManager.createChannel > > (Unknown > > Source) > > at com.netscape.management.client.comm.CommManager.send(Unknown > > Source) > > at com.netscape.management.client.comm.CommManager.send(Unknown > > Source) > > at com.netscape.management.client.comm.HttpManager.get(Unknown Source) > > at com.netscape.management.client.console.Console.invoke_task (Unknown > > So > > urce) > > at com.netscape.management.client.console.Console.authenticate_user > > (Unkn > > own Source) > > at com.netscape.management.client.console.Console.(Unknown > > Source) > > > > at com.netscape.management.client.console.Console.main(Unknown Source) > > > > -- > > 389 users mailing list > > 389-users at redhat.com > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > ------- End of Original Message ------- From rmeggins at redhat.com Fri Nov 6 20:08:30 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Fri, 06 Nov 2009 13:08:30 -0700 Subject: [389-users] Windows Console Quit Working In-Reply-To: <20091106172145.M18740@mail.txwes.edu> References: <20091105165531.M1912@mail.txwes.edu> <4AF432C4.3020209@redhat.com> <20091106172145.M18740@mail.txwes.edu> Message-ID: <4AF4823E.7010603@redhat.com> Glenn wrote: > I fixed this by adding the path of my Java installation to the path statement > in the batch file that starts the console. It appears that Java installs > java.exe in c:\windows\system32 as well as in c:\program files\java\jre6 > \bin. The system32 folder is in the normal system path, so I guess Java is > normally started from the system32 folder. Not sure about java, but the console .bat file should always be started from the \program files\fedora whatever console folder. That must be the working directory because that's where the required .dlls are located. If the the .dlls cannot be located in the current working directory, then they are looked for in the PATH. > For some reason, the console > can't find the required libraries when Java is started from > c:\windows\system32 Right - see above > Here is the relevant line from fedora-idm-console.bat > with my addition: > > set PATH=%BASEPATH%;c:\program files\java\jre6\bin;%PATH% > > -G. > > > ---------- Original Message ----------- > From: Rich Megginson > To: "General discussion list for the 389 Directory server project." directory-users at redhat.com> > Sent: Fri, 06 Nov 2009 07:29:24 -0700 > Subject: Re: [389-users] Windows Console Quit Working > > >> Glenn wrote: >> >>> Sorry to be such a pest, but now I have another problem. The Windows >>> console, which worked fine on my computer for two years, suddenly quit. >>> > I > >>> installed the latest console, but it does the same thing.It starts up >>> > fine > >>> and displays the login window. After I enter login credentials, the DOS >>> window hangs. I'm copying the contents of the DOS window below. Any >>> > ideas > >>> appreciated. We are using Fedora Directory 1.0.4 on RHEL4. Thanks. -G. >>> >>> >> Something must have changed. Did you update Firefox on the machine? >> What else might have changed? >> >>> C:\Program Files\Fedora Identity Management Console>echo off >>> >>> C:\Program Files\Fedora Identity Management Console>"java" "- >>> Djava.library.path= >>> ." -cp "./jss4.jar;./ldapjdk.jar;./idm-console-base.jar;./idm-console- >>> mcc.jar;./ >>> idm-console-mcc_en.jar;./idm-console-nmclf.jar;./idm-console- >>> nmclf_en.jar;./fedo >>> ra-idm-console_en.jar" -Djava.util.prefs.systemRoot=/.fedora-idm-console - >>> Djava. >>> util.prefs.userRoot=/.fedora-idm-console >>> com.netscape.management.client.console. >>> Console >>> Exception in thread "main" java.lang.UnsatisfiedLinkError: C:\Program >>> Files\Fedo >>> ra Identity Management Console\jss4.dll: The specified procedure could >>> > not be > >>> fo >>> und >>> at java.lang.ClassLoader$NativeLibrary.load(Native Method) >>> at java.lang.ClassLoader.loadLibrary0(Unknown Source) >>> at java.lang.ClassLoader.loadLibrary(Unknown Source) >>> at java.lang.Runtime.loadLibrary0(Unknown Source) >>> at java.lang.System.loadLibrary(Unknown Source) >>> at org.mozilla.jss.CryptoManager.loadNativeLibraries >>> (CryptoManager.java: >>> 1339) >>> at org.mozilla.jss.CryptoManager.initialize >>> > (CryptoManager.java:827) > >>> at org.mozilla.jss.CryptoManager.initialize >>> > (CryptoManager.java:800) > >>> at com.netscape.management.client.util.UtilConsoleGlobals.initJSS >>> (Unknow >>> n Source) >>> at com.netscape.management.client.comm.HttpsChannel. >>> > (Unknown > >>> Sou >>> rce) >>> at com.netscape.management.client.comm.HttpManager.createChannel >>> (Unknown >>> Source) >>> at com.netscape.management.client.comm.CommManager.send(Unknown >>> Source) >>> at com.netscape.management.client.comm.CommManager.send(Unknown >>> Source) >>> at com.netscape.management.client.comm.HttpManager.get(Unknown >>> > Source) > >>> at com.netscape.management.client.console.Console.invoke_task >>> > (Unknown > >>> So >>> urce) >>> at >>> > com.netscape.management.client.console.Console.authenticate_user > >>> (Unkn >>> own Source) >>> at com.netscape.management.client.console.Console.(Unknown >>> Source) >>> >>> at com.netscape.management.client.console.Console.main(Unknown >>> > Source) > >>> -- >>> 389 users mailing list >>> 389-users at redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> >>> > ------- End of Original Message ------- > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From hartmann at fas.harvard.edu Fri Nov 6 20:12:20 2009 From: hartmann at fas.harvard.edu (Tim Hartmann) Date: Fri, 06 Nov 2009 15:12:20 -0500 Subject: [389-users] Attribute Rewrite / overlay? In-Reply-To: <4AF4309D.8000608@redhat.com> References: <4AF4217F.2030206@fas.harvard.edu> <4AF4309D.8000608@redhat.com> Message-ID: <4AF48324.8000201@fas.harvard.edu> Rich Megginson wrote: > Tim Hartmann wrote: >> Hi, >> >> We've run into a situation where we are looking at chaining our >> directory with another directory, but need to rewrite one of the >> attributes? We need "cn: Joe User" to show up as "displayName: Joe >> User" In my research I noticed a feature which looked like it did >> that in openldap, and was hoping there was something similar in 389. >> http://www.openldap.org/doc/admin24/overlays.html#Rewrite/Remap >> >> I've dug into ACI's Views and COS and nothing seems to do remapping, >> though this thread gave me hope, but doesn't seems like it's quite >> what I'm looking for... >> http://www.mail-archive.com/fedora-directory-users at redhat.com/msg09764.html >> >> >> Has anyone done attribute remapping with 389 or is that still in the >> roadmap? > Sorry - still on the roadmap. >> Thanks! >> >> Tim >> >> -- >> 389 users mailing list >> 389-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users > Thanks Rich, I'll come up with a work around until it's implemented! From orion at cora.nwra.com Fri Nov 6 21:52:34 2009 From: orion at cora.nwra.com (Orion Poplawski) Date: Fri, 06 Nov 2009 14:52:34 -0700 Subject: [389-users] Re: Fedora EPEL 5 updates-testing report - 389 coming to EPEL. In-Reply-To: <20091106183253.4F6BC10F8A3@bastion2.fedora.phx.redhat.com> References: <20091106183253.4F6BC10F8A3@bastion2.fedora.phx.redhat.com> Message-ID: <4AF49AA2.5060107@cora.nwra.com> On 11/06/2009 11:32 AM, updates at fedoraproject.org wrote: > The following builds have been pushed to Fedora EPEL 5 updates-testing > > 389-admin-1.1.9-1.el5 > 389-admin-console-1.1.4-3.el5 > 389-adminutil-1.1.8-4.el5 > 389-ds-1.1.3-6.el5 > 389-ds-base-1.2.4-1.el5 > 389-ds-console-1.2.0-5.el5 > 389-dsgw-1.1.4-1.el5 > idm-console-framework-1.1.3-3.el5 > jss-4.2.5-1.el5 > > Details about builds: > > > ================================================================================ > 389-admin-1.1.9-1.el5 (FEDORA-EPEL-2009-0803) > 389 Administration Server (admin) > -------------------------------------------------------------------------------- > Update Information: > > 389 package suite now available in EPEL. > -------------------------------------------------------------------------------- Looks like we're still waiting for 389-console too: 389-ds-1.1.3-6.el5.noarch from epel-testing has depsolving problems --> Missing Dependency: 389-console is needed by package 389-ds-1.1.3-6.el5.noarch (epel-testing) But more to the point, what are the gotchas upgrading from: fedora-ds-admin-console-1.1.2-1.el5 fedora-ds-1.1.2-1.el5 fedora-ds-admin-1.1.6-1.el5 fedora-ds-dsgw-1.1.1-1.el5 fedora-ds-base-1.1.2-1.el5 fedora-ds-console-1.1.2-2.el5 I seem to recall a warning posted somewhere about things getting shutdown/removed. Anything else? -- Orion Poplawski Technical Manager 303-415-9701 x222 NWRA/CoRA Division FAX: 303-415-9702 3380 Mitchell Lane orion at cora.nwra.com Boulder, CO 80301 http://www.cora.nwra.com From andrey.ivanov at polytechnique.fr Sun Nov 8 15:14:18 2009 From: andrey.ivanov at polytechnique.fr (Andrey Ivanov) Date: Sun, 8 Nov 2009 16:14:18 +0100 Subject: [389-users] Problem browsing LDAP with Outlook In-Reply-To: References: Message-ID: <1601b8650911080714r30f002b7tc5f4fad74bd94919@mail.gmail.com> Hi, we have no problem using outlook to browse LDAP as you describe it. We have approximately 10000 entries in our LDAP. The only additional tuning we have made is the optimisation by VLV index and a little change in the ACI for the VLV Request Control: # Replace ldap:///all (authentified users) by ldap:///anyone (everyone, including anonymous) # old aci: (targetattr != "aci")(version 3.0; acl "VLV Request Control"; allow(read ,search, compare) userdn = "ldap:///all";) dn: oid=2.16.840.1.113730.3.4.9,cn=features,cn=config changetype: modify replace: aci aci: (targetattr != "aci")(version 3.0; acl "VLV Request Control"; allow(read,search,compare) userdn = "ldap:///anyone";) # Add a special index for Outlook VLV dn: cn=Outlook Browse,cn=userRoot,cn=ldbm database,cn=plugins,cn=config changetype: add cn: Outlook Browse objectClass: top objectClass: vlvsearch aci: (targetattr != "aci")(version 3.0; acl "VLV Request Control"; allow(read,search,compare) userdn = "ldap:///anyone";) vlvBase: ou=Users,dc=example,dc=com vlvFilter: (&(mail=*)(cn=*)) vlvScope: 2 dn: cn=Outlook Browse Index,cn=Outlook Browse,cn=userRoot,cn=ldbm database,cn=plugins,cn=config changetype: add cn: Outlook Browse Index objectClass: top objectClass: vlvindex aci: (targetattr != "aci")(version 3.0; acl "VLV Request Control"; allow(read,search,compare) userdn = "ldap:///anyone";) vlvEnabled: 1 vlvSort: cn @+ 2009/11/5 Chris Bryant > When configuring Microsoft Outlook (not Outlook Express) to access an > LDAP directory, there is an option to 'Enable Browsing (requires server > support)'. If this option is chosen and the directory server supports it, > then you should be able to open the LDAP address book and page up and down > through the results. I have been unable to get this working properly with > 389 DS. > > When I try to browse from Outlook against the 389 DS directory, I am able > to see the first page of results perfectly. However, if I move to the next > page, only the first object returned will have any attributes included, and > all of the rest of the objects in the page will have no attributes. I have > a test perl script that duplicates this functionality as well. > > I can get this to work properly with an older version of Netscape Directory > Server, and I can get it working with OpenDS. Since 389 DS advertises > support for the controls that are required for this to work, just like the > other two servers, then I would expect it to work there also. > > Has anyone out there gotten this to work with 389 DS? If so, can you share > if there was anything special that you needed to do to get this to work? > I'm trying to determine if this is a bug in the server, or if I'm just > missing something in the configuration. > > Thanks, > Chris > > * USA.NET* > *You Run Your Business. We'll Run Your Email.?* > > This message is for the sole use of the intended recipient(s) and may > contain confidential and/or privileged information of USA.NET, > Inc. Any unauthorized review, use, copying, disclosure, or distribution is > prohibited. If you are not the intended recipient, please immediately > contact the sender by reply email and delete all copies of the original > message. > > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrey.ivanov at polytechnique.fr Sun Nov 8 15:16:56 2009 From: andrey.ivanov at polytechnique.fr (Andrey Ivanov) Date: Sun, 8 Nov 2009 16:16:56 +0100 Subject: [389-users] Is there any SSO free implementation that works with Project-389? In-Reply-To: <23855.148.87.1.170.1257443284.squirrel@box427.bluehost.com> References: <23855.148.87.1.170.1257443284.squirrel@box427.bluehost.com> Message-ID: <1601b8650911080716r74967c0cid5a069a9a4c8f53c@mail.gmail.com> Hi, Any SSO implementation that works with any other LDAP server will work. 2009/11/5 Morenisco > Hi, > > Well, I have experience with OID and the SSO that comes with the > infrastructure (Oracle Internet Directory), and I would like to know if > there is any single sign on free implementation that I could use with > Project-389. > > I'm thinking about the followin event: when a person needs to change his > own password, after have created his/her user account, and get login to > some systems with the same credentials that are in the directory. > > Thats' all, thanks! > > > -- > Morenisco. > > Centro de Difusi?n de Software Libre. > http://www.cdsl.cl > http://trabajosfloss.cdsl.cl > Blog: http://morenisco.noc-root.net > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- An HTML attachment was scrubbed... URL: From theiosx at gmail.com Mon Nov 9 06:57:51 2009 From: theiosx at gmail.com (Jesster Leight) Date: Mon, 9 Nov 2009 12:57:51 +0600 Subject: [389-users] Administration URL Message-ID: Hello, How I can enter to the 389-console ? I need correct port for Administration URL. (for example 0.0.0.0:9830 0.0.0.0:* LISTEN 8932/httpd.worker) On my Fedora 11 i have RHN-Satellite and 389 Directory Server. Satellite service stoped and /etc/init.d/dirsrv started. Netstat show next stats: $ netstat -ptan Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:57485 0.0.0.0:* LISTEN 1223/rpc.statd tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1205/rpcbind tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN 2281/dnsmasq tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1558/sshd tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1294/cupsd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1722/sendmail: acce tcp 0 0 10.1.10.211:35594 74.125.87.167:80 ESTABLISHED 7784/firefox tcp 0 0 10.1.10.211:57888 74.125.87.189:80 ESTABLISHED 7784/firefox tcp 0 0 10.1.10.211:36308 74.125.87.103:80 ESTABLISHED 7784/firefox tcp 0 0 10.1.10.211:44402 74.125.87.132:80 ESTABLISHED 7784/firefox tcp 0 0 10.1.10.211:41462 74.125.87.17:80 ESTABLISHED 7784/firefox tcp 0 0 10.1.10.211:41463 74.125.87.17:80 TIME_WAIT - tcp 0 0 :::111 :::* LISTEN 1205/rpcbind tcp 0 0 :::22 :::* LISTEN 1558/sshd tcp 0 0 ::1:631 :::* LISTEN 1294/cupsd tcp 0 0 :::389 :::* LISTEN 9637/ns-slapd $ /etc/init.d/dirsrv status dirsrv satellite (pid 9637) is running... Where is httpd.worker processes ? -------------- next part -------------- An HTML attachment was scrubbed... URL: From okelet at gmail.com Mon Nov 9 07:16:42 2009 From: okelet at gmail.com (=?UTF-8?Q?Juan_Asensio_S=C3=A1nchez?=) Date: Mon, 9 Nov 2009 08:16:42 +0100 Subject: [389-users] Administration URL In-Reply-To: References: Message-ID: <52a9d2e30911082316p454a235et32c3028f6c7010d3@mail.gmail.com> Hi Yo should check if /etc/inid.t/dirsrv-admin is running. Dirsrv is the directory server service, and dirsrv-admin is the directory server administration console service. To administer the directory server with the console, you must connect to dirsrv-admin, not dirsrv. Be sure dirsrv-admin is started, and then run again netstat to check whuch port is being used. regards. 2009/11/9 Jesster Leight : > Hello, How I can enter to the 389-console ? > I need correct port for Administration URL. (for example 0.0.0.0:9830 > 0.0.0.0:* LISTEN 8932/httpd.worker) > > On my Fedora 11 i have RHN-Satellite and 389 Directory Server. Satellite > service stoped and /etc/init.d/dirsrv started. > Netstat show next stats: > > $ netstat -ptan > Active Internet connections (servers and established) > Proto Recv-Q Send-Q Local Address?????????????? Foreign Address > State?????? PID/Program name > tcp??????? 0????? 0 0.0.0.0:57485?????????????? 0.0.0.0:* > LISTEN????? 1223/rpc.statd > tcp??????? 0????? 0 0.0.0.0:111???????????????? 0.0.0.0:* > LISTEN????? 1205/rpcbind > tcp??????? 0????? 0 192.168.122.1:53??????????? 0.0.0.0:* > LISTEN????? 2281/dnsmasq > tcp??????? 0????? 0 0.0.0.0:22????????????????? 0.0.0.0:* > LISTEN????? 1558/sshd > tcp??????? 0????? 0 127.0.0.1:631?????????????? 0.0.0.0:* > LISTEN????? 1294/cupsd > tcp??????? 0????? 0 127.0.0.1:25??????????????? 0.0.0.0:* > LISTEN????? 1722/sendmail: acce > tcp??????? 0????? 0 10.1.10.211:35594?????????? 74.125.87.167:80 > ESTABLISHED 7784/firefox > tcp??????? 0????? 0 10.1.10.211:57888?????????? 74.125.87.189:80 > ESTABLISHED 7784/firefox > tcp??????? 0????? 0 10.1.10.211:36308?????????? 74.125.87.103:80 > ESTABLISHED 7784/firefox > tcp??????? 0????? 0 10.1.10.211:44402?????????? 74.125.87.132:80 > ESTABLISHED 7784/firefox > tcp??????? 0????? 0 10.1.10.211:41462?????????? 74.125.87.17:80 > ESTABLISHED 7784/firefox > tcp??????? 0????? 0 10.1.10.211:41463?????????? 74.125.87.17:80 > TIME_WAIT?? - > tcp??????? 0????? 0 :::111????????????????????? :::* > LISTEN????? 1205/rpcbind > tcp??????? 0????? 0 :::22?????????????????????? :::* > LISTEN????? 1558/sshd > tcp??????? 0????? 0 ::1:631???????????????????? :::* > LISTEN????? 1294/cupsd > tcp??????? 0????? 0 :::389????????????????????? :::* > LISTEN????? 9637/ns-slapd > > $ /etc/init.d/dirsrv status > dirsrv satellite (pid 9637) is running... > > Where is httpd.worker processes ? > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > From theiosx at gmail.com Mon Nov 9 08:36:05 2009 From: theiosx at gmail.com (Jesster Leight) Date: Mon, 9 Nov 2009 14:36:05 +0600 Subject: [389-users] Administration URL In-Reply-To: <52a9d2e30911082316p454a235et32c3028f6c7010d3@mail.gmail.com> References: <52a9d2e30911082316p454a235et32c3028f6c7010d3@mail.gmail.com> Message-ID: Thanks, It works! 2009/11/9 Juan Asensio S?nchez > Hi > > Yo should check if /etc/inid.t/dirsrv-admin is running. Dirsrv is the > directory server service, and dirsrv-admin is the directory server > administration console service. To administer the directory server > with the console, you must connect to dirsrv-admin, not dirsrv. Be > sure dirsrv-admin is started, and then run again netstat to check > whuch port is being used. > > regards. > > 2009/11/9 Jesster Leight : > > Hello, How I can enter to the 389-console ? > > I need correct port for Administration URL. (for example 0.0.0.0:9830 > > 0.0.0.0:* LISTEN 8932/httpd.worker) > > > > On my Fedora 11 i have RHN-Satellite and 389 Directory Server. Satellite > > service stoped and /etc/init.d/dirsrv started. > > Netstat show next stats: > > > > $ netstat -ptan > > Active Internet connections (servers and established) > > Proto Recv-Q Send-Q Local Address Foreign Address > > State PID/Program name > > tcp 0 0 0.0.0.0:57485 0.0.0.0:* > > LISTEN 1223/rpc.statd > > tcp 0 0 0.0.0.0:111 0.0.0.0:* > > LISTEN 1205/rpcbind > > tcp 0 0 192.168.122.1:53 0.0.0.0:* > > LISTEN 2281/dnsmasq > > tcp 0 0 0.0.0.0:22 0.0.0.0:* > > LISTEN 1558/sshd > > tcp 0 0 127.0.0.1:631 0.0.0.0:* > > LISTEN 1294/cupsd > > tcp 0 0 127.0.0.1:25 0.0.0.0:* > > LISTEN 1722/sendmail: acce > > tcp 0 0 10.1.10.211:35594 74.125.87.167:80 > > ESTABLISHED 7784/firefox > > tcp 0 0 10.1.10.211:57888 74.125.87.189:80 > > ESTABLISHED 7784/firefox > > tcp 0 0 10.1.10.211:36308 74.125.87.103:80 > > ESTABLISHED 7784/firefox > > tcp 0 0 10.1.10.211:44402 74.125.87.132:80 > > ESTABLISHED 7784/firefox > > tcp 0 0 10.1.10.211:41462 74.125.87.17:80 > > ESTABLISHED 7784/firefox > > tcp 0 0 10.1.10.211:41463 74.125.87.17:80 > > TIME_WAIT - > > tcp 0 0 :::111 :::* > > LISTEN 1205/rpcbind > > tcp 0 0 :::22 :::* > > LISTEN 1558/sshd > > tcp 0 0 ::1:631 :::* > > LISTEN 1294/cupsd > > tcp 0 0 :::389 :::* > > LISTEN 9637/ns-slapd > > > > $ /etc/init.d/dirsrv status > > dirsrv satellite (pid 9637) is running... > > > > Where is httpd.worker processes ? > > > > -- > > 389 users mailing list > > 389-users at redhat.com > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- An HTML attachment was scrubbed... URL: From Jean-Noel.Chardron at dr15.cnrs.fr Mon Nov 9 14:40:32 2009 From: Jean-Noel.Chardron at dr15.cnrs.fr (=?ISO-8859-1?Q?jean-No=EBl_Chardron?=) Date: Mon, 09 Nov 2009 15:40:32 +0100 Subject: [389-users] Links for new passsync files In-Reply-To: <4AF31526.8010803@redhat.com> References: <4AF19635.6090302@ssaihq.com> <4AF197CA.9030104@redhat.com> <4AF309DF.9030805@ssaihq.com> <4AF31526.8010803@redhat.com> Message-ID: <4AF829E0.40604@dr15.cnrs.fr> Rich Megginson wrote: > James Roman wrote: >> Very first impression during installation. There is a weird chicken >> and egg problem. Installation fails because it can not start the >> passsync service. Service start-up fails because it can not establish >> an SSL connection. NSS database for SSL needs to be in the directory >> that is created during the install process. So you have to create a >> NSS database ahead of time, initiate the install process, when the >> service start up fails, drop your NSS database into the folder "389 >> directory password synchronization" folder and then hit "retry" to >> start up the service so that the installation completes successfully. > What platform? What you are describing was a bug in the PassSync > 1.1.1 package that should have been fixed in 1.1.2. If you are sure > you're using the 1.1.2 package, then try this: > > open a cmd window > msiexec /i \path\to\389-PassSync-1.1.2-x86_64.msi /l*v inst.log > check inst.log for sensitive information > paste inst.log to fpaste.org and email the link to the list Same problem on a Windows 2008R2 32 bits ; the log file of installation is : http://fpaste.org/yqni/ From rmeggins at redhat.com Mon Nov 9 23:36:14 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Mon, 09 Nov 2009 16:36:14 -0700 Subject: [389-users] Links for new passsync files In-Reply-To: <4AF829E0.40604@dr15.cnrs.fr> References: <4AF19635.6090302@ssaihq.com> <4AF197CA.9030104@redhat.com> <4AF309DF.9030805@ssaihq.com> <4AF31526.8010803@redhat.com> <4AF829E0.40604@dr15.cnrs.fr> Message-ID: <4AF8A76E.4030504@redhat.com> jean-No?l Chardron wrote: > Rich Megginson wrote: >> James Roman wrote: >>> Very first impression during installation. There is a weird chicken >>> and egg problem. Installation fails because it can not start the >>> passsync service. Service start-up fails because it can not >>> establish an SSL connection. NSS database for SSL needs to be in the >>> directory that is created during the install process. So you have to >>> create a NSS database ahead of time, initiate the install process, >>> when the service start up fails, drop your NSS database into the >>> folder "389 directory password synchronization" folder and then hit >>> "retry" to start up the service so that the installation completes >>> successfully. >> What platform? What you are describing was a bug in the PassSync >> 1.1.1 package that should have been fixed in 1.1.2. If you are sure >> you're using the 1.1.2 package, then try this: >> >> open a cmd window >> msiexec /i \path\to\389-PassSync-1.1.2-x86_64.msi /l*v inst.log >> check inst.log for sensitive information >> paste inst.log to fpaste.org and email the link to the list > Same problem on a Windows 2008R2 32 bits ; the log file of installation > is : http://fpaste.org/yqni/ Thanks. Looks like a permissions issue. Do you see any errors or warnings in your Event Viewer? > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From rmeggins at redhat.com Tue Nov 10 16:29:07 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Tue, 10 Nov 2009 09:29:07 -0700 Subject: [389-users] New PassSync 1.1.3 to fix install issues - need testers Message-ID: <4AF994D3.6030107@redhat.com> I have a new PassSync package 1.1.3 that should address some install issues reported by some users on Windows 2008. Please test these and let me know how they work http://rmeggins.fedorapeople.org/389-PassSync-1.1.3-i386.msi http://rmeggins.fedorapeople.org/389-PassSync-1.1.3-x86_64.msi Thanks! -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From tsoucy at unb.ca Tue Nov 10 16:35:10 2009 From: tsoucy at unb.ca (Terry Soucy) Date: Tue, 10 Nov 2009 12:35:10 -0400 Subject: [389-users] Replication errors with single master Message-ID: <4AF9963E.2030702@unb.ca> Hi Folks, I have a weird issue that I can't find much information about. We have a single-master replication setup, with the supplier replicating to two consumers. The software is the same on all three systems (fedora-ds-1.1.3-1) installed from packages. These are all new RHEL5.4 systems, i386 arch with 8G of RAM running the latest PAE kernel. The error received is as follows ... On the supplier ... [10/Nov/2009:11:52:20 -0400] NSMMReplicationPlugin - agmt="cn=Gaia to Nyx" (nyx:389): Replica has a different generation ID than the local data. Lots of those, then the replication fails. On the consumer ... [10/Nov/2009:10:52:21 -0400] NSMMReplicationPlugin - replica_replace_ruv_tombstone: failed to update replication update vector for replica dc=unb,dc=ca: LDAP error - 1 Earlier attempts to create a replica have resulted in a File not found error, as for some reason, all of the db4 files in the userRoot (/var/lib/dirsrv/slapd-nyx/db) mysteriously disappeared. Thoughts? We have beeen pouring over this for a bit now. Before we went production, I was able to create replicas from the single supplier to multiple consumers with no issues. We tested replication by updating the supplier, and replication was spot on. Once we went production, replication went to hell, and now even the simple task of creating a replica is causing us no end of grief. Thanks in advance. Terry Soucy -- Terry Soucy, Systems Analyst Integrated Technology Services University of New Brunswick, Fredericton Campus http://www.unbf.ca/its Voice: 506.447.3018 Fax: 506.453.3590 E-mail: tsoucy at unb.ca ** ITS is a scent-reduced workplace - www.unbf.ca/its/policies ** From rmeggins at redhat.com Tue Nov 10 16:48:20 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Tue, 10 Nov 2009 09:48:20 -0700 Subject: [389-users] Replication errors with single master In-Reply-To: <4AF9963E.2030702@unb.ca> References: <4AF9963E.2030702@unb.ca> Message-ID: <4AF99954.8060102@redhat.com> Terry Soucy wrote: > Hi Folks, > > I have a weird issue that I can't find much information about. > > We have a single-master replication setup, with the supplier > replicating to two consumers. The software is the same on all three > systems (fedora-ds-1.1.3-1) installed from packages. These are all > new RHEL5.4 systems, i386 arch with 8G of RAM running the latest PAE > kernel. > > The error received is as follows ... > > On the supplier ... > [10/Nov/2009:11:52:20 -0400] NSMMReplicationPlugin - agmt="cn=Gaia to > Nyx" (nyx:389): Replica has a different generation ID than the local > data. > > Lots of those, then the replication fails. This usually means the consumer (nyx) has not been initialized. > > On the consumer ... > [10/Nov/2009:10:52:21 -0400] NSMMReplicationPlugin - > replica_replace_ruv_tombstone: failed to update replication update > vector for replica dc=unb,dc=ca: LDAP error - 1 Usually means not initialized or not configured correctly > > Earlier attempts to create a replica have resulted in a File not found > error, as for some reason, all of the db4 files in the userRoot > (/var/lib/dirsrv/slapd-nyx/db) mysteriously disappeared. > > Thoughts? We have beeen pouring over this for a bit now. Before we > went production, I was able to create replicas from the single > supplier to multiple consumers with no issues. We tested replication > by updating the supplier, and replication was spot on. Once we went > production, replication went to hell, and now even the simple task of > creating a replica is causing us no end of grief. > > Thanks in advance. > > Terry Soucy -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From robert+fds at shangri-la.ts.gatech.edu Tue Nov 10 20:21:00 2009 From: robert+fds at shangri-la.ts.gatech.edu (Robert Viduya) Date: Tue, 10 Nov 2009 15:21:00 -0500 Subject: [389-users] more MMR issues Message-ID: I didn't get a response to my previous request for help and our situation degenerated (we lost 3 of our 4 masters) to the point where I felt we had to do a clean rebuild. We did that late last week into the weekend and had set up a 2 masters and assorted hubs and slaves. We used a clean ldif file to import into the first master, so no previous replica IDs were carried over from the previous environment. We are running directory version 1.2.2 on RHEL5.4, both 64-bit. Things were running fine until this morning, when one of our masters started reporting errors. We found this in it's errorlog: [10/Nov/2009:08:56:27 -0500] NSMMReplicationPlugin - multimaster_be_state_change: replica ou=people,dc=gted,dc=gatech,dc=edu is going offline; disabling replication [10/Nov/2009:08:59:29 -0500] - WARNING: Import is running with nsslapd- db-private-import-mem on; No other process is allowed to access the database [10/Nov/2009:08:59:33 -0500] - ERROR bulk import abandoned [10/Nov/2009:08:59:34 -0500] - import people: Aborting all import threads... [10/Nov/2009:08:59:42 -0500] - import people: Import threads aborted. [10/Nov/2009:08:59:43 -0500] - import people: Closing files... [10/Nov/2009:08:59:43 -0500] - import people: Import failed. [10/Nov/2009:09:01:51 -0500] NSMMReplicationPlugin - replica_replace_ruv_tombstone: failed to update replication update vector for replica ou=people,dc=gted,dc=gatech,dc=edu: LDAP error - 1 [10/Nov/2009:09:01:57 -0500] NSMMReplicationPlugin - replica_replace_ruv_tombstone: failed to update replication update vector for replica ou=people,dc=gted,dc=gatech,dc=edu: LDAP error - 1 [10/Nov/2009:09:02:01 -0500] NSMMReplicationPlugin - replica_replace_ruv_tombstone: failed to update replication update vector for replica ou=people,dc=gted,dc=gatech,dc=edu: LDAP error - 1 [10/Nov/2009:09:02:21 -0500] NSMMReplicationPlugin - replica_replace_ruv_tombstone: failed to update replication update vector for replica ou=people,dc=gted,dc=gatech,dc=edu: LDAP error - 1 [10/Nov/2009:09:02:26 -0500] NSMMReplicationPlugin - replica_replace_ruv_tombstone: failed to update replication update vector for replica ou=people,dc=gted,dc=gatech,dc=edu: LDAP error - 1 [10/Nov/2009:09:02:32 -0500] NSMMReplicationPlugin - replica_replace_ruv_tombstone: failed to update replication update vector for replica ou=people,dc=gted,dc=gatech,dc=edu: LDAP error - 1 That last line repeats until we brought the server down. The log _looks_ like someone/something triggered an import operation, but no- one did, on either master. The errorlog on the other master shows the following: [10/Nov/2009:08:39:29 -0500] - repl5_inc_waitfor_async_results timed out waiting for responses: 38 46 [10/Nov/2009:08:39:54 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Warning: unable to receive endReplication extended operation response (Bad parameter to an ldap routine) [10/Nov/2009:08:40:04 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:40:08 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:40:14 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:40:38 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:43:05 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:44:50 -0500] - repl5_inc_waitfor_async_results timed out waiting for responses: 6 8 [10/Nov/2009:08:47:08 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:47:08 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Incremental protocol: event backoff_timer_expired should not occur in state start_backoff [10/Nov/2009:08:47:12 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:47:18 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Incremental update failed and requires administrator action [10/Nov/2009:08:55:01 -0500] - repl5_inc_waitfor_async_results timed out waiting for responses: 13 14 [10/Nov/2009:08:55:01 -0500] - repl5_inc_waitfor_async_results timed out waiting for responses: 59 81 [10/Nov/2009:08:55:14 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Warning: unable to receive endReplication extended operation response (Bad parameter to an ldap routine) [10/Nov/2009:08:55:24 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:55:28 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:55:34 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:55:46 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:56:10 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:56:58 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:58:34 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Replication bind with SIMPLE auth resumed [10/Nov/2009:09:01:47 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Consumer failed to replay change (uniqueid 51dccc08-9efe11de-8efe8516-22c1043e, CSN 4af96f8a000200370000): Operations error. Will retry later. [10/Nov/2009:09:01:47 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Consumer failed to replay change (uniqueid 5ad5610c-1dd211b2-80b9be51-952a0000, CSN 4af96f8b000000370000): Operations error. Will retry later. [10/Nov/2009:09:01:47 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Consumer failed to replay change (uniqueid 213cd58e-cd7b11de-b535d108-950067b1, CSN 4af96fcf000000370000): Operations error. Will retry later. Again, that last line repeats until we brought down the errant server. We've seen this behavior a few times since upgrading. One of our masters somehow thinks it's supposed to do an import and trashes it's copy of the data. No person had triggered an import or a supplier- >consumer initialization. Are there conditions where the directory server itself would trigger such an operation autonomously? From rmeggins at redhat.com Tue Nov 10 20:25:59 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Tue, 10 Nov 2009 13:25:59 -0700 Subject: [389-users] more MMR issues In-Reply-To: References: Message-ID: <4AF9CC57.4000000@redhat.com> Robert Viduya wrote: > I didn't get a response to my previous request for help and our > situation degenerated (we lost 3 of our 4 masters) to the point where > I felt we had to do a clean rebuild. We did that late last week into > the weekend and had set up a 2 masters and assorted hubs and slaves. > We used a clean ldif file to import into the first master, so no > previous replica IDs were carried over from the previous environment. > > We are running directory version 1.2.2 on RHEL5.4, both 64-bit. > > Things were running fine until this morning, when one of our masters > started reporting errors. We found this in it's errorlog: > > [10/Nov/2009:08:56:27 -0500] NSMMReplicationPlugin - > multimaster_be_state_change: replica > ou=people,dc=gted,dc=gatech,dc=edu is going offline; disabling > replication > [10/Nov/2009:08:59:29 -0500] - WARNING: Import is running with > nsslapd-db-private-import-mem on; No other process is allowed to > access the database > [10/Nov/2009:08:59:33 -0500] - ERROR bulk import abandoned > [10/Nov/2009:08:59:34 -0500] - import people: Aborting all import > threads... > [10/Nov/2009:08:59:42 -0500] - import people: Import threads aborted. > [10/Nov/2009:08:59:43 -0500] - import people: Closing files... > [10/Nov/2009:08:59:43 -0500] - import people: Import failed. > [10/Nov/2009:09:01:51 -0500] NSMMReplicationPlugin - > replica_replace_ruv_tombstone: failed to update replication update > vector for replica ou=people,dc=gted,dc=gatech,dc=edu: LDAP error - 1 > [10/Nov/2009:09:01:57 -0500] NSMMReplicationPlugin - > replica_replace_ruv_tombstone: failed to update replication update > vector for replica ou=people,dc=gted,dc=gatech,dc=edu: LDAP error - 1 > [10/Nov/2009:09:02:01 -0500] NSMMReplicationPlugin - > replica_replace_ruv_tombstone: failed to update replication update > vector for replica ou=people,dc=gted,dc=gatech,dc=edu: LDAP error - 1 > [10/Nov/2009:09:02:21 -0500] NSMMReplicationPlugin - > replica_replace_ruv_tombstone: failed to update replication update > vector for replica ou=people,dc=gted,dc=gatech,dc=edu: LDAP error - 1 > [10/Nov/2009:09:02:26 -0500] NSMMReplicationPlugin - > replica_replace_ruv_tombstone: failed to update replication update > vector for replica ou=people,dc=gted,dc=gatech,dc=edu: LDAP error - 1 > [10/Nov/2009:09:02:32 -0500] NSMMReplicationPlugin - > replica_replace_ruv_tombstone: failed to update replication update > vector for replica ou=people,dc=gted,dc=gatech,dc=edu: LDAP error - 1 > > > That last line repeats until we brought the server down. The log > _looks_ like someone/something triggered an import operation, but > no-one did, on either master. > > The errorlog on the other master shows the following: > > [10/Nov/2009:08:39:29 -0500] - repl5_inc_waitfor_async_results timed > out waiting for responses: 38 46 > [10/Nov/2009:08:39:54 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Warning: unable to receive > endReplication extended operation response (Bad parameter to an ldap > routine) > [10/Nov/2009:08:40:04 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:40:08 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:40:14 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:40:38 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:43:05 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:44:50 -0500] - repl5_inc_waitfor_async_results timed > out waiting for responses: 6 8 > [10/Nov/2009:08:47:08 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:47:08 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Incremental protocol: event > backoff_timer_expired should not occur in state start_backoff > [10/Nov/2009:08:47:12 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:47:18 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Incremental update failed and > requires administrator action > [10/Nov/2009:08:55:01 -0500] - repl5_inc_waitfor_async_results timed > out waiting for responses: 13 14 > [10/Nov/2009:08:55:01 -0500] - repl5_inc_waitfor_async_results timed > out waiting for responses: 59 81 > [10/Nov/2009:08:55:14 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Warning: unable to receive > endReplication extended operation response (Bad parameter to an ldap > routine) > [10/Nov/2009:08:55:24 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:55:28 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:55:34 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:55:46 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:56:10 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:56:58 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:58:34 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Replication bind with SIMPLE auth > resumed > [10/Nov/2009:09:01:47 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Consumer failed to replay change > (uniqueid 51dccc08-9efe11de-8efe8516-22c1043e, CSN > 4af96f8a000200370000): Operations error. Will retry later. > [10/Nov/2009:09:01:47 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Consumer failed to replay change > (uniqueid 5ad5610c-1dd211b2-80b9be51-952a0000, CSN > 4af96f8b000000370000): Operations error. Will retry later. > [10/Nov/2009:09:01:47 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Consumer failed to replay change > (uniqueid 213cd58e-cd7b11de-b535d108-950067b1, CSN > 4af96fcf000000370000): Operations error. Will retry later. > > Again, that last line repeats until we brought down the errant server. > > We've seen this behavior a few times since upgrading. One of our > masters somehow thinks it's supposed to do an import and trashes it's > copy of the data. No person had triggered an import or a > supplier->consumer initialization. Are there conditions where the > directory server itself would trigger such an operation autonomously? No. Check the access log to see what operations were submitted to the directory server at or around [10/Nov/2009:08:56:27 -0500] Are your servers in time sync? Is cn=people rewbell gertrude the agreement that sends updates to the master that is having the spontaneous import problem? > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From jsullivan at opensourcedevel.com Wed Nov 11 04:35:20 2009 From: jsullivan at opensourcedevel.com (John A. Sullivan III) Date: Tue, 10 Nov 2009 23:35:20 -0500 Subject: [389-users] memberof entries not appearing in replica with memberof plugin Message-ID: <1257914120.6711.9.camel@jaspav.missionsit.net.missionsit.net> Hello, all. I'm running CentOS Directory Server 8.1 on CentOS 5.4. For some reason, the memberof plugin does not seem to be working on the replica. My first suspicion is we have done something wrong but I wonder if there is an error in the documentation. Here are the details. We are single master setup with a single replica. We noticed some of our LDAP queries were not correctly detecting group membership. We double checked the memberofplugin configuration and, for some reason, it seem to have reverted to looking at member instead of uniquemember. We changed this on the master and our problem went away. However, in the process of double-checking our steps, we read that the memberof attribute should NOT be replicated. We had not excluded it. So, we destroyed the replication agreement, created a new fractional replication enabled one, and reinitialized the replica. All of the memberof information was missing from all users on the replica. We then tried to rebuild it by running the fixup-memberof.pl script. That didn't work. We then simply tried deleting users from groups and adding them to see if that would work. It worked fine on the master but not on the replica. Is the documentation in error and replication of memberof should be excluded only in multimaster but should be propagated to consumers or have we done something wrong? I compared the memberofplugin definitions in dse.ldif on both and they look identical including being enabled. Nothing is jumping out in the error or audit logs. We eventually added memberof to the replication agreement and resynchronized just to get the data across. We've pulled it back out and, as expected, any changes are not replicating. What are we doing wrong? Where do we look next to troubleshoot it? Thanks - John -- John A. Sullivan III Open Source Development Corporation +1 207-985-7880 jsullivan at opensourcedevel.com http://www.spiritualoutreach.com Making Christianity intelligible to secular society From robert+fds at shangri-la.ts.gatech.edu Wed Nov 11 05:19:40 2009 From: robert+fds at shangri-la.ts.gatech.edu (Robert Viduya) Date: Wed, 11 Nov 2009 00:19:40 -0500 Subject: [389-users] more MMR issues In-Reply-To: <4AF9CC57.4000000@redhat.com> References: <4AF9CC57.4000000@redhat.com> Message-ID: <517A19A4-132C-454A-B12A-025CAA640D19@shangri-la.ts.gatech.edu> On Nov 10, 2009, at 3:25 PM, Rich Megginson wrote: >> > No. Check the access log to see what operations were submitted to > the directory server at or around [10/Nov/2009:08:56:27 -0500] > > Are your servers in time sync? Is cn=people rewbell gertrude the > agreement that sends updates to the master that is having the > spontaneous import problem? Yes, "cn=people rewbell gertrude" is that agreement. We name our agreements with the name of the database ("people") followed by the name of the source server ("rewbell") followed by the name of the destination server ("gertrude"). Gertrude is the master that had the spontaneous import problem. We have ntpd running on all our machines, so all times should be in sync. We have a lot going on, but I found the following in the access log on the problem server: [10/Nov/2009:08:55:19 -0500] conn=158624 op=71 RESULT err=0 tag=103 nentries=0 etime=0 csn=4af96f38000000370000 [10/Nov/2009:08:55:19 -0500] conn=158624 op=72 MOD dn = "gtdirguid =54e468fd7520dbdb1da52263fb4a6576,ou=people,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:19 -0500] conn=158624 op=72 RESULT err=0 tag=103 nentries=0 etime=0 csn=4af96f38000100370000 [10/Nov/2009:08:55:19 -0500] conn=158624 op=73 MOD dn = "gtdirguid =af56dc17bc397b8371b9eed7d91b2af2,ou=people,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:19 -0500] conn=158624 op=73 RESULT err=0 tag=103 nentries=0 etime=0 csn=4af96f38000500370000 [10/Nov/2009:08:55:19 -0500] conn=158624 op=74 MOD dn = "gtdirguid =5261a6e61f97bca3f2741b428255daf4,ou=people,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:19 -0500] conn=158624 op=74 RESULT err=0 tag=103 nentries=0 etime=0 csn=4af96f39000000370000 [10/Nov/2009:08:55:19 -0500] conn=158624 op=75 MOD dn = "gtdirguid =ad5dddfb9ec4fe230644dc060ce641c7,ou=people,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:19 -0500] conn=158624 op=75 RESULT err=0 tag=103 nentries=0 etime=0 csn=4af96f39000100370000 [10/Nov/2009:08:55:19 -0500] conn=158624 op=76 MOD dn = "gtdirguid =0a87d4434e42edf9df3019b922fe2b63,ou=people,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:19 -0500] conn=158624 op=76 RESULT err=0 tag=103 nentries=0 etime=0 csn=4af96f39000200370000 [10/Nov/2009:08:55:20 -0500] conn=158624 op=77 MOD dn = "gtdirguid =8be9c47e00957f900b69af162cba8adf,ou=people,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:20 -0500] conn=158624 op=77 RESULT err=0 tag=103 nentries=0 etime=0 csn=4af96f7b000000370000 [10/Nov/2009:08:55:20 -0500] conn=158624 op=78 MOD dn = "gtdirguid =beef247b54a6e1289f3e392865e08e17,ou=people,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:20 -0500] conn=158624 op=78 RESULT err=0 tag=103 nentries=0 etime=0 csn=4af96f7b000400370000 [10/Nov/2009:08:55:20 -0500] conn=158624 op=79 MOD dn = "gtdirguid =db2aa7040d3b982cf1a32aad503d7e6f,ou=people,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:20 -0500] conn=158624 op=79 RESULT err=0 tag=103 nentries=0 etime=0 csn=4af96f7b000500370000 [10/Nov/2009:08:55:20 -0500] conn=158624 op=80 MOD dn = "gtdirguid =c9390deb6018475b4d5d5267ba70fb99,ou=people,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:20 -0500] conn=158624 op=80 RESULT err=0 tag=103 nentries=0 etime=0 csn=4af96f7b000600370000 [10/Nov/2009:08:55:20 -0500] conn=158624 op=81 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session" [10/Nov/2009:08:55:20 -0500] conn=158624 op=81 RESULT err=0 tag=120 nentries=0 etime=0 [10/Nov/2009:08:55:24 -0500] conn=158624 op=83 EXT oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" [10/Nov/2009:08:55:24 -0500] conn=158624 op=83 RESULT err=0 tag=120 nentries=0 etime=0 [10/Nov/2009:08:55:28 -0500] conn=158624 op=84 EXT oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" [10/Nov/2009:08:55:28 -0500] conn=158624 op=84 RESULT err=0 tag=120 nentries=0 etime=0 [10/Nov/2009:08:56:06 -0500] conn=158624 op=86 EXT oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" [10/Nov/2009:08:56:06 -0500] conn=158624 op=87 EXT oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" [10/Nov/2009:08:56:07 -0500] conn=158624 op=87 RESULT err=0 tag=120 nentries=0 etime=1 [10/Nov/2009:08:56:10 -0500] conn=158624 op=88 EXT oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" [10/Nov/2009:08:56:27 -0500] conn=158624 op=88 RESULT err=0 tag=120 nentries=0 etime=17 [10/Nov/2009:08:56:59 -0500] conn=158624 op=89 EXT oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" [10/Nov/2009:08:56:59 -0500] conn=158624 op=89 RESULT err=0 tag=120 nentries=0 etime=0 [10/Nov/2009:08:57:59 -0500] conn=158624 op=91 UNBIND [10/Nov/2009:08:57:59 -0500] conn=158624 op=91 fd=64 closed - U1 You can see that replication was working until around 8:55:20 and then there's a series of "Replication Start Session" operations with no corresponding "End Session". The log messages from the supplier server (which I sent in the previous mail) seem to indicate that some communication problems may have occurred (all those "Unable to receive response" logs). Digging through the audit-log, I found the following: time: 20091110085608 dn: cn="ou=people,dc=gted,dc=gatech,dc=edu",cn=mapping tree,cn=config changetype: modify replace: nsslapd-referral nsslapd-referral: ldap://rewbell.iam.gatech.edu:389/ou%3Dpeople%2Cdc %3Dgted%2C dc%3Dgatech%2Cdc%3Dedu - replace: modifiersname modifiersname: cn=server,cn=plugins,cn=config - replace: modifytimestamp modifytimestamp: 20091110135607Z - time: 20091110085610 dn: cn="ou=people,dc=gted,dc=gatech,dc=edu",cn=mapping tree,cn=config changetype: modify replace: nsslapd-referral nsslapd-referral: ldaps://rw.gted.gatech.edu:636/ ou=people,dc=gted,dc=gatech,d c=edu - replace: modifiersname modifiersname: cn=server,cn=plugins,cn=config - replace: modifytimestamp modifytimestamp: 20091110135610Z - time: 20091110085625 dn: cn="ou=people,dc=gted,dc=gatech,dc=edu",cn=mapping tree,cn=config changetype: modify replace: nsslapd-state nsslapd-state: referral - replace: modifiersname modifiersname: cn=server,cn=plugins,cn=config - replace: modifytimestamp modifytimestamp: 20091110135625Z - time: 20091110085626 dn: cn="ou=people,dc=gted,dc=gatech,dc=edu",cn=mapping tree,cn=config changetype: modify replace: nsslapd-state nsslapd-state: backend - replace: modifiersname modifiersname: cn=server,cn=plugins,cn=config - replace: modifytimestamp modifytimestamp: 20091110135626Z - The referral for that suffix first gets changed "ldap:// rewbell.iam.gatech.edu:389/...", which isn't right. Then it get changed to "ldaps://rw.gted.gatech.edu:636/..." which is correct (and what we have configured in the nsDS5ReplicaReferral attribute). Then the state gets changed a couple of times too. Not sure if this is a cause or effect of the problem we're seeing, but I'm inclined to think it's an effect of the server thinking it's been told to do an import, not a cause. IMHO, of course. From nkinder at redhat.com Wed Nov 11 16:04:39 2009 From: nkinder at redhat.com (Nathan Kinder) Date: Wed, 11 Nov 2009 08:04:39 -0800 Subject: [389-users] memberof entries not appearing in replica with memberof plugin In-Reply-To: <1257914120.6711.9.camel@jaspav.missionsit.net.missionsit.net> References: <1257914120.6711.9.camel@jaspav.missionsit.net.missionsit.net> Message-ID: <4AFAE097.6050005@redhat.com> On 11/10/2009 08:35 PM, John A. Sullivan III wrote: > Hello, all. I'm running CentOS Directory Server 8.1 on CentOS 5.4. For > some reason, the memberof plugin does not seem to be working on the > replica. My first suspicion is we have done something wrong but I > wonder if there is an error in the documentation. Here are the details. > > We are single master setup with a single replica. We noticed some of > our LDAP queries were not correctly detecting group membership. We > double checked the memberofplugin configuration and, for some reason, it > seem to have reverted to looking at member instead of uniquemember. We > changed this on the master and our problem went away. > > However, in the process of double-checking our steps, we read that the > memberof attribute should NOT be replicated. We had not excluded it. > So, we destroyed the replication agreement, created a new fractional > replication enabled one, and reinitialized the replica. All of the > memberof information was missing from all users on the replica. We then > tried to rebuild it by running the fixup-memberof.pl script. That > didn't work. We then simply tried deleting users from groups and adding > them to see if that would work. It worked fine on the master but not on > the replica. > > Is the documentation in error and replication of memberof should be > excluded only in multimaster but should be propagated to consumers or > have we done something wrong? I compared the memberofplugin definitions > in dse.ldif on both and they look identical including being enabled. > Nothing is jumping out in the error or audit logs. > The only reason for using fractional replication to exclude the memberOf attribute is to avoid any sort of dangling membership issue when using multi-master replication. In your single-master replication setup, you only need to configure the memberOf plug-in on your master, not the replica. You can then safely replicate the memberOf attribute since a single-master replication scenario has no chance for conflicting changes from separate masters. Please open a documentation bug on this so we can get things cleared up in the manuals. > We eventually added memberof to the replication agreement and > resynchronized just to get the data across. We've pulled it back out > and, as expected, any changes are not replicating. What are we doing > wrong? Where do we look next to troubleshoot it? Thanks - John > From rmeggins at redhat.com Thu Nov 12 15:57:07 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Thu, 12 Nov 2009 08:57:07 -0700 Subject: [389-users] more MMR issues In-Reply-To: <517A19A4-132C-454A-B12A-025CAA640D19@shangri-la.ts.gatech.edu> References: <4AF9CC57.4000000@redhat.com> <517A19A4-132C-454A-B12A-025CAA640D19@shangri-la.ts.gatech.edu> Message-ID: <4AFC3053.2030402@redhat.com> Robert Viduya wrote: > > On Nov 10, 2009, at 3:25 PM, Rich Megginson wrote: >>> >> No. Check the access log to see what operations were submitted to >> the directory server at or around [10/Nov/2009:08:56:27 -0500] >> >> Are your servers in time sync? Is cn=people rewbell gertrude the >> agreement that sends updates to the master that is having the >> spontaneous import problem? > > Yes, "cn=people rewbell gertrude" is that agreement. We name our > agreements with the name of the database ("people") followed by the > name of the source server ("rewbell") followed by the name of the > destination server ("gertrude"). Gertrude is the master that had the > spontaneous import problem. > > We have ntpd running on all our machines, so all times should be in sync. > > We have a lot going on, but I found the following in the access log on > the problem server: > > [10/Nov/2009:08:55:19 -0500] conn=158624 op=71 RESULT err=0 tag=103 > nentries=0 etime=0 csn=4af96f38000000370000 > [10/Nov/2009:08:55:19 -0500] conn=158624 op=72 MOD > dn="gtdirguid=54e468fd7520dbdb1da52263fb4a6576,ou=people,dc=gted,dc=gatech,dc=edu" > > [10/Nov/2009:08:55:19 -0500] conn=158624 op=72 RESULT err=0 tag=103 > nentries=0 etime=0 csn=4af96f38000100370000 > [10/Nov/2009:08:55:19 -0500] conn=158624 op=73 MOD > dn="gtdirguid=af56dc17bc397b8371b9eed7d91b2af2,ou=people,dc=gted,dc=gatech,dc=edu" > > [10/Nov/2009:08:55:19 -0500] conn=158624 op=73 RESULT err=0 tag=103 > nentries=0 etime=0 csn=4af96f38000500370000 > [10/Nov/2009:08:55:19 -0500] conn=158624 op=74 MOD > dn="gtdirguid=5261a6e61f97bca3f2741b428255daf4,ou=people,dc=gted,dc=gatech,dc=edu" > > [10/Nov/2009:08:55:19 -0500] conn=158624 op=74 RESULT err=0 tag=103 > nentries=0 etime=0 csn=4af96f39000000370000 > [10/Nov/2009:08:55:19 -0500] conn=158624 op=75 MOD > dn="gtdirguid=ad5dddfb9ec4fe230644dc060ce641c7,ou=people,dc=gted,dc=gatech,dc=edu" > > [10/Nov/2009:08:55:19 -0500] conn=158624 op=75 RESULT err=0 tag=103 > nentries=0 etime=0 csn=4af96f39000100370000 > [10/Nov/2009:08:55:19 -0500] conn=158624 op=76 MOD > dn="gtdirguid=0a87d4434e42edf9df3019b922fe2b63,ou=people,dc=gted,dc=gatech,dc=edu" > > [10/Nov/2009:08:55:19 -0500] conn=158624 op=76 RESULT err=0 tag=103 > nentries=0 etime=0 csn=4af96f39000200370000 > [10/Nov/2009:08:55:20 -0500] conn=158624 op=77 MOD > dn="gtdirguid=8be9c47e00957f900b69af162cba8adf,ou=people,dc=gted,dc=gatech,dc=edu" > > [10/Nov/2009:08:55:20 -0500] conn=158624 op=77 RESULT err=0 tag=103 > nentries=0 etime=0 csn=4af96f7b000000370000 > [10/Nov/2009:08:55:20 -0500] conn=158624 op=78 MOD > dn="gtdirguid=beef247b54a6e1289f3e392865e08e17,ou=people,dc=gted,dc=gatech,dc=edu" > > [10/Nov/2009:08:55:20 -0500] conn=158624 op=78 RESULT err=0 tag=103 > nentries=0 etime=0 csn=4af96f7b000400370000 > [10/Nov/2009:08:55:20 -0500] conn=158624 op=79 MOD > dn="gtdirguid=db2aa7040d3b982cf1a32aad503d7e6f,ou=people,dc=gted,dc=gatech,dc=edu" > > [10/Nov/2009:08:55:20 -0500] conn=158624 op=79 RESULT err=0 tag=103 > nentries=0 etime=0 csn=4af96f7b000500370000 > [10/Nov/2009:08:55:20 -0500] conn=158624 op=80 MOD > dn="gtdirguid=c9390deb6018475b4d5d5267ba70fb99,ou=people,dc=gted,dc=gatech,dc=edu" > > [10/Nov/2009:08:55:20 -0500] conn=158624 op=80 RESULT err=0 tag=103 > nentries=0 etime=0 csn=4af96f7b000600370000 > [10/Nov/2009:08:55:20 -0500] conn=158624 op=81 EXT > oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session" > [10/Nov/2009:08:55:20 -0500] conn=158624 op=81 RESULT err=0 tag=120 > nentries=0 etime=0 > [10/Nov/2009:08:55:24 -0500] conn=158624 op=83 EXT > oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" > [10/Nov/2009:08:55:24 -0500] conn=158624 op=83 RESULT err=0 tag=120 > nentries=0 etime=0 > [10/Nov/2009:08:55:28 -0500] conn=158624 op=84 EXT > oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" > [10/Nov/2009:08:55:28 -0500] conn=158624 op=84 RESULT err=0 tag=120 > nentries=0 etime=0 > [10/Nov/2009:08:56:06 -0500] conn=158624 op=86 EXT > oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" > [10/Nov/2009:08:56:06 -0500] conn=158624 op=87 EXT > oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" > [10/Nov/2009:08:56:07 -0500] conn=158624 op=87 RESULT err=0 tag=120 > nentries=0 etime=1 > [10/Nov/2009:08:56:10 -0500] conn=158624 op=88 EXT > oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" > [10/Nov/2009:08:56:27 -0500] conn=158624 op=88 RESULT err=0 tag=120 > nentries=0 etime=17 > [10/Nov/2009:08:56:59 -0500] conn=158624 op=89 EXT > oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" > [10/Nov/2009:08:56:59 -0500] conn=158624 op=89 RESULT err=0 tag=120 > nentries=0 etime=0 > [10/Nov/2009:08:57:59 -0500] conn=158624 op=91 UNBIND > [10/Nov/2009:08:57:59 -0500] conn=158624 op=91 fd=64 closed - U1 > > You can see that replication was working until around 8:55:20 and then > there's a series of "Replication Start Session" operations with no > corresponding "End Session". The log messages from the supplier > server (which I sent in the previous mail) seem to indicate that some > communication problems may have occurred (all those "Unable to receive > response" logs). > > Digging through the audit-log, I found the following: > > time: 20091110085608 > dn: cn="ou=people,dc=gted,dc=gatech,dc=edu",cn=mapping tree,cn=config > changetype: modify > replace: nsslapd-referral > nsslapd-referral: > ldap://rewbell.iam.gatech.edu:389/ou%3Dpeople%2Cdc%3Dgted%2C > dc%3Dgatech%2Cdc%3Dedu > - > replace: modifiersname > modifiersname: cn=server,cn=plugins,cn=config > - > replace: modifytimestamp > modifytimestamp: 20091110135607Z > - > > time: 20091110085610 > dn: cn="ou=people,dc=gted,dc=gatech,dc=edu",cn=mapping tree,cn=config > changetype: modify > replace: nsslapd-referral > nsslapd-referral: > ldaps://rw.gted.gatech.edu:636/ou=people,dc=gted,dc=gatech,d > c=edu > - > replace: modifiersname > modifiersname: cn=server,cn=plugins,cn=config > - > replace: modifytimestamp > modifytimestamp: 20091110135610Z > - > > time: 20091110085625 > dn: cn="ou=people,dc=gted,dc=gatech,dc=edu",cn=mapping tree,cn=config > changetype: modify > replace: nsslapd-state > nsslapd-state: referral > - > replace: modifiersname > modifiersname: cn=server,cn=plugins,cn=config > - > replace: modifytimestamp > modifytimestamp: 20091110135625Z > - > > time: 20091110085626 > dn: cn="ou=people,dc=gted,dc=gatech,dc=edu",cn=mapping tree,cn=config > changetype: modify > replace: nsslapd-state > nsslapd-state: backend > - > replace: modifiersname > modifiersname: cn=server,cn=plugins,cn=config > - > replace: modifytimestamp > modifytimestamp: 20091110135626Z > - > > The referral for that suffix first gets changed > "ldap://rewbell.iam.gatech.edu:389/...", which isn't right. > > Then it get changed to "ldaps://rw.gted.gatech.edu:636/..." which is > correct (and what we have configured in the nsDS5ReplicaReferral > attribute). > > Then the state gets changed a couple of times too. Not sure if this > is a cause or effect of the problem we're seeing, but I'm inclined to > think it's an effect of the server thinking it's been told to do an > import, not a cause. IMHO, of course. Yes, I think you are correct. The behavior in the logs on the consumer is consistent with that. When a supplier starts an initialization of a consumer, it sets the consumer's database to referral mode - that is, the consumer should not attempt to process any requests for that database during initialization - it's database is offline while being initialized. Another odd thing is that op=85 is not logged - not sure what happened there. It would be useful to take a look at the supplier access and error logs from around 08:55:28 to 08:56:27 > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From robert+fds at shangri-la.ts.gatech.edu Thu Nov 12 21:17:28 2009 From: robert+fds at shangri-la.ts.gatech.edu (Robert Viduya) Date: Thu, 12 Nov 2009 16:17:28 -0500 Subject: [389-users] more MMR issues In-Reply-To: <4AFC3053.2030402@redhat.com> References: <4AF9CC57.4000000@redhat.com> <517A19A4-132C-454A-B12A-025CAA640D19@shangri-la.ts.gatech.edu> <4AFC3053.2030402@redhat.com> Message-ID: <99273101-9F48-4050-ADA9-A89EEA38EE57@shangri-la.ts.gatech.edu> On Nov 12, 2009, at 10:57 AM, Rich Megginson wrote: >> > Yes, I think you are correct. The behavior in the logs on the > consumer is consistent with that. When a supplier starts an > initialization of a consumer, it sets the consumer's database to > referral mode - that is, the consumer should not attempt to process > any requests for that database during initialization - it's database > is offline while being initialized. > > Another odd thing is that op=85 is not logged - not sure what > happened there. > > It would be useful to take a look at the supplier access and error > logs from around 08:55:28 to 08:56:27 Error log: [10/Nov/2009:08:39:29 -0500] - repl5_inc_waitfor_async_results timed out waiting for responses: 38 46 [10/Nov/2009:08:39:54 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Warning: unable to receive endReplication extended operation response (Bad parameter to an ldap routine) [10/Nov/2009:08:40:04 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:40:08 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:40:14 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:40:38 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:43:05 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:44:50 -0500] - repl5_inc_waitfor_async_results timed out waiting for responses: 6 8 [10/Nov/2009:08:47:08 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:47:08 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Incremental protocol: event backoff_timer_expired should not occur in state start_backoff [10/Nov/2009:08:47:10 -0500] NSMMReplicationPlugin - agmt="cn=accounts rewbell gertrude" (gertrude:636): Warning: unable to receive endReplication extended operation response (Bad parameter to an ldap routine) [10/Nov/2009:08:47:12 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:47:18 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Incremental update failed and requires administrator action [10/Nov/2009:08:48:57 -0500] NSMMReplicationPlugin - agmt="cn=accounts rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:49:58 -0500] NSMMReplicationPlugin - agmt="cn=accounts rewbell gertrude" (gertrude:636): Incremental update failed and requires administrator action [10/Nov/2009:08:55:01 -0500] - repl5_inc_waitfor_async_results timed out waiting for responses: 13 14 [10/Nov/2009:08:55:01 -0500] - repl5_inc_waitfor_async_results timed out waiting for responses: 59 81 [10/Nov/2009:08:55:02 -0500] NSMMReplicationPlugin - agmt="cn=accounts rewbell gertrude" (gertrude:636): Warning: unable to receive endReplication extended operation response (Bad parameter to an ldap routine) [10/Nov/2009:08:55:12 -0500] NSMMReplicationPlugin - agmt="cn=accounts rewbell gertrude" (gertrude:636): Incremental update failed and requires administrator action [10/Nov/2009:08:55:14 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Warning: unable to receive endReplication extended operation response (Bad parameter to an ldap routine) [10/Nov/2009:08:55:24 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:55:28 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later.[10/Nov/2009:08:55:34 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude: 636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:55:46 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:56:10 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later. [10/Nov/2009:08:56:58 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Unable to receive the response for a startReplication extended operation to consumer (Bad parameter to an ldap routine). Will retry later.[10/Nov/2009:08:58:34 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude: 636): Replication bind with SIMPLE auth resumed [10/Nov/2009:09:01:47 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Consumer failed to replay change (uniqueid 51dccc08-9efe11de-8efe8516-22c1043e, CSN 4af96f8a000200370000): Operations error. Will retry later.[10/Nov/ 2009:09:01:47 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude:636): Consumer failed to replay change (uniqueid 5ad5610c-1dd211b2-80b9be51-952a0000, CSN 4af96f8b000000370000): Operations error. Will retry later.[10/Nov/2009:09:01:47 -0500] NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" (gertrude: 636): Consumer failed to replay change (uniqueid 213cd58e-cd7b11de- b535d108-950067b1, CSN 4af96fcf000000370000): Operations error. Will retry later. And access log (edited to protect the innocent): [10/Nov/2009:08:55:01 -0500] conn=63832 op=354078 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:55:01 -0500] conn=63832 op=354078 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:01 -0500] conn=212587 fd=71 slot=71 SSL connection from 128.61.166.142 to 130.207.183.9 [10/Nov/2009:08:55:01 -0500] conn=212587 op=0 BIND dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:01 -0500] conn=212587 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:01 -0500] conn=212587 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(eduPersonEntitlement=*)" attrs="dn" [10/Nov/2009:08:55:01 -0500] conn=212587 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:01 -0500] conn=212587 op=2 UNBIND [10/Nov/2009:08:55:01 -0500] conn=212587 op=2 fd=71 closed - U1 [10/Nov/2009:08:55:01 -0500] conn=212588 fd=141 slot=141 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:55:01 -0500] conn=212588 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:01 -0500] conn=212588 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:01 -0500] conn=212588 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:01 -0500] conn=212588 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:01 -0500] conn=212588 op=2 UNBIND [10/Nov/2009:08:55:01 -0500] conn=212588 op=2 fd=141 closed - U1 [10/Nov/2009:08:55:01 -0500] conn=212589 fd=71 slot=71 SSL connection from 130.207.172.151 to 130.207.183.9 [10/Nov/2009:08:55:01 -0500] conn=212589 op=0 BIND dn="cn=Replication Manager,cn=config" method=128 version=3 [10/Nov/2009:08:55:01 -0500] conn=212589 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=replication manager,cn=config" [10/Nov/2009:08:55:01 -0500] conn=212589 op=1 SRCH base="" scope=0 filter="(objectClass=*)" attrs="supportedControl supportedExtension" [10/Nov/2009:08:55:01 -0500] conn=212589 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:01 -0500] conn=212589 op=2 SRCH base="" scope=0 filter="(objectClass=*)" attrs="supportedControl supportedExtension" [10/Nov/2009:08:55:01 -0500] conn=212589 op=2 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:01 -0500] conn=212589 op=3 EXT oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" [10/Nov/2009:08:55:01 -0500] conn=212589 op=3 RESULT err=0 tag=120 nentries=0 etime=0 [10/Nov/2009:08:55:01 -0500] conn=212589 op=4 MOD dn="cn=gertrude- monitor2 ,ou = monitor ,ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:01 -0500] conn=212589 op=4 RESULT err=0 tag=103 nentries=0 etime=0 csn=4af970b5000000330000 [10/Nov/2009:08:55:02 -0500] conn=212331 op=21 EXT oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" [10/Nov/2009:08:55:02 -0500] conn=212331 op=21 RESULT err=0 tag=120 nentries=0 etime=0 [10/Nov/2009:08:55:02 -0500] conn=212331 op=22 MOD dn="cn=gertrude- monitor2,ou=monitor,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:02 -0500] conn=212331 op=22 RESULT err=0 tag=103 nentries=0 etime=0 csn=4af970b6000000320000 [10/Nov/2009:08:55:02 -0500] conn=212590 fd=141 slot=141 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:55:02 -0500] conn=212590 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:02 -0500] conn=212590 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:02 -0500] conn=212591 fd=149 slot=149 SSL connection from 128.61.166.142 to 130.207.183.9 [10/Nov/2009:08:55:02 -0500] conn=212591 op=0 BIND dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:02 -0500] conn=212591 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:02 -0500] conn=212591 op=1 UNBIND [10/Nov/2009:08:55:02 -0500] conn=212591 op=1 fd=149 closed - U1 [10/Nov/2009:08:55:02 -0500] conn=212592 fd=149 slot=149 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:55:02 -0500] conn=212592 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:02 -0500] conn=212592 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:02 -0500] conn=212592 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:02 -0500] conn=212592 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:02 -0500] conn=212592 op=2 UNBIND [10/Nov/2009:08:55:02 -0500] conn=212592 op=2 fd=149 closed - U1 [10/Nov/2009:08:55:03 -0500] conn=212593 fd=149 slot=149 SSL connection from 130.207.165.93 to 130.207.183.9 [10/Nov/2009:08:55:03 -0500] conn=212593 op=0 BIND dn="cn=ServiceMonitor,ou=Local Accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:03 -0500] conn=212593 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=servicemonitor,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:03 -0500] conn=212593 op=1 MOD dn="cn=rewbell- monitor,ou=monitor,ou=people,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:03 -0500] conn=212593 op=1 RESULT err=0 tag=103 nentries=0 etime=0 csn=4af970b8000000370000 [10/Nov/2009:08:55:03 -0500] conn=212593 op=2 UNBIND [10/Nov/2009:08:55:03 -0500] conn=212593 op=2 fd=149 closed - U1 [10/Nov/2009:08:55:03 -0500] conn=212594 fd=152 slot=152 SSL connection from 130.207.165.93 to 130.207.183.9 [10/Nov/2009:08:55:03 -0500] conn=212594 op=0 BIND dn="cn=ServiceMonitor,ou=Local Accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:03 -0500] conn=212594 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=servicemonitor,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:03 -0500] conn=212594 op=1 SRCH base="cn=rewbell- monitor,ou=monitor,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(objectClass=*)" attrs="description" [10/Nov/2009:08:55:03 -0500] conn=212594 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:03 -0500] conn=212594 op=2 UNBIND [10/Nov/2009:08:55:03 -0500] conn=212594 op=2 fd=152 closed - U1 [10/Nov/2009:08:55:03 -0500] conn=63832 op=354080 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:55:03 -0500] conn=63832 op=354080 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:03 -0500] conn=212589 op=5 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session" [10/Nov/2009:08:55:03 -0500] conn=212589 op=5 RESULT err=0 tag=120 nentries=0 etime=0 [10/Nov/2009:08:55:04 -0500] conn=212590 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:04 -0500] conn=212590 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:04 -0500] conn=212590 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:04 -0500] conn=212590 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:04 -0500] conn=212590 op=3 UNBIND [10/Nov/2009:08:55:04 -0500] conn=212590 op=3 fd=141 closed - U1 [10/Nov/2009:08:55:04 -0500] conn=212595 fd=149 slot=149 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:55:04 -0500] conn=212595 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:04 -0500] conn=212595 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:04 -0500] conn=212595 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:04 -0500] conn=212595 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:04 -0500] conn=212595 op=2 UNBIND [10/Nov/2009:08:55:04 -0500] conn=212595 op=2 fd=149 closed - U1 [10/Nov/2009:08:55:04 -0500] conn=212331 op=24 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session" [10/Nov/2009:08:55:04 -0500] conn=212331 op=24 RESULT err=0 tag=120 nentries=0 etime=0 [10/Nov/2009:08:55:06 -0500] conn=63832 op=354081 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=W02740727)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:55:06 -0500] conn=63832 op=354081 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:06 -0500] conn=212596 fd=141 slot=141 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:55:06 -0500] conn=212596 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:06 -0500] conn=212596 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:06 -0500] conn=212596 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:06 -0500] conn=212596 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:06 -0500] conn=212596 op=2 UNBIND [10/Nov/2009:08:55:06 -0500] conn=212596 op=2 fd=141 closed - U1 [10/Nov/2009:08:55:07 -0500] conn=63852 op=81449 SRCH base = "gtDirGUID = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX ,ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="dn cn eduPersonEntitlement gidNumber gtAccountCategory gtAccountManagementAccountIndex gtAuthenticationMechanism gtDirGUID gtGlobalPerson homeDirectory loginShell objectClass sn uid uidNumber" [10/Nov/2009:08:55:07 -0500] conn=63852 op=81449 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:07 -0500] conn=212597 fd=141 slot=141 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:55:07 -0500] conn=212597 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:07 -0500] conn=212597 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:08 -0500] conn=63832 op=354082 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:55:08 -0500] conn=63832 op=354082 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:09 -0500] conn=212597 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:09 -0500] conn=212597 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:09 -0500] conn=212597 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:09 -0500] conn=212597 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:09 -0500] conn=212597 op=3 UNBIND [10/Nov/2009:08:55:09 -0500] conn=212597 op=3 fd=141 closed - U1 [10/Nov/2009:08:55:11 -0500] conn=212598 fd=141 slot=141 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:55:11 -0500] conn=212598 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:11 -0500] conn=212598 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:11 -0500] conn=212598 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:11 -0500] conn=212598 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:11 -0500] conn=212598 op=2 UNBIND [10/Nov/2009:08:55:11 -0500] conn=212598 op=2 fd=141 closed - U1 [10/Nov/2009:08:55:11 -0500] conn=63832 op=354084 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:55:11 -0500] conn=63832 op=354084 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:12 -0500] conn=212599 fd=141 slot=141 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:55:12 -0500] conn=212599 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:12 -0500] conn=212599 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:12 -0500] conn=212600 fd=149 slot=149 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:55:12 -0500] conn=212600 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:12 -0500] conn=212600 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:12 -0500] conn=212600 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:12 -0500] conn=212600 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:12 -0500] conn=212600 op=2 UNBIND [10/Nov/2009:08:55:12 -0500] conn=212600 op=2 fd=149 closed - U1 [10/Nov/2009:08:55:13 -0500] conn=212601 fd=149 slot=149 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:55:13 -0500] conn=212601 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:13 -0500] conn=212601 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:13 -0500] conn=212601 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:13 -0500] conn=212601 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:13 -0500] conn=212601 op=2 UNBIND [10/Nov/2009:08:55:13 -0500] conn=212601 op=2 fd=149 closed - U1 [10/Nov/2009:08:55:13 -0500] conn=212602 fd=149 slot=149 SSL connection from 130.207.172.151 to 130.207.183.9 [10/Nov/2009:08:55:13 -0500] conn=212602 op=0 BIND dn="cn=Replication Manager,cn=config" method=128 version=3 [10/Nov/2009:08:55:13 -0500] conn=212602 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=replication manager,cn=config" [10/Nov/2009:08:55:13 -0500] conn=212602 op=1 SRCH base="" scope=0 filter="(objectClass=*)" attrs="supportedControl supportedExtension" [10/Nov/2009:08:55:13 -0500] conn=212602 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:13 -0500] conn=212602 op=2 SRCH base="" scope=0 filter="(objectClass=*)" attrs="supportedControl supportedExtension" [10/Nov/2009:08:55:14 -0500] conn=212602 op=2 RESULT err=0 tag=101 nentries=1 etime=1 [10/Nov/2009:08:55:14 -0500] conn=212602 op=3 EXT oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" [10/Nov/2009:08:55:14 -0500] conn=212602 op=3 RESULT err=0 tag=120 nentries=0 etime=0 [10/Nov/2009:08:55:14 -0500] conn=212602 op=4 MOD dn="cn=gertrude- monitor2,ou=monitor,ou=people,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:14 -0500] conn=212589 op=6 EXT oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" [10/Nov/2009:08:55:14 -0500] conn=212589 op=6 RESULT err=0 tag=120 nentries=0 etime=0 [10/Nov/2009:08:55:14 -0500] conn=212589 op=7 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session" [10/Nov/2009:08:55:14 -0500] conn=212602 op=4 RESULT err=0 tag=103 nentries=0 etime=0 csn=4af970c3000000340000 [10/Nov/2009:08:55:14 -0500] conn=212589 op=7 RESULT err=0 tag=120 nentries=0 etime=0 [10/Nov/2009:08:55:14 -0500] conn=212599 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:14 -0500] conn=212599 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:14 -0500] conn=212599 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:14 -0500] conn=212599 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:14 -0500] conn=212599 op=3 UNBIND [10/Nov/2009:08:55:14 -0500] conn=212599 op=3 fd=141 closed - U1 [10/Nov/2009:08:55:14 -0500] conn=212331 op=25 EXT oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" [10/Nov/2009:08:55:14 -0500] conn=212331 op=25 RESULT err=0 tag=120 nentries=0 etime=0 [10/Nov/2009:08:55:14 -0500] conn=212331 op=26 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session" [10/Nov/2009:08:55:14 -0500] conn=212331 op=26 RESULT err=0 tag=120 nentries=0 etime=0 [10/Nov/2009:08:55:14 -0500] conn=63852 op=81451 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="cn dn gtDirGUID gtGTID gtIMSID gtInstructedCourse gtJustEndedCourse gtPersonDirectoryId gtPIDM gtRegisteredCourse gtSISEmailAddress gtStudentCampusAddress gtStudentConfidentiality gtStudentGivenName gtStudentHomePhone gtStudentHomePostalAddress gtStudentMiddleName gtStudentNameSuffix gtStudentPostalAddress gtStudentPostalCode gtStudentScopedAffiliation gtStudentSN gtStudentTelephoneNumber gtUpcomingCourse objectClass sn gtActiveCourse gtCurrentDormResidence gtCurriculum" [10/Nov/2009:08:55:14 -0500] conn=63852 op=81451 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:14 -0500] conn=63852 op=81452 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="cn dn gtDirGUID gtGTID gtIMSID gtInstructedCourse gtJustEndedCourse gtPersonDirectoryId gtPIDM gtRegisteredCourse gtSISEmailAddress gtStudentCampusAddress gtStudentConfidentiality gtStudentGivenName gtStudentHomePhone gtStudentHomePostalAddress gtStudentMiddleName gtStudentNameSuffix gtStudentPostalAddress gtStudentPostalCode gtStudentScopedAffiliation gtStudentSN gtStudentTelephoneNumber gtUpcomingCourse objectClass sn gtActiveCourse gtCurrentDormResidence gtCurriculum" [10/Nov/2009:08:55:14 -0500] conn=63852 op=81452 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:14 -0500] conn=63852 op=81453 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="cn dn gtDirGUID gtGTID gtIMSID gtInstructedCourse gtJustEndedCourse gtPersonDirectoryId gtPIDM gtRegisteredCourse gtSISEmailAddress gtStudentCampusAddress gtStudentConfidentiality gtStudentGivenName gtStudentHomePhone gtStudentHomePostalAddress gtStudentMiddleName gtStudentNameSuffix gtStudentPostalAddress gtStudentPostalCode gtStudentScopedAffiliation gtStudentSN gtStudentTelephoneNumber gtUpcomingCourse objectClass sn gtActiveCourse gtCurrentDormResidence gtCurriculum" [10/Nov/2009:08:55:14 -0500] conn=63852 op=81453 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:14 -0500] conn=63832 op=354085 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:55:14 -0500] conn=63832 op=354085 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:16 -0500] conn=212602 op=5 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session" [10/Nov/2009:08:55:16 -0500] conn=212602 op=5 RESULT err=0 tag=120 nentries=0 etime=0 [10/Nov/2009:08:55:16 -0500] conn=212603 fd=141 slot=141 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:55:16 -0500] conn=212603 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:16 -0500] conn=212603 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:16 -0500] conn=212603 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:16 -0500] conn=212603 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:16 -0500] conn=212603 op=2 UNBIND [10/Nov/2009:08:55:16 -0500] conn=212603 op=2 fd=141 closed - U1 [10/Nov/2009:08:55:16 -0500] conn=63852 op=81455 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="cn dn gtDirGUID gtGTID gtIMSID gtInstructedCourse gtJustEndedCourse gtPersonDirectoryId gtPIDM gtRegisteredCourse gtSISEmailAddress gtStudentCampusAddress gtStudentConfidentiality gtStudentGivenName gtStudentHomePhone gtStudentHomePostalAddress gtStudentMiddleName gtStudentNameSuffix gtStudentPostalAddress gtStudentPostalCode gtStudentScopedAffiliation gtStudentSN gtStudentTelephoneNumber gtUpcomingCourse objectClass sn gtActiveCourse gtCurrentDormResidence gtCurriculum" [10/Nov/2009:08:55:16 -0500] conn=63852 op=81455 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:16 -0500] conn=63852 op=81456 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="cn dn gtDirGUID gtGTID gtIMSID gtInstructedCourse gtJustEndedCourse gtPersonDirectoryId gtPIDM gtRegisteredCourse gtSISEmailAddress gtStudentCampusAddress gtStudentConfidentiality gtStudentGivenName gtStudentHomePhone gtStudentHomePostalAddress gtStudentMiddleName gtStudentNameSuffix gtStudentPostalAddress gtStudentPostalCode gtStudentScopedAffiliation gtStudentSN gtStudentTelephoneNumber gtUpcomingCourse objectClass sn gtActiveCourse gtCurrentDormResidence gtCurriculum" [10/Nov/2009:08:55:16 -0500] conn=63852 op=81456 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:17 -0500] conn=212604 fd=141 slot=141 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:55:17 -0500] conn=212604 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:17 -0500] conn=212604 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:18 -0500] conn=63832 op=354087 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:55:18 -0500] conn=63832 op=354087 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:18 -0500] conn=212604 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:18 -0500] conn=212604 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:18 -0500] conn=212604 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:18 -0500] conn=212604 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:18 -0500] conn=212604 op=3 UNBIND [10/Nov/2009:08:55:18 -0500] conn=212604 op=3 fd=141 closed - U1 [10/Nov/2009:08:55:21 -0500] conn=212605 fd=141 slot=141 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:55:21 -0500] conn=212605 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:21 -0500] conn=212605 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:21 -0500] conn=212606 fd=152 slot=152 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:55:21 -0500] conn=212606 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:21 -0500] conn=212606 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:21 -0500] conn=212606 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:21 -0500] conn=212606 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:21 -0500] conn=212606 op=2 UNBIND [10/Nov/2009:08:55:21 -0500] conn=212606 op=2 fd=152 closed - U1 [10/Nov/2009:08:55:22 -0500] conn=212605 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:22 -0500] conn=212605 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:22 -0500] conn=212607 fd=152 slot=152 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:55:22 -0500] conn=212605 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:22 -0500] conn=212605 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:22 -0500] conn=212607 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:22 -0500] conn=212607 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:22 -0500] conn=212607 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:22 -0500] conn=212607 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:22 -0500] conn=212607 op=2 UNBIND [10/Nov/2009:08:55:22 -0500] conn=212607 op=2 fd=152 closed - U1 [10/Nov/2009:08:55:22 -0500] conn=212605 op=3 UNBIND [10/Nov/2009:08:55:22 -0500] conn=212605 op=3 fd=141 closed - U1 [10/Nov/2009:08:55:22 -0500] conn=63832 op=354088 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:55:22 -0500] conn=63832 op=354088 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:23 -0500] conn=212608 fd=141 slot=141 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:55:23 -0500] conn=212608 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:23 -0500] conn=212608 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:23 -0500] conn=212608 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:23 -0500] conn=212608 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:23 -0500] conn=212608 op=2 UNBIND [10/Nov/2009:08:55:23 -0500] conn=212608 op=2 fd=141 closed - U1 [10/Nov/2009:08:55:25 -0500] conn=212609 fd=141 slot=141 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:55:25 -0500] conn=212609 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:25 -0500] conn=212609 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:26 -0500] conn=212602 op=6 EXT oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" [10/Nov/2009:08:55:26 -0500] conn=212602 op=6 RESULT err=0 tag=120 nentries=0 etime=0 [10/Nov/2009:08:55:26 -0500] conn=212602 op=7 EXT oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session" [10/Nov/2009:08:55:26 -0500] conn=212602 op=7 RESULT err=0 tag=120 nentries=0 etime=0 [10/Nov/2009:08:55:26 -0500] conn=63832 op=354090 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:55:26 -0500] conn=63832 op=354090 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:26 -0500] conn=212609 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:26 -0500] conn=212609 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:26 -0500] conn=212609 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:26 -0500] conn=212609 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:26 -0500] conn=212610 fd=152 slot=152 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:55:26 -0500] conn=212609 op=3 UNBIND [10/Nov/2009:08:55:26 -0500] conn=212609 op=3 fd=141 closed - U1 [10/Nov/2009:08:55:26 -0500] conn=212610 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:26 -0500] conn=212610 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:26 -0500] conn=212610 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:26 -0500] conn=212610 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:26 -0500] conn=212610 op=2 UNBIND [10/Nov/2009:08:55:26 -0500] conn=212610 op=2 fd=152 closed - U1 [10/Nov/2009:08:55:28 -0500] conn=212611 fd=141 slot=141 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:55:28 -0500] conn=212611 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:28 -0500] conn=212611 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:29 -0500] conn=63832 op=354091 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:55:29 -0500] conn=63832 op=354091 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:29 -0500] conn=212611 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:29 -0500] conn=212611 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:29 -0500] conn=212611 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:29 -0500] conn=212611 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:29 -0500] conn=212611 op=3 UNBIND [10/Nov/2009:08:55:29 -0500] conn=212611 op=3 fd=141 closed - U1 [10/Nov/2009:08:55:31 -0500] conn=212612 fd=141 slot=141 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:55:31 -0500] conn=212612 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:31 -0500] conn=212612 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:31 -0500] conn=212612 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:31 -0500] conn=212612 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:31 -0500] conn=212612 op=2 UNBIND [10/Nov/2009:08:55:31 -0500] conn=212612 op=2 fd=141 closed - U1 [10/Nov/2009:08:55:32 -0500] conn=212613 fd=141 slot=141 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:55:32 -0500] conn=212613 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:32 -0500] conn=212613 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:32 -0500] conn=63832 op=354093 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:55:32 -0500] conn=212614 fd=152 slot=152 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:55:32 -0500] conn=63832 op=354093 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:32 -0500] conn=212614 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:32 -0500] conn=212614 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:32 -0500] conn=212614 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:32 -0500] conn=212614 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:32 -0500] conn=212614 op=2 UNBIND [10/Nov/2009:08:55:32 -0500] conn=212614 op=2 fd=152 closed - U1 [10/Nov/2009:08:55:33 -0500] conn=212615 fd=152 slot=152 SSL connection from 128.61.166.142 to 130.207.183.9 [10/Nov/2009:08:55:33 -0500] conn=212615 op=0 BIND dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:33 -0500] conn=212615 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:33 -0500] conn=212615 op=1 SRCH base="cn=config" scope=0 filter="(objectClass=*)" attrs="nsslapd-localhost" [10/Nov/2009:08:55:33 -0500] conn=212615 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:33 -0500] conn=212615 op=2 UNBIND [10/Nov/2009:08:55:33 -0500] conn=212615 op=2 fd=152 closed - U1 [10/Nov/2009:08:55:33 -0500] conn=212616 fd=152 slot=152 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:55:33 -0500] conn=212616 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:33 -0500] conn=212616 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:33 -0500] conn=212616 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:33 -0500] conn=212616 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:33 -0500] conn=212616 op=2 UNBIND [10/Nov/2009:08:55:33 -0500] conn=212616 op=2 fd=152 closed - U1 [10/Nov/2009:08:55:33 -0500] conn=212617 fd=152 slot=152 SSL connection from 128.61.166.142 to 130.207.183.9 [10/Nov/2009:08:55:33 -0500] conn=212617 op=0 BIND dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:33 -0500] conn=212617 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:33 -0500] conn=212617 op=1 SRCH base="cn=config" scope=0 filter="(objectClass=*)" attrs="nsslapd-localhost" [10/Nov/2009:08:55:34 -0500] conn=212617 op=1 RESULT err=0 tag=101 nentries=1 etime=1 [10/Nov/2009:08:55:34 -0500] conn=212617 op=2 UNBIND [10/Nov/2009:08:55:34 -0500] conn=212617 op=2 fd=152 closed - U1 [10/Nov/2009:08:55:34 -0500] conn=212613 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:34 -0500] conn=212613 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:34 -0500] conn=212613 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:34 -0500] conn=212613 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:34 -0500] conn=212613 op=3 UNBIND [10/Nov/2009:08:55:34 -0500] conn=212613 op=3 fd=141 closed - U1 [10/Nov/2009:08:55:34 -0500] conn=212618 fd=141 slot=141 SSL connection from 128.61.166.142 to 130.207.183.9 [10/Nov/2009:08:55:34 -0500] conn=212618 op=0 BIND dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:34 -0500] conn=212618 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:34 -0500] conn=212618 op=1 SRCH base="cn=config" scope=0 filter="(objectClass=*)" attrs="nsslapd-localhost" [10/Nov/2009:08:55:34 -0500] conn=212618 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:34 -0500] conn=212618 op=2 UNBIND [10/Nov/2009:08:55:34 -0500] conn=212618 op=2 fd=141 closed - U1 [10/Nov/2009:08:55:35 -0500] conn=212619 fd=141 slot=141 SSL connection from 128.61.166.142 to 130.207.183.9 [10/Nov/2009:08:55:35 -0500] conn=212619 op=0 BIND dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:35 -0500] conn=212619 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:35 -0500] conn=212619 op=1 SRCH base="cn=config" scope=0 filter="(objectClass=*)" attrs="nsslapd-localhost" [10/Nov/2009:08:55:35 -0500] conn=212619 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:35 -0500] conn=212619 op=2 UNBIND [10/Nov/2009:08:55:35 -0500] conn=212619 op=2 fd=141 closed - U1 [10/Nov/2009:08:55:35 -0500] conn=212620 fd=141 slot=141 SSL connection from 128.61.166.142 to 130.207.183.9 [10/Nov/2009:08:55:35 -0500] conn=212620 op=0 BIND dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:35 -0500] conn=212620 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:35 -0500] conn=212620 op=1 SRCH base="cn=config" scope=0 filter="(objectClass=*)" attrs="nsslapd-localhost" [10/Nov/2009:08:55:35 -0500] conn=212620 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:35 -0500] conn=212620 op=2 UNBIND [10/Nov/2009:08:55:35 -0500] conn=212620 op=2 fd=141 closed - U1 [10/Nov/2009:08:55:36 -0500] conn=212621 fd=141 slot=141 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:55:36 -0500] conn=212622 fd=152 slot=152 SSL connection from 128.61.166.142 to 130.207.183.9 [10/Nov/2009:08:55:36 -0500] conn=212622 op=0 BIND dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:36 -0500] conn=212622 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:36 -0500] conn=212622 op=1 SRCH base="cn=config" scope=0 filter="(objectClass=*)" attrs="nsslapd-localhost" [10/Nov/2009:08:55:36 -0500] conn=212622 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:36 -0500] conn=212622 op=2 UNBIND [10/Nov/2009:08:55:36 -0500] conn=212622 op=2 fd=152 closed - U1 [10/Nov/2009:08:55:36 -0500] conn=212623 fd=157 slot=157 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:55:36 -0500] conn=212623 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:36 -0500] conn=212623 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:36 -0500] conn=212623 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:36 -0500] conn=212623 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:36 -0500] conn=212623 op=2 UNBIND [10/Nov/2009:08:55:36 -0500] conn=212623 op=2 fd=157 closed - U1 [10/Nov/2009:08:55:37 -0500] conn=212624 fd=152 slot=152 SSL connection from 128.61.166.142 to 130.207.183.9 [10/Nov/2009:08:55:37 -0500] conn=212624 op=0 BIND dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:37 -0500] conn=212624 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:37 -0500] conn=212624 op=1 SRCH base="cn=config" scope=0 filter="(objectClass=*)" attrs="nsslapd-localhost" [10/Nov/2009:08:55:37 -0500] conn=212624 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:37 -0500] conn=212624 op=2 UNBIND [10/Nov/2009:08:55:37 -0500] conn=212624 op=2 fd=152 closed - U1 [10/Nov/2009:08:55:37 -0500] conn=63832 op=354094 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement gtAccountCategory" [10/Nov/2009:08:55:37 -0500] conn=63832 op=354094 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:37 -0500] conn=63832 op=354095 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="cn displayName dn gidNumber givenName gtGlobalPerson gtPrimaryGTAccountUsername homeDirectory initials loginShell mail ou sn telephoneNumber title uidNumber gtEmployeeHomeDepartmentName" [10/Nov/2009:08:55:37 -0500] conn=63832 op=354095 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:37 -0500] conn=63832 op=354096 SRCH base = "gtDirGUID = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX ,ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(eduPersonEntitlement=/gt/services/central/gtad/*)" attrs="cn dn givenName initials mail ou sn title homeDirectory" [10/Nov/2009:08:55:37 -0500] conn=207646 op=134 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement gtAccountCategory" [10/Nov/2009:08:55:37 -0500] conn=207646 op=134 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:37 -0500] conn=207646 op=135 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement gtAccountCategory" [10/Nov/2009:08:55:37 -0500] conn=207646 op=135 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:37 -0500] conn=207646 op=136 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement gtAccountCategory" [10/Nov/2009:08:55:37 -0500] conn=207646 op=136 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:37 -0500] conn=207646 op=137 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement gtAccountCategory" [10/Nov/2009:08:55:37 -0500] conn=207646 op=137 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:37 -0500] conn=63832 op=354096 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:37 -0500] conn=207646 op=138 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement gtAccountCategory" [10/Nov/2009:08:55:37 -0500] conn=207646 op=138 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:37 -0500] conn=63832 op=354097 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement gtAccountCategory" [10/Nov/2009:08:55:37 -0500] conn=63832 op=354097 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:37 -0500] conn=63832 op=354098 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement gtAccountCategory" [10/Nov/2009:08:55:37 -0500] conn=63832 op=354098 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:38 -0500] conn=63832 op=354099 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(eduPersonAffiliation=XXXXXXXXX)" attrs="eduPersonScopedAffiliation gtEmployeeHomeDepartmentName title" [10/Nov/2009:08:55:38 -0500] conn=63832 op=354099 RESULT err=0 tag=101 nentries=0 etime=1 [10/Nov/2009:08:55:38 -0500] conn=63832 op=354100 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="cn displayName dn gidNumber givenName gtGlobalPerson gtPrimaryGTAccountUsername homeDirectory initials loginShell mail ou sn telephoneNumber title uidNumber gtEmployeeHomeDepartmentName" [10/Nov/2009:08:55:38 -0500] conn=63832 op=354100 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:38 -0500] conn=63832 op=354101 SRCH base = "gtDirGUID = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX ,ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(eduPersonEntitlement=/gt/services/central/gtad/*)" attrs="cn dn givenName initials mail ou sn title homeDirectory" [10/Nov/2009:08:55:38 -0500] conn=63832 op=354101 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:38 -0500] conn=63832 op=354102 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(eduPersonAffiliation=XXXXXXXXX)" attrs="eduPersonScopedAffiliation gtEmployeeHomeDepartmentName title" [10/Nov/2009:08:55:38 -0500] conn=63832 op=354102 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:38 -0500] conn=63832 op=354103 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="cn displayName dn gidNumber givenName gtGlobalPerson gtPrimaryGTAccountUsername homeDirectory initials loginShell mail ou sn telephoneNumber title uidNumber gtEmployeeHomeDepartmentName" [10/Nov/2009:08:55:38 -0500] conn=63832 op=354103 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:38 -0500] conn=63832 op=354104 SRCH base = "gtDirGUID = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX ,ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(eduPersonEntitlement=/gt/services/central/gtad/*)" attrs="cn dn givenName initials mail ou sn title homeDirectory" [10/Nov/2009:08:55:38 -0500] conn=63832 op=354104 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:38 -0500] conn=63832 op=354105 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(eduPersonAffiliation=XXXXXXXXX)" attrs="eduPersonScopedAffiliation gtEmployeeHomeDepartmentName title" [10/Nov/2009:08:55:38 -0500] conn=63832 op=354105 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:38 -0500] conn=63832 op=354106 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="cn displayName dn gidNumber givenName gtGlobalPerson gtPrimaryGTAccountUsername homeDirectory initials loginShell mail ou sn telephoneNumber title uidNumber gtEmployeeHomeDepartmentName" [10/Nov/2009:08:55:38 -0500] conn=63832 op=354106 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:38 -0500] conn=63832 op=354107 SRCH base = "gtDirGUID = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX ,ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(eduPersonEntitlement=/gt/services/central/gtad/*)" attrs="cn dn givenName initials mail ou sn title homeDirectory" [10/Nov/2009:08:55:38 -0500] conn=63832 op=354107 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:38 -0500] conn=63832 op=354108 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(eduPersonAffiliation=XXXXXXXXX)" attrs="eduPersonScopedAffiliation gtEmployeeHomeDepartmentName title" [10/Nov/2009:08:55:38 -0500] conn=63832 op=354108 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:40 -0500] conn=212621 op=1 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:40 -0500] conn=212621 op=1 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:41 -0500] conn=212621 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:41 -0500] conn=212621 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:41 -0500] conn=212621 op=3 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:41 -0500] conn=212621 op=3 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:41 -0500] conn=212621 op=4 UNBIND [10/Nov/2009:08:55:41 -0500] conn=212621 op=4 fd=141 closed - U1 [10/Nov/2009:08:55:41 -0500] conn=212625 fd=141 slot=141 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:55:41 -0500] conn=212625 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:41 -0500] conn=212625 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:41 -0500] conn=212625 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:41 -0500] conn=212625 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:41 -0500] conn=212625 op=2 UNBIND [10/Nov/2009:08:55:41 -0500] conn=212625 op=2 fd=141 closed - U1 [10/Nov/2009:08:55:42 -0500] conn=212626 fd=141 slot=141 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:55:42 -0500] conn=212626 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:42 -0500] conn=212626 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:42 -0500] conn=212626 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:42 -0500] conn=212626 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:42 -0500] conn=212626 op=2 UNBIND [10/Nov/2009:08:55:42 -0500] conn=212626 op=2 fd=141 closed - U1 [10/Nov/2009:08:55:42 -0500] conn=212627 fd=152 slot=152 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:55:42 -0500] conn=212627 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:42 -0500] conn=212627 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:43 -0500] conn=63852 op=81457 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" [10/Nov/2009:08:55:43 -0500] conn=63852 op=81457 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:43 -0500] conn=63852 op=81458 MOD dn = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:43 -0500] conn=63852 op=81458 RESULT err=0 tag=103 nentries=0 etime=0 csn=4af970e0000000370000 [10/Nov/2009:08:55:43 -0500] conn=63852 op=81459 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" [10/Nov/2009:08:55:43 -0500] conn=63852 op=81459 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:43 -0500] conn=63852 op=81460 MOD dn = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:43 -0500] conn=63852 op=81460 RESULT err=0 tag=103 nentries=0 etime=0 csn=4af970e0000400370000 [10/Nov/2009:08:55:43 -0500] conn=63852 op=81461 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" [10/Nov/2009:08:55:43 -0500] conn=63852 op=81461 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:43 -0500] conn=212628 fd=141 slot=141 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:55:43 -0500] conn=63852 op=81462 MOD dn = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:43 -0500] conn=63852 op=81462 RESULT err=0 tag=103 nentries=0 etime=0 csn=4af970e0000500370000 [10/Nov/2009:08:55:43 -0500] conn=212628 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:43 -0500] conn=212628 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:43 -0500] conn=212628 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:43 -0500] conn=212628 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:43 -0500] conn=212628 op=2 UNBIND [10/Nov/2009:08:55:43 -0500] conn=212628 op=2 fd=141 closed - U1 [10/Nov/2009:08:55:43 -0500] conn=63852 op=81463 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" [10/Nov/2009:08:55:43 -0500] conn=63852 op=81463 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:43 -0500] conn=63852 op=81464 MOD dn = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:43 -0500] conn=63852 op=81464 RESULT err=0 tag=103 nentries=0 etime=0 csn=4af970e0000600370000 [10/Nov/2009:08:55:43 -0500] conn=63852 op=81465 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" [10/Nov/2009:08:55:43 -0500] conn=63852 op=81465 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:43 -0500] conn=63852 op=81466 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" [10/Nov/2009:08:55:43 -0500] conn=63852 op=81466 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:43 -0500] conn=63852 op=81467 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" [10/Nov/2009:08:55:43 -0500] conn=63852 op=81467 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:43 -0500] conn=63852 op=81468 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" [10/Nov/2009:08:55:43 -0500] conn=63852 op=81468 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:43 -0500] conn=63852 op=81469 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" [10/Nov/2009:08:55:43 -0500] conn=63852 op=81469 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:43 -0500] conn=63852 op=81470 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" [10/Nov/2009:08:55:43 -0500] conn=63852 op=81470 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:43 -0500] conn=63852 op=81471 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" [10/Nov/2009:08:55:43 -0500] conn=63852 op=81471 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:43 -0500] conn=63852 op=81472 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" [10/Nov/2009:08:55:43 -0500] conn=63852 op=81472 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:44 -0500] conn=212627 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:44 -0500] conn=212627 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:44 -0500] conn=212627 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:44 -0500] conn=212627 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:44 -0500] conn=212627 op=3 UNBIND [10/Nov/2009:08:55:44 -0500] conn=212627 op=3 fd=152 closed - U1 [10/Nov/2009:08:55:46 -0500] conn=212629 fd=141 slot=141 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:55:46 -0500] conn=212629 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:46 -0500] conn=212629 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:46 -0500] conn=212630 fd=152 slot=152 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:55:46 -0500] conn=212630 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:46 -0500] conn=212630 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:46 -0500] conn=212630 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:46 -0500] conn=212630 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:46 -0500] conn=212630 op=2 UNBIND [10/Nov/2009:08:55:46 -0500] conn=212630 op=2 fd=152 closed - U1 [10/Nov/2009:08:55:46 -0500] conn=212629 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:46 -0500] conn=212629 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:46 -0500] conn=212629 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:46 -0500] conn=212629 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:46 -0500] conn=212629 op=3 UNBIND [10/Nov/2009:08:55:46 -0500] conn=212629 op=3 fd=141 closed - U1 [10/Nov/2009:08:55:48 -0500] conn=61828 op=25371 SRCH base="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(uid=validateProbe- notInitialized-1257861349281))" attrs="dn" [10/Nov/2009:08:55:48 -0500] conn=61828 op=25371 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:48 -0500] conn=61828 op=25372 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="cn displayName eduPersonAffiliation eduPersonPrimaryAffiliation eduPersonScopedAffiliation givenName gtActiveCourse gtAllDormResidences gtCurrentDormResidence gtCurriculum gtEmployeeGivenName gtEmployeeHomeDepartmentName gtEmployeeHomeDepartmentNumber gtEmployeeHomePhone gtemployee... gtGTID gtGuestIdentitySponsor gtHasStudentTitle gtIMSID gtJustEndedCourse gtInstructedCourse gtLegalCN gtLegalDisplayName gtMageGuestIndex gtMagePersonIndex gtMiddleName gtNameSuffix gtPIDM gtPrimaryEmailAddress gtPrimaryEmployeeEmailAddress gtPrimaryStudentEmailAddress gtPrimaryGTAccountUsername gtPrimaryStudentGTAccountUsername gtPrimaryEmployeeGTAccountUsername gtRegisteredCourse gtSearchNickname gtSecondaryMailAddress gtStudentConfidentiality gtStudentGivenName gtStudentHomePhone gtstudent... gtUpcomingCourse homePhone initials mail sn telephoneNumber gtPersonEntitlement gtPersonDirectoryId" [10/Nov/2009:08:55:48 -0500] conn=61828 op=25372 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:48 -0500] conn=61828 op=25373 SRCH base="ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter = "(gtGlobalPerson = gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu)" attrs="dn" [10/Nov/2009:08:55:48 -0500] conn=61828 op=25373 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:48 -0500] conn=61827 op=24900 SRCH base="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(uid=validateProbe- notInitialized-1257861349322))" attrs="dn" [10/Nov/2009:08:55:48 -0500] conn=61827 op=24900 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:48 -0500] conn=61827 op=24901 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="cn displayName eduPersonAffiliation eduPersonPrimaryAffiliation eduPersonScopedAffiliation givenName gtActiveCourse gtAllDormResidences gtCurrentDormResidence gtCurriculum gtEmployeeGivenName gtEmployeeHomeDepartmentName gtEmployeeHomeDepartmentNumber gtEmployeeHomePhone gtemployee... gtGTID gtGuestIdentitySponsor gtHasStudentTitle gtIMSID gtJustEndedCourse gtInstructedCourse gtLegalCN gtLegalDisplayName gtMageGuestIndex gtMagePersonIndex gtMiddleName gtNameSuffix gtPIDM gtPrimaryEmailAddress gtPrimaryEmployeeEmailAddress gtPrimaryStudentEmailAddress gtPrimaryGTAccountUsername gtPrimaryStudentGTAccountUsername gtPrimaryEmployeeGTAccountUsername gtRegisteredCourse gtSearchNickname gtSecondaryMailAddress gtStudentConfidentiality gtStudentGivenName gtStudentHomePhone gtstudent... gtUpcomingCourse homePhone initials mail sn telephoneNumber gtPersonEntitlement gtPersonDirectoryId" [10/Nov/2009:08:55:48 -0500] conn=61827 op=24901 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:48 -0500] conn=61827 op=24902 SRCH base="ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter = "(gtGlobalPerson = gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu)" attrs="dn" [10/Nov/2009:08:55:48 -0500] conn=61827 op=24902 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:48 -0500] conn=61825 op=24789 SRCH base="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(uid=validateProbe- notInitialized-1257861349371))" attrs="dn" [10/Nov/2009:08:55:48 -0500] conn=61825 op=24789 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:48 -0500] conn=61825 op=24790 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="cn displayName eduPersonAffiliation eduPersonPrimaryAffiliation eduPersonScopedAffiliation givenName gtActiveCourse gtAllDormResidences gtCurrentDormResidence gtCurriculum gtEmployeeGivenName gtEmployeeHomeDepartmentName gtEmployeeHomeDepartmentNumber gtEmployeeHomePhone gtemployee... gtGTID gtGuestIdentitySponsor gtHasStudentTitle gtIMSID gtJustEndedCourse gtInstructedCourse gtLegalCN gtLegalDisplayName gtMageGuestIndex gtMagePersonIndex gtMiddleName gtNameSuffix gtPIDM gtPrimaryEmailAddress gtPrimaryEmployeeEmailAddress gtPrimaryStudentEmailAddress gtPrimaryGTAccountUsername gtPrimaryStudentGTAccountUsername gtPrimaryEmployeeGTAccountUsername gtRegisteredCourse gtSearchNickname gtSecondaryMailAddress gtStudentConfidentiality gtStudentGivenName gtStudentHomePhone gtstudent... gtUpcomingCourse homePhone initials mail sn telephoneNumber gtPersonEntitlement gtPersonDirectoryId" [10/Nov/2009:08:55:48 -0500] conn=61825 op=24790 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:48 -0500] conn=61825 op=24791 SRCH base="ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter = "(gtGlobalPerson = gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu)" attrs="dn" [10/Nov/2009:08:55:48 -0500] conn=61825 op=24791 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:48 -0500] conn=61826 op=24792 SRCH base="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(uid=validateProbe- notInitialized-1257861349423))" attrs="dn" [10/Nov/2009:08:55:48 -0500] conn=61826 op=24792 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:48 -0500] conn=61826 op=24793 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="cn displayName eduPersonAffiliation eduPersonPrimaryAffiliation eduPersonScopedAffiliation givenName gtActiveCourse gtAllDormResidences gtCurrentDormResidence gtCurriculum gtEmployeeGivenName gtEmployeeHomeDepartmentName gtEmployeeHomeDepartmentNumber gtEmployeeHomePhone gtemployee... gtGTID gtGuestIdentitySponsor gtHasStudentTitle gtIMSID gtJustEndedCourse gtInstructedCourse gtLegalCN gtLegalDisplayName gtMageGuestIndex gtMagePersonIndex gtMiddleName gtNameSuffix gtPIDM gtPrimaryEmailAddress gtPrimaryEmployeeEmailAddress gtPrimaryStudentEmailAddress gtPrimaryGTAccountUsername gtPrimaryStudentGTAccountUsername gtPrimaryEmployeeGTAccountUsername gtRegisteredCourse gtSearchNickname gtSecondaryMailAddress gtStudentConfidentiality gtStudentGivenName gtStudentHomePhone gtstudent... gtUpcomingCourse homePhone initials mail sn telephoneNumber gtPersonEntitlement gtPersonDirectoryId" [10/Nov/2009:08:55:48 -0500] conn=61826 op=24793 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:48 -0500] conn=61826 op=24794 SRCH base="ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter = "(gtGlobalPerson = gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu)" attrs="dn" [10/Nov/2009:08:55:48 -0500] conn=61826 op=24794 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:48 -0500] conn=212631 fd=141 slot=141 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:55:48 -0500] conn=212631 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:48 -0500] conn=212631 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:49 -0500] conn=212631 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:49 -0500] conn=212631 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:49 -0500] conn=212631 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:49 -0500] conn=212631 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:49 -0500] conn=212631 op=3 UNBIND [10/Nov/2009:08:55:49 -0500] conn=212631 op=3 fd=141 closed - U1 [10/Nov/2009:08:55:51 -0500] conn=212632 fd=141 slot=141 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:55:51 -0500] conn=212632 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:51 -0500] conn=212632 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:51 -0500] conn=212633 fd=152 slot=152 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:55:51 -0500] conn=212633 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:51 -0500] conn=212633 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:51 -0500] conn=212633 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:51 -0500] conn=212633 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:51 -0500] conn=212633 op=2 UNBIND [10/Nov/2009:08:55:51 -0500] conn=212633 op=2 fd=152 closed - U1 [10/Nov/2009:08:55:52 -0500] conn=212632 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:52 -0500] conn=212632 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:52 -0500] conn=212632 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:52 -0500] conn=212632 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:52 -0500] conn=212632 op=3 UNBIND [10/Nov/2009:08:55:52 -0500] conn=212632 op=3 fd=141 closed - U1 [10/Nov/2009:08:55:52 -0500] conn=212634 fd=141 slot=141 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:55:52 -0500] conn=212634 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:52 -0500] conn=212634 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:52 -0500] conn=212634 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:52 -0500] conn=212634 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:52 -0500] conn=212634 op=2 UNBIND [10/Nov/2009:08:55:52 -0500] conn=212634 op=2 fd=141 closed - U1 [10/Nov/2009:08:55:53 -0500] conn=212635 fd=141 slot=141 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:55:53 -0500] conn=212635 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:53 -0500] conn=212635 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:53 -0500] conn=212635 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:53 -0500] conn=212635 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:53 -0500] conn=212635 op=2 UNBIND [10/Nov/2009:08:55:53 -0500] conn=212635 op=2 fd=141 closed - U1 [10/Nov/2009:08:55:54 -0500] conn=212636 fd=141 slot=141 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:55:54 -0500] conn=212636 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:54 -0500] conn=212636 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:54 -0500] conn=212636 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:54 -0500] conn=212636 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:54 -0500] conn=212636 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:54 -0500] conn=212636 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:55 -0500] conn=212636 op=3 UNBIND [10/Nov/2009:08:55:55 -0500] conn=212636 op=3 fd=141 closed - U1 [10/Nov/2009:08:55:56 -0500] conn=212637 fd=141 slot=141 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:55:56 -0500] conn=212638 fd=152 slot=152 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:55:56 -0500] conn=212638 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:56 -0500] conn=212638 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:56 -0500] conn=212638 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:55:56 -0500] conn=212638 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:55:56 -0500] conn=212637 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:56 -0500] conn=212638 op=2 UNBIND [10/Nov/2009:08:55:56 -0500] conn=212638 op=2 fd=152 closed - U1 [10/Nov/2009:08:55:56 -0500] conn=212637 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:55:57 -0500] conn=212637 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:57 -0500] conn=212637 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:57 -0500] conn=212637 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:55:57 -0500] conn=212637 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:55:57 -0500] conn=212637 op=3 UNBIND [10/Nov/2009:08:55:57 -0500] conn=212637 op=3 fd=141 closed - U1 [10/Nov/2009:08:55:59 -0500] conn=212639 fd=141 slot=141 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:55:59 -0500] conn=212639 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:55:59 -0500] conn=212639 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:00 -0500] conn=212639 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:00 -0500] conn=212639 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:00 -0500] conn=212639 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:00 -0500] conn=212639 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:00 -0500] conn=212639 op=3 UNBIND [10/Nov/2009:08:56:00 -0500] conn=212639 op=3 fd=141 closed - U1 [10/Nov/2009:08:56:01 -0500] conn=212640 fd=141 slot=141 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:56:01 -0500] conn=212640 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:01 -0500] conn=212640 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:01 -0500] conn=212640 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:01 -0500] conn=212640 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:01 -0500] conn=212640 op=2 UNBIND [10/Nov/2009:08:56:01 -0500] conn=212640 op=2 fd=141 closed - U1 [10/Nov/2009:08:56:02 -0500] conn=212641 fd=141 slot=141 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:56:02 -0500] conn=212641 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:02 -0500] conn=212641 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:02 -0500] conn=212642 fd=152 slot=152 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:56:02 -0500] conn=212641 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:02 -0500] conn=212641 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:02 -0500] conn=212642 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:02 -0500] conn=212642 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:02 -0500] conn=212642 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:02 -0500] conn=212642 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:02 -0500] conn=212642 op=2 UNBIND [10/Nov/2009:08:56:02 -0500] conn=212642 op=2 fd=152 closed - U1 [10/Nov/2009:08:56:02 -0500] conn=212641 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:02 -0500] conn=212641 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:02 -0500] conn=212641 op=3 UNBIND [10/Nov/2009:08:56:02 -0500] conn=212641 op=3 fd=141 closed - U1 [10/Nov/2009:08:56:04 -0500] conn=212643 fd=141 slot=141 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:56:04 -0500] conn=212643 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:04 -0500] conn=212643 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:04 -0500] conn=212643 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:04 -0500] conn=212643 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:04 -0500] conn=212643 op=2 UNBIND [10/Nov/2009:08:56:04 -0500] conn=212643 op=2 fd=141 closed - U1 [10/Nov/2009:08:56:04 -0500] conn=212644 fd=152 slot=152 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:56:04 -0500] conn=212644 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:04 -0500] conn=212644 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:05 -0500] conn=212644 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:05 -0500] conn=212644 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:05 -0500] conn=212644 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:05 -0500] conn=212644 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:05 -0500] conn=212644 op=3 UNBIND [10/Nov/2009:08:56:05 -0500] conn=212644 op=3 fd=152 closed - U1 [10/Nov/2009:08:56:06 -0500] conn=212645 fd=141 slot=141 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:56:06 -0500] conn=212645 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:06 -0500] conn=212645 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:06 -0500] conn=212645 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:06 -0500] conn=212645 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:06 -0500] conn=212645 op=2 UNBIND [10/Nov/2009:08:56:06 -0500] conn=212645 op=2 fd=141 closed - U1 [10/Nov/2009:08:56:06 -0500] conn=212646 fd=152 slot=152 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:56:06 -0500] conn=212646 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:06 -0500] conn=212646 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:07 -0500] conn=212646 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:07 -0500] conn=212646 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:07 -0500] conn=212646 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:07 -0500] conn=212646 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:07 -0500] conn=212646 op=3 UNBIND [10/Nov/2009:08:56:07 -0500] conn=212646 op=3 fd=152 closed - U1 [10/Nov/2009:08:56:08 -0500] conn=63832 op=354110 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtPIDM=2691261)" attrs="cn displayName dn givenName gtDirGUID gtLocallyManagedAttribute initials objectClass sn title gtPersonDirectoryId" [10/Nov/2009:08:56:08 -0500] conn=63832 op=354110 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:08 -0500] conn=63832 op=354111 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter = "(gtGlobalPerson = gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu)" attrs="dn" [10/Nov/2009:08:56:08 -0500] conn=63832 op=354111 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:08 -0500] conn=63832 op=354112 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtPIDM=2691264)" attrs="cn displayName dn givenName gtDirGUID gtLocallyManagedAttribute initials objectClass sn title gtPersonDirectoryId" [10/Nov/2009:08:56:08 -0500] conn=63832 op=354112 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:08 -0500] conn=63832 op=354113 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter = "(gtGlobalPerson = gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu)" attrs="dn" [10/Nov/2009:08:56:08 -0500] conn=63832 op=354113 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:08 -0500] conn=63832 op=354114 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtPIDM=2691262)" attrs="cn displayName dn givenName gtDirGUID gtLocallyManagedAttribute initials objectClass sn title gtPersonDirectoryId" [10/Nov/2009:08:56:08 -0500] conn=63832 op=354114 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:09 -0500] conn=212647 fd=141 slot=141 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:56:09 -0500] conn=212647 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:09 -0500] conn=212647 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:09 -0500] conn=63832 op=354115 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter = "(gtGlobalPerson = gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu)" attrs="dn" [10/Nov/2009:08:56:09 -0500] conn=63832 op=354115 RESULT err=0 tag=101 nentries=0 etime=1 [10/Nov/2009:08:56:09 -0500] conn=63832 op=354116 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtPIDM=2691263)" attrs="cn displayName dn givenName gtDirGUID gtLocallyManagedAttribute initials objectClass sn title gtPersonDirectoryId" [10/Nov/2009:08:56:09 -0500] conn=63832 op=354116 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:09 -0500] conn=63832 op=354117 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter = "(gtGlobalPerson = gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu)" attrs="dn" [10/Nov/2009:08:56:09 -0500] conn=63832 op=354117 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:09 -0500] conn=63832 op=354118 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtPIDM=2691265)" attrs="cn displayName dn givenName gtDirGUID gtLocallyManagedAttribute initials objectClass sn title gtPersonDirectoryId" [10/Nov/2009:08:56:09 -0500] conn=63832 op=354118 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:09 -0500] conn=63832 op=354119 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter = "(gtGlobalPerson = gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu)" attrs="dn" [10/Nov/2009:08:56:09 -0500] conn=63832 op=354119 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:10 -0500] conn=212647 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:10 -0500] conn=212647 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:10 -0500] conn=212647 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:10 -0500] conn=212647 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:10 -0500] conn=212647 op=3 UNBIND [10/Nov/2009:08:56:10 -0500] conn=212647 op=3 fd=141 closed - U1 [10/Nov/2009:08:56:11 -0500] conn=212648 fd=141 slot=141 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:56:11 -0500] conn=212648 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:11 -0500] conn=212648 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:11 -0500] conn=212648 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:11 -0500] conn=212648 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:11 -0500] conn=212648 op=2 UNBIND [10/Nov/2009:08:56:11 -0500] conn=212648 op=2 fd=141 closed - U1 [10/Nov/2009:08:56:12 -0500] conn=212649 fd=141 slot=141 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:56:12 -0500] conn=212649 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:12 -0500] conn=212649 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:12 -0500] conn=212650 fd=151 slot=151 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:56:12 -0500] conn=212650 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:12 -0500] conn=212650 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:12 -0500] conn=212650 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:12 -0500] conn=212650 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:12 -0500] conn=212650 op=2 UNBIND [10/Nov/2009:08:56:12 -0500] conn=212650 op=2 fd=151 closed - U1 [10/Nov/2009:08:56:12 -0500] conn=212649 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:12 -0500] conn=212649 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:12 -0500] conn=212649 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:12 -0500] conn=212649 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:13 -0500] conn=212649 op=3 UNBIND [10/Nov/2009:08:56:13 -0500] conn=212649 op=3 fd=141 closed - U1 [10/Nov/2009:08:56:13 -0500] conn=212651 fd=141 slot=141 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:56:13 -0500] conn=212651 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:13 -0500] conn=212651 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:13 -0500] conn=212651 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:13 -0500] conn=212651 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:13 -0500] conn=212651 op=2 UNBIND [10/Nov/2009:08:56:13 -0500] conn=212651 op=2 fd=141 closed - U1 [10/Nov/2009:08:56:14 -0500] conn=212589 op=9 UNBIND [10/Nov/2009:08:56:14 -0500] conn=212589 op=9 fd=71 closed - U1 [10/Nov/2009:08:56:14 -0500] conn=212652 fd=71 slot=71 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:56:14 -0500] conn=212652 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:14 -0500] conn=212652 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:15 -0500] conn=212331 op=28 UNBIND [10/Nov/2009:08:56:15 -0500] conn=212331 op=28 fd=133 closed - U1 [10/Nov/2009:08:56:15 -0500] conn=212652 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:15 -0500] conn=212652 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:15 -0500] conn=212652 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:15 -0500] conn=212652 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:15 -0500] conn=212652 op=3 UNBIND [10/Nov/2009:08:56:15 -0500] conn=212652 op=3 fd=71 closed - U1 [10/Nov/2009:08:56:16 -0500] conn=212653 fd=71 slot=71 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:56:16 -0500] conn=212653 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:16 -0500] conn=212653 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:16 -0500] conn=212653 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:16 -0500] conn=212653 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:16 -0500] conn=212653 op=2 UNBIND [10/Nov/2009:08:56:16 -0500] conn=212653 op=2 fd=71 closed - U1 [10/Nov/2009:08:56:17 -0500] conn=212654 fd=71 slot=71 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:56:17 -0500] conn=212654 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:17 -0500] conn=212654 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:18 -0500] conn=63832 op=354121 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:56:18 -0500] conn=63832 op=354121 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:18 -0500] conn=212654 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:18 -0500] conn=212654 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:18 -0500] conn=212654 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:18 -0500] conn=212654 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:18 -0500] conn=212654 op=3 UNBIND [10/Nov/2009:08:56:18 -0500] conn=212654 op=3 fd=71 closed - U1 [10/Nov/2009:08:56:20 -0500] conn=63852 op=81474 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="cn dn gtDirGUID gtGTID gtIMSID gtInstructedCourse gtJustEndedCourse gtPersonDirectoryId gtPIDM gtRegisteredCourse gtSISEmailAddress gtStudentCampusAddress gtStudentConfidentiality gtStudentGivenName gtStudentHomePhone gtStudentHomePostalAddress gtStudentMiddleName gtStudentNameSuffix gtStudentPostalAddress gtStudentPostalCode gtStudentScopedAffiliation gtStudentSN gtStudentTelephoneNumber gtUpcomingCourse objectClass sn gtActiveCourse gtCurrentDormResidence gtCurriculum" [10/Nov/2009:08:56:20 -0500] conn=63852 op=81474 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:20 -0500] conn=63852 op=81475 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="cn dn gtDirGUID gtGTID gtIMSID gtInstructedCourse gtJustEndedCourse gtPersonDirectoryId gtPIDM gtRegisteredCourse gtSISEmailAddress gtStudentCampusAddress gtStudentConfidentiality gtStudentGivenName gtStudentHomePhone gtStudentHomePostalAddress gtStudentMiddleName gtStudentNameSuffix gtStudentPostalAddress gtStudentPostalCode gtStudentScopedAffiliation gtStudentSN gtStudentTelephoneNumber gtUpcomingCourse objectClass sn gtActiveCourse gtCurrentDormResidence gtCurriculum" [10/Nov/2009:08:56:20 -0500] conn=63852 op=81475 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:21 -0500] conn=63832 op=354123 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:56:21 -0500] conn=63832 op=354123 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:21 -0500] conn=212655 fd=71 slot=71 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:56:21 -0500] conn=212655 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:21 -0500] conn=212655 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:21 -0500] conn=212655 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:21 -0500] conn=212655 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:21 -0500] conn=212655 op=2 UNBIND [10/Nov/2009:08:56:21 -0500] conn=212655 op=2 fd=71 closed - U1 [10/Nov/2009:08:56:22 -0500] conn=212656 fd=71 slot=71 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:56:22 -0500] conn=212656 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:22 -0500] conn=212656 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:22 -0500] conn=212657 fd=133 slot=133 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:56:22 -0500] conn=212657 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:22 -0500] conn=212657 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:22 -0500] conn=212657 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:22 -0500] conn=212657 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:22 -0500] conn=212657 op=2 UNBIND [10/Nov/2009:08:56:22 -0500] conn=212657 op=2 fd=133 closed - U1 [10/Nov/2009:08:56:23 -0500] conn=212658 fd=133 slot=133 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:56:23 -0500] conn=212658 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:23 -0500] conn=212658 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:23 -0500] conn=212658 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:23 -0500] conn=212658 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:23 -0500] conn=212658 op=2 UNBIND [10/Nov/2009:08:56:23 -0500] conn=212658 op=2 fd=133 closed - U1 [10/Nov/2009:08:56:24 -0500] conn=63832 op=354124 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:56:24 -0500] conn=63832 op=354124 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:24 -0500] conn=63852 op=81477 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="cn dn gtDirGUID gtGTID gtIMSID gtInstructedCourse gtJustEndedCourse gtPersonDirectoryId gtPIDM gtRegisteredCourse gtSISEmailAddress gtStudentCampusAddress gtStudentConfidentiality gtStudentGivenName gtStudentHomePhone gtStudentHomePostalAddress gtStudentMiddleName gtStudentNameSuffix gtStudentPostalAddress gtStudentPostalCode gtStudentScopedAffiliation gtStudentSN gtStudentTelephoneNumber gtUpcomingCourse objectClass sn gtActiveCourse gtCurrentDormResidence gtCurriculum" [10/Nov/2009:08:56:24 -0500] conn=63852 op=81477 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:24 -0500] conn=63852 op=81478 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="cn dn gtDirGUID gtGTID gtIMSID gtInstructedCourse gtJustEndedCourse gtPersonDirectoryId gtPIDM gtRegisteredCourse gtSISEmailAddress gtStudentCampusAddress gtStudentConfidentiality gtStudentGivenName gtStudentHomePhone gtStudentHomePostalAddress gtStudentMiddleName gtStudentNameSuffix gtStudentPostalAddress gtStudentPostalCode gtStudentScopedAffiliation gtStudentSN gtStudentTelephoneNumber gtUpcomingCourse objectClass sn gtActiveCourse gtCurrentDormResidence gtCurriculum" [10/Nov/2009:08:56:24 -0500] conn=63852 op=81478 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:24 -0500] conn=63852 op=81479 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="cn dn gtDirGUID gtGTID gtIMSID gtInstructedCourse gtJustEndedCourse gtPersonDirectoryId gtPIDM gtRegisteredCourse gtSISEmailAddress gtStudentCampusAddress gtStudentConfidentiality gtStudentGivenName gtStudentHomePhone gtStudentHomePostalAddress gtStudentMiddleName gtStudentNameSuffix gtStudentPostalAddress gtStudentPostalCode gtStudentScopedAffiliation gtStudentSN gtStudentTelephoneNumber gtUpcomingCourse objectClass sn gtActiveCourse gtCurrentDormResidence gtCurriculum" [10/Nov/2009:08:56:24 -0500] conn=63852 op=81479 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:25 -0500] conn=212656 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:25 -0500] conn=212656 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:25 -0500] conn=212656 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:25 -0500] conn=212656 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:25 -0500] conn=212656 op=3 UNBIND [10/Nov/2009:08:56:25 -0500] conn=212656 op=3 fd=71 closed - U1 [10/Nov/2009:08:56:26 -0500] conn=212659 fd=71 slot=71 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:56:26 -0500] conn=212659 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:26 -0500] conn=212659 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:26 -0500] conn=212659 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:26 -0500] conn=212659 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:26 -0500] conn=212659 op=2 UNBIND [10/Nov/2009:08:56:26 -0500] conn=212659 op=2 fd=71 closed - U1 [10/Nov/2009:08:56:26 -0500] conn=212602 op=9 UNBIND [10/Nov/2009:08:56:26 -0500] conn=212602 op=9 fd=149 closed - U1 [10/Nov/2009:08:56:26 -0500] conn=63832 op=354126 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:56:26 -0500] conn=63832 op=354126 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:27 -0500] conn=212660 fd=71 slot=71 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:56:27 -0500] conn=212660 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:27 -0500] conn=212660 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:29 -0500] conn=212660 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:29 -0500] conn=212660 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:29 -0500] conn=212660 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:29 -0500] conn=212660 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:29 -0500] conn=212660 op=3 UNBIND [10/Nov/2009:08:56:29 -0500] conn=212660 op=3 fd=71 closed - U1 [10/Nov/2009:08:56:29 -0500] conn=212661 fd=71 slot=71 SSL connection from 128.61.166.142 to 130.207.183.9 [10/Nov/2009:08:56:29 -0500] conn=212661 op=0 BIND dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:29 -0500] conn=212661 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:29 -0500] conn=212661 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(objectClass=*)" attrs="ou" [10/Nov/2009:08:56:29 -0500] conn=212661 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:29 -0500] conn=212661 op=2 UNBIND [10/Nov/2009:08:56:29 -0500] conn=212661 op=2 fd=71 closed - U1 [10/Nov/2009:08:56:30 -0500] conn=212662 fd=71 slot=71 SSL connection from 128.61.166.142 to 130.207.183.9 [10/Nov/2009:08:56:30 -0500] conn=212662 op=0 BIND dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:30 -0500] conn=212662 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:30 -0500] conn=212662 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=0 filter="(objectClass=*)" attrs="ou" [10/Nov/2009:08:56:30 -0500] conn=212662 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:30 -0500] conn=212662 op=2 UNBIND [10/Nov/2009:08:56:30 -0500] conn=212662 op=2 fd=71 closed - U1 [10/Nov/2009:08:56:30 -0500] conn=63832 op=354127 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:56:30 -0500] conn=63832 op=354127 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:30 -0500] conn=212663 fd=71 slot=71 SSL connection from 128.61.166.142 to 130.207.183.9 [10/Nov/2009:08:56:31 -0500] conn=212663 op=0 BIND dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:31 -0500] conn=212663 op=0 RESULT err=0 tag=97 nentries=0 etime=1 dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:31 -0500] conn=212663 op=1 SRCH base="ou=departments,dc=gted,dc=gatech,dc=edu" scope=0 filter="(objectClass=*)" attrs="ou" [10/Nov/2009:08:56:31 -0500] conn=212663 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:31 -0500] conn=212663 op=2 UNBIND [10/Nov/2009:08:56:31 -0500] conn=212663 op=2 fd=71 closed - U1 [10/Nov/2009:08:56:31 -0500] conn=212664 fd=133 slot=133 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:56:31 -0500] conn=212664 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:31 -0500] conn=212664 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:31 -0500] conn=212665 fd=71 slot=71 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:56:31 -0500] conn=212665 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:31 -0500] conn=212665 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:31 -0500] conn=212665 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:31 -0500] conn=212665 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:31 -0500] conn=212665 op=2 UNBIND [10/Nov/2009:08:56:31 -0500] conn=212665 op=2 fd=71 closed - U1 [10/Nov/2009:08:56:31 -0500] conn=212666 fd=139 slot=139 SSL connection from 128.61.166.142 to 130.207.183.9 [10/Nov/2009:08:56:31 -0500] conn=212666 op=0 BIND dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:31 -0500] conn=212666 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:32 -0500] conn=212666 op=1 SRCH base="ou=departments,dc=gted,dc=gatech,dc=edu" scope=0 filter="(objectClass=*)" attrs="ou" [10/Nov/2009:08:56:32 -0500] conn=212666 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:32 -0500] conn=212666 op=2 UNBIND [10/Nov/2009:08:56:32 -0500] conn=212666 op=2 fd=139 closed - U1 [10/Nov/2009:08:56:32 -0500] conn=212667 fd=71 slot=71 SSL connection from 128.61.166.142 to 130.207.183.9 [10/Nov/2009:08:56:32 -0500] conn=212664 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:32 -0500] conn=212664 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:32 -0500] conn=212664 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:32 -0500] conn=212664 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:32 -0500] conn=212664 op=3 UNBIND [10/Nov/2009:08:56:32 -0500] conn=212664 op=3 fd=133 closed - U1 [10/Nov/2009:08:56:32 -0500] conn=212667 op=0 BIND dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:32 -0500] conn=212667 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:32 -0500] conn=212667 op=1 SRCH base="ou=DataForum,cn=fischer,dc=gatech,dc=edu" scope=0 filter="(objectClass=*)" attrs="ou" [10/Nov/2009:08:56:32 -0500] conn=212667 op=1 RESULT err=32 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:32 -0500] conn=212667 op=2 UNBIND [10/Nov/2009:08:56:32 -0500] conn=212667 op=2 fd=71 closed - U1 [10/Nov/2009:08:56:32 -0500] conn=212668 fd=71 slot=71 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:56:32 -0500] conn=212668 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:32 -0500] conn=212668 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:32 -0500] conn=212668 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:32 -0500] conn=212668 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:32 -0500] conn=212668 op=2 UNBIND [10/Nov/2009:08:56:32 -0500] conn=212668 op=2 fd=71 closed - U1 [10/Nov/2009:08:56:33 -0500] conn=212669 fd=71 slot=71 SSL connection from 128.61.166.142 to 130.207.183.9 [10/Nov/2009:08:56:33 -0500] conn=212669 op=0 BIND dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:33 -0500] conn=212669 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:33 -0500] conn=212669 op=1 SRCH base="ou=DataForum,cn=fischer,dc=gatech,dc=edu" scope=0 filter="(objectClass=*)" attrs="ou" [10/Nov/2009:08:56:33 -0500] conn=212669 op=1 RESULT err=32 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:33 -0500] conn=212669 op=2 UNBIND [10/Nov/2009:08:56:33 -0500] conn=212669 op=2 fd=71 closed - U1 [10/Nov/2009:08:56:33 -0500] conn=212670 fd=133 slot=133 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:56:33 -0500] conn=212670 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:33 -0500] conn=212670 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:33 -0500] conn=212670 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:33 -0500] conn=212670 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:33 -0500] conn=212670 op=2 UNBIND [10/Nov/2009:08:56:33 -0500] conn=212670 op=2 fd=133 closed - U1 [10/Nov/2009:08:56:33 -0500] conn=63832 op=354129 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:56:33 -0500] conn=63832 op=354129 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:34 -0500] conn=212671 fd=71 slot=71 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:56:34 -0500] conn=212671 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:34 -0500] conn=212671 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:35 -0500] conn=63832 op=354130 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:56:35 -0500] conn=63832 op=354130 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:36 -0500] conn=212672 fd=133 slot=133 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:56:36 -0500] conn=212672 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:36 -0500] conn=212672 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:36 -0500] conn=212672 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:36 -0500] conn=212672 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:36 -0500] conn=212672 op=2 UNBIND [10/Nov/2009:08:56:36 -0500] conn=212672 op=2 fd=133 closed - U1 [10/Nov/2009:08:56:36 -0500] conn=212671 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:36 -0500] conn=212671 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:36 -0500] conn=212671 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:36 -0500] conn=212671 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:36 -0500] conn=212671 op=3 UNBIND [10/Nov/2009:08:56:36 -0500] conn=212671 op=3 fd=71 closed - U1 [10/Nov/2009:08:56:39 -0500] conn=212673 fd=71 slot=71 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:56:39 -0500] conn=212673 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:39 -0500] conn=212673 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:39 -0500] conn=63832 op=354131 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:56:39 -0500] conn=63832 op=354131 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:40 -0500] conn=63832 op=354133 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement gtAccountCategory" [10/Nov/2009:08:56:40 -0500] conn=63832 op=354133 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:40 -0500] conn=63832 op=354134 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="cn displayName dn gidNumber givenName gtGlobalPerson gtPrimaryGTAccountUsername homeDirectory initials loginShell mail ou sn telephoneNumber title uidNumber gtEmployeeHomeDepartmentName" [10/Nov/2009:08:56:40 -0500] conn=63832 op=354134 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:40 -0500] conn=63832 op=354135 SRCH base = "gtDirGUID = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX ,ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(eduPersonEntitlement=/gt/services/central/gtad/*)" attrs="cn dn givenName initials mail ou sn title homeDirectory" [10/Nov/2009:08:56:40 -0500] conn=63832 op=354135 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:40 -0500] conn=63832 op=354136 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement gtAccountCategory" [10/Nov/2009:08:56:40 -0500] conn=63832 op=354136 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:40 -0500] conn=63832 op=354137 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement gtAccountCategory" [10/Nov/2009:08:56:40 -0500] conn=63832 op=354137 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:40 -0500] conn=63832 op=354138 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement gtAccountCategory" [10/Nov/2009:08:56:40 -0500] conn=63832 op=354138 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:40 -0500] conn=63832 op=354139 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement gtAccountCategory" [10/Nov/2009:08:56:40 -0500] conn=63832 op=354139 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:40 -0500] conn=63832 op=354140 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement gtAccountCategory" [10/Nov/2009:08:56:40 -0500] conn=63832 op=354140 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:40 -0500] conn=63832 op=354141 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement gtAccountCategory" [10/Nov/2009:08:56:40 -0500] conn=63832 op=354141 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:40 -0500] conn=207646 op=140 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(eduPersonAffiliation=XXXXXXXXX)" attrs="eduPersonScopedAffiliation gtEmployeeHomeDepartmentName title" [10/Nov/2009:08:56:40 -0500] conn=63832 op=354142 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement gtAccountCategory" [10/Nov/2009:08:56:40 -0500] conn=63832 op=354142 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:40 -0500] conn=207646 op=140 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:40 -0500] conn=63832 op=354143 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="cn displayName dn gidNumber givenName gtGlobalPerson gtPrimaryGTAccountUsername homeDirectory initials loginShell mail ou sn telephoneNumber title uidNumber gtEmployeeHomeDepartmentName" [10/Nov/2009:08:56:40 -0500] conn=63832 op=354143 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:40 -0500] conn=63832 op=354144 SRCH base = "gtDirGUID = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX ,ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(eduPersonEntitlement=/gt/services/central/gtad/*)" attrs="cn dn givenName initials mail ou sn title homeDirectory" [10/Nov/2009:08:56:41 -0500] conn=63832 op=354144 RESULT err=0 tag=101 nentries=0 etime=1 [10/Nov/2009:08:56:41 -0500] conn=63832 op=354145 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(eduPersonAffiliation=XXXXXXXXX)" attrs="eduPersonScopedAffiliation gtEmployeeHomeDepartmentName title" [10/Nov/2009:08:56:41 -0500] conn=63832 op=354145 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:41 -0500] conn=63832 op=354146 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="cn displayName dn gidNumber givenName gtGlobalPerson gtPrimaryGTAccountUsername homeDirectory initials loginShell mail ou sn telephoneNumber title uidNumber gtEmployeeHomeDepartmentName" [10/Nov/2009:08:56:41 -0500] conn=63832 op=354146 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:41 -0500] conn=63832 op=354147 SRCH base = "gtDirGUID = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX ,ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(eduPersonEntitlement=/gt/services/central/gtad/*)" attrs="cn dn givenName initials mail ou sn title homeDirectory" [10/Nov/2009:08:56:41 -0500] conn=63832 op=354147 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:41 -0500] conn=63832 op=354148 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(eduPersonAffiliation=XXXXXXXXX)" attrs="eduPersonScopedAffiliation gtEmployeeHomeDepartmentName title" [10/Nov/2009:08:56:41 -0500] conn=63832 op=354148 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:41 -0500] conn=63832 op=354149 SRCH base ="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=XXXXXXXX)" attrs="cn displayName dn gidNumber givenName gtGlobalPerson gtPrimaryGTAccountUsername homeDirectory initials loginShell mail ou sn telephoneNumber title uidNumber gtEmployeeHomeDepartmentName" [10/Nov/2009:08:56:41 -0500] conn=63832 op=354149 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:41 -0500] conn=63832 op=354150 SRCH base = "gtDirGUID = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX ,ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 filter="(eduPersonEntitlement=/gt/services/central/gtad/*)" attrs="cn dn givenName initials mail ou sn title homeDirectory" [10/Nov/2009:08:56:41 -0500] conn=63832 op=354150 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:41 -0500] conn=63832 op=354151 SRCH base = "gtDirGUID =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(eduPersonAffiliation=XXXXXXXXX)" attrs="eduPersonScopedAffiliation gtEmployeeHomeDepartmentName title" [10/Nov/2009:08:56:41 -0500] conn=63832 op=354151 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:41 -0500] conn=212673 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:41 -0500] conn=212673 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:41 -0500] conn=212673 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:41 -0500] conn=212673 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:41 -0500] conn=212673 op=3 UNBIND [10/Nov/2009:08:56:41 -0500] conn=212673 op=3 fd=71 closed - U1 [10/Nov/2009:08:56:41 -0500] conn=212674 fd=133 slot=133 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:56:41 -0500] conn=212674 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:41 -0500] conn=212674 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:41 -0500] conn=212674 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:41 -0500] conn=212674 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:41 -0500] conn=212674 op=2 UNBIND [10/Nov/2009:08:56:41 -0500] conn=212674 op=2 fd=133 closed - U1 [10/Nov/2009:08:56:42 -0500] conn=212675 fd=71 slot=71 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:56:42 -0500] conn=212675 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:42 -0500] conn=212675 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:42 -0500] conn=212675 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:42 -0500] conn=212675 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:42 -0500] conn=212675 op=2 UNBIND [10/Nov/2009:08:56:42 -0500] conn=212675 op=2 fd=71 closed - U1 [10/Nov/2009:08:56:43 -0500] conn=63832 op=354152 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:56:43 -0500] conn=212676 fd=71 slot=71 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:56:43 -0500] conn=212676 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:43 -0500] conn=212676 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:43 -0500] conn=212676 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:43 -0500] conn=212676 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:43 -0500] conn=212676 op=2 UNBIND [10/Nov/2009:08:56:43 -0500] conn=212676 op=2 fd=71 closed - U1 [10/Nov/2009:08:56:43 -0500] conn=63832 op=354152 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:43 -0500] conn=212677 fd=133 slot=133 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:56:43 -0500] conn=212677 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:43 -0500] conn=212677 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:45 -0500] conn=212677 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:45 -0500] conn=212677 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:45 -0500] conn=212677 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:45 -0500] conn=212677 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:45 -0500] conn=212677 op=3 UNBIND [10/Nov/2009:08:56:45 -0500] conn=212677 op=3 fd=133 closed - U1 [10/Nov/2009:08:56:46 -0500] conn=212678 fd=71 slot=71 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:56:46 -0500] conn=212678 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:46 -0500] conn=212678 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:46 -0500] conn=212678 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:46 -0500] conn=212678 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:46 -0500] conn=212678 op=2 UNBIND [10/Nov/2009:08:56:46 -0500] conn=212678 op=2 fd=71 closed - U1 [10/Nov/2009:08:56:46 -0500] conn=63832 op=354153 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:56:46 -0500] conn=63832 op=354153 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:47 -0500] conn=212679 fd=71 slot=71 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:56:47 -0500] conn=212679 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:47 -0500] conn=212679 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:49 -0500] conn=212679 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:49 -0500] conn=212679 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:49 -0500] conn=212679 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:49 -0500] conn=212679 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:49 -0500] conn=212679 op=3 UNBIND [10/Nov/2009:08:56:49 -0500] conn=212679 op=3 fd=71 closed - U1 [10/Nov/2009:08:56:50 -0500] conn=63832 op=354155 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:56:50 -0500] conn=63832 op=354155 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:51 -0500] conn=212680 fd=71 slot=71 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:56:51 -0500] conn=212680 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:51 -0500] conn=212680 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:51 -0500] conn=212681 fd=133 slot=133 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:56:51 -0500] conn=212681 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:51 -0500] conn=212681 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:51 -0500] conn=212681 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:51 -0500] conn=212681 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:51 -0500] conn=212681 op=2 UNBIND [10/Nov/2009:08:56:51 -0500] conn=212681 op=2 fd=133 closed - U1 [10/Nov/2009:08:56:52 -0500] conn=212682 fd=133 slot=133 SSL connection from 130.207.183.19 to 130.207.183.9 [10/Nov/2009:08:56:52 -0500] conn=212682 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:52 -0500] conn=212682 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:52 -0500] conn=212682 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:52 -0500] conn=212682 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:52 -0500] conn=212682 op=2 UNBIND [10/Nov/2009:08:56:52 -0500] conn=212682 op=2 fd=133 closed - U1 [10/Nov/2009:08:56:53 -0500] conn=212683 fd=133 slot=133 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:56:53 -0500] conn=212683 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:53 -0500] conn=212683 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:53 -0500] conn=212683 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:53 -0500] conn=212683 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:53 -0500] conn=212683 op=2 UNBIND [10/Nov/2009:08:56:53 -0500] conn=212683 op=2 fd=133 closed - U1 [10/Nov/2009:08:56:54 -0500] conn=212680 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:54 -0500] conn=212680 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:54 -0500] conn=212680 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:54 -0500] conn=212680 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:54 -0500] conn=212680 op=3 UNBIND [10/Nov/2009:08:56:54 -0500] conn=212680 op=3 fd=71 closed - U1 [10/Nov/2009:08:56:54 -0500] conn=63832 op=354156 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:56:54 -0500] conn=63832 op=354156 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:56 -0500] conn=212684 fd=71 slot=71 SSL connection from 130.207.183.18 to 130.207.183.9 [10/Nov/2009:08:56:56 -0500] conn=212684 op=0 BIND dn="uid=lmsbigip/ gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:56 -0500] conn=212684 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:56 -0500] conn=212684 op=1 SRCH base="ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=2 filter="(uid=lmsbigip/gted- access)" attrs=ALL [10/Nov/2009:08:56:56 -0500] conn=212684 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:56 -0500] conn=212684 op=2 UNBIND [10/Nov/2009:08:56:56 -0500] conn=212684 op=2 fd=71 closed - U1 [10/Nov/2009:08:56:57 -0500] conn=63832 op=354158 SRCH base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" [10/Nov/2009:08:56:57 -0500] conn=212685 fd=71 slot=71 SSL connection from 130.207.165.85 to 130.207.183.9 [10/Nov/2009:08:56:57 -0500] conn=63832 op=354158 RESULT err=0 tag=101 nentries=1 etime=0 [10/Nov/2009:08:56:57 -0500] conn=212685 op=0 BIND dn="uid=mage- gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 [10/Nov/2009:08:56:57 -0500] conn=212685 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" [10/Nov/2009:08:56:58 -0500] conn=212685 op=1 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:58 -0500] conn=212685 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:58 -0500] conn=212685 op=2 SRCH base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" attrs=ALL [10/Nov/2009:08:56:58 -0500] conn=212685 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [10/Nov/2009:08:56:58 -0500] conn=212685 op=3 UNBIND [10/Nov/2009:08:56:58 -0500] conn=212685 op=3 fd=71 closed - U1 From rmeggins at redhat.com Thu Nov 12 23:41:51 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Thu, 12 Nov 2009 16:41:51 -0700 Subject: [389-users] more MMR issues In-Reply-To: <99273101-9F48-4050-ADA9-A89EEA38EE57@shangri-la.ts.gatech.edu> References: <4AF9CC57.4000000@redhat.com> <517A19A4-132C-454A-B12A-025CAA640D19@shangri-la.ts.gatech.edu> <4AFC3053.2030402@redhat.com> <99273101-9F48-4050-ADA9-A89EEA38EE57@shangri-la.ts.gatech.edu> Message-ID: <4AFC9D3F.7060001@redhat.com> Robert Viduya wrote: > > On Nov 12, 2009, at 10:57 AM, Rich Megginson wrote: >>> >> Yes, I think you are correct. The behavior in the logs on the >> consumer is consistent with that. When a supplier starts an >> initialization of a consumer, it sets the consumer's database to >> referral mode - that is, the consumer should not attempt to process >> any requests for that database during initialization - it's database >> is offline while being initialized. >> >> Another odd thing is that op=85 is not logged - not sure what >> happened there. >> >> It would be useful to take a look at the supplier access and error >> logs from around 08:55:28 to 08:56:27 I don't see anything which indicates that someone initiated a replica init from this master. I would expect to see a MOD on the replication agreement entry, and I don't see that. Are you using a BigIP or some other type of load balancing device between the two servers? If so, I wonder if that is somehow causing problems. > > Error log: > > [10/Nov/2009:08:39:29 -0500] - repl5_inc_waitfor_async_results timed > out waiting for responses: 38 46 > [10/Nov/2009:08:39:54 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Warning: unable to receive > endReplication extended operation response (Bad parameter to an ldap > routine) > [10/Nov/2009:08:40:04 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:40:08 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:40:14 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:40:38 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:43:05 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:44:50 -0500] - repl5_inc_waitfor_async_results timed > out waiting for responses: 6 8 > [10/Nov/2009:08:47:08 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:47:08 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Incremental protocol: event > backoff_timer_expired should not occur in state start_backoff > [10/Nov/2009:08:47:10 -0500] NSMMReplicationPlugin - agmt="cn=accounts > rewbell gertrude" (gertrude:636): Warning: unable to receive > endReplication extended operation response (Bad parameter to an ldap > routine) > [10/Nov/2009:08:47:12 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:47:18 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Incremental update failed and > requires administrator action > [10/Nov/2009:08:48:57 -0500] NSMMReplicationPlugin - agmt="cn=accounts > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:49:58 -0500] NSMMReplicationPlugin - agmt="cn=accounts > rewbell gertrude" (gertrude:636): Incremental update failed and > requires administrator action > [10/Nov/2009:08:55:01 -0500] - repl5_inc_waitfor_async_results timed > out waiting for responses: 13 14 > [10/Nov/2009:08:55:01 -0500] - repl5_inc_waitfor_async_results timed > out waiting for responses: 59 81 > [10/Nov/2009:08:55:02 -0500] NSMMReplicationPlugin - agmt="cn=accounts > rewbell gertrude" (gertrude:636): Warning: unable to receive > endReplication extended operation response (Bad parameter to an ldap > routine) > [10/Nov/2009:08:55:12 -0500] NSMMReplicationPlugin - agmt="cn=accounts > rewbell gertrude" (gertrude:636): Incremental update failed and > requires administrator action > [10/Nov/2009:08:55:14 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Warning: unable to receive > endReplication extended operation response (Bad parameter to an ldap > routine) > [10/Nov/2009:08:55:24 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:55:28 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later.[10/Nov/2009:08:55:34 -0500] > NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" > (gertrude:636): Unable to receive the response for a startReplication > extended operation to consumer (Bad parameter to an ldap routine). > Will retry later. > [10/Nov/2009:08:55:46 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:56:10 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:56:58 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later.[10/Nov/2009:08:58:34 -0500] > NSMMReplicationPlugin - agmt="cn=people rewbell gertrude" > (gertrude:636): Replication bind with SIMPLE auth resumed > [10/Nov/2009:09:01:47 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Consumer failed to replay change > (uniqueid 51dccc08-9efe11de-8efe8516-22c1043e, CSN > 4af96f8a000200370000): Operations error. Will retry > later.[10/Nov/2009:09:01:47 -0500] NSMMReplicationPlugin - > agmt="cn=people rewbell gertrude" (gertrude:636): Consumer failed to > replay change (uniqueid 5ad5610c-1dd211b2-80b9be51-952a0000, CSN > 4af96f8b000000370000): Operations error. Will retry > later.[10/Nov/2009:09:01:47 -0500] NSMMReplicationPlugin - > agmt="cn=people rewbell gertrude" (gertrude:636): Consumer failed to > replay change (uniqueid 213cd58e-cd7b11de-b535d108-950067b1, CSN > 4af96fcf000000370000): Operations error. Will retry later. > > And access log (edited to protect the innocent): > > [10/Nov/2009:08:55:01 -0500] conn=63832 op=354078 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:55:01 -0500] conn=63832 op=354078 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:01 -0500] conn=212587 fd=71 slot=71 SSL connection > from 128.61.166.142 to 130.207.183.9 > [10/Nov/2009:08:55:01 -0500] conn=212587 op=0 BIND > dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 > version=3 > [10/Nov/2009:08:55:01 -0500] conn=212587 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=fischer,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:01 -0500] conn=212587 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(eduPersonEntitlement=*)" attrs="dn" > [10/Nov/2009:08:55:01 -0500] conn=212587 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:01 -0500] conn=212587 op=2 UNBIND > [10/Nov/2009:08:55:01 -0500] conn=212587 op=2 fd=71 closed - U1 > [10/Nov/2009:08:55:01 -0500] conn=212588 fd=141 slot=141 SSL > connection from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:55:01 -0500] conn=212588 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:01 -0500] conn=212588 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:01 -0500] conn=212588 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:01 -0500] conn=212588 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:01 -0500] conn=212588 op=2 UNBIND > [10/Nov/2009:08:55:01 -0500] conn=212588 op=2 fd=141 closed - U1 > [10/Nov/2009:08:55:01 -0500] conn=212589 fd=71 slot=71 SSL connection > from 130.207.172.151 to 130.207.183.9 > [10/Nov/2009:08:55:01 -0500] conn=212589 op=0 BIND dn="cn=Replication > Manager,cn=config" method=128 version=3 > [10/Nov/2009:08:55:01 -0500] conn=212589 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="cn=replication manager,cn=config" > [10/Nov/2009:08:55:01 -0500] conn=212589 op=1 SRCH base="" scope=0 > filter="(objectClass=*)" attrs="supportedControl supportedExtension" > [10/Nov/2009:08:55:01 -0500] conn=212589 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:01 -0500] conn=212589 op=2 SRCH base="" scope=0 > filter="(objectClass=*)" attrs="supportedControl supportedExtension" > [10/Nov/2009:08:55:01 -0500] conn=212589 op=2 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:01 -0500] conn=212589 op=3 EXT > oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" > [10/Nov/2009:08:55:01 -0500] conn=212589 op=3 RESULT err=0 tag=120 > nentries=0 etime=0 > [10/Nov/2009:08:55:01 -0500] conn=212589 op=4 MOD > dn="cn=gertrude-monitor2,ou=monitor,ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > > [10/Nov/2009:08:55:01 -0500] conn=212589 op=4 RESULT err=0 tag=103 > nentries=0 etime=0 csn=4af970b5000000330000 > [10/Nov/2009:08:55:02 -0500] conn=212331 op=21 EXT > oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" > [10/Nov/2009:08:55:02 -0500] conn=212331 op=21 RESULT err=0 tag=120 > nentries=0 etime=0 > [10/Nov/2009:08:55:02 -0500] conn=212331 op=22 MOD > dn="cn=gertrude-monitor2,ou=monitor,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:02 -0500] conn=212331 op=22 RESULT err=0 tag=103 > nentries=0 etime=0 csn=4af970b6000000320000 > [10/Nov/2009:08:55:02 -0500] conn=212590 fd=141 slot=141 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:55:02 -0500] conn=212590 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:55:02 -0500] conn=212590 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:02 -0500] conn=212591 fd=149 slot=149 SSL > connection from 128.61.166.142 to 130.207.183.9 > [10/Nov/2009:08:55:02 -0500] conn=212591 op=0 BIND > dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 > version=3 > [10/Nov/2009:08:55:02 -0500] conn=212591 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=fischer,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:02 -0500] conn=212591 op=1 UNBIND > [10/Nov/2009:08:55:02 -0500] conn=212591 op=1 fd=149 closed - U1 > [10/Nov/2009:08:55:02 -0500] conn=212592 fd=149 slot=149 SSL > connection from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:55:02 -0500] conn=212592 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:02 -0500] conn=212592 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:02 -0500] conn=212592 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:02 -0500] conn=212592 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:02 -0500] conn=212592 op=2 UNBIND > [10/Nov/2009:08:55:02 -0500] conn=212592 op=2 fd=149 closed - U1 > [10/Nov/2009:08:55:03 -0500] conn=212593 fd=149 slot=149 SSL > connection from 130.207.165.93 to 130.207.183.9 > [10/Nov/2009:08:55:03 -0500] conn=212593 op=0 BIND > dn="cn=ServiceMonitor,ou=Local Accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:55:03 -0500] conn=212593 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="cn=servicemonitor,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:03 -0500] conn=212593 op=1 MOD > dn="cn=rewbell-monitor,ou=monitor,ou=people,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:03 -0500] conn=212593 op=1 RESULT err=0 tag=103 > nentries=0 etime=0 csn=4af970b8000000370000 > [10/Nov/2009:08:55:03 -0500] conn=212593 op=2 UNBIND > [10/Nov/2009:08:55:03 -0500] conn=212593 op=2 fd=149 closed - U1 > [10/Nov/2009:08:55:03 -0500] conn=212594 fd=152 slot=152 SSL > connection from 130.207.165.93 to 130.207.183.9 > [10/Nov/2009:08:55:03 -0500] conn=212594 op=0 BIND > dn="cn=ServiceMonitor,ou=Local Accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:55:03 -0500] conn=212594 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="cn=servicemonitor,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:03 -0500] conn=212594 op=1 SRCH > base="cn=rewbell-monitor,ou=monitor,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(objectClass=*)" attrs="description" > [10/Nov/2009:08:55:03 -0500] conn=212594 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:03 -0500] conn=212594 op=2 UNBIND > [10/Nov/2009:08:55:03 -0500] conn=212594 op=2 fd=152 closed - U1 > [10/Nov/2009:08:55:03 -0500] conn=63832 op=354080 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:55:03 -0500] conn=63832 op=354080 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:03 -0500] conn=212589 op=5 EXT > oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session" > [10/Nov/2009:08:55:03 -0500] conn=212589 op=5 RESULT err=0 tag=120 > nentries=0 etime=0 > [10/Nov/2009:08:55:04 -0500] conn=212590 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:04 -0500] conn=212590 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:04 -0500] conn=212590 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:04 -0500] conn=212590 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:04 -0500] conn=212590 op=3 UNBIND > [10/Nov/2009:08:55:04 -0500] conn=212590 op=3 fd=141 closed - U1 > [10/Nov/2009:08:55:04 -0500] conn=212595 fd=149 slot=149 SSL > connection from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:55:04 -0500] conn=212595 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:04 -0500] conn=212595 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:04 -0500] conn=212595 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:04 -0500] conn=212595 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:04 -0500] conn=212595 op=2 UNBIND > [10/Nov/2009:08:55:04 -0500] conn=212595 op=2 fd=149 closed - U1 > [10/Nov/2009:08:55:04 -0500] conn=212331 op=24 EXT > oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session" > [10/Nov/2009:08:55:04 -0500] conn=212331 op=24 RESULT err=0 tag=120 > nentries=0 etime=0 > [10/Nov/2009:08:55:06 -0500] conn=63832 op=354081 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=W02740727)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:55:06 -0500] conn=63832 op=354081 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:06 -0500] conn=212596 fd=141 slot=141 SSL > connection from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:55:06 -0500] conn=212596 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:06 -0500] conn=212596 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:06 -0500] conn=212596 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:06 -0500] conn=212596 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:06 -0500] conn=212596 op=2 UNBIND > [10/Nov/2009:08:55:06 -0500] conn=212596 op=2 fd=141 closed - U1 > [10/Nov/2009:08:55:07 -0500] conn=63852 op=81449 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="dn cn eduPersonEntitlement gidNumber gtAccountCategory > gtAccountManagementAccountIndex gtAuthenticationMechanism gtDirGUID > gtGlobalPerson homeDirectory loginShell objectClass sn uid uidNumber" > [10/Nov/2009:08:55:07 -0500] conn=63852 op=81449 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:07 -0500] conn=212597 fd=141 slot=141 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:55:07 -0500] conn=212597 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:55:07 -0500] conn=212597 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:08 -0500] conn=63832 op=354082 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:55:08 -0500] conn=63832 op=354082 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:09 -0500] conn=212597 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:09 -0500] conn=212597 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:09 -0500] conn=212597 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:09 -0500] conn=212597 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:09 -0500] conn=212597 op=3 UNBIND > [10/Nov/2009:08:55:09 -0500] conn=212597 op=3 fd=141 closed - U1 > [10/Nov/2009:08:55:11 -0500] conn=212598 fd=141 slot=141 SSL > connection from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:55:11 -0500] conn=212598 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:11 -0500] conn=212598 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:11 -0500] conn=212598 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:11 -0500] conn=212598 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:11 -0500] conn=212598 op=2 UNBIND > [10/Nov/2009:08:55:11 -0500] conn=212598 op=2 fd=141 closed - U1 > [10/Nov/2009:08:55:11 -0500] conn=63832 op=354084 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:55:11 -0500] conn=63832 op=354084 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:12 -0500] conn=212599 fd=141 slot=141 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:55:12 -0500] conn=212599 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:55:12 -0500] conn=212599 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:12 -0500] conn=212600 fd=149 slot=149 SSL > connection from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:55:12 -0500] conn=212600 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:12 -0500] conn=212600 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:12 -0500] conn=212600 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:12 -0500] conn=212600 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:12 -0500] conn=212600 op=2 UNBIND > [10/Nov/2009:08:55:12 -0500] conn=212600 op=2 fd=149 closed - U1 > [10/Nov/2009:08:55:13 -0500] conn=212601 fd=149 slot=149 SSL > connection from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:55:13 -0500] conn=212601 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:13 -0500] conn=212601 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:13 -0500] conn=212601 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:13 -0500] conn=212601 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:13 -0500] conn=212601 op=2 UNBIND > [10/Nov/2009:08:55:13 -0500] conn=212601 op=2 fd=149 closed - U1 > [10/Nov/2009:08:55:13 -0500] conn=212602 fd=149 slot=149 SSL > connection from 130.207.172.151 to 130.207.183.9 > [10/Nov/2009:08:55:13 -0500] conn=212602 op=0 BIND dn="cn=Replication > Manager,cn=config" method=128 version=3 > [10/Nov/2009:08:55:13 -0500] conn=212602 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="cn=replication manager,cn=config" > [10/Nov/2009:08:55:13 -0500] conn=212602 op=1 SRCH base="" scope=0 > filter="(objectClass=*)" attrs="supportedControl supportedExtension" > [10/Nov/2009:08:55:13 -0500] conn=212602 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:13 -0500] conn=212602 op=2 SRCH base="" scope=0 > filter="(objectClass=*)" attrs="supportedControl supportedExtension" > [10/Nov/2009:08:55:14 -0500] conn=212602 op=2 RESULT err=0 tag=101 > nentries=1 etime=1 > [10/Nov/2009:08:55:14 -0500] conn=212602 op=3 EXT > oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" > [10/Nov/2009:08:55:14 -0500] conn=212602 op=3 RESULT err=0 tag=120 > nentries=0 etime=0 > [10/Nov/2009:08:55:14 -0500] conn=212602 op=4 MOD > dn="cn=gertrude-monitor2,ou=monitor,ou=people,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:14 -0500] conn=212589 op=6 EXT > oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" > [10/Nov/2009:08:55:14 -0500] conn=212589 op=6 RESULT err=0 tag=120 > nentries=0 etime=0 > [10/Nov/2009:08:55:14 -0500] conn=212589 op=7 EXT > oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session" > [10/Nov/2009:08:55:14 -0500] conn=212602 op=4 RESULT err=0 tag=103 > nentries=0 etime=0 csn=4af970c3000000340000 > [10/Nov/2009:08:55:14 -0500] conn=212589 op=7 RESULT err=0 tag=120 > nentries=0 etime=0 > [10/Nov/2009:08:55:14 -0500] conn=212599 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:14 -0500] conn=212599 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:14 -0500] conn=212599 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:14 -0500] conn=212599 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:14 -0500] conn=212599 op=3 UNBIND > [10/Nov/2009:08:55:14 -0500] conn=212599 op=3 fd=141 closed - U1 > [10/Nov/2009:08:55:14 -0500] conn=212331 op=25 EXT > oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" > [10/Nov/2009:08:55:14 -0500] conn=212331 op=25 RESULT err=0 tag=120 > nentries=0 etime=0 > [10/Nov/2009:08:55:14 -0500] conn=212331 op=26 EXT > oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session" > [10/Nov/2009:08:55:14 -0500] conn=212331 op=26 RESULT err=0 tag=120 > nentries=0 etime=0 > [10/Nov/2009:08:55:14 -0500] conn=63852 op=81451 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="cn dn gtDirGUID gtGTID gtIMSID gtInstructedCourse > gtJustEndedCourse gtPersonDirectoryId gtPIDM gtRegisteredCourse > gtSISEmailAddress gtStudentCampusAddress gtStudentConfidentiality > gtStudentGivenName gtStudentHomePhone gtStudentHomePostalAddress > gtStudentMiddleName gtStudentNameSuffix gtStudentPostalAddress > gtStudentPostalCode gtStudentScopedAffiliation gtStudentSN > gtStudentTelephoneNumber gtUpcomingCourse objectClass sn > gtActiveCourse gtCurrentDormResidence gtCurriculum" > [10/Nov/2009:08:55:14 -0500] conn=63852 op=81451 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:14 -0500] conn=63852 op=81452 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="cn dn gtDirGUID gtGTID gtIMSID gtInstructedCourse > gtJustEndedCourse gtPersonDirectoryId gtPIDM gtRegisteredCourse > gtSISEmailAddress gtStudentCampusAddress gtStudentConfidentiality > gtStudentGivenName gtStudentHomePhone gtStudentHomePostalAddress > gtStudentMiddleName gtStudentNameSuffix gtStudentPostalAddress > gtStudentPostalCode gtStudentScopedAffiliation gtStudentSN > gtStudentTelephoneNumber gtUpcomingCourse objectClass sn > gtActiveCourse gtCurrentDormResidence gtCurriculum" > [10/Nov/2009:08:55:14 -0500] conn=63852 op=81452 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:14 -0500] conn=63852 op=81453 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="cn dn gtDirGUID gtGTID gtIMSID gtInstructedCourse > gtJustEndedCourse gtPersonDirectoryId gtPIDM gtRegisteredCourse > gtSISEmailAddress gtStudentCampusAddress gtStudentConfidentiality > gtStudentGivenName gtStudentHomePhone gtStudentHomePostalAddress > gtStudentMiddleName gtStudentNameSuffix gtStudentPostalAddress > gtStudentPostalCode gtStudentScopedAffiliation gtStudentSN > gtStudentTelephoneNumber gtUpcomingCourse objectClass sn > gtActiveCourse gtCurrentDormResidence gtCurriculum" > [10/Nov/2009:08:55:14 -0500] conn=63852 op=81453 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:14 -0500] conn=63832 op=354085 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:55:14 -0500] conn=63832 op=354085 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:16 -0500] conn=212602 op=5 EXT > oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session" > [10/Nov/2009:08:55:16 -0500] conn=212602 op=5 RESULT err=0 tag=120 > nentries=0 etime=0 > [10/Nov/2009:08:55:16 -0500] conn=212603 fd=141 slot=141 SSL > connection from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:55:16 -0500] conn=212603 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:16 -0500] conn=212603 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:16 -0500] conn=212603 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:16 -0500] conn=212603 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:16 -0500] conn=212603 op=2 UNBIND > [10/Nov/2009:08:55:16 -0500] conn=212603 op=2 fd=141 closed - U1 > [10/Nov/2009:08:55:16 -0500] conn=63852 op=81455 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="cn dn gtDirGUID gtGTID gtIMSID gtInstructedCourse > gtJustEndedCourse gtPersonDirectoryId gtPIDM gtRegisteredCourse > gtSISEmailAddress gtStudentCampusAddress gtStudentConfidentiality > gtStudentGivenName gtStudentHomePhone gtStudentHomePostalAddress > gtStudentMiddleName gtStudentNameSuffix gtStudentPostalAddress > gtStudentPostalCode gtStudentScopedAffiliation gtStudentSN > gtStudentTelephoneNumber gtUpcomingCourse objectClass sn > gtActiveCourse gtCurrentDormResidence gtCurriculum" > [10/Nov/2009:08:55:16 -0500] conn=63852 op=81455 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:16 -0500] conn=63852 op=81456 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="cn dn gtDirGUID gtGTID gtIMSID gtInstructedCourse > gtJustEndedCourse gtPersonDirectoryId gtPIDM gtRegisteredCourse > gtSISEmailAddress gtStudentCampusAddress gtStudentConfidentiality > gtStudentGivenName gtStudentHomePhone gtStudentHomePostalAddress > gtStudentMiddleName gtStudentNameSuffix gtStudentPostalAddress > gtStudentPostalCode gtStudentScopedAffiliation gtStudentSN > gtStudentTelephoneNumber gtUpcomingCourse objectClass sn > gtActiveCourse gtCurrentDormResidence gtCurriculum" > [10/Nov/2009:08:55:16 -0500] conn=63852 op=81456 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:17 -0500] conn=212604 fd=141 slot=141 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:55:17 -0500] conn=212604 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:55:17 -0500] conn=212604 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:18 -0500] conn=63832 op=354087 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:55:18 -0500] conn=63832 op=354087 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:18 -0500] conn=212604 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:18 -0500] conn=212604 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:18 -0500] conn=212604 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:18 -0500] conn=212604 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:18 -0500] conn=212604 op=3 UNBIND > [10/Nov/2009:08:55:18 -0500] conn=212604 op=3 fd=141 closed - U1 > [10/Nov/2009:08:55:21 -0500] conn=212605 fd=141 slot=141 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:55:21 -0500] conn=212605 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:55:21 -0500] conn=212605 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:21 -0500] conn=212606 fd=152 slot=152 SSL > connection from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:55:21 -0500] conn=212606 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:21 -0500] conn=212606 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:21 -0500] conn=212606 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:21 -0500] conn=212606 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:21 -0500] conn=212606 op=2 UNBIND > [10/Nov/2009:08:55:21 -0500] conn=212606 op=2 fd=152 closed - U1 > [10/Nov/2009:08:55:22 -0500] conn=212605 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:22 -0500] conn=212605 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:22 -0500] conn=212607 fd=152 slot=152 SSL > connection from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:55:22 -0500] conn=212605 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:22 -0500] conn=212605 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:22 -0500] conn=212607 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:22 -0500] conn=212607 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:22 -0500] conn=212607 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:22 -0500] conn=212607 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:22 -0500] conn=212607 op=2 UNBIND > [10/Nov/2009:08:55:22 -0500] conn=212607 op=2 fd=152 closed - U1 > [10/Nov/2009:08:55:22 -0500] conn=212605 op=3 UNBIND > [10/Nov/2009:08:55:22 -0500] conn=212605 op=3 fd=141 closed - U1 > [10/Nov/2009:08:55:22 -0500] conn=63832 op=354088 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:55:22 -0500] conn=63832 op=354088 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:23 -0500] conn=212608 fd=141 slot=141 SSL > connection from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:55:23 -0500] conn=212608 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:23 -0500] conn=212608 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:23 -0500] conn=212608 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:23 -0500] conn=212608 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:23 -0500] conn=212608 op=2 UNBIND > [10/Nov/2009:08:55:23 -0500] conn=212608 op=2 fd=141 closed - U1 > [10/Nov/2009:08:55:25 -0500] conn=212609 fd=141 slot=141 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:55:25 -0500] conn=212609 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:55:25 -0500] conn=212609 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:26 -0500] conn=212602 op=6 EXT > oid="2.16.840.1.113730.3.5.3" name="Netscape Replication Start Session" > [10/Nov/2009:08:55:26 -0500] conn=212602 op=6 RESULT err=0 tag=120 > nentries=0 etime=0 > [10/Nov/2009:08:55:26 -0500] conn=212602 op=7 EXT > oid="2.16.840.1.113730.3.5.5" name="Netscape Replication End Session" > [10/Nov/2009:08:55:26 -0500] conn=212602 op=7 RESULT err=0 tag=120 > nentries=0 etime=0 > [10/Nov/2009:08:55:26 -0500] conn=63832 op=354090 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:55:26 -0500] conn=63832 op=354090 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:26 -0500] conn=212609 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:26 -0500] conn=212609 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:26 -0500] conn=212609 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:26 -0500] conn=212609 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:26 -0500] conn=212610 fd=152 slot=152 SSL > connection from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:55:26 -0500] conn=212609 op=3 UNBIND > [10/Nov/2009:08:55:26 -0500] conn=212609 op=3 fd=141 closed - U1 > [10/Nov/2009:08:55:26 -0500] conn=212610 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:26 -0500] conn=212610 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:26 -0500] conn=212610 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:26 -0500] conn=212610 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:26 -0500] conn=212610 op=2 UNBIND > [10/Nov/2009:08:55:26 -0500] conn=212610 op=2 fd=152 closed - U1 > [10/Nov/2009:08:55:28 -0500] conn=212611 fd=141 slot=141 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:55:28 -0500] conn=212611 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:55:28 -0500] conn=212611 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:29 -0500] conn=63832 op=354091 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:55:29 -0500] conn=63832 op=354091 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:29 -0500] conn=212611 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:29 -0500] conn=212611 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:29 -0500] conn=212611 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:29 -0500] conn=212611 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:29 -0500] conn=212611 op=3 UNBIND > [10/Nov/2009:08:55:29 -0500] conn=212611 op=3 fd=141 closed - U1 > [10/Nov/2009:08:55:31 -0500] conn=212612 fd=141 slot=141 SSL > connection from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:55:31 -0500] conn=212612 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:31 -0500] conn=212612 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:31 -0500] conn=212612 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:31 -0500] conn=212612 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:31 -0500] conn=212612 op=2 UNBIND > [10/Nov/2009:08:55:31 -0500] conn=212612 op=2 fd=141 closed - U1 > [10/Nov/2009:08:55:32 -0500] conn=212613 fd=141 slot=141 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:55:32 -0500] conn=212613 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:55:32 -0500] conn=212613 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:32 -0500] conn=63832 op=354093 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:55:32 -0500] conn=212614 fd=152 slot=152 SSL > connection from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:55:32 -0500] conn=63832 op=354093 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:32 -0500] conn=212614 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:32 -0500] conn=212614 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:32 -0500] conn=212614 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:32 -0500] conn=212614 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:32 -0500] conn=212614 op=2 UNBIND > [10/Nov/2009:08:55:32 -0500] conn=212614 op=2 fd=152 closed - U1 > [10/Nov/2009:08:55:33 -0500] conn=212615 fd=152 slot=152 SSL > connection from 128.61.166.142 to 130.207.183.9 > [10/Nov/2009:08:55:33 -0500] conn=212615 op=0 BIND > dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 > version=3 > [10/Nov/2009:08:55:33 -0500] conn=212615 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=fischer,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:33 -0500] conn=212615 op=1 SRCH base="cn=config" > scope=0 filter="(objectClass=*)" attrs="nsslapd-localhost" > [10/Nov/2009:08:55:33 -0500] conn=212615 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:33 -0500] conn=212615 op=2 UNBIND > [10/Nov/2009:08:55:33 -0500] conn=212615 op=2 fd=152 closed - U1 > [10/Nov/2009:08:55:33 -0500] conn=212616 fd=152 slot=152 SSL > connection from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:55:33 -0500] conn=212616 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:33 -0500] conn=212616 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:33 -0500] conn=212616 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:33 -0500] conn=212616 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:33 -0500] conn=212616 op=2 UNBIND > [10/Nov/2009:08:55:33 -0500] conn=212616 op=2 fd=152 closed - U1 > [10/Nov/2009:08:55:33 -0500] conn=212617 fd=152 slot=152 SSL > connection from 128.61.166.142 to 130.207.183.9 > [10/Nov/2009:08:55:33 -0500] conn=212617 op=0 BIND > dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 > version=3 > [10/Nov/2009:08:55:33 -0500] conn=212617 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=fischer,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:33 -0500] conn=212617 op=1 SRCH base="cn=config" > scope=0 filter="(objectClass=*)" attrs="nsslapd-localhost" > [10/Nov/2009:08:55:34 -0500] conn=212617 op=1 RESULT err=0 tag=101 > nentries=1 etime=1 > [10/Nov/2009:08:55:34 -0500] conn=212617 op=2 UNBIND > [10/Nov/2009:08:55:34 -0500] conn=212617 op=2 fd=152 closed - U1 > [10/Nov/2009:08:55:34 -0500] conn=212613 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:34 -0500] conn=212613 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:34 -0500] conn=212613 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:34 -0500] conn=212613 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:34 -0500] conn=212613 op=3 UNBIND > [10/Nov/2009:08:55:34 -0500] conn=212613 op=3 fd=141 closed - U1 > [10/Nov/2009:08:55:34 -0500] conn=212618 fd=141 slot=141 SSL > connection from 128.61.166.142 to 130.207.183.9 > [10/Nov/2009:08:55:34 -0500] conn=212618 op=0 BIND > dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 > version=3 > [10/Nov/2009:08:55:34 -0500] conn=212618 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=fischer,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:34 -0500] conn=212618 op=1 SRCH base="cn=config" > scope=0 filter="(objectClass=*)" attrs="nsslapd-localhost" > [10/Nov/2009:08:55:34 -0500] conn=212618 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:34 -0500] conn=212618 op=2 UNBIND > [10/Nov/2009:08:55:34 -0500] conn=212618 op=2 fd=141 closed - U1 > [10/Nov/2009:08:55:35 -0500] conn=212619 fd=141 slot=141 SSL > connection from 128.61.166.142 to 130.207.183.9 > [10/Nov/2009:08:55:35 -0500] conn=212619 op=0 BIND > dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 > version=3 > [10/Nov/2009:08:55:35 -0500] conn=212619 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=fischer,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:35 -0500] conn=212619 op=1 SRCH base="cn=config" > scope=0 filter="(objectClass=*)" attrs="nsslapd-localhost" > [10/Nov/2009:08:55:35 -0500] conn=212619 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:35 -0500] conn=212619 op=2 UNBIND > [10/Nov/2009:08:55:35 -0500] conn=212619 op=2 fd=141 closed - U1 > [10/Nov/2009:08:55:35 -0500] conn=212620 fd=141 slot=141 SSL > connection from 128.61.166.142 to 130.207.183.9 > [10/Nov/2009:08:55:35 -0500] conn=212620 op=0 BIND > dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 > version=3 > [10/Nov/2009:08:55:35 -0500] conn=212620 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=fischer,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:35 -0500] conn=212620 op=1 SRCH base="cn=config" > scope=0 filter="(objectClass=*)" attrs="nsslapd-localhost" > [10/Nov/2009:08:55:35 -0500] conn=212620 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:35 -0500] conn=212620 op=2 UNBIND > [10/Nov/2009:08:55:35 -0500] conn=212620 op=2 fd=141 closed - U1 > [10/Nov/2009:08:55:36 -0500] conn=212621 fd=141 slot=141 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:55:36 -0500] conn=212622 fd=152 slot=152 SSL > connection from 128.61.166.142 to 130.207.183.9 > [10/Nov/2009:08:55:36 -0500] conn=212622 op=0 BIND > dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 > version=3 > [10/Nov/2009:08:55:36 -0500] conn=212622 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=fischer,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:36 -0500] conn=212622 op=1 SRCH base="cn=config" > scope=0 filter="(objectClass=*)" attrs="nsslapd-localhost" > [10/Nov/2009:08:55:36 -0500] conn=212622 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:36 -0500] conn=212622 op=2 UNBIND > [10/Nov/2009:08:55:36 -0500] conn=212622 op=2 fd=152 closed - U1 > [10/Nov/2009:08:55:36 -0500] conn=212623 fd=157 slot=157 SSL > connection from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:55:36 -0500] conn=212623 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:36 -0500] conn=212623 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:36 -0500] conn=212623 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:36 -0500] conn=212623 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:36 -0500] conn=212623 op=2 UNBIND > [10/Nov/2009:08:55:36 -0500] conn=212623 op=2 fd=157 closed - U1 > [10/Nov/2009:08:55:37 -0500] conn=212624 fd=152 slot=152 SSL > connection from 128.61.166.142 to 130.207.183.9 > [10/Nov/2009:08:55:37 -0500] conn=212624 op=0 BIND > dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 > version=3 > [10/Nov/2009:08:55:37 -0500] conn=212624 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=fischer,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:37 -0500] conn=212624 op=1 SRCH base="cn=config" > scope=0 filter="(objectClass=*)" attrs="nsslapd-localhost" > [10/Nov/2009:08:55:37 -0500] conn=212624 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:37 -0500] conn=212624 op=2 UNBIND > [10/Nov/2009:08:55:37 -0500] conn=212624 op=2 fd=152 closed - U1 > [10/Nov/2009:08:55:37 -0500] conn=63832 op=354094 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement > eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement > gtAccountCategory" > [10/Nov/2009:08:55:37 -0500] conn=63832 op=354094 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:37 -0500] conn=63832 op=354095 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="cn displayName dn gidNumber > givenName gtGlobalPerson gtPrimaryGTAccountUsername homeDirectory > initials loginShell mail ou sn telephoneNumber title uidNumber > gtEmployeeHomeDepartmentName" > [10/Nov/2009:08:55:37 -0500] conn=63832 op=354095 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:37 -0500] conn=63832 op=354096 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(eduPersonEntitlement=/gt/services/central/gtad/*)" > attrs="cn dn givenName initials mail ou sn title homeDirectory" > [10/Nov/2009:08:55:37 -0500] conn=207646 op=134 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement > eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement > gtAccountCategory" > [10/Nov/2009:08:55:37 -0500] conn=207646 op=134 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:37 -0500] conn=207646 op=135 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement > eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement > gtAccountCategory" > [10/Nov/2009:08:55:37 -0500] conn=207646 op=135 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:37 -0500] conn=207646 op=136 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement > eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement > gtAccountCategory" > [10/Nov/2009:08:55:37 -0500] conn=207646 op=136 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:37 -0500] conn=207646 op=137 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement > eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement > gtAccountCategory" > [10/Nov/2009:08:55:37 -0500] conn=207646 op=137 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:37 -0500] conn=63832 op=354096 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:37 -0500] conn=207646 op=138 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement > eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement > gtAccountCategory" > [10/Nov/2009:08:55:37 -0500] conn=207646 op=138 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:37 -0500] conn=63832 op=354097 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement > eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement > gtAccountCategory" > [10/Nov/2009:08:55:37 -0500] conn=63832 op=354097 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:37 -0500] conn=63832 op=354098 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement > eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement > gtAccountCategory" > [10/Nov/2009:08:55:37 -0500] conn=63832 op=354098 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:38 -0500] conn=63832 op=354099 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(eduPersonAffiliation=XXXXXXXXX)" > attrs="eduPersonScopedAffiliation gtEmployeeHomeDepartmentName title" > [10/Nov/2009:08:55:38 -0500] conn=63832 op=354099 RESULT err=0 tag=101 > nentries=0 etime=1 > [10/Nov/2009:08:55:38 -0500] conn=63832 op=354100 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="cn displayName dn gidNumber > givenName gtGlobalPerson gtPrimaryGTAccountUsername homeDirectory > initials loginShell mail ou sn telephoneNumber title uidNumber > gtEmployeeHomeDepartmentName" > [10/Nov/2009:08:55:38 -0500] conn=63832 op=354100 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:38 -0500] conn=63832 op=354101 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(eduPersonEntitlement=/gt/services/central/gtad/*)" > attrs="cn dn givenName initials mail ou sn title homeDirectory" > [10/Nov/2009:08:55:38 -0500] conn=63832 op=354101 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:38 -0500] conn=63832 op=354102 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(eduPersonAffiliation=XXXXXXXXX)" > attrs="eduPersonScopedAffiliation gtEmployeeHomeDepartmentName title" > [10/Nov/2009:08:55:38 -0500] conn=63832 op=354102 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:38 -0500] conn=63832 op=354103 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="cn displayName dn gidNumber > givenName gtGlobalPerson gtPrimaryGTAccountUsername homeDirectory > initials loginShell mail ou sn telephoneNumber title uidNumber > gtEmployeeHomeDepartmentName" > [10/Nov/2009:08:55:38 -0500] conn=63832 op=354103 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:38 -0500] conn=63832 op=354104 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(eduPersonEntitlement=/gt/services/central/gtad/*)" > attrs="cn dn givenName initials mail ou sn title homeDirectory" > [10/Nov/2009:08:55:38 -0500] conn=63832 op=354104 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:38 -0500] conn=63832 op=354105 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(eduPersonAffiliation=XXXXXXXXX)" > attrs="eduPersonScopedAffiliation gtEmployeeHomeDepartmentName title" > [10/Nov/2009:08:55:38 -0500] conn=63832 op=354105 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:38 -0500] conn=63832 op=354106 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="cn displayName dn gidNumber > givenName gtGlobalPerson gtPrimaryGTAccountUsername homeDirectory > initials loginShell mail ou sn telephoneNumber title uidNumber > gtEmployeeHomeDepartmentName" > [10/Nov/2009:08:55:38 -0500] conn=63832 op=354106 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:38 -0500] conn=63832 op=354107 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(eduPersonEntitlement=/gt/services/central/gtad/*)" > attrs="cn dn givenName initials mail ou sn title homeDirectory" > [10/Nov/2009:08:55:38 -0500] conn=63832 op=354107 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:38 -0500] conn=63832 op=354108 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(eduPersonAffiliation=XXXXXXXXX)" > attrs="eduPersonScopedAffiliation gtEmployeeHomeDepartmentName title" > [10/Nov/2009:08:55:38 -0500] conn=63832 op=354108 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:40 -0500] conn=212621 op=1 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:55:40 -0500] conn=212621 op=1 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:41 -0500] conn=212621 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:41 -0500] conn=212621 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:41 -0500] conn=212621 op=3 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:41 -0500] conn=212621 op=3 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:41 -0500] conn=212621 op=4 UNBIND > [10/Nov/2009:08:55:41 -0500] conn=212621 op=4 fd=141 closed - U1 > [10/Nov/2009:08:55:41 -0500] conn=212625 fd=141 slot=141 SSL > connection from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:55:41 -0500] conn=212625 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:41 -0500] conn=212625 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:41 -0500] conn=212625 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:41 -0500] conn=212625 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:41 -0500] conn=212625 op=2 UNBIND > [10/Nov/2009:08:55:41 -0500] conn=212625 op=2 fd=141 closed - U1 > [10/Nov/2009:08:55:42 -0500] conn=212626 fd=141 slot=141 SSL > connection from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:55:42 -0500] conn=212626 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:42 -0500] conn=212626 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:42 -0500] conn=212626 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:42 -0500] conn=212626 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:42 -0500] conn=212626 op=2 UNBIND > [10/Nov/2009:08:55:42 -0500] conn=212626 op=2 fd=141 closed - U1 > [10/Nov/2009:08:55:42 -0500] conn=212627 fd=152 slot=152 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:55:42 -0500] conn=212627 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:55:42 -0500] conn=212627 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81457 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress > gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber > gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername > gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81457 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81458 MOD > dn="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81458 RESULT err=0 tag=103 > nentries=0 etime=0 csn=4af970e0000000370000 > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81459 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress > gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber > gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername > gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81459 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81460 MOD > dn="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81460 RESULT err=0 tag=103 > nentries=0 etime=0 csn=4af970e0000400370000 > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81461 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress > gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber > gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername > gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81461 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:43 -0500] conn=212628 fd=141 slot=141 SSL > connection from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81462 MOD > dn="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81462 RESULT err=0 tag=103 > nentries=0 etime=0 csn=4af970e0000500370000 > [10/Nov/2009:08:55:43 -0500] conn=212628 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:43 -0500] conn=212628 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:43 -0500] conn=212628 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:43 -0500] conn=212628 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:43 -0500] conn=212628 op=2 UNBIND > [10/Nov/2009:08:55:43 -0500] conn=212628 op=2 fd=141 closed - U1 > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81463 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress > gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber > gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername > gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81463 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81464 MOD > dn="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81464 RESULT err=0 tag=103 > nentries=0 etime=0 csn=4af970e0000600370000 > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81465 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress > gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber > gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername > gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81465 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81466 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress > gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber > gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername > gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81466 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81467 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress > gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber > gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername > gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81467 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81468 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress > gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber > gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername > gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81468 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81469 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress > gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber > gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername > gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81469 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81470 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress > gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber > gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername > gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81470 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81471 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress > gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber > gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername > gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81471 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81472 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="dn gtMagePersonIndex gtPrimaryEmployeeEmailAddress > gtPrimaryEmployeeGTAccountUsername gtPrimaryEmployeePrismUIDNumber > gtPrimaryStudentEmailAddress gtPrimaryStudentGTAccountUsername > gtPrimaryStudentPrismUIDNumber gtSearchNickname gtSecondaryMailAddress" > [10/Nov/2009:08:55:43 -0500] conn=63852 op=81472 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:44 -0500] conn=212627 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:44 -0500] conn=212627 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:44 -0500] conn=212627 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:44 -0500] conn=212627 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:44 -0500] conn=212627 op=3 UNBIND > [10/Nov/2009:08:55:44 -0500] conn=212627 op=3 fd=152 closed - U1 > [10/Nov/2009:08:55:46 -0500] conn=212629 fd=141 slot=141 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:55:46 -0500] conn=212629 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:55:46 -0500] conn=212629 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:46 -0500] conn=212630 fd=152 slot=152 SSL > connection from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:55:46 -0500] conn=212630 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:46 -0500] conn=212630 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:46 -0500] conn=212630 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:46 -0500] conn=212630 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:46 -0500] conn=212630 op=2 UNBIND > [10/Nov/2009:08:55:46 -0500] conn=212630 op=2 fd=152 closed - U1 > [10/Nov/2009:08:55:46 -0500] conn=212629 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:46 -0500] conn=212629 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:46 -0500] conn=212629 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:46 -0500] conn=212629 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:46 -0500] conn=212629 op=3 UNBIND > [10/Nov/2009:08:55:46 -0500] conn=212629 op=3 fd=141 closed - U1 > [10/Nov/2009:08:55:48 -0500] conn=61828 op=25371 SRCH > base="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=0 > filter="(|(objectClass=*)(uid=validateProbe-notInitialized-1257861349281))" > attrs="dn" > [10/Nov/2009:08:55:48 -0500] conn=61828 op=25371 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:48 -0500] conn=61828 op=25372 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="cn displayName eduPersonAffiliation eduPersonPrimaryAffiliation > eduPersonScopedAffiliation givenName gtActiveCourse > gtAllDormResidences gtCurrentDormResidence gtCurriculum > gtEmployeeGivenName gtEmployeeHomeDepartmentName > gtEmployeeHomeDepartmentNumber gtEmployeeHomePhone gtemployee... > gtGTID gtGuestIdentitySponsor gtHasStudentTitle gtIMSID > gtJustEndedCourse gtInstructedCourse gtLegalCN gtLegalDisplayName > gtMageGuestIndex gtMagePersonIndex gtMiddleName gtNameSuffix gtPIDM > gtPrimaryEmailAddress gtPrimaryEmployeeEmailAddress > gtPrimaryStudentEmailAddress gtPrimaryGTAccountUsername > gtPrimaryStudentGTAccountUsername gtPrimaryEmployeeGTAccountUsername > gtRegisteredCourse gtSearchNickname gtSecondaryMailAddress > gtStudentConfidentiality gtStudentGivenName gtStudentHomePhone > gtstudent... gtUpcomingCourse homePhone initials mail sn > telephoneNumber gtPersonEntitlement gtPersonDirectoryId" > [10/Nov/2009:08:55:48 -0500] conn=61828 op=25372 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:48 -0500] conn=61828 op=25373 SRCH > base="ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGlobalPerson=gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu)" > attrs="dn" > [10/Nov/2009:08:55:48 -0500] conn=61828 op=25373 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:48 -0500] conn=61827 op=24900 SRCH > base="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=0 > filter="(|(objectClass=*)(uid=validateProbe-notInitialized-1257861349322))" > attrs="dn" > [10/Nov/2009:08:55:48 -0500] conn=61827 op=24900 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:48 -0500] conn=61827 op=24901 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="cn displayName eduPersonAffiliation eduPersonPrimaryAffiliation > eduPersonScopedAffiliation givenName gtActiveCourse > gtAllDormResidences gtCurrentDormResidence gtCurriculum > gtEmployeeGivenName gtEmployeeHomeDepartmentName > gtEmployeeHomeDepartmentNumber gtEmployeeHomePhone gtemployee... > gtGTID gtGuestIdentitySponsor gtHasStudentTitle gtIMSID > gtJustEndedCourse gtInstructedCourse gtLegalCN gtLegalDisplayName > gtMageGuestIndex gtMagePersonIndex gtMiddleName gtNameSuffix gtPIDM > gtPrimaryEmailAddress gtPrimaryEmployeeEmailAddress > gtPrimaryStudentEmailAddress gtPrimaryGTAccountUsername > gtPrimaryStudentGTAccountUsername gtPrimaryEmployeeGTAccountUsername > gtRegisteredCourse gtSearchNickname gtSecondaryMailAddress > gtStudentConfidentiality gtStudentGivenName gtStudentHomePhone > gtstudent... gtUpcomingCourse homePhone initials mail sn > telephoneNumber gtPersonEntitlement gtPersonDirectoryId" > [10/Nov/2009:08:55:48 -0500] conn=61827 op=24901 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:48 -0500] conn=61827 op=24902 SRCH > base="ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGlobalPerson=gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu)" > attrs="dn" > [10/Nov/2009:08:55:48 -0500] conn=61827 op=24902 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:48 -0500] conn=61825 op=24789 SRCH > base="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=0 > filter="(|(objectClass=*)(uid=validateProbe-notInitialized-1257861349371))" > attrs="dn" > [10/Nov/2009:08:55:48 -0500] conn=61825 op=24789 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:48 -0500] conn=61825 op=24790 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="cn displayName eduPersonAffiliation eduPersonPrimaryAffiliation > eduPersonScopedAffiliation givenName gtActiveCourse > gtAllDormResidences gtCurrentDormResidence gtCurriculum > gtEmployeeGivenName gtEmployeeHomeDepartmentName > gtEmployeeHomeDepartmentNumber gtEmployeeHomePhone gtemployee... > gtGTID gtGuestIdentitySponsor gtHasStudentTitle gtIMSID > gtJustEndedCourse gtInstructedCourse gtLegalCN gtLegalDisplayName > gtMageGuestIndex gtMagePersonIndex gtMiddleName gtNameSuffix gtPIDM > gtPrimaryEmailAddress gtPrimaryEmployeeEmailAddress > gtPrimaryStudentEmailAddress gtPrimaryGTAccountUsername > gtPrimaryStudentGTAccountUsername gtPrimaryEmployeeGTAccountUsername > gtRegisteredCourse gtSearchNickname gtSecondaryMailAddress > gtStudentConfidentiality gtStudentGivenName gtStudentHomePhone > gtstudent... gtUpcomingCourse homePhone initials mail sn > telephoneNumber gtPersonEntitlement gtPersonDirectoryId" > [10/Nov/2009:08:55:48 -0500] conn=61825 op=24790 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:48 -0500] conn=61825 op=24791 SRCH > base="ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGlobalPerson=gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu)" > attrs="dn" > [10/Nov/2009:08:55:48 -0500] conn=61825 op=24791 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:48 -0500] conn=61826 op=24792 SRCH > base="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" scope=0 > filter="(|(objectClass=*)(uid=validateProbe-notInitialized-1257861349423))" > attrs="dn" > [10/Nov/2009:08:55:48 -0500] conn=61826 op=24792 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:48 -0500] conn=61826 op=24793 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="cn displayName eduPersonAffiliation eduPersonPrimaryAffiliation > eduPersonScopedAffiliation givenName gtActiveCourse > gtAllDormResidences gtCurrentDormResidence gtCurriculum > gtEmployeeGivenName gtEmployeeHomeDepartmentName > gtEmployeeHomeDepartmentNumber gtEmployeeHomePhone gtemployee... > gtGTID gtGuestIdentitySponsor gtHasStudentTitle gtIMSID > gtJustEndedCourse gtInstructedCourse gtLegalCN gtLegalDisplayName > gtMageGuestIndex gtMagePersonIndex gtMiddleName gtNameSuffix gtPIDM > gtPrimaryEmailAddress gtPrimaryEmployeeEmailAddress > gtPrimaryStudentEmailAddress gtPrimaryGTAccountUsername > gtPrimaryStudentGTAccountUsername gtPrimaryEmployeeGTAccountUsername > gtRegisteredCourse gtSearchNickname gtSecondaryMailAddress > gtStudentConfidentiality gtStudentGivenName gtStudentHomePhone > gtstudent... gtUpcomingCourse homePhone initials mail sn > telephoneNumber gtPersonEntitlement gtPersonDirectoryId" > [10/Nov/2009:08:55:48 -0500] conn=61826 op=24793 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:48 -0500] conn=61826 op=24794 SRCH > base="ou=departments,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGlobalPerson=gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu)" > attrs="dn" > [10/Nov/2009:08:55:48 -0500] conn=61826 op=24794 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:48 -0500] conn=212631 fd=141 slot=141 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:55:48 -0500] conn=212631 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:55:48 -0500] conn=212631 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:49 -0500] conn=212631 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:49 -0500] conn=212631 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:49 -0500] conn=212631 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:49 -0500] conn=212631 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:49 -0500] conn=212631 op=3 UNBIND > [10/Nov/2009:08:55:49 -0500] conn=212631 op=3 fd=141 closed - U1 > [10/Nov/2009:08:55:51 -0500] conn=212632 fd=141 slot=141 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:55:51 -0500] conn=212632 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:55:51 -0500] conn=212632 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:51 -0500] conn=212633 fd=152 slot=152 SSL > connection from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:55:51 -0500] conn=212633 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:51 -0500] conn=212633 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:51 -0500] conn=212633 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:51 -0500] conn=212633 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:51 -0500] conn=212633 op=2 UNBIND > [10/Nov/2009:08:55:51 -0500] conn=212633 op=2 fd=152 closed - U1 > [10/Nov/2009:08:55:52 -0500] conn=212632 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:52 -0500] conn=212632 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:52 -0500] conn=212632 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:52 -0500] conn=212632 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:52 -0500] conn=212632 op=3 UNBIND > [10/Nov/2009:08:55:52 -0500] conn=212632 op=3 fd=141 closed - U1 > [10/Nov/2009:08:55:52 -0500] conn=212634 fd=141 slot=141 SSL > connection from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:55:52 -0500] conn=212634 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:52 -0500] conn=212634 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:52 -0500] conn=212634 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:52 -0500] conn=212634 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:52 -0500] conn=212634 op=2 UNBIND > [10/Nov/2009:08:55:52 -0500] conn=212634 op=2 fd=141 closed - U1 > [10/Nov/2009:08:55:53 -0500] conn=212635 fd=141 slot=141 SSL > connection from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:55:53 -0500] conn=212635 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:53 -0500] conn=212635 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:53 -0500] conn=212635 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:53 -0500] conn=212635 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:53 -0500] conn=212635 op=2 UNBIND > [10/Nov/2009:08:55:53 -0500] conn=212635 op=2 fd=141 closed - U1 > [10/Nov/2009:08:55:54 -0500] conn=212636 fd=141 slot=141 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:55:54 -0500] conn=212636 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:55:54 -0500] conn=212636 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:54 -0500] conn=212636 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:54 -0500] conn=212636 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:54 -0500] conn=212636 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:54 -0500] conn=212636 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:55 -0500] conn=212636 op=3 UNBIND > [10/Nov/2009:08:55:55 -0500] conn=212636 op=3 fd=141 closed - U1 > [10/Nov/2009:08:55:56 -0500] conn=212637 fd=141 slot=141 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:55:56 -0500] conn=212638 fd=152 slot=152 SSL > connection from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:55:56 -0500] conn=212638 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:55:56 -0500] conn=212638 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:56 -0500] conn=212638 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:55:56 -0500] conn=212638 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:55:56 -0500] conn=212637 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:55:56 -0500] conn=212638 op=2 UNBIND > [10/Nov/2009:08:55:56 -0500] conn=212638 op=2 fd=152 closed - U1 > [10/Nov/2009:08:55:56 -0500] conn=212637 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:55:57 -0500] conn=212637 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:57 -0500] conn=212637 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:57 -0500] conn=212637 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:55:57 -0500] conn=212637 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:55:57 -0500] conn=212637 op=3 UNBIND > [10/Nov/2009:08:55:57 -0500] conn=212637 op=3 fd=141 closed - U1 > [10/Nov/2009:08:55:59 -0500] conn=212639 fd=141 slot=141 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:55:59 -0500] conn=212639 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:55:59 -0500] conn=212639 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:00 -0500] conn=212639 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:00 -0500] conn=212639 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:00 -0500] conn=212639 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:00 -0500] conn=212639 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:00 -0500] conn=212639 op=3 UNBIND > [10/Nov/2009:08:56:00 -0500] conn=212639 op=3 fd=141 closed - U1 > [10/Nov/2009:08:56:01 -0500] conn=212640 fd=141 slot=141 SSL > connection from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:56:01 -0500] conn=212640 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:01 -0500] conn=212640 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:01 -0500] conn=212640 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:01 -0500] conn=212640 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:01 -0500] conn=212640 op=2 UNBIND > [10/Nov/2009:08:56:01 -0500] conn=212640 op=2 fd=141 closed - U1 > [10/Nov/2009:08:56:02 -0500] conn=212641 fd=141 slot=141 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:56:02 -0500] conn=212641 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:56:02 -0500] conn=212641 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:02 -0500] conn=212642 fd=152 slot=152 SSL > connection from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:56:02 -0500] conn=212641 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:02 -0500] conn=212641 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:02 -0500] conn=212642 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:02 -0500] conn=212642 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:02 -0500] conn=212642 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:02 -0500] conn=212642 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:02 -0500] conn=212642 op=2 UNBIND > [10/Nov/2009:08:56:02 -0500] conn=212642 op=2 fd=152 closed - U1 > [10/Nov/2009:08:56:02 -0500] conn=212641 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:02 -0500] conn=212641 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:02 -0500] conn=212641 op=3 UNBIND > [10/Nov/2009:08:56:02 -0500] conn=212641 op=3 fd=141 closed - U1 > [10/Nov/2009:08:56:04 -0500] conn=212643 fd=141 slot=141 SSL > connection from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:56:04 -0500] conn=212643 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:04 -0500] conn=212643 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:04 -0500] conn=212643 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:04 -0500] conn=212643 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:04 -0500] conn=212643 op=2 UNBIND > [10/Nov/2009:08:56:04 -0500] conn=212643 op=2 fd=141 closed - U1 > [10/Nov/2009:08:56:04 -0500] conn=212644 fd=152 slot=152 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:56:04 -0500] conn=212644 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:56:04 -0500] conn=212644 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:05 -0500] conn=212644 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:05 -0500] conn=212644 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:05 -0500] conn=212644 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:05 -0500] conn=212644 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:05 -0500] conn=212644 op=3 UNBIND > [10/Nov/2009:08:56:05 -0500] conn=212644 op=3 fd=152 closed - U1 > [10/Nov/2009:08:56:06 -0500] conn=212645 fd=141 slot=141 SSL > connection from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:56:06 -0500] conn=212645 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:06 -0500] conn=212645 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:06 -0500] conn=212645 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:06 -0500] conn=212645 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:06 -0500] conn=212645 op=2 UNBIND > [10/Nov/2009:08:56:06 -0500] conn=212645 op=2 fd=141 closed - U1 > [10/Nov/2009:08:56:06 -0500] conn=212646 fd=152 slot=152 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:56:06 -0500] conn=212646 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:56:06 -0500] conn=212646 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:07 -0500] conn=212646 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:07 -0500] conn=212646 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:07 -0500] conn=212646 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:07 -0500] conn=212646 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:07 -0500] conn=212646 op=3 UNBIND > [10/Nov/2009:08:56:07 -0500] conn=212646 op=3 fd=152 closed - U1 > [10/Nov/2009:08:56:08 -0500] conn=63832 op=354110 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtPIDM=2691261)" attrs="cn displayName dn givenName gtDirGUID > gtLocallyManagedAttribute initials objectClass sn title > gtPersonDirectoryId" > [10/Nov/2009:08:56:08 -0500] conn=63832 op=354110 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:08 -0500] conn=63832 op=354111 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 > filter="(gtGlobalPerson=gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu)" > attrs="dn" > [10/Nov/2009:08:56:08 -0500] conn=63832 op=354111 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:08 -0500] conn=63832 op=354112 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtPIDM=2691264)" attrs="cn displayName dn givenName gtDirGUID > gtLocallyManagedAttribute initials objectClass sn title > gtPersonDirectoryId" > [10/Nov/2009:08:56:08 -0500] conn=63832 op=354112 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:08 -0500] conn=63832 op=354113 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 > filter="(gtGlobalPerson=gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu)" > attrs="dn" > [10/Nov/2009:08:56:08 -0500] conn=63832 op=354113 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:08 -0500] conn=63832 op=354114 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtPIDM=2691262)" attrs="cn displayName dn givenName gtDirGUID > gtLocallyManagedAttribute initials objectClass sn title > gtPersonDirectoryId" > [10/Nov/2009:08:56:08 -0500] conn=63832 op=354114 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:09 -0500] conn=212647 fd=141 slot=141 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:56:09 -0500] conn=212647 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:56:09 -0500] conn=212647 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:09 -0500] conn=63832 op=354115 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 > filter="(gtGlobalPerson=gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu)" > attrs="dn" > [10/Nov/2009:08:56:09 -0500] conn=63832 op=354115 RESULT err=0 tag=101 > nentries=0 etime=1 > [10/Nov/2009:08:56:09 -0500] conn=63832 op=354116 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtPIDM=2691263)" attrs="cn displayName dn givenName gtDirGUID > gtLocallyManagedAttribute initials objectClass sn title > gtPersonDirectoryId" > [10/Nov/2009:08:56:09 -0500] conn=63832 op=354116 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:09 -0500] conn=63832 op=354117 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 > filter="(gtGlobalPerson=gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu)" > attrs="dn" > [10/Nov/2009:08:56:09 -0500] conn=63832 op=354117 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:09 -0500] conn=63832 op=354118 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtPIDM=2691265)" attrs="cn displayName dn givenName gtDirGUID > gtLocallyManagedAttribute initials objectClass sn title > gtPersonDirectoryId" > [10/Nov/2009:08:56:09 -0500] conn=63832 op=354118 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:09 -0500] conn=63832 op=354119 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 > filter="(gtGlobalPerson=gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu)" > attrs="dn" > [10/Nov/2009:08:56:09 -0500] conn=63832 op=354119 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:10 -0500] conn=212647 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:10 -0500] conn=212647 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:10 -0500] conn=212647 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:10 -0500] conn=212647 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:10 -0500] conn=212647 op=3 UNBIND > [10/Nov/2009:08:56:10 -0500] conn=212647 op=3 fd=141 closed - U1 > [10/Nov/2009:08:56:11 -0500] conn=212648 fd=141 slot=141 SSL > connection from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:56:11 -0500] conn=212648 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:11 -0500] conn=212648 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:11 -0500] conn=212648 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:11 -0500] conn=212648 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:11 -0500] conn=212648 op=2 UNBIND > [10/Nov/2009:08:56:11 -0500] conn=212648 op=2 fd=141 closed - U1 > [10/Nov/2009:08:56:12 -0500] conn=212649 fd=141 slot=141 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:56:12 -0500] conn=212649 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:56:12 -0500] conn=212649 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:12 -0500] conn=212650 fd=151 slot=151 SSL > connection from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:56:12 -0500] conn=212650 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:12 -0500] conn=212650 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:12 -0500] conn=212650 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:12 -0500] conn=212650 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:12 -0500] conn=212650 op=2 UNBIND > [10/Nov/2009:08:56:12 -0500] conn=212650 op=2 fd=151 closed - U1 > [10/Nov/2009:08:56:12 -0500] conn=212649 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:12 -0500] conn=212649 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:12 -0500] conn=212649 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:12 -0500] conn=212649 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:13 -0500] conn=212649 op=3 UNBIND > [10/Nov/2009:08:56:13 -0500] conn=212649 op=3 fd=141 closed - U1 > [10/Nov/2009:08:56:13 -0500] conn=212651 fd=141 slot=141 SSL > connection from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:56:13 -0500] conn=212651 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:13 -0500] conn=212651 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:13 -0500] conn=212651 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:13 -0500] conn=212651 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:13 -0500] conn=212651 op=2 UNBIND > [10/Nov/2009:08:56:13 -0500] conn=212651 op=2 fd=141 closed - U1 > [10/Nov/2009:08:56:14 -0500] conn=212589 op=9 UNBIND > [10/Nov/2009:08:56:14 -0500] conn=212589 op=9 fd=71 closed - U1 > [10/Nov/2009:08:56:14 -0500] conn=212652 fd=71 slot=71 SSL connection > from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:56:14 -0500] conn=212652 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:56:14 -0500] conn=212652 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:15 -0500] conn=212331 op=28 UNBIND > [10/Nov/2009:08:56:15 -0500] conn=212331 op=28 fd=133 closed - U1 > [10/Nov/2009:08:56:15 -0500] conn=212652 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:15 -0500] conn=212652 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:15 -0500] conn=212652 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:15 -0500] conn=212652 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:15 -0500] conn=212652 op=3 UNBIND > [10/Nov/2009:08:56:15 -0500] conn=212652 op=3 fd=71 closed - U1 > [10/Nov/2009:08:56:16 -0500] conn=212653 fd=71 slot=71 SSL connection > from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:56:16 -0500] conn=212653 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:16 -0500] conn=212653 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:16 -0500] conn=212653 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:16 -0500] conn=212653 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:16 -0500] conn=212653 op=2 UNBIND > [10/Nov/2009:08:56:16 -0500] conn=212653 op=2 fd=71 closed - U1 > [10/Nov/2009:08:56:17 -0500] conn=212654 fd=71 slot=71 SSL connection > from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:56:17 -0500] conn=212654 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:56:17 -0500] conn=212654 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:18 -0500] conn=63832 op=354121 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:56:18 -0500] conn=63832 op=354121 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:18 -0500] conn=212654 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:18 -0500] conn=212654 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:18 -0500] conn=212654 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:18 -0500] conn=212654 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:18 -0500] conn=212654 op=3 UNBIND > [10/Nov/2009:08:56:18 -0500] conn=212654 op=3 fd=71 closed - U1 > [10/Nov/2009:08:56:20 -0500] conn=63852 op=81474 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="cn dn gtDirGUID gtGTID gtIMSID gtInstructedCourse > gtJustEndedCourse gtPersonDirectoryId gtPIDM gtRegisteredCourse > gtSISEmailAddress gtStudentCampusAddress gtStudentConfidentiality > gtStudentGivenName gtStudentHomePhone gtStudentHomePostalAddress > gtStudentMiddleName gtStudentNameSuffix gtStudentPostalAddress > gtStudentPostalCode gtStudentScopedAffiliation gtStudentSN > gtStudentTelephoneNumber gtUpcomingCourse objectClass sn > gtActiveCourse gtCurrentDormResidence gtCurriculum" > [10/Nov/2009:08:56:20 -0500] conn=63852 op=81474 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:20 -0500] conn=63852 op=81475 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="cn dn gtDirGUID gtGTID gtIMSID gtInstructedCourse > gtJustEndedCourse gtPersonDirectoryId gtPIDM gtRegisteredCourse > gtSISEmailAddress gtStudentCampusAddress gtStudentConfidentiality > gtStudentGivenName gtStudentHomePhone gtStudentHomePostalAddress > gtStudentMiddleName gtStudentNameSuffix gtStudentPostalAddress > gtStudentPostalCode gtStudentScopedAffiliation gtStudentSN > gtStudentTelephoneNumber gtUpcomingCourse objectClass sn > gtActiveCourse gtCurrentDormResidence gtCurriculum" > [10/Nov/2009:08:56:20 -0500] conn=63852 op=81475 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:21 -0500] conn=63832 op=354123 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:56:21 -0500] conn=63832 op=354123 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:21 -0500] conn=212655 fd=71 slot=71 SSL connection > from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:56:21 -0500] conn=212655 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:21 -0500] conn=212655 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:21 -0500] conn=212655 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:21 -0500] conn=212655 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:21 -0500] conn=212655 op=2 UNBIND > [10/Nov/2009:08:56:21 -0500] conn=212655 op=2 fd=71 closed - U1 > [10/Nov/2009:08:56:22 -0500] conn=212656 fd=71 slot=71 SSL connection > from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:56:22 -0500] conn=212656 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:56:22 -0500] conn=212656 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:22 -0500] conn=212657 fd=133 slot=133 SSL > connection from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:56:22 -0500] conn=212657 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:22 -0500] conn=212657 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:22 -0500] conn=212657 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:22 -0500] conn=212657 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:22 -0500] conn=212657 op=2 UNBIND > [10/Nov/2009:08:56:22 -0500] conn=212657 op=2 fd=133 closed - U1 > [10/Nov/2009:08:56:23 -0500] conn=212658 fd=133 slot=133 SSL > connection from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:56:23 -0500] conn=212658 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:23 -0500] conn=212658 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:23 -0500] conn=212658 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:23 -0500] conn=212658 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:23 -0500] conn=212658 op=2 UNBIND > [10/Nov/2009:08:56:23 -0500] conn=212658 op=2 fd=133 closed - U1 > [10/Nov/2009:08:56:24 -0500] conn=63832 op=354124 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:56:24 -0500] conn=63832 op=354124 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:24 -0500] conn=63852 op=81477 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="cn dn gtDirGUID gtGTID gtIMSID gtInstructedCourse > gtJustEndedCourse gtPersonDirectoryId gtPIDM gtRegisteredCourse > gtSISEmailAddress gtStudentCampusAddress gtStudentConfidentiality > gtStudentGivenName gtStudentHomePhone gtStudentHomePostalAddress > gtStudentMiddleName gtStudentNameSuffix gtStudentPostalAddress > gtStudentPostalCode gtStudentScopedAffiliation gtStudentSN > gtStudentTelephoneNumber gtUpcomingCourse objectClass sn > gtActiveCourse gtCurrentDormResidence gtCurriculum" > [10/Nov/2009:08:56:24 -0500] conn=63852 op=81477 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:24 -0500] conn=63852 op=81478 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="cn dn gtDirGUID gtGTID gtIMSID gtInstructedCourse > gtJustEndedCourse gtPersonDirectoryId gtPIDM gtRegisteredCourse > gtSISEmailAddress gtStudentCampusAddress gtStudentConfidentiality > gtStudentGivenName gtStudentHomePhone gtStudentHomePostalAddress > gtStudentMiddleName gtStudentNameSuffix gtStudentPostalAddress > gtStudentPostalCode gtStudentScopedAffiliation gtStudentSN > gtStudentTelephoneNumber gtUpcomingCourse objectClass sn > gtActiveCourse gtCurrentDormResidence gtCurriculum" > [10/Nov/2009:08:56:24 -0500] conn=63852 op=81478 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:24 -0500] conn=63852 op=81479 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" > attrs="cn dn gtDirGUID gtGTID gtIMSID gtInstructedCourse > gtJustEndedCourse gtPersonDirectoryId gtPIDM gtRegisteredCourse > gtSISEmailAddress gtStudentCampusAddress gtStudentConfidentiality > gtStudentGivenName gtStudentHomePhone gtStudentHomePostalAddress > gtStudentMiddleName gtStudentNameSuffix gtStudentPostalAddress > gtStudentPostalCode gtStudentScopedAffiliation gtStudentSN > gtStudentTelephoneNumber gtUpcomingCourse objectClass sn > gtActiveCourse gtCurrentDormResidence gtCurriculum" > [10/Nov/2009:08:56:24 -0500] conn=63852 op=81479 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:25 -0500] conn=212656 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:25 -0500] conn=212656 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:25 -0500] conn=212656 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:25 -0500] conn=212656 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:25 -0500] conn=212656 op=3 UNBIND > [10/Nov/2009:08:56:25 -0500] conn=212656 op=3 fd=71 closed - U1 > [10/Nov/2009:08:56:26 -0500] conn=212659 fd=71 slot=71 SSL connection > from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:56:26 -0500] conn=212659 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:26 -0500] conn=212659 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:26 -0500] conn=212659 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:26 -0500] conn=212659 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:26 -0500] conn=212659 op=2 UNBIND > [10/Nov/2009:08:56:26 -0500] conn=212659 op=2 fd=71 closed - U1 > [10/Nov/2009:08:56:26 -0500] conn=212602 op=9 UNBIND > [10/Nov/2009:08:56:26 -0500] conn=212602 op=9 fd=149 closed - U1 > [10/Nov/2009:08:56:26 -0500] conn=63832 op=354126 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:56:26 -0500] conn=63832 op=354126 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:27 -0500] conn=212660 fd=71 slot=71 SSL connection > from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:56:27 -0500] conn=212660 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:56:27 -0500] conn=212660 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:29 -0500] conn=212660 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:29 -0500] conn=212660 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:29 -0500] conn=212660 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:29 -0500] conn=212660 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:29 -0500] conn=212660 op=3 UNBIND > [10/Nov/2009:08:56:29 -0500] conn=212660 op=3 fd=71 closed - U1 > [10/Nov/2009:08:56:29 -0500] conn=212661 fd=71 slot=71 SSL connection > from 128.61.166.142 to 130.207.183.9 > [10/Nov/2009:08:56:29 -0500] conn=212661 op=0 BIND > dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 > version=3 > [10/Nov/2009:08:56:29 -0500] conn=212661 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=fischer,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:29 -0500] conn=212661 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=0 > filter="(objectClass=*)" attrs="ou" > [10/Nov/2009:08:56:29 -0500] conn=212661 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:29 -0500] conn=212661 op=2 UNBIND > [10/Nov/2009:08:56:29 -0500] conn=212661 op=2 fd=71 closed - U1 > [10/Nov/2009:08:56:30 -0500] conn=212662 fd=71 slot=71 SSL connection > from 128.61.166.142 to 130.207.183.9 > [10/Nov/2009:08:56:30 -0500] conn=212662 op=0 BIND > dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 > version=3 > [10/Nov/2009:08:56:30 -0500] conn=212662 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=fischer,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:30 -0500] conn=212662 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=0 > filter="(objectClass=*)" attrs="ou" > [10/Nov/2009:08:56:30 -0500] conn=212662 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:30 -0500] conn=212662 op=2 UNBIND > [10/Nov/2009:08:56:30 -0500] conn=212662 op=2 fd=71 closed - U1 > [10/Nov/2009:08:56:30 -0500] conn=63832 op=354127 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:56:30 -0500] conn=63832 op=354127 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:30 -0500] conn=212663 fd=71 slot=71 SSL connection > from 128.61.166.142 to 130.207.183.9 > [10/Nov/2009:08:56:31 -0500] conn=212663 op=0 BIND > dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 > version=3 > [10/Nov/2009:08:56:31 -0500] conn=212663 op=0 RESULT err=0 tag=97 > nentries=0 etime=1 dn="uid=fischer,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:31 -0500] conn=212663 op=1 SRCH > base="ou=departments,dc=gted,dc=gatech,dc=edu" scope=0 > filter="(objectClass=*)" attrs="ou" > [10/Nov/2009:08:56:31 -0500] conn=212663 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:31 -0500] conn=212663 op=2 UNBIND > [10/Nov/2009:08:56:31 -0500] conn=212663 op=2 fd=71 closed - U1 > [10/Nov/2009:08:56:31 -0500] conn=212664 fd=133 slot=133 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:56:31 -0500] conn=212664 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:56:31 -0500] conn=212664 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:31 -0500] conn=212665 fd=71 slot=71 SSL connection > from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:56:31 -0500] conn=212665 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:31 -0500] conn=212665 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:31 -0500] conn=212665 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:31 -0500] conn=212665 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:31 -0500] conn=212665 op=2 UNBIND > [10/Nov/2009:08:56:31 -0500] conn=212665 op=2 fd=71 closed - U1 > [10/Nov/2009:08:56:31 -0500] conn=212666 fd=139 slot=139 SSL > connection from 128.61.166.142 to 130.207.183.9 > [10/Nov/2009:08:56:31 -0500] conn=212666 op=0 BIND > dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 > version=3 > [10/Nov/2009:08:56:31 -0500] conn=212666 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=fischer,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:32 -0500] conn=212666 op=1 SRCH > base="ou=departments,dc=gted,dc=gatech,dc=edu" scope=0 > filter="(objectClass=*)" attrs="ou" > [10/Nov/2009:08:56:32 -0500] conn=212666 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:32 -0500] conn=212666 op=2 UNBIND > [10/Nov/2009:08:56:32 -0500] conn=212666 op=2 fd=139 closed - U1 > [10/Nov/2009:08:56:32 -0500] conn=212667 fd=71 slot=71 SSL connection > from 128.61.166.142 to 130.207.183.9 > [10/Nov/2009:08:56:32 -0500] conn=212664 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:32 -0500] conn=212664 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:32 -0500] conn=212664 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:32 -0500] conn=212664 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:32 -0500] conn=212664 op=3 UNBIND > [10/Nov/2009:08:56:32 -0500] conn=212664 op=3 fd=133 closed - U1 > [10/Nov/2009:08:56:32 -0500] conn=212667 op=0 BIND > dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 > version=3 > [10/Nov/2009:08:56:32 -0500] conn=212667 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=fischer,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:32 -0500] conn=212667 op=1 SRCH > base="ou=DataForum,cn=fischer,dc=gatech,dc=edu" scope=0 > filter="(objectClass=*)" attrs="ou" > [10/Nov/2009:08:56:32 -0500] conn=212667 op=1 RESULT err=32 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:32 -0500] conn=212667 op=2 UNBIND > [10/Nov/2009:08:56:32 -0500] conn=212667 op=2 fd=71 closed - U1 > [10/Nov/2009:08:56:32 -0500] conn=212668 fd=71 slot=71 SSL connection > from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:56:32 -0500] conn=212668 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:32 -0500] conn=212668 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:32 -0500] conn=212668 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:32 -0500] conn=212668 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:32 -0500] conn=212668 op=2 UNBIND > [10/Nov/2009:08:56:32 -0500] conn=212668 op=2 fd=71 closed - U1 > [10/Nov/2009:08:56:33 -0500] conn=212669 fd=71 slot=71 SSL connection > from 128.61.166.142 to 130.207.183.9 > [10/Nov/2009:08:56:33 -0500] conn=212669 op=0 BIND > dn="uid=fischer,ou=local accounts,dc=gted,dc=gatech,dc=edu" method=128 > version=3 > [10/Nov/2009:08:56:33 -0500] conn=212669 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=fischer,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:33 -0500] conn=212669 op=1 SRCH > base="ou=DataForum,cn=fischer,dc=gatech,dc=edu" scope=0 > filter="(objectClass=*)" attrs="ou" > [10/Nov/2009:08:56:33 -0500] conn=212669 op=1 RESULT err=32 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:33 -0500] conn=212669 op=2 UNBIND > [10/Nov/2009:08:56:33 -0500] conn=212669 op=2 fd=71 closed - U1 > [10/Nov/2009:08:56:33 -0500] conn=212670 fd=133 slot=133 SSL > connection from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:56:33 -0500] conn=212670 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:33 -0500] conn=212670 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:33 -0500] conn=212670 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:33 -0500] conn=212670 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:33 -0500] conn=212670 op=2 UNBIND > [10/Nov/2009:08:56:33 -0500] conn=212670 op=2 fd=133 closed - U1 > [10/Nov/2009:08:56:33 -0500] conn=63832 op=354129 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:56:33 -0500] conn=63832 op=354129 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:34 -0500] conn=212671 fd=71 slot=71 SSL connection > from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:56:34 -0500] conn=212671 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:56:34 -0500] conn=212671 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:35 -0500] conn=63832 op=354130 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:56:35 -0500] conn=63832 op=354130 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:36 -0500] conn=212672 fd=133 slot=133 SSL > connection from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:56:36 -0500] conn=212672 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:36 -0500] conn=212672 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:36 -0500] conn=212672 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:36 -0500] conn=212672 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:36 -0500] conn=212672 op=2 UNBIND > [10/Nov/2009:08:56:36 -0500] conn=212672 op=2 fd=133 closed - U1 > [10/Nov/2009:08:56:36 -0500] conn=212671 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:36 -0500] conn=212671 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:36 -0500] conn=212671 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:36 -0500] conn=212671 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:36 -0500] conn=212671 op=3 UNBIND > [10/Nov/2009:08:56:36 -0500] conn=212671 op=3 fd=71 closed - U1 > [10/Nov/2009:08:56:39 -0500] conn=212673 fd=71 slot=71 SSL connection > from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:56:39 -0500] conn=212673 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:56:39 -0500] conn=212673 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:39 -0500] conn=63832 op=354131 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:56:39 -0500] conn=63832 op=354131 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354133 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement > eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement > gtAccountCategory" > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354133 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354134 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="cn displayName dn gidNumber > givenName gtGlobalPerson gtPrimaryGTAccountUsername homeDirectory > initials loginShell mail ou sn telephoneNumber title uidNumber > gtEmployeeHomeDepartmentName" > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354134 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354135 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(eduPersonEntitlement=/gt/services/central/gtad/*)" > attrs="cn dn givenName initials mail ou sn title homeDirectory" > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354135 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354136 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement > eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement > gtAccountCategory" > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354136 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354137 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement > eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement > gtAccountCategory" > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354137 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354138 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement > eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement > gtAccountCategory" > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354138 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354139 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement > eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement > gtAccountCategory" > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354139 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354140 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement > eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement > gtAccountCategory" > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354140 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354141 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement > eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement > gtAccountCategory" > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354141 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:40 -0500] conn=207646 op=140 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(eduPersonAffiliation=XXXXXXXXX)" > attrs="eduPersonScopedAffiliation gtEmployeeHomeDepartmentName title" > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354142 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="eduPersonEntitlement > eduPersonScopedAffiliation gtAccountEntitlement gtPersonEntitlement > gtAccountCategory" > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354142 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:40 -0500] conn=207646 op=140 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354143 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="cn displayName dn gidNumber > givenName gtGlobalPerson gtPrimaryGTAccountUsername homeDirectory > initials loginShell mail ou sn telephoneNumber title uidNumber > gtEmployeeHomeDepartmentName" > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354143 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:40 -0500] conn=63832 op=354144 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(eduPersonEntitlement=/gt/services/central/gtad/*)" > attrs="cn dn givenName initials mail ou sn title homeDirectory" > [10/Nov/2009:08:56:41 -0500] conn=63832 op=354144 RESULT err=0 tag=101 > nentries=0 etime=1 > [10/Nov/2009:08:56:41 -0500] conn=63832 op=354145 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(eduPersonAffiliation=XXXXXXXXX)" > attrs="eduPersonScopedAffiliation gtEmployeeHomeDepartmentName title" > [10/Nov/2009:08:56:41 -0500] conn=63832 op=354145 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:41 -0500] conn=63832 op=354146 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="cn displayName dn gidNumber > givenName gtGlobalPerson gtPrimaryGTAccountUsername homeDirectory > initials loginShell mail ou sn telephoneNumber title uidNumber > gtEmployeeHomeDepartmentName" > [10/Nov/2009:08:56:41 -0500] conn=63832 op=354146 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:41 -0500] conn=63832 op=354147 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(eduPersonEntitlement=/gt/services/central/gtad/*)" > attrs="cn dn givenName initials mail ou sn title homeDirectory" > [10/Nov/2009:08:56:41 -0500] conn=63832 op=354147 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:41 -0500] conn=63832 op=354148 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(eduPersonAffiliation=XXXXXXXXX)" > attrs="eduPersonScopedAffiliation gtEmployeeHomeDepartmentName title" > [10/Nov/2009:08:56:41 -0500] conn=63832 op=354148 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:41 -0500] conn=63832 op=354149 SRCH > base="ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(uid=XXXXXXXX)" attrs="cn displayName dn gidNumber > givenName gtGlobalPerson gtPrimaryGTAccountUsername homeDirectory > initials loginShell mail ou sn telephoneNumber title uidNumber > gtEmployeeHomeDepartmentName" > [10/Nov/2009:08:56:41 -0500] conn=63832 op=354149 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:41 -0500] conn=63832 op=354150 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=accounts,ou=gtaccounts,ou=departments,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(eduPersonEntitlement=/gt/services/central/gtad/*)" > attrs="cn dn givenName initials mail ou sn title homeDirectory" > [10/Nov/2009:08:56:41 -0500] conn=63832 op=354150 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:41 -0500] conn=63832 op=354151 SRCH > base="gtDirGUID=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,ou=people,dc=gted,dc=gatech,dc=edu" > scope=2 filter="(eduPersonAffiliation=XXXXXXXXX)" > attrs="eduPersonScopedAffiliation gtEmployeeHomeDepartmentName title" > [10/Nov/2009:08:56:41 -0500] conn=63832 op=354151 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:41 -0500] conn=212673 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:41 -0500] conn=212673 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:41 -0500] conn=212673 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:41 -0500] conn=212673 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:41 -0500] conn=212673 op=3 UNBIND > [10/Nov/2009:08:56:41 -0500] conn=212673 op=3 fd=71 closed - U1 > [10/Nov/2009:08:56:41 -0500] conn=212674 fd=133 slot=133 SSL > connection from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:56:41 -0500] conn=212674 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:41 -0500] conn=212674 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:41 -0500] conn=212674 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:41 -0500] conn=212674 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:41 -0500] conn=212674 op=2 UNBIND > [10/Nov/2009:08:56:41 -0500] conn=212674 op=2 fd=133 closed - U1 > [10/Nov/2009:08:56:42 -0500] conn=212675 fd=71 slot=71 SSL connection > from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:56:42 -0500] conn=212675 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:42 -0500] conn=212675 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:42 -0500] conn=212675 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:42 -0500] conn=212675 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:42 -0500] conn=212675 op=2 UNBIND > [10/Nov/2009:08:56:42 -0500] conn=212675 op=2 fd=71 closed - U1 > [10/Nov/2009:08:56:43 -0500] conn=63832 op=354152 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:56:43 -0500] conn=212676 fd=71 slot=71 SSL connection > from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:56:43 -0500] conn=212676 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:43 -0500] conn=212676 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:43 -0500] conn=212676 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:43 -0500] conn=212676 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:43 -0500] conn=212676 op=2 UNBIND > [10/Nov/2009:08:56:43 -0500] conn=212676 op=2 fd=71 closed - U1 > [10/Nov/2009:08:56:43 -0500] conn=63832 op=354152 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:43 -0500] conn=212677 fd=133 slot=133 SSL > connection from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:56:43 -0500] conn=212677 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:56:43 -0500] conn=212677 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:45 -0500] conn=212677 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:45 -0500] conn=212677 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:45 -0500] conn=212677 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:45 -0500] conn=212677 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:45 -0500] conn=212677 op=3 UNBIND > [10/Nov/2009:08:56:45 -0500] conn=212677 op=3 fd=133 closed - U1 > [10/Nov/2009:08:56:46 -0500] conn=212678 fd=71 slot=71 SSL connection > from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:56:46 -0500] conn=212678 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:46 -0500] conn=212678 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:46 -0500] conn=212678 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:46 -0500] conn=212678 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:46 -0500] conn=212678 op=2 UNBIND > [10/Nov/2009:08:56:46 -0500] conn=212678 op=2 fd=71 closed - U1 > [10/Nov/2009:08:56:46 -0500] conn=63832 op=354153 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:56:46 -0500] conn=63832 op=354153 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:47 -0500] conn=212679 fd=71 slot=71 SSL connection > from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:56:47 -0500] conn=212679 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:56:47 -0500] conn=212679 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:49 -0500] conn=212679 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:49 -0500] conn=212679 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:49 -0500] conn=212679 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:49 -0500] conn=212679 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:49 -0500] conn=212679 op=3 UNBIND > [10/Nov/2009:08:56:49 -0500] conn=212679 op=3 fd=71 closed - U1 > [10/Nov/2009:08:56:50 -0500] conn=63832 op=354155 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:56:50 -0500] conn=63832 op=354155 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:51 -0500] conn=212680 fd=71 slot=71 SSL connection > from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:56:51 -0500] conn=212680 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:56:51 -0500] conn=212680 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:51 -0500] conn=212681 fd=133 slot=133 SSL > connection from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:56:51 -0500] conn=212681 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:51 -0500] conn=212681 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:51 -0500] conn=212681 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:51 -0500] conn=212681 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:51 -0500] conn=212681 op=2 UNBIND > [10/Nov/2009:08:56:51 -0500] conn=212681 op=2 fd=133 closed - U1 > [10/Nov/2009:08:56:52 -0500] conn=212682 fd=133 slot=133 SSL > connection from 130.207.183.19 to 130.207.183.9 > [10/Nov/2009:08:56:52 -0500] conn=212682 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:52 -0500] conn=212682 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:52 -0500] conn=212682 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:52 -0500] conn=212682 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:52 -0500] conn=212682 op=2 UNBIND > [10/Nov/2009:08:56:52 -0500] conn=212682 op=2 fd=133 closed - U1 > [10/Nov/2009:08:56:53 -0500] conn=212683 fd=133 slot=133 SSL > connection from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:56:53 -0500] conn=212683 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:53 -0500] conn=212683 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:53 -0500] conn=212683 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:53 -0500] conn=212683 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:53 -0500] conn=212683 op=2 UNBIND > [10/Nov/2009:08:56:53 -0500] conn=212683 op=2 fd=133 closed - U1 > [10/Nov/2009:08:56:54 -0500] conn=212680 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:54 -0500] conn=212680 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:54 -0500] conn=212680 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:54 -0500] conn=212680 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:54 -0500] conn=212680 op=3 UNBIND > [10/Nov/2009:08:56:54 -0500] conn=212680 op=3 fd=71 closed - U1 > [10/Nov/2009:08:56:54 -0500] conn=63832 op=354156 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:56:54 -0500] conn=63832 op=354156 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:56 -0500] conn=212684 fd=71 slot=71 SSL connection > from 130.207.183.18 to 130.207.183.9 > [10/Nov/2009:08:56:56 -0500] conn=212684 op=0 BIND > dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" method=128 version=3 > [10/Nov/2009:08:56:56 -0500] conn=212684 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=lmsbigip/gted-access,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:56 -0500] conn=212684 op=1 SRCH base="ou=local > accounts,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(uid=lmsbigip/gted-access)" attrs=ALL > [10/Nov/2009:08:56:56 -0500] conn=212684 op=1 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:56 -0500] conn=212684 op=2 UNBIND > [10/Nov/2009:08:56:56 -0500] conn=212684 op=2 fd=71 closed - U1 > [10/Nov/2009:08:56:57 -0500] conn=63832 op=354158 SRCH > base="ou=People,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(gtGTID=XXXXXXXXX)" attrs="dn gtSISEmailAddress" > [10/Nov/2009:08:56:57 -0500] conn=212685 fd=71 slot=71 SSL connection > from 130.207.165.85 to 130.207.183.9 > [10/Nov/2009:08:56:57 -0500] conn=63832 op=354158 RESULT err=0 tag=101 > nentries=1 etime=0 > [10/Nov/2009:08:56:57 -0500] conn=212685 op=0 BIND > dn="uid=mage-gtedaccess,ou=local accounts,dc=gted,dc=gatech,dc=edu" > method=128 version=3 > [10/Nov/2009:08:56:57 -0500] conn=212685 op=0 RESULT err=0 tag=97 > nentries=0 etime=0 dn="uid=mage-gtedaccess,ou=local > accounts,dc=gted,dc=gatech,dc=edu" > [10/Nov/2009:08:56:58 -0500] conn=212685 op=1 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:58 -0500] conn=212685 op=1 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:58 -0500] conn=212685 op=2 SRCH > base="ou=people,dc=gted,dc=gatech,dc=edu" scope=2 > filter="(&(gtGTID=XXXXXXXXX)(eduPersonScopedAffiliation=XXXXXXXXX))" > attrs=ALL > [10/Nov/2009:08:56:58 -0500] conn=212685 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [10/Nov/2009:08:56:58 -0500] conn=212685 op=3 UNBIND > [10/Nov/2009:08:56:58 -0500] conn=212685 op=3 fd=71 closed - U1 > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From james_roman at ssaihq.com Fri Nov 13 03:41:19 2009 From: james_roman at ssaihq.com (James Roman) Date: Thu, 12 Nov 2009 22:41:19 -0500 Subject: [389-users] New PassSync 1.1.3 to fix install issues - need testers In-Reply-To: <4AF994D3.6030107@redhat.com> References: <4AF994D3.6030107@redhat.com> Message-ID: <4AFCD55F.5080501@ssaihq.com> Installed the x86_64 on 2003 R2 successfully without the previous installation failure messages. I have the log if you need it. Rich Megginson wrote: > I have a new PassSync package 1.1.3 that should address some install > issues reported by some users on Windows 2008. > > Please test these and let me know how they work > > > http://rmeggins.fedorapeople.org/389-PassSync-1.1.3-i386.msi > > http://rmeggins.fedorapeople.org/389-PassSync-1.1.3-x86_64.msi > > Thanks! > ------------------------------------------------------------------------ > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > From rmeggins at redhat.com Fri Nov 13 15:12:00 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Fri, 13 Nov 2009 08:12:00 -0700 Subject: [389-users] New PassSync 1.1.3 to fix install issues - need testers In-Reply-To: <4AFCD55F.5080501@ssaihq.com> References: <4AF994D3.6030107@redhat.com> <4AFCD55F.5080501@ssaihq.com> Message-ID: <4AFD7740.5020506@redhat.com> James Roman wrote: > Installed the x86_64 on 2003 R2 successfully without the previous > installation failure messages. I have the log if you need it. Thanks. If it's working, I don't need the log :-) Anyone else? I would like to get some more feedback before I push PassSync 1.1.3 to the stable repo. > > Rich Megginson wrote: >> I have a new PassSync package 1.1.3 that should address some install >> issues reported by some users on Windows 2008. >> >> Please test these and let me know how they work >> >> >> http://rmeggins.fedorapeople.org/389-PassSync-1.1.3-i386.msi >> >> http://rmeggins.fedorapeople.org/389-PassSync-1.1.3-x86_64.msi >> >> Thanks! >> ------------------------------------------------------------------------ >> >> -- >> 389 users mailing list >> 389-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From robert+fds at shangri-la.ts.gatech.edu Fri Nov 13 18:17:15 2009 From: robert+fds at shangri-la.ts.gatech.edu (Robert Viduya) Date: Fri, 13 Nov 2009 13:17:15 -0500 Subject: [389-users] more MMR issues In-Reply-To: <4AFC9D3F.7060001@redhat.com> References: <4AF9CC57.4000000@redhat.com> <517A19A4-132C-454A-B12A-025CAA640D19@shangri-la.ts.gatech.edu> <4AFC3053.2030402@redhat.com> <99273101-9F48-4050-ADA9-A89EEA38EE57@shangri-la.ts.gatech.edu> <4AFC9D3F.7060001@redhat.com> Message-ID: On Nov 12, 2009, at 6:41 PM, Rich Megginson wrote: > Robert Viduya wrote: > I don't see anything which indicates that someone initiated a > replica init from this master. I would expect to see a MOD on the > replication agreement entry, and I don't see that. That's the issue, no-one initiated a replica init. But somehow, that master saw one come over the wire. > Are you using a BigIP or some other type of load balancing device > between the two servers? If so, I wonder if that is somehow causing > problems. We are using a BIGIP to load-balance our customer's access, but obviously you can't load-balance replication. Our replication agreements point to the servers themselves, not to the advertised service on the load balancer. It does look like, from the logs, there were some communication errors, but we can't avoid those. The replication protocol should be robust enough to handle that. From rmeggins at redhat.com Fri Nov 13 23:59:13 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Fri, 13 Nov 2009 16:59:13 -0700 Subject: [389-users] more MMR issues In-Reply-To: References: Message-ID: <4AFDF2D1.7030704@redhat.com> Robert Viduya wrote: > I didn't get a response to my previous request for help and our > situation degenerated (we lost 3 of our 4 masters) to the point where > I felt we had to do a clean rebuild. We did that late last week into > the weekend and had set up a 2 masters and assorted hubs and slaves. > We used a clean ldif file to import into the first master, so no > previous replica IDs were carried over from the previous environment. > > We are running directory version 1.2.2 on RHEL5.4, both 64-bit. > > Things were running fine until this morning, when one of our masters > started reporting errors. We found this in it's errorlog: Are there any errors before that? > > [10/Nov/2009:08:56:27 -0500] NSMMReplicationPlugin - > multimaster_be_state_change: replica > ou=people,dc=gted,dc=gatech,dc=edu is going offline; disabling > replication > [10/Nov/2009:08:59:29 -0500] - WARNING: Import is running with > nsslapd-db-private-import-mem on; No other process is allowed to > access the database > [10/Nov/2009:08:59:33 -0500] - ERROR bulk import abandoned > [10/Nov/2009:08:59:34 -0500] - import people: Aborting all import > threads... > [10/Nov/2009:08:59:42 -0500] - import people: Import threads aborted. > [10/Nov/2009:08:59:43 -0500] - import people: Closing files... > [10/Nov/2009:08:59:43 -0500] - import people: Import failed. > [10/Nov/2009:09:01:51 -0500] NSMMReplicationPlugin - > replica_replace_ruv_tombstone: failed to update replication update > vector for replica ou=people,dc=gted,dc=gatech,dc=edu: LDAP error - 1 > [10/Nov/2009:09:01:57 -0500] NSMMReplicationPlugin - > replica_replace_ruv_tombstone: failed to update replication update > vector for replica ou=people,dc=gted,dc=gatech,dc=edu: LDAP error - 1 > [10/Nov/2009:09:02:01 -0500] NSMMReplicationPlugin - > replica_replace_ruv_tombstone: failed to update replication update > vector for replica ou=people,dc=gted,dc=gatech,dc=edu: LDAP error - 1 > [10/Nov/2009:09:02:21 -0500] NSMMReplicationPlugin - > replica_replace_ruv_tombstone: failed to update replication update > vector for replica ou=people,dc=gted,dc=gatech,dc=edu: LDAP error - 1 > [10/Nov/2009:09:02:26 -0500] NSMMReplicationPlugin - > replica_replace_ruv_tombstone: failed to update replication update > vector for replica ou=people,dc=gted,dc=gatech,dc=edu: LDAP error - 1 > [10/Nov/2009:09:02:32 -0500] NSMMReplicationPlugin - > replica_replace_ruv_tombstone: failed to update replication update > vector for replica ou=people,dc=gted,dc=gatech,dc=edu: LDAP error - 1 > > > That last line repeats until we brought the server down. The log > _looks_ like someone/something triggered an import operation, but > no-one did, on either master. > > The errorlog on the other master shows the following: Are there any errors before this? > > [10/Nov/2009:08:39:29 -0500] - repl5_inc_waitfor_async_results timed > out waiting for responses: 38 46 > [10/Nov/2009:08:39:54 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Warning: unable to receive > endReplication extended operation response (Bad parameter to an ldap > routine) What's in the consumer access log at or around [10/Nov/2009:08:39:29 -0500] and [10/Nov/2009:08:39:54 -0500] ? > [10/Nov/2009:08:40:04 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:40:08 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:40:14 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:40:38 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:43:05 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:44:50 -0500] - repl5_inc_waitfor_async_results timed > out waiting for responses: 6 8 > [10/Nov/2009:08:47:08 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:47:08 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Incremental protocol: event > backoff_timer_expired should not occur in state start_backoff > [10/Nov/2009:08:47:12 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:47:18 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Incremental update failed and > requires administrator action Was there any administrator action taken here? > [10/Nov/2009:08:55:01 -0500] - repl5_inc_waitfor_async_results timed > out waiting for responses: 13 14 > [10/Nov/2009:08:55:01 -0500] - repl5_inc_waitfor_async_results timed > out waiting for responses: 59 81 > [10/Nov/2009:08:55:14 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Warning: unable to receive > endReplication extended operation response (Bad parameter to an ldap > routine) > [10/Nov/2009:08:55:24 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:55:28 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:55:34 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:55:46 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:56:10 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:56:58 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Unable to receive the response for a > startReplication extended operation to consumer (Bad parameter to an > ldap routine). Will retry later. > [10/Nov/2009:08:58:34 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Replication bind with SIMPLE auth > resumed > [10/Nov/2009:09:01:47 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Consumer failed to replay change > (uniqueid 51dccc08-9efe11de-8efe8516-22c1043e, CSN > 4af96f8a000200370000): Operations error. Will retry later. > [10/Nov/2009:09:01:47 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Consumer failed to replay change > (uniqueid 5ad5610c-1dd211b2-80b9be51-952a0000, CSN > 4af96f8b000000370000): Operations error. Will retry later. > [10/Nov/2009:09:01:47 -0500] NSMMReplicationPlugin - agmt="cn=people > rewbell gertrude" (gertrude:636): Consumer failed to replay change > (uniqueid 213cd58e-cd7b11de-b535d108-950067b1, CSN > 4af96fcf000000370000): Operations error. Will retry later. > > Again, that last line repeats until we brought down the errant server. > > We've seen this behavior a few times since upgrading. One of our > masters somehow thinks it's supposed to do an import and trashes it's > copy of the data. No person had triggered an import or a > supplier->consumer initialization. Are there conditions where the > directory server itself would trigger such an operation autonomously? I've looked at the code again. The only automatic state transition is from the init state to the incremental update state (that is, after doing a replica init, the supplier will automatically being sending updates). Even if it exits the incremental protocol, it should start another incremental update. > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From rmeggins at redhat.com Mon Nov 16 15:27:52 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Mon, 16 Nov 2009 08:27:52 -0700 Subject: [389-users] Are you using 389-ds-base 1.2.4? 389-admin 1.1.9? PassSync 1.1.3? Message-ID: <4B016F78.8040404@redhat.com> We are trying to get some feedback about the packages in testing before we push them out to stable. The packages currently in testing are: 389-ds-base 1.2.4 389-admin 1.1.9 Windows PassSync 1.1.3 We would really like to know if you are using these and, if so, if they are working for you (or not). These releases contain some bug fixes and a couple of new features that the community at large has asked for and would benefit from. But we don't want to push these releases to stable until we get some more feedback. Thanks -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From across at itasoftware.com Mon Nov 16 15:50:13 2009 From: across at itasoftware.com (Anne Cross) Date: Mon, 16 Nov 2009 10:50:13 -0500 Subject: [389-users] New PassSync 1.1.3 to fix install issues - need testers In-Reply-To: <4AF994D3.6030107@redhat.com> References: <4AF994D3.6030107@redhat.com> Message-ID: <4B0174B5.4010706@itasoftware.com> Rich Megginson wrote: > I have a new PassSync package 1.1.3 that should address some install > issues reported by some users on Windows 2008. > > Please test these and let me know how they work > > > http://rmeggins.fedorapeople.org/389-PassSync-1.1.3-i386.msi > > http://rmeggins.fedorapeople.org/389-PassSync-1.1.3-x86_64.msi > Working like a charm on Windows 2008. 1.1.2 did *not* work at all, but 1.1.3 has given us no problems whatsoever. -- ,___, {o,o} Anne "Juniper" Cross (___) Senior Linux Systems Engineer and Extropic Crusader -"-"-- Information Technology, ITA Software /^^^ From rmeggins at redhat.com Mon Nov 16 23:47:35 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Mon, 16 Nov 2009 16:47:35 -0700 Subject: [389-users] PassSync 1.1.3 now available - Windows Console 1.1.4.a1 now available for testing Message-ID: <4B01E497.8010906@redhat.com> Windows Password Sync 1.1.3 has been marked stable. Windows Console 1.1.4.a1 (alpha 1) is now available for testing. * Release Notes - http://directory.fedoraproject.org/wiki/Release_Notes * Download - http://directory.fedoraproject.org/wiki/Download -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From luke-fds at schierer.org Tue Nov 17 04:17:59 2009 From: luke-fds at schierer.org (Luke Schierer) Date: Mon, 16 Nov 2009 23:17:59 -0500 (EST) Subject: [389-users] PassSync 1.1.3 now available - Windows Console 1.1.4.a1 now available for testing In-Reply-To: <4B01E497.8010906@redhat.com> References: <4B01E497.8010906@redhat.com> Message-ID: > Windows Password Sync 1.1.3 has been marked stable. > > Windows Console 1.1.4.a1 (alpha 1) is now available for testing. > > * Release Notes - http://directory.fedoraproject.org/wiki/Release_Notes > * Download - http://directory.fedoraproject.org/wiki/Download Thanks for posting the updated windows console! Luke From cbucl at firescope.com Tue Nov 17 04:24:10 2009 From: cbucl at firescope.com (Bucl, Casper) Date: Mon, 16 Nov 2009 20:24:10 -0800 Subject: [389-users] Replication and High Availalbiltiy Message-ID: <0AC31FD51798B348BFB7EFD2BDEFE96E1541E01BA0@EXVMBX020-12.exch020.serverdata.net> Hi, I'm trying to create a high availability ldap for a system I have in place that is currently using multimaster replication. Using a shared storage system isn't an option in this case. To give you an idea of what our setup looks like, There are two nodes, that have replication set up. These are set up as multimasters and have processes that write to both of them. These changes replicate to the other ldap server. Now I need them to be in a high availability configuration. I have created duplicates of each node and gotten the high availability portion on each of them to work correctly. The problem comes with fedora and replication. I have tried multiple ways of setting up fedora and replication and they always seem to end up with changes not being replicated to the other master when we have failed over to the secondary node. The two most successful one's are below Configurations. Full Mesh: All links were set up as a two way replication. This always ends up with at least 2 nodes showing errors saying it "Can't locate CSN" or "Duplicate node ID" Node1A ------- Node1B | \ / | | X | | / \ | Node2A ------- Node2B Single replication agreement between VIPs In this configuration, we initially copied over the slapd instance directory on setup of the second HA node (Node1A to Node1B) so that the settings and configurations are identical on both. Then as changes were made to the ldap, we created backups using db2bak. These backups are copied over to the failover box and then imported on startup of fedora ds. This doesn't appear to backup the changelog and ends up with an error saying "Can't locate CSN" again. Node1 VIP | | Node2 VIP I have tried other things as well and they were a lot less fruitful than the two examples I have here. Has anyone set up a high availability scenario similar to this? Can anyone suggest a different process or configuration that would accomplish what I'm after? Thanks, Casper -------------- next part -------------- An HTML attachment was scrubbed... URL: From rmeggins at redhat.com Tue Nov 17 14:22:48 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Tue, 17 Nov 2009 07:22:48 -0700 Subject: [389-users] Replication and High Availalbiltiy In-Reply-To: <0AC31FD51798B348BFB7EFD2BDEFE96E1541E01BA0@EXVMBX020-12.exch020.serverdata.net> References: <0AC31FD51798B348BFB7EFD2BDEFE96E1541E01BA0@EXVMBX020-12.exch020.serverdata.net> Message-ID: <4B02B1B8.60604@redhat.com> Bucl, Casper wrote: > > Hi, > > I?m trying to create a high availability ldap for a system I have in > place that is currently using multimaster replication. Using a shared > storage system isn?t an option in this case. > > To give you an idea of what our setup looks like, > > There are two nodes, that have replication set up. These are set up as > multimasters and have processes that write to both of them. These > changes replicate to the other ldap server. > > Now I need them to be in a high availability configuration. > > I have created duplicates of each node and gotten the high > availability portion on each of them to work correctly. > > The problem comes with fedora and replication. > > I have tried multiple ways of setting up fedora and replication and > they always seem to end up with changes not being replicated to the > other master when we have failed over to the secondary node. The two > most successful one?s are below > > Configurations. > > Full Mesh: All links were set up as a two way replication. > > This always ends up with at least 2 nodes showing errors saying it > ?Can't locate CSN? or ?Duplicate node ID? > > Node1A ------- Node1B > > | \ / | > > | X | > > | / \ | > > Node2A ------- Node2B > > Single replication agreement between VIPs > > In this configuration, we initially copied over the slapd instance > directory on setup of the second HA node (Node1A to Node1B) so that > the settings and configurations are identical on both. Then as changes > were made to the ldap, we created backups using db2bak. These backups > are copied over to the failover box and then imported on startup of > fedora ds. This doesn?t appear to backup the changelog and ends up > with an error saying ?Can?t locate CSN? again. > > Node1 VIP > > | > > | > > Node2 VIP > > I have tried other things as well and they were a lot less fruitful > than the two examples I have here. > > Has anyone set up a high availability scenario similar to this? Can > anyone suggest a different process or configuration that would > accomplish what I?m after? > Yes. Configurations like this have been working at high volume installations for several years. Let's start with - what platform are you running on your systems? What version of DS? What procedure did you use to set up and initialize your replicas? > > Thanks, > > Casper > > ------------------------------------------------------------------------ > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From cbucl at firescope.com Tue Nov 17 17:57:12 2009 From: cbucl at firescope.com (Bucl, Casper) Date: Tue, 17 Nov 2009 09:57:12 -0800 Subject: [389-users] Replication and High Availalbiltiy In-Reply-To: <4B02B1B8.60604@redhat.com> References: <0AC31FD51798B348BFB7EFD2BDEFE96E1541E01BA0@EXVMBX020-12.exch020.serverdata.net> <4B02B1B8.60604@redhat.com> Message-ID: <0AC31FD51798B348BFB7EFD2BDEFE96E1541E01C54@EXVMBX020-12.exch020.serverdata.net> -----Original Message----- From: fedora-directory-users-bounces at redhat.com [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of Rich Megginson Sent: Tuesday, November 17, 2009 8:23 AM To: General discussion list for the 389 Directory server project. Subject: Re: [389-users] Replication and High Availalbiltiy Bucl, Casper wrote: > > Hi, > > I'm trying to create a high availability ldap for a system I have in > place that is currently using multimaster replication. Using a shared > storage system isn't an option in this case. > > To give you an idea of what our setup looks like, > > There are two nodes, that have replication set up. These are set up as > multimasters and have processes that write to both of them. These > changes replicate to the other ldap server. > > Now I need them to be in a high availability configuration. > > I have created duplicates of each node and gotten the high > availability portion on each of them to work correctly. > > The problem comes with fedora and replication. > > I have tried multiple ways of setting up fedora and replication and > they always seem to end up with changes not being replicated to the > other master when we have failed over to the secondary node. The two > most successful one's are below > > Configurations. > > Full Mesh: All links were set up as a two way replication. > > This always ends up with at least 2 nodes showing errors saying it > "Can't locate CSN" or "Duplicate node ID" > > Node1A ------- Node1B > > | \ / | > > | X | > > | / \ | > > Node2A ------- Node2B > > Single replication agreement between VIPs > > In this configuration, we initially copied over the slapd instance > directory on setup of the second HA node (Node1A to Node1B) so that > the settings and configurations are identical on both. Then as changes > were made to the ldap, we created backups using db2bak. These backups > are copied over to the failover box and then imported on startup of > fedora ds. This doesn't appear to backup the changelog and ends up > with an error saying "Can't locate CSN" again. > > Node1 VIP > > | > > | > > Node2 VIP > > I have tried other things as well and they were a lot less fruitful > than the two examples I have here. > > Has anyone set up a high availability scenario similar to this? Can > anyone suggest a different process or configuration that would > accomplish what I'm after? > Yes. Configurations like this have been working at high volume installations for several years. Let's start with - what platform are you running on your systems? What version of DS? What procedure did you use to set up and initialize your replicas? > > Thanks, > > Casper > > ---------------------------------------------------------------------- > -- > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > The environment is set up using Fedora-Directory 1.0.4 To set up the multimaster replication I used the mmr.pl script. When reinitializing the consumers, I use ldapmodify and set the nsDS5BeginReplicaRefresh to start. Another question about the fully meshed configuration, Can there be more nodes? We will be wanting to add another HA node to the environment so this would take the total to 6 directory servers. The idea being that there is a central hub that is kind of the global master. Everyone replicates their info up to it and then it gets redistributed back out to the others. Would the easier method be to copy the changelog information over to the standby node? Is there a method to do this? Thanks, Casper From rmeggins at redhat.com Tue Nov 17 18:35:23 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Tue, 17 Nov 2009 11:35:23 -0700 Subject: [389-users] Replication and High Availalbiltiy In-Reply-To: <0AC31FD51798B348BFB7EFD2BDEFE96E1541E01C54@EXVMBX020-12.exch020.serverdata.net> References: <0AC31FD51798B348BFB7EFD2BDEFE96E1541E01BA0@EXVMBX020-12.exch020.serverdata.net> <4B02B1B8.60604@redhat.com> <0AC31FD51798B348BFB7EFD2BDEFE96E1541E01C54@EXVMBX020-12.exch020.serverdata.net> Message-ID: <4B02ECEB.9060909@redhat.com> Bucl, Casper wrote: > -----Original Message----- > From: fedora-directory-users-bounces at redhat.com [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of Rich Megginson > Sent: Tuesday, November 17, 2009 8:23 AM > To: General discussion list for the 389 Directory server project. > Subject: Re: [389-users] Replication and High Availalbiltiy > > Bucl, Casper wrote: > >> Hi, >> >> I'm trying to create a high availability ldap for a system I have in >> place that is currently using multimaster replication. Using a shared >> storage system isn't an option in this case. >> >> To give you an idea of what our setup looks like, >> >> There are two nodes, that have replication set up. These are set up as >> multimasters and have processes that write to both of them. These >> changes replicate to the other ldap server. >> >> Now I need them to be in a high availability configuration. >> >> I have created duplicates of each node and gotten the high >> availability portion on each of them to work correctly. >> >> The problem comes with fedora and replication. >> >> I have tried multiple ways of setting up fedora and replication and >> they always seem to end up with changes not being replicated to the >> other master when we have failed over to the secondary node. The two >> most successful one's are below >> >> Configurations. >> >> Full Mesh: All links were set up as a two way replication. >> >> This always ends up with at least 2 nodes showing errors saying it >> "Can't locate CSN" or "Duplicate node ID" >> >> Node1A ------- Node1B >> >> | \ / | >> >> | X | >> >> | / \ | >> >> Node2A ------- Node2B >> >> Single replication agreement between VIPs >> >> In this configuration, we initially copied over the slapd instance >> directory on setup of the second HA node (Node1A to Node1B) so that >> the settings and configurations are identical on both. Then as changes >> were made to the ldap, we created backups using db2bak. These backups >> are copied over to the failover box and then imported on startup of >> fedora ds. This doesn't appear to backup the changelog and ends up >> with an error saying "Can't locate CSN" again. >> >> Node1 VIP >> >> | >> >> | >> >> Node2 VIP >> >> I have tried other things as well and they were a lot less fruitful >> than the two examples I have here. >> >> Has anyone set up a high availability scenario similar to this? Can >> anyone suggest a different process or configuration that would >> accomplish what I'm after? >> >> > Yes. Configurations like this have been working at high volume installations for several years. > > Let's start with - what platform are you running on your systems? What version of DS? What procedure did you use to set up and initialize your replicas? > >> Thanks, >> >> Casper >> >> ---------------------------------------------------------------------- >> -- >> >> -- >> 389 users mailing list >> 389-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> > > The environment is set up using Fedora-Directory 1.0.4 > What platform? I would suggest using the latest (1.2.2 or 1.2.4 which is in testing). We have fixed many, many bugs in replication since 1.0.4, and the issue with the CSN you are reporting sounds like a bug that has been fixed in 1.2.x. > To set up the multimaster replication I used the mmr.pl script. When reinitializing the consumers, I use ldapmodify and set the nsDS5BeginReplicaRefresh to start. > > Another question about the fully meshed configuration, Can there be more nodes? We will be wanting to add another HA node to the environment so this would take the total to 6 directory servers. The idea being that there is a central hub that is kind of the global master. Everyone replicates their info up to it and then it gets redistributed back out to the others. > Yes, you can have more than 4 masters. > Would the easier method be to copy the changelog information over to the standby node? No. > Is there a method to do this? > Not really. > Thanks, > Casper > > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From cbucl at firescope.com Tue Nov 17 18:44:33 2009 From: cbucl at firescope.com (Bucl, Casper) Date: Tue, 17 Nov 2009 10:44:33 -0800 Subject: [389-users] Replication and High Availalbiltiy In-Reply-To: <4B02ECEB.9060909@redhat.com> References: <0AC31FD51798B348BFB7EFD2BDEFE96E1541E01BA0@EXVMBX020-12.exch020.serverdata.net> <4B02B1B8.60604@redhat.com> <0AC31FD51798B348BFB7EFD2BDEFE96E1541E01C54@EXVMBX020-12.exch020.serverdata.net> <4B02ECEB.9060909@redhat.com> Message-ID: <0AC31FD51798B348BFB7EFD2BDEFE96E1541E01C6D@EXVMBX020-12.exch020.serverdata.net> -----Original Message----- From: fedora-directory-users-bounces at redhat.com [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of Rich Megginson Sent: Tuesday, November 17, 2009 12:35 PM To: General discussion list for the 389 Directory server project. Subject: Re: [389-users] Replication and High Availalbiltiy Bucl, Casper wrote: > -----Original Message----- > From: fedora-directory-users-bounces at redhat.com > [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of Rich > Megginson > Sent: Tuesday, November 17, 2009 8:23 AM > To: General discussion list for the 389 Directory server project. > Subject: Re: [389-users] Replication and High Availalbiltiy > > Bucl, Casper wrote: > >> Hi, >> >> I'm trying to create a high availability ldap for a system I have in >> place that is currently using multimaster replication. Using a shared >> storage system isn't an option in this case. >> >> To give you an idea of what our setup looks like, >> >> There are two nodes, that have replication set up. These are set up >> as multimasters and have processes that write to both of them. These >> changes replicate to the other ldap server. >> >> Now I need them to be in a high availability configuration. >> >> I have created duplicates of each node and gotten the high >> availability portion on each of them to work correctly. >> >> The problem comes with fedora and replication. >> >> I have tried multiple ways of setting up fedora and replication and >> they always seem to end up with changes not being replicated to the >> other master when we have failed over to the secondary node. The two >> most successful one's are below >> >> Configurations. >> >> Full Mesh: All links were set up as a two way replication. >> >> This always ends up with at least 2 nodes showing errors saying it >> "Can't locate CSN" or "Duplicate node ID" >> >> Node1A ------- Node1B >> >> | \ / | >> >> | X | >> >> | / \ | >> >> Node2A ------- Node2B >> >> Single replication agreement between VIPs >> >> In this configuration, we initially copied over the slapd instance >> directory on setup of the second HA node (Node1A to Node1B) so that >> the settings and configurations are identical on both. Then as >> changes were made to the ldap, we created backups using db2bak. These >> backups are copied over to the failover box and then imported on >> startup of fedora ds. This doesn't appear to backup the changelog and >> ends up with an error saying "Can't locate CSN" again. >> >> Node1 VIP >> >> | >> >> | >> >> Node2 VIP >> >> I have tried other things as well and they were a lot less fruitful >> than the two examples I have here. >> >> Has anyone set up a high availability scenario similar to this? Can >> anyone suggest a different process or configuration that would >> accomplish what I'm after? >> >> > Yes. Configurations like this have been working at high volume installations for several years. > > Let's start with - what platform are you running on your systems? What version of DS? What procedure did you use to set up and initialize your replicas? > >> Thanks, >> >> Casper >> >> --------------------------------------------------------------------- >> - >> -- >> >> -- >> 389 users mailing list >> 389-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> > > The environment is set up using Fedora-Directory 1.0.4 > What platform? I would suggest using the latest (1.2.2 or 1.2.4 which is in testing). We have fixed many, many bugs in replication since 1.0.4, and the issue with the CSN you are reporting sounds like a bug that has been fixed in 1.2.x. > To set up the multimaster replication I used the mmr.pl script. When reinitializing the consumers, I use ldapmodify and set the nsDS5BeginReplicaRefresh to start. > > Another question about the fully meshed configuration, Can there be more nodes? We will be wanting to add another HA node to the environment so this would take the total to 6 directory servers. The idea being that there is a central hub that is kind of the global master. Everyone replicates their info up to it and then it gets redistributed back out to the others. > Yes, you can have more than 4 masters. > Would the easier method be to copy the changelog information over to the standby node? No. > Is there a method to do this? > Not really. > Thanks, > Casper > > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > Hi Rich, What is the proper way to reinitialize the replication agreement in a multimaster configuration. Whenever I try using the nsDS5BeginReplicaRefresh method, it ends up creating a new changelog on the node being refreshed and then it begins having replication issues. Notably the "Can't locate CSN" error. Could this be something related to some of the bugs you were speaking of? Casper From rmeggins at redhat.com Wed Nov 18 03:23:00 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Tue, 17 Nov 2009 20:23:00 -0700 Subject: [389-users] Replication and High Availalbiltiy In-Reply-To: <0AC31FD51798B348BFB7EFD2BDEFE96E1541E01C6D@EXVMBX020-12.exch020.serverdata.net> References: <0AC31FD51798B348BFB7EFD2BDEFE96E1541E01BA0@EXVMBX020-12.exch020.serverdata.net> <4B02B1B8.60604@redhat.com> <0AC31FD51798B348BFB7EFD2BDEFE96E1541E01C54@EXVMBX020-12.exch020.serverdata.net> <4B02ECEB.9060909@redhat.com> <0AC31FD51798B348BFB7EFD2BDEFE96E1541E01C6D@EXVMBX020-12.exch020.serverdata.net> Message-ID: <4B036894.7000508@redhat.com> Bucl, Casper wrote: > -----Original Message----- > From: fedora-directory-users-bounces at redhat.com [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of Rich Megginson > Sent: Tuesday, November 17, 2009 12:35 PM > To: General discussion list for the 389 Directory server project. > Subject: Re: [389-users] Replication and High Availalbiltiy > > Bucl, Casper wrote: > >> -----Original Message----- >> From: fedora-directory-users-bounces at redhat.com >> [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of Rich >> Megginson >> Sent: Tuesday, November 17, 2009 8:23 AM >> To: General discussion list for the 389 Directory server project. >> Subject: Re: [389-users] Replication and High Availalbiltiy >> >> Bucl, Casper wrote: >> >> >>> Hi, >>> >>> I'm trying to create a high availability ldap for a system I have in >>> place that is currently using multimaster replication. Using a shared >>> storage system isn't an option in this case. >>> >>> To give you an idea of what our setup looks like, >>> >>> There are two nodes, that have replication set up. These are set up >>> as multimasters and have processes that write to both of them. These >>> changes replicate to the other ldap server. >>> >>> Now I need them to be in a high availability configuration. >>> >>> I have created duplicates of each node and gotten the high >>> availability portion on each of them to work correctly. >>> >>> The problem comes with fedora and replication. >>> >>> I have tried multiple ways of setting up fedora and replication and >>> they always seem to end up with changes not being replicated to the >>> other master when we have failed over to the secondary node. The two >>> most successful one's are below >>> >>> Configurations. >>> >>> Full Mesh: All links were set up as a two way replication. >>> >>> This always ends up with at least 2 nodes showing errors saying it >>> "Can't locate CSN" or "Duplicate node ID" >>> >>> Node1A ------- Node1B >>> >>> | \ / | >>> >>> | X | >>> >>> | / \ | >>> >>> Node2A ------- Node2B >>> >>> Single replication agreement between VIPs >>> >>> In this configuration, we initially copied over the slapd instance >>> directory on setup of the second HA node (Node1A to Node1B) so that >>> the settings and configurations are identical on both. Then as >>> changes were made to the ldap, we created backups using db2bak. These >>> backups are copied over to the failover box and then imported on >>> startup of fedora ds. This doesn't appear to backup the changelog and >>> ends up with an error saying "Can't locate CSN" again. >>> >>> Node1 VIP >>> >>> | >>> >>> | >>> >>> Node2 VIP >>> >>> I have tried other things as well and they were a lot less fruitful >>> than the two examples I have here. >>> >>> Has anyone set up a high availability scenario similar to this? Can >>> anyone suggest a different process or configuration that would >>> accomplish what I'm after? >>> >>> >>> >> Yes. Configurations like this have been working at high volume installations for several years. >> >> Let's start with - what platform are you running on your systems? What version of DS? What procedure did you use to set up and initialize your replicas? >> >> >>> Thanks, >>> >>> Casper >>> >>> --------------------------------------------------------------------- >>> - >>> -- >>> >>> -- >>> 389 users mailing list >>> 389-users at redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> >>> >>> >> The environment is set up using Fedora-Directory 1.0.4 >> >> > What platform? I would suggest using the latest (1.2.2 or 1.2.4 which is in testing). We have fixed many, many bugs in replication since 1.0.4, and the issue with the CSN you are reporting sounds like a bug that has been fixed in 1.2.x. > >> To set up the multimaster replication I used the mmr.pl script. When reinitializing the consumers, I use ldapmodify and set the nsDS5BeginReplicaRefresh to start. >> >> Another question about the fully meshed configuration, Can there be more nodes? We will be wanting to add another HA node to the environment so this would take the total to 6 directory servers. The idea being that there is a central hub that is kind of the global master. Everyone replicates their info up to it and then it gets redistributed back out to the others. >> >> > Yes, you can have more than 4 masters. > >> Would the easier method be to copy the changelog information over to the standby node? >> > No. > >> Is there a method to do this? >> >> > Not really. > >> Thanks, >> Casper >> >> >> -- >> 389 users mailing list >> 389-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> > Hi Rich, > What is the proper way to reinitialize the replication agreement in a multimaster configuration. Whenever I try using the nsDS5BeginReplicaRefresh method, it ends up creating a new changelog on the node being refreshed and then it begins having replication issues. Notably the "Can't locate CSN" error. Could this be something related to some of the bugs you were speaking of? > Yes. See https://bugzilla.redhat.com/show_bug.cgi?id=388021 - fixed in 1.1.0 What platform are you running on? > Casper > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From emmanuel.billot at ird.fr Wed Nov 18 14:31:31 2009 From: emmanuel.billot at ird.fr (Emmanuel BILLOT) Date: Wed, 18 Nov 2009 15:31:31 +0100 Subject: [389-users] Unindexed ? Message-ID: <4B040543.6090902@ird.fr> Hi, I used the logconv.pl utility to check our config, and it found a lot of unindexed search. In the access log file i found lines :: [18/Nov/2009:15:27:28 +0100] conn=1565 op=10246 RESULT err=0 tag=101 nentries=132 etime=1 notes=U [18/Nov/2009:15:27:28 +0100] conn=1565 op=10247 SRCH base="dc=ouaga,dc=ird,dc=fr" scope=2 filter="(&(objectClass=*))" attrs="* aci" Does the "notes=U" means it is an unindex search ? I must index a attribut but which one ? BR, -- ========================================== Emmanuel BILLOT IRD - Orl?ans D?l?gation aux Syst?mes d'Information (DSI) t?l : 02 38 49 95 88 ========================================== From emmanuel.billot at ird.fr Wed Nov 18 15:02:38 2009 From: emmanuel.billot at ird.fr (Emmanuel BILLOT) Date: Wed, 18 Nov 2009 16:02:38 +0100 Subject: [389-users] Case sensitive ? Message-ID: <4B040C8E.5000004@ird.fr> Hi, Some of our datas are using a "objectClass" attribute. Is there any difference in indexing data when index is defined with "objectclass" ? Index is it case sensitive in attribut definition ? BR, -- ========================================== Emmanuel BILLOT IRD - Orl?ans D?l?gation aux Syst?mes d'Information (DSI) t?l : 02 38 49 95 88 ========================================== From cbucl at firescope.com Wed Nov 18 15:10:07 2009 From: cbucl at firescope.com (Bucl, Casper) Date: Wed, 18 Nov 2009 07:10:07 -0800 Subject: [389-users] Replication and High Availalbiltiy In-Reply-To: <4B036894.7000508@redhat.com> References: <0AC31FD51798B348BFB7EFD2BDEFE96E1541E01BA0@EXVMBX020-12.exch020.serverdata.net> <4B02B1B8.60604@redhat.com> <0AC31FD51798B348BFB7EFD2BDEFE96E1541E01C54@EXVMBX020-12.exch020.serverdata.net> <4B02ECEB.9060909@redhat.com> <0AC31FD51798B348BFB7EFD2BDEFE96E1541E01C6D@EXVMBX020-12.exch020.serverdata.net> <4B036894.7000508@redhat.com> Message-ID: <0AC31FD51798B348BFB7EFD2BDEFE96E1541E01D4A@EXVMBX020-12.exch020.serverdata.net> -----Original Message----- From: fedora-directory-users-bounces at redhat.com [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of Rich Megginson Sent: Tuesday, November 17, 2009 9:23 PM To: General discussion list for the 389 Directory server project. Subject: Re: [389-users] Replication and High Availalbiltiy Bucl, Casper wrote: > -----Original Message----- > From: fedora-directory-users-bounces at redhat.com > [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of Rich > Megginson > Sent: Tuesday, November 17, 2009 12:35 PM > To: General discussion list for the 389 Directory server project. > Subject: Re: [389-users] Replication and High Availalbiltiy > > Bucl, Casper wrote: > >> -----Original Message----- >> From: fedora-directory-users-bounces at redhat.com >> [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of Rich >> Megginson >> Sent: Tuesday, November 17, 2009 8:23 AM >> To: General discussion list for the 389 Directory server project. >> Subject: Re: [389-users] Replication and High Availalbiltiy >> >> Bucl, Casper wrote: >> >> >>> Hi, >>> >>> I'm trying to create a high availability ldap for a system I have in >>> place that is currently using multimaster replication. Using a >>> shared storage system isn't an option in this case. >>> >>> To give you an idea of what our setup looks like, >>> >>> There are two nodes, that have replication set up. These are set up >>> as multimasters and have processes that write to both of them. These >>> changes replicate to the other ldap server. >>> >>> Now I need them to be in a high availability configuration. >>> >>> I have created duplicates of each node and gotten the high >>> availability portion on each of them to work correctly. >>> >>> The problem comes with fedora and replication. >>> >>> I have tried multiple ways of setting up fedora and replication and >>> they always seem to end up with changes not being replicated to the >>> other master when we have failed over to the secondary node. The two >>> most successful one's are below >>> >>> Configurations. >>> >>> Full Mesh: All links were set up as a two way replication. >>> >>> This always ends up with at least 2 nodes showing errors saying it >>> "Can't locate CSN" or "Duplicate node ID" >>> >>> Node1A ------- Node1B >>> >>> | \ / | >>> >>> | X | >>> >>> | / \ | >>> >>> Node2A ------- Node2B >>> >>> Single replication agreement between VIPs >>> >>> In this configuration, we initially copied over the slapd instance >>> directory on setup of the second HA node (Node1A to Node1B) so that >>> the settings and configurations are identical on both. Then as >>> changes were made to the ldap, we created backups using db2bak. >>> These backups are copied over to the failover box and then imported >>> on startup of fedora ds. This doesn't appear to backup the changelog >>> and ends up with an error saying "Can't locate CSN" again. >>> >>> Node1 VIP >>> >>> | >>> >>> | >>> >>> Node2 VIP >>> >>> I have tried other things as well and they were a lot less fruitful >>> than the two examples I have here. >>> >>> Has anyone set up a high availability scenario similar to this? Can >>> anyone suggest a different process or configuration that would >>> accomplish what I'm after? >>> >>> >>> >> Yes. Configurations like this have been working at high volume installations for several years. >> >> Let's start with - what platform are you running on your systems? What version of DS? What procedure did you use to set up and initialize your replicas? >> >> >>> Thanks, >>> >>> Casper >>> >>> -------------------------------------------------------------------- >>> - >>> - >>> -- >>> >>> -- >>> 389 users mailing list >>> 389-users at redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> >>> >>> >> The environment is set up using Fedora-Directory 1.0.4 >> >> > What platform? I would suggest using the latest (1.2.2 or 1.2.4 which is in testing). We have fixed many, many bugs in replication since 1.0.4, and the issue with the CSN you are reporting sounds like a bug that has been fixed in 1.2.x. > >> To set up the multimaster replication I used the mmr.pl script. When reinitializing the consumers, I use ldapmodify and set the nsDS5BeginReplicaRefresh to start. >> >> Another question about the fully meshed configuration, Can there be more nodes? We will be wanting to add another HA node to the environment so this would take the total to 6 directory servers. The idea being that there is a central hub that is kind of the global master. Everyone replicates their info up to it and then it gets redistributed back out to the others. >> >> > Yes, you can have more than 4 masters. > >> Would the easier method be to copy the changelog information over to the standby node? >> > No. > >> Is there a method to do this? >> >> > Not really. > >> Thanks, >> Casper >> >> >> -- >> 389 users mailing list >> 389-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> > Hi Rich, > What is the proper way to reinitialize the replication agreement in a multimaster configuration. Whenever I try using the nsDS5BeginReplicaRefresh method, it ends up creating a new changelog on the node being refreshed and then it begins having replication issues. Notably the "Can't locate CSN" error. Could this be something related to some of the bugs you were speaking of? > Yes. See https://bugzilla.redhat.com/show_bug.cgi?id=388021 - fixed in 1.1.0 What platform are you running on? > Casper > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > We are using a version of linux based on Redhat linux. Kernel version 2.6.26.8. Thanks for all your help. I will have to work on an upgrade plan to get our LDAP updated. Casper From psundaram at wgen.net Wed Nov 18 17:06:11 2009 From: psundaram at wgen.net (Prashanth Sundaram) Date: Wed, 18 Nov 2009 12:06:11 -0500 Subject: [389-users] Access.conf issue Message-ID: All, I have setup the ldapserver with PAM PassThrough and need help in figuring out the access.conf without use of netgroups. Can I simply use the groups with access.conf? I am only able to ssh as root, but not with any ldap account. I was able to ssh before making changes for the pam_access. Here are the files I edited. /etc/ldap.conf pam_member_attribute uniquemember (since 389-ds uses uniquemember for group membership) uri ldap://ldap.domain.com:389/ tls_checkpeer yes ssl start_tls tls_cacertdir /etc/openldap/cacerts pam_password md5 tls_cacertfile /etc/pki/tls/certs/ca-cert.crt /etc/security/access.conf + : root : ALL + : @groupname : ALL + : @groupname2 : ALL - : ALL : ALL authconfig --enableldap --enableldapauth --disablenis --enablecache --ldapserver=ldap.domain.com --ldapbasedn=dc=ldapdomain,dc=com --enableldaptls --disablekrb5 --krb5kdc=AD.ADdomain.com --krb5adminserver=AD.ADdomain.com --krb5realm=ADDOMAIN.COM --enablekrb5kdcdns --enablekrb5realmdns --enablepamaccess --enablemkhomedir --enablelocauthorize ?updateall /etc/pam.d/system-auth : account required pam_access.so accessfile=/etc/security/access.conf : Here?s the error message I got. I see that krb5 is succeeding my password but pam_access is blocking me. pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.12.0.95 user=psundaram Nov 18 11:01:44 wgldap01 sshd[8995]: pam_krb5[8995]: authentication succeeds for 'psundaram' (psundaram at ADDOMAIN.COM) Nov 18 11:01:45 wgldap01 sshd[8995]: pam_access(sshd:account): access denied for user `psundaram' from `10.12.0.95' Nov 18 11:01:45 wgldap01 sshd[8995]: pam_access(sshd:account): access denied for user `psundaram' from `10.12.0.95' Nov 18 11:01:45 wgldap01 sshd[8996]: fatal: Access denied for user psundaram by PAM account configuration Thanks, Prashanth -------------- next part -------------- An HTML attachment was scrubbed... URL: From nkinder at redhat.com Wed Nov 18 17:27:19 2009 From: nkinder at redhat.com (Nathan Kinder) Date: Wed, 18 Nov 2009 09:27:19 -0800 Subject: [389-users] Unindexed ? In-Reply-To: <4B040543.6090902@ird.fr> References: <4B040543.6090902@ird.fr> Message-ID: <4B042E77.7020302@redhat.com> On 11/18/2009 06:31 AM, Emmanuel BILLOT wrote: > Hi, > > I used the logconv.pl utility to check our config, and it found a lot > of unindexed search. > In the access log file i found lines :: > > [18/Nov/2009:15:27:28 +0100] conn=1565 op=10246 RESULT err=0 tag=101 > nentries=132 etime=1 notes=U > [18/Nov/2009:15:27:28 +0100] conn=1565 op=10247 SRCH > base="dc=ouaga,dc=ird,dc=fr" scope=2 filter="(&(objectClass=*))" > attrs="* aci" > > Does the "notes=U" means it is an unindex search ? I must index a > attribut but which one ? Yes, "notes=U" means the search was unindexed. You need to provide the "SRCH" line from your access log for "conn=1565 op=10246" so we can see what attributes need to be indexed. > > BR, > From psundaram at wgen.net Wed Nov 18 17:41:48 2009 From: psundaram at wgen.net (Prashanth Sundaram) Date: Wed, 18 Nov 2009 12:41:48 -0500 Subject: [389-users] Access.conf issue Message-ID: I did follow the HowTo: Netgroups and was able to get that working. But my question is whether I can just use ldap groups with access.conf? If I have to use netgroups, do you have a mechanism to add the host/user entries to nisNetgroupTriple in a semi-automated way other than just do ldapmodify ?f ? -------------- next part -------------- An HTML attachment was scrubbed... URL: From james.roman at ssaihq.com Wed Nov 18 17:26:07 2009 From: james.roman at ssaihq.com (James Roman) Date: Wed, 18 Nov 2009 12:26:07 -0500 Subject: [389-users] Replication and Class of Service Message-ID: <4B042E2F.308@ssaihq.com> I have two 389 1.2.2 servers in a Multi-master replication configuration. I've added a few Classic Class of Service entries on the memberof attribute to one of the servers. The CoS and template entries seem to have replicated to the other server, however, when I perform a lookup on the entires in the replicated server, the CoS attributes are not processed. Is there something I am missing to get the CoS operation to replicate? From james.roman at ssaihq.com Wed Nov 18 19:06:15 2009 From: james.roman at ssaihq.com (James Roman) Date: Wed, 18 Nov 2009 14:06:15 -0500 Subject: [389-users] Replication and Class of Service In-Reply-To: <4B042E2F.308@ssaihq.com> References: <4B042E2F.308@ssaihq.com> Message-ID: <4B0445A7.2040007@ssaihq.com> Never mind. I realized that the memberof plugin was not enabled on the replica, so no memberof entry to apply a CoS. James Roman wrote: > I have two 389 1.2.2 servers in a Multi-master replication > configuration. I've added a few Classic Class of Service entries on > the memberof attribute to one of the servers. The CoS and template > entries seem to have replicated to the other server, however, when I > perform a lookup on the entires in the replicated server, the CoS > attributes are not processed. Is there something I am missing to get > the CoS operation to replicate? > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users From Robert.Tidwell at acxiom.com Wed Nov 18 17:15:32 2009 From: Robert.Tidwell at acxiom.com (Tidwell Robert - rtidwe) Date: Wed, 18 Nov 2009 11:15:32 -0600 Subject: [389-users] Access.conf issue In-Reply-To: References: Message-ID: <689701AE8ADAAF43B7A5FDFFD12EE62403AC9CB6@CWYMSX06.Corp.Acxiom.net> Is your user a part of the groupname or groupname2 group? And, is "UsePAM yes" and set in your sshd_config? Although, I am not sure that the pam_member_attribute uniquemember is going to work in this situation. Pam is looking to evaluate that the user is a member of the group that you specify for "pam_groupdn" in ldap.conf. Based on what you are saying, you are simply using pam_access to control ssh access to the server. But instead of the pam_access line being in system_auth, I have it in /etc/pam.d/sshd, which it looks like yours is also based on the error messages. What exactly are you trying to accomplish? Robert Robert M. Tidwell | System Engineer/Architect/Administrator Acxiom Distributed Systems Central Arkansas 00-1-501-342-4127 office | 00-1-501-908-2790 cell | 00-1-501-342-3932 fax 301East Dave Ward Drive | Conway, AR 72032 | USA | www.acxiom.com From: fedora-directory-users-bounces at redhat.com [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of Prashanth Sundaram Sent: Wednesday, November 18, 2009 11:06 AM To: fedora-directory-users at redhat.com Subject: [389-users] Access.conf issue All, I have setup the ldapserver with PAM PassThrough and need help in figuring out the access.conf without use of netgroups. Can I simply use the groups with access.conf? I am only able to ssh as root, but not with any ldap account. I was able to ssh before making changes for the pam_access. Here are the files I edited. /etc/ldap.conf pam_member_attribute uniquemember (since 389-ds uses uniquemember for group membership) uri ldap://ldap.domain.com:389/ tls_checkpeer yes ssl start_tls tls_cacertdir /etc/openldap/cacerts pam_password md5 tls_cacertfile /etc/pki/tls/certs/ca-cert.crt /etc/security/access.conf + : root : ALL + : @groupname : ALL + : @groupname2 : ALL - : ALL : ALL authconfig --enableldap --enableldapauth --disablenis --enablecache --ldapserver=ldap.domain.com --ldapbasedn=dc=ldapdomain,dc=com --enableldaptls --disablekrb5 --krb5kdc=AD.ADdomain.com --krb5adminserver=AD.ADdomain.com --krb5realm=ADDOMAIN.COM --enablekrb5kdcdns --enablekrb5realmdns --enablepamaccess --enablemkhomedir --enablelocauthorize -updateall /etc/pam.d/system-auth : account required pam_access.so accessfile=/etc/security/access.conf : Here's the error message I got. I see that krb5 is succeeding my password but pam_access is blocking me. pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.12.0.95 user=psundaram Nov 18 11:01:44 wgldap01 sshd[8995]: pam_krb5[8995]: authentication succeeds for 'psundaram' (psundaram at ADDOMAIN.COM) Nov 18 11:01:45 wgldap01 sshd[8995]: pam_access(sshd:account): access denied for user `psundaram' from `10.12.0.95' Nov 18 11:01:45 wgldap01 sshd[8995]: pam_access(sshd:account): access denied for user `psundaram' from `10.12.0.95' Nov 18 11:01:45 wgldap01 sshd[8996]: fatal: Access denied for user psundaram by PAM account configuration Thanks, Prashanth *************************************************************************** The information contained in this communication is confidential, is intended only for the use of the recipient named above, and may be legally privileged. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please resend this communication to the sender and delete the original message or any copy of it from your computer system. Thank You. **************************************************************************** -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 2865 bytes Desc: image001.gif URL: From psundaram at wgen.net Thu Nov 19 17:28:30 2009 From: psundaram at wgen.net (Prashanth Sundaram) Date: Thu, 19 Nov 2009 12:28:30 -0500 Subject: [389-users] Access.conf issue Message-ID: The user is a part of both groupname and groupname2. I am in testing with different combinations. UsePAM yes is set in /etc/ssh/sshd_config Reason for using pam_member_attribute uniquemember is because 389-ds groups uses that attribute for group members.(see schema below) So to tell the ldap.conf to look at that attribute to verify members. CORRECT ME IF I AM WRONG This is the schema of my groups dn: cn=GroupName,ou=Groups, dc=domain, dc=com gidNumber: 1010 objectClass: top objectClass: groupOfUniqueNames objectClass: posixGroup uniqueMember: uid=username1,ou=People,dc=domain,dc=com uniqueMember: uid=username2,ou=People,dc=domain,dc=com cn: GroupName True, I tried to put the account required pam_access.so to the pam.d/sshd, but since it already includes the system-auth(which already has pam_access). Hence I didn;t add manually to sshd. /etc/pam.d/sshd auth include system-auth account required pam_nologin.so account include system-auth account required pam_access.so password include system-auth session optional pam_keyinit.so force revoke session include system-auth session required pam_loginuid.so What I am trying to accomplish? I am trying to restrict the ssh access to all our servers based on the groupmembership of posixgroups(groupname1 & 2). So say if a user does not belong to that project he/she should not be able to ssh to that box. Extra info which might or not be related: I am using Primary Group for all users as their uidNumber. I think it is called ?User Private Groups? where each user?s uidNumber and gidNumber are same. This is to facilitate the file/folders ownership in their home folder by using umask 022. Stpierre from #389 IRC channel suggested that the syntax for posixGroups in access.conf is not @groupname. But to change it something like below. - : ALL EXCEPT root groupname groupname2 : ALL Thanks for you help. -Prashanth * From: "Tidwell Robert - rtidwe" * To: * Subject: RE: [389-users] Access.conf issue * Date: Wed, 18 Nov 2009 11:15:32 -0600 Title: Access.conf issue Is your user a part of the groupname or groupname2 group? ? ?And, is ?UsePAM yes? and set in your sshd_config? ? Although, I am not sure that the pam_member_attribute uniquemember is going to work in this situation.? Pam is looking to evaluate that the user is a member of the group that you specify for ?pam_groupdn? in ldap.conf. ? ?Based on what you are saying, you are simply using pam_access to control ssh access to the server.? But instead of the pam_access line being in system_auth, I have it in /etc/pam.d/sshd, which it looks like yours is also based on the error messages. ? ? Robert -------------- next part -------------- An HTML attachment was scrubbed... URL: From Robert.Tidwell at acxiom.com Thu Nov 19 19:55:15 2009 From: Robert.Tidwell at acxiom.com (Tidwell Robert - rtidwe) Date: Thu, 19 Nov 2009 13:55:15 -0600 Subject: [389-users] Access.conf issue In-Reply-To: References: Message-ID: <689701AE8ADAAF43B7A5FDFFD12EE62403AC9CBA@CWYMSX06.Corp.Acxiom.net> Pam_member_attribute is specific to pam_ldap and, according to the man page for pam_ldap, is only evaluated if the pam_groupdn option is specified. As far as "LDAP" posixgroups in /etc/security/access.conf, I can assure you that the way StPierre described below will work. I am using that same type of setup on top of the pam_groupdn in /etc/ldap.conf. Good luck. Robert M. Tidwell | System Engineer/Architect/Administrator Acxiom Distributed Systems Central Arkansas 00-1-501-342-4127 office | 00-1-501-908-2790 cell | 00-1-501-342-3932 fax 301East Dave Ward Drive | Conway, AR 72032 | USA | www.acxiom.com From: fedora-directory-users-bounces at redhat.com [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of Prashanth Sundaram Sent: Thursday, November 19, 2009 11:29 AM To: fedora-directory-users at redhat.com Cc: Rober.Tidwell at acxiom.com Subject: RE: [389-users] Access.conf issue The user is a part of both groupname and groupname2. I am in testing with different combinations. UsePAM yes is set in /etc/ssh/sshd_config Reason for using pam_member_attribute uniquemember is because 389-ds groups uses that attribute for group members.(see schema below) So to tell the ldap.conf to look at that attribute to verify members. CORRECT ME IF I AM WRONG This is the schema of my groups dn: cn=GroupName,ou=Groups, dc=domain, dc=com gidNumber: 1010 objectClass: top objectClass: groupOfUniqueNames objectClass: posixGroup uniqueMember: uid=username1,ou=People,dc=domain,dc=com uniqueMember: uid=username2,ou=People,dc=domain,dc=com cn: GroupName True, I tried to put the account required pam_access.so to the pam.d/sshd, but since it already includes the system-auth(which already has pam_access). Hence I didn;t add manually to sshd. /etc/pam.d/sshd auth include system-auth account required pam_nologin.so account include system-auth account required pam_access.so password include system-auth session optional pam_keyinit.so force revoke session include system-auth session required pam_loginuid.so What I am trying to accomplish? I am trying to restrict the ssh access to all our servers based on the groupmembership of posixgroups(groupname1 & 2). So say if a user does not belong to that project he/she should not be able to ssh to that box. Extra info which might or not be related: I am using Primary Group for all users as their uidNumber. I think it is called "User Private Groups" where each user's uidNumber and gidNumber are same. This is to facilitate the file/folders ownership in their home folder by using umask 022. Stpierre from #389 IRC channel suggested that the syntax for posixGroups in access.conf is not @groupname. But to change it something like below. - : ALL EXCEPT root groupname groupname2 : ALL Thanks for you help. -Prashanth * From: "Tidwell Robert - rtidwe" * To: * Subject: RE: [389-users] Access.conf issue * Date: Wed, 18 Nov 2009 11:15:32 -0600 ________________________________ Title: Access.conf issue Is your user a part of the groupname or groupname2 group? And, is "UsePAM yes" and set in your sshd_config? Although, I am not sure that the pam_member_attribute uniquemember is going to work in this situation. Pam is looking to evaluate that the user is a member of the group that you specify for "pam_groupdn" in ldap.conf. Based on what you are saying, you are simply using pam_access to control ssh access to the server. But instead of the pam_access line being in system_auth, I have it in /etc/pam.d/sshd, which it looks like yours is also based on the error messages. Robert *************************************************************************** The information contained in this communication is confidential, is intended only for the use of the recipient named above, and may be legally privileged. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please resend this communication to the sender and delete the original message or any copy of it from your computer system. Thank You. **************************************************************************** -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 2865 bytes Desc: image001.gif URL: From nzahar at gmail.com Sun Nov 22 12:21:49 2009 From: nzahar at gmail.com (Nikos Zaharioudakis) Date: Sun, 22 Nov 2009 04:21:49 -0800 (PST) Subject: [389-users] Nikos Zaharioudakis wants to connect on LinkedIn Message-ID: <1680974114.5310401.1258892509715.JavaMail.app@ech3-cdn07.prod> LinkedIn ------------ General, I'd like to add you to my professional network on LinkedIn. - Nikos Zaharioudakis Confirm that you know Nikos Zaharioudakis https://www.linkedin.com/e/isd/880117025/BeI5DD7c/ Every day, millions of professionals like Nikos Zaharioudakis use LinkedIn to connect with colleagues, find experts, and explore opportunities. ------ (c) 2009, LinkedIn Corporation -------------- next part -------------- An HTML attachment was scrubbed... URL: From psundaram at wgen.net Mon Nov 23 04:32:54 2009 From: psundaram at wgen.net (Prashanth Sundaram) Date: Sun, 22 Nov 2009 23:32:54 -0500 Subject: [389-users] Access.conf issue References: <20091120170009.677A48E005E@hormel.redhat.com> Message-ID: Thanks Robert. That seems to work well. But here is my scenario I have a bunch of Groups and not sure if I can specify multiple groupdn's in ldap.conf. Group1= Developers on Project1 need access to only proj1 servers Group2= QA on Project1 need access to proj1 servers only Group3= sysadmins accesss to all servers Available methods for access control: 1. Host attribute based ACL- Adding an extra attribute for each user and maintaining a list of 40-50 servers per user. Major Disadvantage: Manual entry for each user account or atleast scripting based on group membership which makes it too complex. 2. Use NisNetGroups: Maintain separate set of netgroups for proj1-servers, proj1-Developers, proj1-QA, Groupfor-ALLservers, GroupforSysadmin. Major Disadvantage: we add/remove hosts a lot and to maintain a huge list of nisNetgroups for hosts as well as users seems cumbersome or atleast doubling the DB. Also lack of tools. Can you suggest suitable scenario and any tools I can use to minimize the effort? Thanks once again. Prashanth -------------- next part -------------- A non-text attachment was scrubbed... Name: winmail.dat Type: application/ms-tnef Size: 3210 bytes Desc: not available URL: From andrey.ivanov at polytechnique.fr Mon Nov 23 07:12:52 2009 From: andrey.ivanov at polytechnique.fr (Andrey Ivanov) Date: Mon, 23 Nov 2009 08:12:52 +0100 Subject: [389-users] Access.conf issue In-Reply-To: References: <20091120170009.677A48E005E@hormel.redhat.com> Message-ID: <1601b8650911222312u645afd6bo99db070755c3ea0d@mail.gmail.com> 2009/11/23 Prashanth Sundaram > Thanks Robert. That seems to work well. > > But here is my scenario I have a bunch of Groups and not sure if I can > specify multiple groupdn's in ldap.conf. > > Group1= Developers on Project1 need access to only proj1 servers > Group2= QA on Project1 need access to proj1 servers only > Group3= sysadmins accesss to all servers > Even if you can't specify several groups in groupdn you can always change the filter in pam_filter to something like : (&(objectClass=posixAccount)(|(memberOf=Group1)(memberOf=Group2))) Of course you need at first to enable the memberOf plug-in... @+ -------------- next part -------------- An HTML attachment was scrubbed... URL: From hartmann at fas.harvard.edu Mon Nov 23 20:04:35 2009 From: hartmann at fas.harvard.edu (Tim Hartmann) Date: Mon, 23 Nov 2009 15:04:35 -0500 Subject: [389-users] libpam-passthru-plugin Message-ID: <4B0AEAD3.5050806@fas.harvard.edu> Hi Folks, I've been looking at upgrading the version of libpam-passthru-plugin.so that we use, we are using v 1.1.3 from an older version of Fedora Directory Server on our RHDS 8.0 Install, I noticed that v 1.2.2 is available in 389 on Fedora 11, and thought it might be useful to upgrade my version of the Plugin. Are there any Pros/Con's to using a newer version of the plug in? Thanks! Tim From kakon.dan at gmail.com Wed Nov 25 08:06:20 2009 From: kakon.dan at gmail.com (dan kakon) Date: Wed, 25 Nov 2009 09:06:20 +0100 Subject: [389-users] PosixGroup Message-ID: Hello everybody, I want to create a posixgroup for my useraccount, i created a user with utility of 389 DS, but when i see my client linux, i not see my group when i wrote id user. I see just my user and not my group. Please help me. Dan -- Dan Kakon 126, Avenue de Paris 94300 Vincennes Tel : 0178689468 Port : 0650621292 email :dankakon at dksn.net kakon.dan at gmail.com Blog DKSN: www.dksn.net -------------- next part -------------- An HTML attachment was scrubbed... URL: From jsullivan at opensourcedevel.com Wed Nov 25 08:20:08 2009 From: jsullivan at opensourcedevel.com (John A. Sullivan III) Date: Wed, 25 Nov 2009 03:20:08 -0500 Subject: [389-users] PosixGroup In-Reply-To: References: Message-ID: <1259137208.6606.1.camel@jaspav.missionsit.net.missionsit.net> On Wed, 2009-11-25 at 09:06 +0100, dan kakon wrote: > Hello everybody, > > I want to create a posixgroup for my useraccount, i created a user > with utility of 389 DS, but when i see my client linux, i not see my > group when i wrote id user. I see just my user and not my group. > > Please help me. > If I recall correctly (and I'm not sure that I do), you need to manually add an objectClass of posixgroup to the user - John -- John A. Sullivan III Open Source Development Corporation +1 207-985-7880 jsullivan at opensourcedevel.com http://www.spiritualoutreach.com Making Christianity intelligible to secular society From kakon.dan at gmail.com Wed Nov 25 08:57:23 2009 From: kakon.dan at gmail.com (dan kakon) Date: Wed, 25 Nov 2009 09:57:23 +0100 Subject: [389-users] PosixGroup In-Reply-To: <1259137208.6606.1.camel@jaspav.missionsit.net.missionsit.net> References: <1259137208.6606.1.camel@jaspav.missionsit.net.missionsit.net> Message-ID: Thanks, John, i have a problem with a passwd command, i added a object class user password for to manage a password and i activated a passwd in 389 DS. DAn 2009/11/25 John A. Sullivan III > On Wed, 2009-11-25 at 09:06 +0100, dan kakon wrote: > > Hello everybody, > > > > I want to create a posixgroup for my useraccount, i created a user > > with utility of 389 DS, but when i see my client linux, i not see my > > group when i wrote id user. I see just my user and not my group. > > > > Please help me. > > > > If I recall correctly (and I'm not sure that I do), you need to manually > add an objectClass of posixgroup to the user - John > -- > John A. Sullivan III > Open Source Development Corporation > +1 207-985-7880 > jsullivan at opensourcedevel.com > > http://www.spiritualoutreach.com > Making Christianity intelligible to secular society > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -- Dan Kakon 126, Avenue de Paris 94300 Vincennes Tel : 0178689468 Port : 0650621292 email :dankakon at dksn.net kakon.dan at gmail.com Blog DKSN: www.dksn.net -------------- next part -------------- An HTML attachment was scrubbed... URL: From kakon.dan at gmail.com Wed Nov 25 10:07:19 2009 From: kakon.dan at gmail.com (dan kakon) Date: Wed, 25 Nov 2009 11:07:19 +0100 Subject: [389-users] PosixGroup In-Reply-To: References: <1259137208.6606.1.camel@jaspav.missionsit.net.missionsit.net> Message-ID: I not see a password in a shadow file, id user. Dan Thanks 2009/11/25 dan kakon > Thanks, > > John, i have a problem with a passwd command, i added a object class user > password for to manage a password and i activated a passwd in 389 DS. > > DAn > > 2009/11/25 John A. Sullivan III > > On Wed, 2009-11-25 at 09:06 +0100, dan kakon wrote: >> > Hello everybody, >> > >> > I want to create a posixgroup for my useraccount, i created a user >> > with utility of 389 DS, but when i see my client linux, i not see my >> > group when i wrote id user. I see just my user and not my group. >> > >> > Please help me. >> > >> >> If I recall correctly (and I'm not sure that I do), you need to manually >> add an objectClass of posixgroup to the user - John >> -- >> John A. Sullivan III >> Open Source Development Corporation >> +1 207-985-7880 >> jsullivan at opensourcedevel.com >> >> http://www.spiritualoutreach.com >> Making Christianity intelligible to secular society >> >> -- >> 389 users mailing list >> 389-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> > > > > -- > Dan Kakon > 126, Avenue de Paris > 94300 Vincennes > Tel : 0178689468 > Port : 0650621292 > email :dankakon at dksn.net > kakon.dan at gmail.com > Blog DKSN: www.dksn.net > > -- Dan Kakon 126, Avenue de Paris 94300 Vincennes Tel : 0178689468 Port : 0650621292 email :dankakon at dksn.net kakon.dan at gmail.com Blog DKSN: www.dksn.net -------------- next part -------------- An HTML attachment was scrubbed... URL: From kakon.dan at gmail.com Wed Nov 25 12:41:34 2009 From: kakon.dan at gmail.com (dan kakon) Date: Wed, 25 Nov 2009 13:41:34 +0100 Subject: [389-users] PosixGroup In-Reply-To: <1259137208.6606.1.camel@jaspav.missionsit.net.missionsit.net> References: <1259137208.6606.1.camel@jaspav.missionsit.net.missionsit.net> Message-ID: Hello John, I don't show user's has passwd (userPassword), when i type this command "ldapsearch -x "uid=dkakon"". Help me please Thank you Dan 2009/11/25 John A. Sullivan III > On Wed, 2009-11-25 at 09:06 +0100, dan kakon wrote: > > Hello everybody, > > > > I want to create a posixgroup for my useraccount, i created a user > > with utility of 389 DS, but when i see my client linux, i not see my > > group when i wrote id user. I see just my user and not my group. > > > > Please help me. > > > > If I recall correctly (and I'm not sure that I do), you need to manually > add an objectClass of posixgroup to the user - John > -- > John A. Sullivan III > Open Source Development Corporation > +1 207-985-7880 > jsullivan at opensourcedevel.com > > http://www.spiritualoutreach.com > Making Christianity intelligible to secular society > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -- Dan Kakon 126, Avenue de Paris 94300 Vincennes Tel : 0178689468 Port : 0650621292 email :dankakon at dksn.net kakon.dan at gmail.com Blog DKSN: www.dksn.net -------------- next part -------------- An HTML attachment was scrubbed... URL: From mitja.mihelic at arnes.si Wed Nov 25 14:22:37 2009 From: mitja.mihelic at arnes.si (=?ISO-8859-1?Q?Mitja_Mihelic=28?=) Date: Wed, 25 Nov 2009 15:22:37 +0100 Subject: [389-users] Schema conversion from OpenLDAP to 389DS Message-ID: <4B0D3DAD.4090602@arnes.si> Hi! Is it possible to use references for attributeTypes/objectClasses definitions in the 389DS schemas ? Like: schacAttributeType:1 instead of 1.3.6.1.4.1.25178.1.2.1 Of course the OID for schacAttributeType should be defined beforehand. Please read the text bellow for a better explanation. I was trying to convert the OpenLDAP SCHAC schema into a 389DS schema by using the ol2rhds.pl script available on http://directory.fedoraproject.org The converted file did not exactly want to play ball so it had to be modified. The OpenLDAP version of the schema uses references instead of numbers for OIDs: * objectIdentifier TERENA 1.3.6.1.4.1.25178 * objectIdentifier schac TERENA:1 * objectIdentifier schacObjectClass schac:1 * objectIdentifier schacAttributeType schac:2 The script that converted the schema did not take the references into account so I ended up with attribute names like: attributeTypes: ( schacAttributeType:1 NAME 'schacMotherTongue' When trying to load the schema into the 389DS it complained: [25/Nov/2009:14:48:13 +0100] schemareload - Schema reload task starts (schema dir: default) ... [25/Nov/2009:14:48:15 +0100] dse - The entry cn=schema in file /etc/dirsrv/slapd-import/schema/91schac.ldif is invalid, error code 21 (Invalid syntax) - attribute type schacMotherTongue The OID "schacMotherTongue:1" must begin and end with a digit, or be "schacMotherTongue-oid" [25/Nov/2009:14:48:15 +0100] schema_reload - schema file validation failed [25/Nov/2009:14:48:15 +0100] schemareload - Schema validation failed. After I manually replaced the references with OIDs it worked. OK, I also had to modify a couple of attribute syntax definitions :) Regards, Mitja From andrew at dingman.org Wed Nov 25 14:50:27 2009 From: andrew at dingman.org (Andrew C. Dingman) Date: Wed, 25 Nov 2009 09:50:27 -0500 Subject: [389-users] PosixGroup In-Reply-To: References: <1259137208.6606.1.camel@jaspav.missionsit.net.missionsit.net> Message-ID: <1259160627.2813.9.camel@Phorkys.acdjdg.dingman.org> On Wed, 2009-11-25 at 11:07 +0100, dan kakon wrote: > I not see a password in a shadow file, id user. Nor should you. Neither /etc/passwd nor /etc/shadow should contain any reference to your LDAP users. If things are set up right, though, you should be able to view them as NSS sees them with 'getent passwd' and 'getent shadow'. Depending on how you chose to set things up, there may be no shadow entries at all. Arguably, you don't need the shadow information for LDAP users, if password expiration and account vailidity are all being enforced at the directory server level. -- -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3551 bytes Desc: not available URL: From rmeggins at redhat.com Wed Nov 25 15:09:48 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Wed, 25 Nov 2009 08:09:48 -0700 Subject: [389-users] Schema conversion from OpenLDAP to 389DS In-Reply-To: <4B0D3DAD.4090602@arnes.si> References: <4B0D3DAD.4090602@arnes.si> Message-ID: <4B0D48BC.5090204@redhat.com> Mitja Mihelic wrote: > Hi! > > Is it possible to use references for attributeTypes/objectClasses > definitions in the 389DS schemas ? > Like: schacAttributeType:1 instead of 1.3.6.1.4.1.25178.1.2.1 > Of course the OID for schacAttributeType should be defined beforehand. > No, that is not supported in 389. Please file a bug/enhancement request for the Schema category at https://bugzilla.redhat.com/enter_bug.cgi?product=389 > Please read the text bellow for a better explanation. > > I was trying to convert the OpenLDAP SCHAC schema into a 389DS schema by > using the ol2rhds.pl script available on http://directory.fedoraproject.org > The converted file did not exactly want to play ball so it had to be > modified. > > The OpenLDAP version of the schema uses references instead of numbers > for OIDs: > > * objectIdentifier TERENA 1.3.6.1.4.1.25178 > * objectIdentifier schac TERENA:1 > * objectIdentifier schacObjectClass schac:1 > * objectIdentifier schacAttributeType schac:2 > > The script that converted the schema did not take the references into > account > so I ended up with attribute names like: > > attributeTypes: ( > schacAttributeType:1 > NAME 'schacMotherTongue' > > > When trying to load the schema into the 389DS it complained: > > [25/Nov/2009:14:48:13 +0100] schemareload - Schema reload task starts > (schema dir: default) ... > [25/Nov/2009:14:48:15 +0100] dse - The entry cn=schema in file > /etc/dirsrv/slapd-import/schema/91schac.ldif is invalid, error code 21 > (Invalid syntax) - attribute type schacMotherTongue The OID > "schacMotherTongue:1" must begin and end with a digit, or be > "schacMotherTongue-oid" > [25/Nov/2009:14:48:15 +0100] schema_reload - schema file validation failed > [25/Nov/2009:14:48:15 +0100] schemareload - Schema validation failed. > > > After I manually replaced the references with OIDs it worked. OK, I also > had to modify a couple of attribute syntax definitions :) > > Regards, > Mitja > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From 389ldap at envirobyte.sk Wed Nov 25 15:51:48 2009 From: 389ldap at envirobyte.sk (Daniel) Date: Wed, 25 Nov 2009 16:51:48 +0100 Subject: [389-users] Multi master replication - "Invalid syntax" error. Message-ID: <4B0D5294.8010705@envirobyte.sk> Hi, I need a helping hand from some experienced 389-ds admin. I have built two LDAPs based on CentOS 5.3 and Fedora directory server. ldap1 - is the production server which is running a few months. all of the data are placed there. ldap2 - is the clean install of CentOS 5.3 and 389-ds, identical to ldap1, but with no data at all. My point is to replicate present ldap1 data in to the new ldap2 server. I went through the documentation here http://directory.fedoraproject.org/wiki/Howto:MultiMasterReplication and everything seems to be OK Replication agreements are created, when I display them I get the following output replication agreements from ldap1.mydomain.com (389) ->ldap2.mydomain.com (389) replication agreements from ldap2.mydomain.com (389) ->ldap1.mydomaincom (389) ...but when I perform the ldapsearch for some certain records - ldap2 won't find anything. So I checked the ldap1 error log and found this 25/Nov/2009:13:08:40 +0100] NSMMReplicationPlugin - agmt_delete: begin [25/Nov/2009:13:08:48 +0100] NSMMReplicationPlugin - agmt="cn="Replication to ldap2.mydomain.com"" (ldap2:389): Schema replication update failed: Invalidsyntax [25/Nov/2009:13:08:48 +0100] NSMMReplicationPlugin - agmt="cn="Replication to ldap2.mydomain.com"" (ldap2:389): Warning: unable to replicate schema: rc=1 [25/Nov/2009:13:08:51 +0100] NSMMReplicationPlugin - agmt="cn="Replication to ldap2.mydomain.com"" (ldap2:389): Schema replication update failed: Invalid syntax [25/Nov/2009:13:08:51 +0100] NSMMReplicationPlugin - Warning: unable to replicate schema to host ldap2.mydomain.com, port 389. Continuing with total update session. [25/Nov/2009:13:08:51 +0100] NSMMReplicationPlugin - Beginning total update of replica "agmt="cn="Replication to ldap2.mydomain.com"" (ldap2:389)". [25/Nov/2009:13:08:54 +0100] NSMMReplicationPlugin - Finished total update of replica "agmt="cn="Replication to ldap2.mydomain.com"" (ldap2:389)". Sent 107 entries. Can you please explain to me what does it mean "Invalid syntax"? I googled but no useful information were found. So if someone knows what to do for solution I would greatly appreciate the help. Thank you very much. ~ Daniel. From kakon.dan at gmail.com Wed Nov 25 15:51:59 2009 From: kakon.dan at gmail.com (dan kakon) Date: Wed, 25 Nov 2009 16:51:59 +0100 Subject: [389-users] PosixGroup In-Reply-To: <1259160627.2813.9.camel@Phorkys.acdjdg.dingman.org> References: <1259137208.6606.1.camel@jaspav.missionsit.net.missionsit.net> <1259160627.2813.9.camel@Phorkys.acdjdg.dingman.org> Message-ID: Thanks, I add a shadowaccount, i doing this command getent passwd (ok this fonction), getent group (ok this fonction) and getent shadow(this fonction) "dkakon:*:14573:0:99999:7:::". ldapsearch -h localhost "uid=dkakon" version: 1 dn: uid=dkakon,ou=People,dc=fr,dc=publicisgroupe,dc=net givenName: dan sn: kakon telephoneNumber: 0650621292 loginShell: /bin/bash gidNumber: 700 uidNumber: 700 mail: kakon.dan at gmail.com objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetorgperson objectClass: posixAccount objectClass: shadowaccount objectClass: passwordpolicy objectClass: passwordobject uid: dkakon gecos: Dan Kakon cn: dan kakon homeDirectory: /home/dkakon shadowMax: 99999 shadowMin: 00000 shadowLastChange: 14573 shadowWarning: 7 userPassword: {SSHA}3atvCZ+60iYb0qFtyzWg2p+HZFbpUgqCa4W0Xw== passwordStorageScheme: MD5 One: I don't a scheme of userPassword {SSHA} is by default, i add many attributes shadowaccount, passwordpolicy I add a value userpassword on my group dkakon, i went to authentie my user dkakon. Now this work. file /etc/ldap.conf (client rhel 5.4): host rh5std.fr.publicisgroupe.net base dc=fr,dc=publicisgroupe,dc=net uri ldap://rh5std.fr.publicisgroupe.net ldap_version 3 port 389 scope one timelimit 120 bind_timelimit 120 bind_policy soft idle_timelimit 3600 pam_filter objectclass=posixaccount pam_login_attribute uid pam_member_attribute gid pam_password ssha nss_base_passwd ou=People,dc=fr,dc=publicisgroupe,dc=net?sub nss_base_shadow ou=People,dc=fr,dc=publicisgroupe,dc=net?sub nss_base_group ou=Groups,dc=fr,dc=publicisgroupe,dc=net?sub Thanks Dan 2009/11/25 Andrew C. Dingman > On Wed, 2009-11-25 at 11:07 +0100, dan kakon wrote: > > I not see a password in a shadow file, id user. > > Nor should you. Neither /etc/passwd nor /etc/shadow should contain any > reference to your LDAP users. If things are set up right, though, you > should be able to view them as NSS sees them with 'getent passwd' and > 'getent shadow'. Depending on how you chose to set things up, there may > be no shadow entries at all. Arguably, you don't need the shadow > information for LDAP users, if password expiration and account vailidity > are all being enforced at the directory server level. > > -- > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > -- Dan Kakon 126, Avenue de Paris 94300 Vincennes Tel : 0178689468 Port : 0650621292 email :dankakon at dksn.net kakon.dan at gmail.com Blog DKSN: www.dksn.net -------------- next part -------------- An HTML attachment was scrubbed... URL: From rmeggins at redhat.com Wed Nov 25 16:21:12 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Wed, 25 Nov 2009 09:21:12 -0700 Subject: [389-users] Multi master replication - "Invalid syntax" error. In-Reply-To: <4B0D5294.8010705@envirobyte.sk> References: <4B0D5294.8010705@envirobyte.sk> Message-ID: <4B0D5978.6060601@redhat.com> Daniel wrote: > Hi, I need a helping hand from some experienced 389-ds admin. > > I have built two LDAPs based on CentOS 5.3 and Fedora directory server. > > ldap1 - is the production server which is running a few months. all of > the data are placed there. > What version? rpm -qi 389-ds-base (or fedora-ds-base if still using fedora-ds) > ldap2 - is the clean install of CentOS 5.3 and 389-ds, identical to > ldap1, but with no data at all. > What version? rpm -qi 389-ds-base The schema and syntax checking have been improved in 389 1.2.1 and later. Do you have any custom schema? > My point is to replicate present ldap1 data in to the new ldap2 server. > > I went through the documentation here > http://directory.fedoraproject.org/wiki/Howto:MultiMasterReplication and > everything seems to be OK > Replication agreements are created, when I display them I get the > following output > > replication agreements from ldap1.mydomain.com (389) > ->ldap2.mydomain.com (389) > > replication agreements from ldap2.mydomain.com (389) > ->ldap1.mydomaincom (389) > > ...but when I perform the ldapsearch for some certain records - ldap2 > won't find anything. > > So I checked the ldap1 error log and found this > > 25/Nov/2009:13:08:40 +0100] NSMMReplicationPlugin - agmt_delete: begin > [25/Nov/2009:13:08:48 +0100] NSMMReplicationPlugin - > agmt="cn="Replication to ldap2.mydomain.com"" (ldap2:389): Schema > replication update failed: Invalidsyntax > [25/Nov/2009:13:08:48 +0100] NSMMReplicationPlugin - > agmt="cn="Replication to ldap2.mydomain.com"" (ldap2:389): Warning: > unable to replicate schema: rc=1 > [25/Nov/2009:13:08:51 +0100] NSMMReplicationPlugin - > agmt="cn="Replication to ldap2.mydomain.com"" (ldap2:389): Schema > replication update failed: Invalid syntax > [25/Nov/2009:13:08:51 +0100] NSMMReplicationPlugin - Warning: unable to > replicate schema to host ldap2.mydomain.com, port 389. Continuing with > total update session. > [25/Nov/2009:13:08:51 +0100] NSMMReplicationPlugin - Beginning total > update of replica "agmt="cn="Replication to ldap2.mydomain.com"" > (ldap2:389)". > [25/Nov/2009:13:08:54 +0100] NSMMReplicationPlugin - Finished total > update of replica "agmt="cn="Replication to ldap2.mydomain.com"" > (ldap2:389)". Sent 107 entries. > > Can you please explain to me what does it mean "Invalid syntax"? > I googled but no useful information were found. > > So if someone knows what to do for solution I would greatly appreciate > the help. > > Thank you very much. > > ~ Daniel. > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From rmeggins at redhat.com Wed Nov 25 16:22:48 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Wed, 25 Nov 2009 09:22:48 -0700 Subject: [389-users] libpam-passthru-plugin In-Reply-To: <4B0AEAD3.5050806@fas.harvard.edu> References: <4B0AEAD3.5050806@fas.harvard.edu> Message-ID: <4B0D59D8.4010104@redhat.com> Tim Hartmann wrote: > Hi Folks, > > I've been looking at upgrading the version of libpam-passthru-plugin.so > that we use, we are using v 1.1.3 from an older version of Fedora > Directory Server on our RHDS 8.0 Install, I noticed that v 1.2.2 is > available in 389 on Fedora 11, and thought it might be useful to upgrade > my version of the Plugin. Are there any Pros/Con's to using a newer > version of the plug in? > You want to use the pam passthrough plugin from 389 1.2.2 Fedora 11 with 1.1.3? There are binaries for EL5. > Thanks! > > Tim > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From 389ldap at envirobyte.sk Wed Nov 25 17:45:00 2009 From: 389ldap at envirobyte.sk (Daniel) Date: Wed, 25 Nov 2009 18:45:00 +0100 Subject: [389-users] Multi master replication - "Invalid syntax" error. In-Reply-To: <4B0D5978.6060601@redhat.com> References: <4B0D5294.8010705@envirobyte.sk> <4B0D5978.6060601@redhat.com> Message-ID: <4B0D6D1C.9030604@envirobyte.sk> An HTML attachment was scrubbed... URL: From hartmann at fas.harvard.edu Wed Nov 25 17:57:49 2009 From: hartmann at fas.harvard.edu (Tim Hartmann) Date: Wed, 25 Nov 2009 12:57:49 -0500 Subject: [389-users] libpam-passthru-plugin In-Reply-To: <4B0D59D8.4010104@redhat.com> References: <4B0AEAD3.5050806@fas.harvard.edu> <4B0D59D8.4010104@redhat.com> Message-ID: <4B0D701D.3050502@fas.harvard.edu> Rich Megginson wrote: > Tim Hartmann wrote: > >> Hi Folks, >> >> I've been looking at upgrading the version of libpam-passthru-plugin.so >> that we use, we are using v 1.1.3 from an older version of Fedora >> Directory Server on our RHDS 8.0 Install, I noticed that v 1.2.2 is >> available in 389 on Fedora 11, and thought it might be useful to upgrade >> my version of the Plugin. Are there any Pros/Con's to using a newer >> version of the plug in? >> >> > You want to use the pam passthrough plugin from 389 1.2.2 Fedora 11 with > 1.1.3? There are binaries for EL5. > Could you point me in the right direction to get the binaries? I asked for guidance through our support channel and they claimed they didn't support the pam-passthru-plugin. I've been having sporatic problems with the dirsrv daemon dieing and they thought it may be in relation to the pam-passthru-plugin Thanks for the help Rich! Tim From rmeggins at redhat.com Wed Nov 25 18:01:32 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Wed, 25 Nov 2009 11:01:32 -0700 Subject: [389-users] libpam-passthru-plugin In-Reply-To: <4B0D701D.3050502@fas.harvard.edu> References: <4B0AEAD3.5050806@fas.harvard.edu> <4B0D59D8.4010104@redhat.com> <4B0D701D.3050502@fas.harvard.edu> Message-ID: <4B0D70FC.2040406@redhat.com> Tim Hartmann wrote: > Rich Megginson wrote: >> Tim Hartmann wrote: >> >>> Hi Folks, >>> >>> I've been looking at upgrading the version of libpam-passthru-plugin.so >>> that we use, we are using v 1.1.3 from an older version of Fedora >>> Directory Server on our RHDS 8.0 Install, I noticed that v 1.2.2 is >>> available in 389 on Fedora 11, and thought it might be useful to >>> upgrade >>> my version of the Plugin. Are there any Pros/Con's to using a newer >>> version of the plug in? >>> >> You want to use the pam passthrough plugin from 389 1.2.2 Fedora 11 >> with 1.1.3? There are binaries for EL5. >> > Could you point me in the right direction to get the binaries? I > asked for guidance through our support channel and they claimed they > didn't support the pam-passthru-plugin. pam passthrough plugin is not supported for Red Hat Directory Server. It is supported for 389 Directory Server. You can use the 389 EL5 binary pam passthrough plugin with Red Hat Directory Server on EL5, but you may run afoul of Red Hat support if you do that. > I've been having sporatic problems with the dirsrv daemon dieing and > they thought it may be in relation to the pam-passthru-plugin > > Thanks for the help Rich! > > Tim > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From rmeggins at redhat.com Wed Nov 25 18:02:56 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Wed, 25 Nov 2009 11:02:56 -0700 Subject: [389-users] Multi master replication - "Invalid syntax" error. In-Reply-To: <4B0D6D1C.9030604@envirobyte.sk> References: <4B0D5294.8010705@envirobyte.sk> <4B0D5978.6060601@redhat.com> <4B0D6D1C.9030604@envirobyte.sk> Message-ID: <4B0D7150.3010408@redhat.com> Daniel wrote: > Hi Rich, > > very good point, I just discovered a very important difference. > > ldap1 - rpm -qi 389-ds-base gives - package "389-ds-base is not > installed" - rpm -qi fedora-ds-base > > unlike of ldap2 which states the following output: > > Name : 389-ds-base Relocations: (not relocatable) > Version : 1.2.2 Vendor: (none) > Release : 1.el5 Build Date: Tue 25 Aug > 2009 10:55:38 PM CEST > Install Date: Sat 07 Nov 2009 09:33:41 PM CET Build Host: localhost > Group : System Environment/Daemons Source RPM: > 389-ds-base-1.2.2-1.el5.src.rpm > Size : 5236534 License: GPLv2 with > exceptions > Signature : DSA/SHA1, Wed 26 Aug 2009 04:15:41 PM CEST, Key ID > 0db66119a7b02652 > URL : http://port389.org/ > Summary : 389 Directory Server (base) > Description : > 389 Directory Server is an LDAPv3 compliant server. The base package > includes > the LDAP server and command line utilities for server administration. > > ldap1 is the machine I have taken after someone and I was told that > it's the 389 dirserver. > > When I want an information about package installed on ldap1 I have to > write: > > rpm -qi fedora-ds > > with this output: > > Name : fedora-ds Relocations: (not relocatable) > Version : 1.1.3 Vendor: (none) > Release : 1.fc6 Build Date: Wed 01 Apr > 2009 09:15:05 PM CEST > Install Date: Sat 11 Apr 2009 11:01:52 PM CEST Build Host: localhost > Group : System Environment/Daemons Source RPM: > fedora-ds-1.1.3-1.fc6.src.rpm > Size : 12279 License: GPLv2 > Signature : DSA/SHA1, Thu 02 Apr 2009 08:57:18 PM CEST, Key ID > 0db66119a7b02652 > URL : http://directory.fedoraproject.org/ > Summary : Red Hat Directory, Administration, and Console Suite > Description : > The Red Hat Directory Server, Administration Server, and Console Suite > provide > the LDAPv3 server, the httpd daemon used to administer the server, and the > console GUI application used for server and user/group administration. > > Do you think this could be the part of the reason? I think the problem is schema/syntax incompatibility between fedora ds and the latest 389 ds. I'd like to try to narrow down exactly what schema/syntax is causing the problem. > > Rich Megginson wrote: >> Daniel wrote: >>> Hi, I need a helping hand from some experienced 389-ds admin. >>> >>> I have built two LDAPs based on CentOS 5.3 and Fedora directory server. >>> >>> ldap1 - is the production server which is running a few months. all of >>> the data are placed there. >>> >> What version? rpm -qi 389-ds-base (or fedora-ds-base if still using >> fedora-ds) >>> ldap2 - is the clean install of CentOS 5.3 and 389-ds, identical to >>> ldap1, but with no data at all. >>> >> What version? rpm -qi 389-ds-base >> >> The schema and syntax checking have been improved in 389 1.2.1 and >> later. Do you have any custom schema? >>> My point is to replicate present ldap1 data in to the new ldap2 server. >>> >>> I went through the documentation here >>> http://directory.fedoraproject.org/wiki/Howto:MultiMasterReplication >>> and >>> everything seems to be OK >>> Replication agreements are created, when I display them I get the >>> following output >>> >>> replication agreements from ldap1.mydomain.com (389) >>> ->ldap2.mydomain.com (389) >>> >>> replication agreements from ldap2.mydomain.com (389) >>> ->ldap1.mydomaincom (389) >>> >>> ...but when I perform the ldapsearch for some certain records - ldap2 >>> won't find anything. >>> >>> So I checked the ldap1 error log and found this >>> >>> 25/Nov/2009:13:08:40 +0100] NSMMReplicationPlugin - agmt_delete: begin >>> [25/Nov/2009:13:08:48 +0100] NSMMReplicationPlugin - >>> agmt="cn="Replication to ldap2.mydomain.com"" (ldap2:389): Schema >>> replication update failed: Invalidsyntax >>> [25/Nov/2009:13:08:48 +0100] NSMMReplicationPlugin - >>> agmt="cn="Replication to ldap2.mydomain.com"" (ldap2:389): Warning: >>> unable to replicate schema: rc=1 >>> [25/Nov/2009:13:08:51 +0100] NSMMReplicationPlugin - >>> agmt="cn="Replication to ldap2.mydomain.com"" (ldap2:389): Schema >>> replication update failed: Invalid syntax >>> [25/Nov/2009:13:08:51 +0100] NSMMReplicationPlugin - Warning: unable to >>> replicate schema to host ldap2.mydomain.com, port 389. Continuing with >>> total update session. >>> [25/Nov/2009:13:08:51 +0100] NSMMReplicationPlugin - Beginning total >>> update of replica "agmt="cn="Replication to ldap2.mydomain.com"" >>> (ldap2:389)". >>> [25/Nov/2009:13:08:54 +0100] NSMMReplicationPlugin - Finished total >>> update of replica "agmt="cn="Replication to ldap2.mydomain.com"" >>> (ldap2:389)". Sent 107 entries. >>> >>> Can you please explain to me what does it mean "Invalid syntax"? >>> I googled but no useful information were found. >>> >>> So if someone knows what to do for solution I would greatly appreciate >>> the help. >>> >>> Thank you very much. >>> >>> ~ Daniel. >>> >>> -- >>> 389 users mailing list >>> 389-users at redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> >> >> ------------------------------------------------------------------------ >> >> -- >> 389 users mailing list >> 389-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> > > ------------------------------------------------------------------------ > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From hartmann at fas.harvard.edu Wed Nov 25 18:20:57 2009 From: hartmann at fas.harvard.edu (Tim Hartmann) Date: Wed, 25 Nov 2009 13:20:57 -0500 Subject: [389-users] libpam-passthru-plugin In-Reply-To: <4B0D70FC.2040406@redhat.com> References: <4B0AEAD3.5050806@fas.harvard.edu> <4B0D59D8.4010104@redhat.com> <4B0D701D.3050502@fas.harvard.edu> <4B0D70FC.2040406@redhat.com> Message-ID: <4B0D7589.3020100@fas.harvard.edu> Rich Megginson wrote: > >>>> >>>> >>> You want to use the pam passthrough plugin from 389 1.2.2 Fedora 11 >>> with 1.1.3? There are binaries for EL5. >>> >>> >> Could you point me in the right direction to get the binaries? I >> asked for guidance through our support channel and they claimed they >> didn't support the pam-passthru-plugin. >> > pam passthrough plugin is not supported for Red Hat Directory Server. > It is supported for 389 Directory Server. You can use the 389 EL5 > binary pam passthrough plugin with Red Hat Directory Server on EL5, but > you may run afoul of Red Hat support if you do that. > Thanks! Where can I get the binaries for EL5? I've googled around and looked on the 389 wiki, but I can't seem to locate them... I'd rather use something closer to what I *should* be using! From 389ldap at envirobyte.sk Wed Nov 25 18:32:18 2009 From: 389ldap at envirobyte.sk (Daniel) Date: Wed, 25 Nov 2009 19:32:18 +0100 Subject: [389-users] Multi master replication - "Invalid syntax" error. In-Reply-To: <4B0D7150.3010408@redhat.com> References: <4B0D5294.8010705@envirobyte.sk> <4B0D5978.6060601@redhat.com> <4B0D6D1C.9030604@envirobyte.sk> <4B0D7150.3010408@redhat.com> Message-ID: <4B0D7832.9070702@envirobyte.sk> And what kind of action do you recommend? Rich Megginson wrote: > Daniel wrote: >> Hi Rich, >> >> very good point, I just discovered a very important difference. >> >> ldap1 - rpm -qi 389-ds-base gives - package "389-ds-base is not >> installed" - > rpm -qi fedora-ds-base >> >> unlike of ldap2 which states the following output: >> >> Name : 389-ds-base Relocations: (not >> relocatable) >> Version : 1.2.2 Vendor: (none) >> Release : 1.el5 Build Date: Tue 25 Aug >> 2009 10:55:38 PM CEST >> Install Date: Sat 07 Nov 2009 09:33:41 PM CET Build Host: localhost >> Group : System Environment/Daemons Source RPM: >> 389-ds-base-1.2.2-1.el5.src.rpm >> Size : 5236534 License: GPLv2 with >> exceptions >> Signature : DSA/SHA1, Wed 26 Aug 2009 04:15:41 PM CEST, Key ID >> 0db66119a7b02652 >> URL : http://port389.org/ >> Summary : 389 Directory Server (base) >> Description : >> 389 Directory Server is an LDAPv3 compliant server. The base package >> includes >> the LDAP server and command line utilities for server administration. >> >> ldap1 is the machine I have taken after someone and I was told that >> it's the 389 dirserver. >> >> When I want an information about package installed on ldap1 I have to >> write: >> >> rpm -qi fedora-ds >> >> with this output: >> >> Name : fedora-ds Relocations: (not >> relocatable) >> Version : 1.1.3 Vendor: (none) >> Release : 1.fc6 Build Date: Wed 01 Apr >> 2009 09:15:05 PM CEST >> Install Date: Sat 11 Apr 2009 11:01:52 PM CEST Build Host: >> localhost >> Group : System Environment/Daemons Source RPM: >> fedora-ds-1.1.3-1.fc6.src.rpm >> Size : 12279 License: GPLv2 >> Signature : DSA/SHA1, Thu 02 Apr 2009 08:57:18 PM CEST, Key ID >> 0db66119a7b02652 >> URL : http://directory.fedoraproject.org/ >> Summary : Red Hat Directory, Administration, and Console Suite >> Description : >> The Red Hat Directory Server, Administration Server, and Console >> Suite provide >> the LDAPv3 server, the httpd daemon used to administer the server, >> and the >> console GUI application used for server and user/group administration. >> >> Do you think this could be the part of the reason? > I think the problem is schema/syntax incompatibility between fedora ds > and the latest 389 ds. I'd like to try to narrow down exactly what > schema/syntax is causing the problem. >> >> Rich Megginson wrote: >>> Daniel wrote: >>>> Hi, I need a helping hand from some experienced 389-ds admin. >>>> >>>> I have built two LDAPs based on CentOS 5.3 and Fedora directory >>>> server. >>>> >>>> ldap1 - is the production server which is running a few months. all of >>>> the data are placed there. >>>> >>> What version? rpm -qi 389-ds-base (or fedora-ds-base if still using >>> fedora-ds) >>>> ldap2 - is the clean install of CentOS 5.3 and 389-ds, identical to >>>> ldap1, but with no data at all. >>>> >>> What version? rpm -qi 389-ds-base >>> >>> The schema and syntax checking have been improved in 389 1.2.1 and >>> later. Do you have any custom schema? >>>> My point is to replicate present ldap1 data in to the new ldap2 >>>> server. >>>> >>>> I went through the documentation here >>>> http://directory.fedoraproject.org/wiki/Howto:MultiMasterReplication >>>> and >>>> everything seems to be OK >>>> Replication agreements are created, when I display them I get the >>>> following output >>>> >>>> replication agreements from ldap1.mydomain.com (389) >>>> ->ldap2.mydomain.com (389) >>>> >>>> replication agreements from ldap2.mydomain.com (389) >>>> ->ldap1.mydomaincom (389) >>>> >>>> ...but when I perform the ldapsearch for some certain records - ldap2 >>>> won't find anything. >>>> >>>> So I checked the ldap1 error log and found this >>>> >>>> 25/Nov/2009:13:08:40 +0100] NSMMReplicationPlugin - agmt_delete: begin >>>> [25/Nov/2009:13:08:48 +0100] NSMMReplicationPlugin - >>>> agmt="cn="Replication to ldap2.mydomain.com"" (ldap2:389): Schema >>>> replication update failed: Invalidsyntax >>>> [25/Nov/2009:13:08:48 +0100] NSMMReplicationPlugin - >>>> agmt="cn="Replication to ldap2.mydomain.com"" (ldap2:389): Warning: >>>> unable to replicate schema: rc=1 >>>> [25/Nov/2009:13:08:51 +0100] NSMMReplicationPlugin - >>>> agmt="cn="Replication to ldap2.mydomain.com"" (ldap2:389): Schema >>>> replication update failed: Invalid syntax >>>> [25/Nov/2009:13:08:51 +0100] NSMMReplicationPlugin - Warning: >>>> unable to >>>> replicate schema to host ldap2.mydomain.com, port 389. Continuing with >>>> total update session. >>>> [25/Nov/2009:13:08:51 +0100] NSMMReplicationPlugin - Beginning total >>>> update of replica "agmt="cn="Replication to ldap2.mydomain.com"" >>>> (ldap2:389)". >>>> [25/Nov/2009:13:08:54 +0100] NSMMReplicationPlugin - Finished total >>>> update of replica "agmt="cn="Replication to ldap2.mydomain.com"" >>>> (ldap2:389)". Sent 107 entries. >>>> >>>> Can you please explain to me what does it mean "Invalid syntax"? >>>> I googled but no useful information were found. >>>> >>>> So if someone knows what to do for solution I would greatly appreciate >>>> the help. >>>> >>>> Thank you very much. >>>> >>>> ~ Daniel. >>>> >>>> -- >>>> 389 users mailing list >>>> 389-users at redhat.com >>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>>> >>> >>> ------------------------------------------------------------------------ >>> >>> >>> -- >>> 389 users mailing list >>> 389-users at redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> >> >> ------------------------------------------------------------------------ >> >> -- >> 389 users mailing list >> 389-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> > > ------------------------------------------------------------------------ > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > From ffiore at babel.it Thu Nov 26 11:15:18 2009 From: ffiore at babel.it (Francesco Fiore) Date: Thu, 26 Nov 2009 12:15:18 +0100 Subject: [389-users] Database link problem Message-ID: <4B0E6346.20602@babel.it> If I set a database link, I 've the error "LDAP server is unwilling to perform" on 389-console. I've already checked the ACIs and the bind DN informations. The version of 389-ds is 1.1.3. Can you help me? Thanks From allanhougham at hotmail.com Thu Nov 26 13:52:16 2009 From: allanhougham at hotmail.com (Allan Gaston Hougham) Date: Thu, 26 Nov 2009 13:52:16 +0000 Subject: [389-users] Password Policy not working fine Message-ID: Dears, I have a problem with my passwords policies, I enabled "Enable fine-grained password policy", I apply this but is not working fine. I followed the steps of Administration Guide pag 364 - 7.1.1.2. Configuring a Subtree/User Password Policy Using the Console But it?s not working, i have that setting any more? Can you help me? Thanks a lot in advance! Allan Hougham _________________________________________________________________ ?Vos ya ten?s SMS Messenger en tu celular? Registrate Aqu? http://www.somosmessengersiempre.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From d.alexander at lse.ac.uk Fri Nov 27 15:23:14 2009 From: d.alexander at lse.ac.uk (Derek Alexander) Date: Fri, 27 Nov 2009 15:23:14 +0000 Subject: [389-users] identifying new entries Message-ID: <4B0FEEE2.5040206@lse.ac.uk> Hi, Does Fedora Directory have an equivalent of Active Directory's 'whenCreated' attribute? If not, do you know of any standard schema that contain such an attribute? Reason for asking is that I need to identify new entries to the directory. I'd considered using the LDAP persistent search extension to receive notification of new entries but that requires a connection to the directory which is hard to guarantee always. I could of course use some other arbitrary attribute to recognise new entries but an equivalent of 'whenCreated' seems like the cleanest solution. Thanks, Derek Please access the attached hyperlink for an important electronic communications disclaimer: http://www.lse.ac.uk/collections/secretariat/legal/disclaimer.htm From rmeggins at redhat.com Mon Nov 30 15:07:58 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Mon, 30 Nov 2009 08:07:58 -0700 Subject: [389-users] libpam-passthru-plugin In-Reply-To: <4B0D7589.3020100@fas.harvard.edu> References: <4B0AEAD3.5050806@fas.harvard.edu> <4B0D59D8.4010104@redhat.com> <4B0D701D.3050502@fas.harvard.edu> <4B0D70FC.2040406@redhat.com> <4B0D7589.3020100@fas.harvard.edu> Message-ID: <4B13DFCE.2090105@redhat.com> Tim Hartmann wrote: > Rich Megginson wrote: >> >>>>> >>>> You want to use the pam passthrough plugin from 389 1.2.2 Fedora 11 >>>> with 1.1.3? There are binaries for EL5. >>>> >>> Could you point me in the right direction to get the binaries? I >>> asked for guidance through our support channel and they claimed they >>> didn't support the pam-passthru-plugin. >>> >> pam passthrough plugin is not supported for Red Hat Directory >> Server. It is supported for 389 Directory Server. You can use the >> 389 EL5 binary pam passthrough plugin with Red Hat Directory Server >> on EL5, but you may run afoul of Red Hat support if you do that. >> > > Thanks! Where can I get the binaries for EL5? I've googled around and > looked on the 389 wiki, but I can't seem to locate them... I'd rather > use something closer to what I *should* be using! http://directory.fedoraproject.org/wiki/Download#Enterprise_Linux_5 > > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From rmeggins at redhat.com Mon Nov 30 15:11:08 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Mon, 30 Nov 2009 08:11:08 -0700 Subject: [389-users] identifying new entries In-Reply-To: <4B0FEEE2.5040206@lse.ac.uk> References: <4B0FEEE2.5040206@lse.ac.uk> Message-ID: <4B13E08C.2030000@redhat.com> Derek Alexander wrote: > Hi, > > Does Fedora Directory have an equivalent of Active Directory's 'whenCreated' attribute? > > If not, do you know of any standard schema that contain such an attribute? > Yes. createTimestamp and creatorsName tell you when the entry was created and by whom. There are also modifyTimestamp and modifiersName. Note that these are operational attributes, so you have to ask for them explicitly on the ldapsearch command line or in an LDAP search request - they are not returned by default with the other regular attributes. > Reason for asking is that I need to identify new entries to the directory. > > I'd considered using the LDAP persistent search extension to receive notification > of new entries but that requires a connection to the directory which is hard to > guarantee always. > > I could of course use some other arbitrary attribute to recognise new entries but an > equivalent of 'whenCreated' seems like the cleanest solution. > If you're just looking for new entries, createTimestamp will probably work. If you need more than that, such as is provided by the Active Directory DirSync control, you might want to investigate the Retro Changelog feature. > Thanks, > Derek > > > Please access the attached hyperlink for an important electronic communications disclaimer: http://www.lse.ac.uk/collections/secretariat/legal/disclaimer.htm > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From rmeggins at redhat.com Mon Nov 30 15:11:51 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Mon, 30 Nov 2009 08:11:51 -0700 Subject: [389-users] Password Policy not working fine In-Reply-To: References: Message-ID: <4B13E0B7.2070102@redhat.com> Allan Gaston Hougham wrote: > Dears, > > I have a problem with my passwords policies, I enabled "Enable > fine-grained password policy", I apply this but is not working fine. > I followed the steps of Administration Guide pag 364 - > > *7.1.1.2. Configuring a Subtree/User Password Policy Using the Console* > > But it?s not working, i have that setting any more? > Can you help me? > What is your platform? What version of directory server? rpm -qi 389-ds-base (or fedora-ds-base) > > Thanks a lot in advance! > > Allan Hougham > > > ------------------------------------------------------------------------ > Internet Explorer 8 especial para MSN - ?Gratis! Descargalo ahora > haciendo clic aqu? > > ------------------------------------------------------------------------ > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From rmeggins at redhat.com Mon Nov 30 15:12:41 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Mon, 30 Nov 2009 08:12:41 -0700 Subject: [389-users] Database link problem In-Reply-To: <4B0E6346.20602@babel.it> References: <4B0E6346.20602@babel.it> Message-ID: <4B13E0E9.5050804@redhat.com> Francesco Fiore wrote: > If I set a database link, I 've the error "LDAP server is unwilling to > perform" on 389-console. > I've already checked the ACIs and the bind DN informations. > The version of 389-ds is 1.1.3. rpm -qi 389-ds-base check the directory server access and errors logs in /var/log/dirsrv/slapd-INSTANCE run the console with debug logging - 389-console -D 9 -f console.log > Can you help me? > Thanks > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From rmeggins at redhat.com Mon Nov 30 15:13:10 2009 From: rmeggins at redhat.com (Rich Megginson) Date: Mon, 30 Nov 2009 08:13:10 -0700 Subject: [389-users] Multi master replication - "Invalid syntax" error. In-Reply-To: <4B0D7832.9070702@envirobyte.sk> References: <4B0D5294.8010705@envirobyte.sk> <4B0D5978.6060601@redhat.com> <4B0D6D1C.9030604@envirobyte.sk> <4B0D7150.3010408@redhat.com> <4B0D7832.9070702@envirobyte.sk> Message-ID: <4B13E106.70606@redhat.com> Daniel wrote: > And what kind of action do you recommend? > Let's first identify what version of fedora-ds - rpm -qi fedora-ds-base > Rich Megginson wrote: > >> Daniel wrote: >> >>> Hi Rich, >>> >>> very good point, I just discovered a very important difference. >>> >>> ldap1 - rpm -qi 389-ds-base gives - package "389-ds-base is not >>> installed" - >>> >> rpm -qi fedora-ds-base >> >>> unlike of ldap2 which states the following output: >>> >>> Name : 389-ds-base Relocations: (not >>> relocatable) >>> Version : 1.2.2 Vendor: (none) >>> Release : 1.el5 Build Date: Tue 25 Aug >>> 2009 10:55:38 PM CEST >>> Install Date: Sat 07 Nov 2009 09:33:41 PM CET Build Host: localhost >>> Group : System Environment/Daemons Source RPM: >>> 389-ds-base-1.2.2-1.el5.src.rpm >>> Size : 5236534 License: GPLv2 with >>> exceptions >>> Signature : DSA/SHA1, Wed 26 Aug 2009 04:15:41 PM CEST, Key ID >>> 0db66119a7b02652 >>> URL : http://port389.org/ >>> Summary : 389 Directory Server (base) >>> Description : >>> 389 Directory Server is an LDAPv3 compliant server. The base package >>> includes >>> the LDAP server and command line utilities for server administration. >>> >>> ldap1 is the machine I have taken after someone and I was told that >>> it's the 389 dirserver. >>> >>> When I want an information about package installed on ldap1 I have to >>> write: >>> >>> rpm -qi fedora-ds >>> >>> with this output: >>> >>> Name : fedora-ds Relocations: (not >>> relocatable) >>> Version : 1.1.3 Vendor: (none) >>> Release : 1.fc6 Build Date: Wed 01 Apr >>> 2009 09:15:05 PM CEST >>> Install Date: Sat 11 Apr 2009 11:01:52 PM CEST Build Host: >>> localhost >>> Group : System Environment/Daemons Source RPM: >>> fedora-ds-1.1.3-1.fc6.src.rpm >>> Size : 12279 License: GPLv2 >>> Signature : DSA/SHA1, Thu 02 Apr 2009 08:57:18 PM CEST, Key ID >>> 0db66119a7b02652 >>> URL : http://directory.fedoraproject.org/ >>> Summary : Red Hat Directory, Administration, and Console Suite >>> Description : >>> The Red Hat Directory Server, Administration Server, and Console >>> Suite provide >>> the LDAPv3 server, the httpd daemon used to administer the server, >>> and the >>> console GUI application used for server and user/group administration. >>> >>> Do you think this could be the part of the reason? >>> >> I think the problem is schema/syntax incompatibility between fedora ds >> and the latest 389 ds. I'd like to try to narrow down exactly what >> schema/syntax is causing the problem. >> >>> Rich Megginson wrote: >>> >>>> Daniel wrote: >>>> >>>>> Hi, I need a helping hand from some experienced 389-ds admin. >>>>> >>>>> I have built two LDAPs based on CentOS 5.3 and Fedora directory >>>>> server. >>>>> >>>>> ldap1 - is the production server which is running a few months. all of >>>>> the data are placed there. >>>>> >>>>> >>>> What version? rpm -qi 389-ds-base (or fedora-ds-base if still using >>>> fedora-ds) >>>> >>>>> ldap2 - is the clean install of CentOS 5.3 and 389-ds, identical to >>>>> ldap1, but with no data at all. >>>>> >>>>> >>>> What version? rpm -qi 389-ds-base >>>> >>>> The schema and syntax checking have been improved in 389 1.2.1 and >>>> later. Do you have any custom schema? >>>> >>>>> My point is to replicate present ldap1 data in to the new ldap2 >>>>> server. >>>>> >>>>> I went through the documentation here >>>>> http://directory.fedoraproject.org/wiki/Howto:MultiMasterReplication >>>>> and >>>>> everything seems to be OK >>>>> Replication agreements are created, when I display them I get the >>>>> following output >>>>> >>>>> replication agreements from ldap1.mydomain.com (389) >>>>> ->ldap2.mydomain.com (389) >>>>> >>>>> replication agreements from ldap2.mydomain.com (389) >>>>> ->ldap1.mydomaincom (389) >>>>> >>>>> ...but when I perform the ldapsearch for some certain records - ldap2 >>>>> won't find anything. >>>>> >>>>> So I checked the ldap1 error log and found this >>>>> >>>>> 25/Nov/2009:13:08:40 +0100] NSMMReplicationPlugin - agmt_delete: begin >>>>> [25/Nov/2009:13:08:48 +0100] NSMMReplicationPlugin - >>>>> agmt="cn="Replication to ldap2.mydomain.com"" (ldap2:389): Schema >>>>> replication update failed: Invalidsyntax >>>>> [25/Nov/2009:13:08:48 +0100] NSMMReplicationPlugin - >>>>> agmt="cn="Replication to ldap2.mydomain.com"" (ldap2:389): Warning: >>>>> unable to replicate schema: rc=1 >>>>> [25/Nov/2009:13:08:51 +0100] NSMMReplicationPlugin - >>>>> agmt="cn="Replication to ldap2.mydomain.com"" (ldap2:389): Schema >>>>> replication update failed: Invalid syntax >>>>> [25/Nov/2009:13:08:51 +0100] NSMMReplicationPlugin - Warning: >>>>> unable to >>>>> replicate schema to host ldap2.mydomain.com, port 389. Continuing with >>>>> total update session. >>>>> [25/Nov/2009:13:08:51 +0100] NSMMReplicationPlugin - Beginning total >>>>> update of replica "agmt="cn="Replication to ldap2.mydomain.com"" >>>>> (ldap2:389)". >>>>> [25/Nov/2009:13:08:54 +0100] NSMMReplicationPlugin - Finished total >>>>> update of replica "agmt="cn="Replication to ldap2.mydomain.com"" >>>>> (ldap2:389)". Sent 107 entries. >>>>> >>>>> Can you please explain to me what does it mean "Invalid syntax"? >>>>> I googled but no useful information were found. >>>>> >>>>> So if someone knows what to do for solution I would greatly appreciate >>>>> the help. >>>>> >>>>> Thank you very much. >>>>> >>>>> ~ Daniel. >>>>> >>>>> -- >>>>> 389 users mailing list >>>>> 389-users at redhat.com >>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>>>> >>>>> >>>> ------------------------------------------------------------------------ >>>> >>>> >>>> -- >>>> 389 users mailing list >>>> 389-users at redhat.com >>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>>> >>>> >>> ------------------------------------------------------------------------ >>> >>> -- >>> 389 users mailing list >>> 389-users at redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> >>> >> ------------------------------------------------------------------------ >> >> -- >> 389 users mailing list >> 389-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature URL: From andrew at dingman.org Wed Nov 25 14:55:09 2009 From: andrew at dingman.org (Andrew C. Dingman) Date: Wed, 25 Nov 2009 09:55:09 -0500 Subject: [389-users] PosixGroup In-Reply-To: References: <1259137208.6606.1.camel@jaspav.missionsit.net.missionsit.net> Message-ID: <1259160909.2813.14.camel@Phorkys.acdjdg.dingman.org> On Wed, 2009-11-25 at 13:41 +0100, dan kakon wrote: > Hello John, > > I don't show user's has passwd (userPassword), when i type this > command "ldapsearch -x "uid=dkakon"". > Help me please userPassword is hidden from most users when they search, as its contents can be used in an offline dictionary attack or compared against a rainbow table to discover the actual password. This includes anonymous searches. If you are using pam_ldap and either an LDAPS or LDAP+TLS connection, nobody needs to be able to read the userPassword attribute anyway. If you really want to change this, you can look at the default ACLs that were added to your directory when you created it. That's a bad idea, though. -- -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3551 bytes Desc: not available URL: From alan.mckay at gmail.com Mon Nov 30 19:08:38 2009 From: alan.mckay at gmail.com (Alan McKay) Date: Mon, 30 Nov 2009 14:08:38 -0500 Subject: [389-users] want to redo new install Message-ID: <844129e80911301108g2056c8fepe007138c26e1a46c@mail.gmail.com> Hey folks, I'm making my first foray into DS on Centos 5.4. I got thinks installed a couple of weeks ago but now want to start from scratch again. It is a sandbox system running in a VM, so I can fairly easily just reload Centos in there. However, it would be even quicker if I could just remove the RPMs and add them back. Will that give me a clean slate? [root at sandbox1 ~]# rpm -qa | grep -i centos-ds centos-ds-8.1.0-1.el5.centos.2 centos-ds-admin-8.1.0-9.el5.centos.1 centos-ds-base-8.1.0-0.14.el5.centos.2 centos-ds-console-8.1.0-5.el5.centos.2 centos-ds-base-devel-8.1.0-0.14.el5.centos.2 thanks, -Alan -- ?Don't eat anything you've ever seen advertised on TV? - Michael Pollan, author of "In Defense of Food"