[Freeipa-users] can live turn off nsslapd-security: to off ?
Barry
kliu at alumni.warwick.ac.uk
Thu Apr 28 06:00:01 UTC 2016
NOT work tried ..cannot bind the command 389 or 636 ,,,but telnet work
EOFnsslapd-security: offreplace: nsslapd-securitychangetype: modifydn:
cn=configldapmodify -h ms -p 636 -D cn="Directory Manager" -w << EOF
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
2016-04-27 19:29 GMT+08:00 <barrykfl at gmail.com>:
> thx let me try as i dont want stop dirsrv but live disable nsslapd
> security.
> 2016年4月27日 下午7:26 於 "David Kupka" <dkupka at redhat.com> 寫道:
>
>> On 27/04/16 13:15, barrykfl at gmail.com wrote:
>>
>>> Do u meant use ldapmodify?
>>> I tried update the dse.ldif but it will fall back after a while.
>>>
>>> 2016年4月27日 下午7:10 於 "David Kupka" <dkupka at redhat.com
>>> <mailto:dkupka at redhat.com>> 寫道:
>>>
>>> On 27/04/16 12:48, barrykfl at gmail.com <mailto:barrykfl at gmail.com>
>>> wrote:
>>>
>>> Hi:
>>>
>>> Without restarting dirsrv possible do that ?
>>>
>>>
>>> thx Regards
>>>
>>> barry
>>>
>>>
>>>
>>>
>>> Hello Barry,
>>>
>>> this ldapsearch should list all attributes that needs restart after
>>> modification:
>>>
>>> $ ldapsearch -D "cn=Directory Manager" -w Secret123 -b cn=config
>>> nsslapd-requiresrestart
>>>
>>> I don't see nsslapd-security listed so it should be possible to
>>> change it in
>>> runtime.
>>>
>>> --
>>> David Kupka
>>>
>>>
>> Yes, I mean ldapmodify.
>>
>> Editing dse.ldif while dirsrv is running has no effect because it is read
>> only at start and written at least before exit.
>>
>> If you REALLY need to edit dse.ldif be sure to stop dirsrv then edit it
>> and start dirsrv again.
>>
>> --
>> David Kupka
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160428/23e3e40f/attachment.htm>
More information about the Freeipa-users
mailing list