similar to: performance problems with OpenLDAP and multiple simultaneous clients

Out of faint curiosity, how do we push change requests upstream to RHEL? I'm using puppet to automate systems, including the application of SELinux policy. While setsebool -P is non-damaging to repeat, it is time consuming -- taking about 45 seconds per execution to process the existing policy and re-commit to disk. I'd like a simple ability to put an unless in the execution of

I check system load like so: [root at server cron.daily]# w 10:07:33 up 4 days, 15:01, 2 users, load average: 4.22, 3.17, 3.09 I would like to to graph the 3.17 5 minute average with MRTG. Anyone know of some examples of doing this?

Hello All, I had problems with the security server, the server is frequently attacked using bruteforce attacks. Is there an application that can perform automatic blocking when there are failed login to the ports smtp, pop3 port, and others? I am currently using CentOS 5.5 in some servers Thanks in advanced....... -- -- Best regards, David http://blog.pnyet.web.id -------------- next part

On 12 Apr 2016 6:10 p.m., "John Jasen" <jjasen at realityfailure.org> wrote: > > Out of faint curiosity, how do we push change requests upstream to RHEL? > > I'm using puppet to automate systems, including the application of > SELinux policy. While setsebool -P is non-damaging to repeat, it is time > consuming -- taking about 45 seconds per execution to

I have multiple servers running stock CentOS 7 rsyslog 7.4.7-16.el7, which are configured to log locally and over TCP to a remote logserver, also running stock CentOS 7 rsyslog. The remote server uses imptcp to receive, and pretty basic rules to parse and commit to disk. I have several systems that log prolifically, but periodically, they stop soon after the remote log server HUPs (daily

On 09/26/2016 01:28 PM, m.roth at 5-cent.us wrote: > John Jasen wrote: >> The only linux-based client that, if I recall, can speak native MS mail >> protocols, was Evolution. >> >> I don't know if it still does. >> > Yeah... and this is O365. > > Stupid question: if I check out evolution... will it munge my thunderbid > email inbox or folders, or

Hello, I have also installed LE certs. But nothing helps, I have double-checking all certs. ldapsearch with -ZZ works see: https://gwarband.de/openldap/ldapsearch.log I have also uploaded the TLSCACertificateFile, maybe I have a failure in the merge of the two fiels: https://gwarband.de/openldap/LetsEncrypt.crt And also I have uploaded my complete openldap configuration:

Fabian Arrotin wrote: > On 26/09/16 20:46, John Jasen wrote: >> >> On 09/26/2016 01:28 PM, m.roth at 5-cent.us wrote: >>> John Jasen wrote: >>>> The only linux-based client that, if I recall, can speak native MS >>>> mail protocols, was Evolution. >>>> >>>> I don't know if it still does. >>>> >>>

I've replicate the settings from ldapsearch to dovecot but no success. To the certificate: Yes it's a *.crt file but I have linked the *.pem file to it and dovecot has read access to that file. I have enabled the debugging in dovecot and have uploaded the output: https://gwarband.de/openldap/dovecot-connect.log And the other site with ldapsearch:

CentOS Errata and Security Advisory 2015:1840 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1840.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: ce59a16e8d9f797feff522711be61aa9bd976ddcd0e629c260a9e1120b1abda4 openldap-2.4.40-6.el6_7.i686.rpm

CentOS Errata and Bugfix Advisory 2015:1993 Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-1993.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: c482efc3e7304de3d38cf2f0d0d61206532deb196fdb9751f10b6b3ee174ddf4 openldap-2.4.40-7.el6_7.i686.rpm

The only linux-based client that, if I recall, can speak native MS mail protocols, was Evolution. I don't know if it still does. On 09/23/2016 07:25 PM, John R Pierce wrote: > On 9/23/2016 12:50 PM, m.roth at 5-cent.us wrote: >> Upper Management has decided on a policy that IMAP is going to go >> away in >> the near future, and they want everyone on Lookout, sorry,

CentOS Errata and Bugfix Advisory 2016:0530 Upstream details at : https://rhn.redhat.com/errata/RHBA-2016-0530.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 4f1d454c9120810acb7ef0dbb8549e65fdeb8ae70e096478322bae19d4076114 openldap-2.4.40-9.el7_2.i686.rpm

Is anyone on the list using kerberized-nfs on any kind of scale? I've been fighting with this for years. In general, when we have issues with this system, they are random and/or not repeatable. I've had very little luck with community support. I hope I don't offend by saying that! Rather, my belief is that these problems are very niche/esoteric, and so beyond the scope of typical

The serverlog of openldap with loglevel "any": https://gwarband.de/openldap/openldap-connect.log Note: openldap waits 1 Minute before he says "TLS negotiation failure" after the connect. and dovecot says direct "Connect error" I've also delete the TLSCipherSuite from openldap. Tobias Am 2017-03-18 14:01, schrieb Tomas Habarta: > Increase log level on server

I have 3 Samba PDC servers with OpenLDAP backends, all at different locations. The replication to the 2 consumers works fine when the consumer's slapd is recently restarted, but if changes in the LDAP database occur later on, the consumers do not pick up this update. Again, restarting slapd on the consumers pulls in the update. Also, updates done shortly afterwards (say a couple of minutes)

I've tested your soulution, but it also says the same error. I've tested all combinations of: - tls_ca_cert_file = <cert> - tls = yes - tls_require_cert = demand Every time it says "Connection error". Only when tls is uncommented it says "TLS required". Additional information from my contact with the openldap-technical mailing list: The

Hello guys, actually I'm trying to configure dovecot to access openldap for passwordcheck. My openldap is only allow access over "secure ldap". The dovecot can communicate with the openldap server but there is maybe a failure in the sslhandshake. Additional information you can find in the logs or in the dump below. Also I have my ldap config from dovecot in the links below. I

On 04/12/2016 02:31 PM, James Hogarth wrote: > For example: > > unless => "/usr/sbin/getsebool httpd_can_network_connect | /usr/bin/grep on > &> /dev/null" D'oh! That's what I get for overcomplicating the whole darn thing. :) > > Incidentally one nice trick if you're dealing with potentially changing > multiple booleans and the policy compile

Well, if ldapsearch works, try to replicate its settings for dovecot client. It's not obvious what settings ldapsearch uses, have a look at default client settings in /etc/openldap/ldap.conf, there may be something set a slightly different way. Also double check permissions for files used by dovecot, I mean mainly the file listed for tls_ca_cert_file as dovecot may not have an access for