204 questions
0
votes
0
answers
44
views
LDAP filter. User directory connector. How to retrieve data from a non AD by group
I've been working with Qlik for a long time but this is the first time I have to deal with user directory tasks.
We have stablish correctly the connection with our opendj idm data. By using the LDAP ...
- 3
0
votes
1
answer
91
views
Unknown objectclass inetadmin when trying to create user in opendj through openam
I am following the official documentation of openam and I am using OpenDJ 2.6.0 and OpenAM 12.0.0:
While executing this api through cmd and postman both:
curl \ --request POST \ --header "...
- 35
0
votes
2
answers
707
views
OpenDJ Administration Port (4444) not able to authenticate Default User(Directory Manager) /any user
Dears,
Could you advise me on below situation, am having an issue with OpenDJ DS after change JVM to OpenJDK
seems like the admin-certs has been removed from trusted store in Java
could you advise how ...
- 35
0
votes
1
answer
79
views
OpenDJ Control-panel doesn't synchronize newly created attribute and object types
I have been working with open dj for some time now, I newly created attribute and object types through the control panel. Unfortunately OpenDJ doesn't seems to load those attribute and object types ...
- 453
0
votes
1
answer
138
views
How to configure opendj subtree replication
I have an opendj dc=example,dc=com, now I want to copy ou=People,dc=example,dc=com to another empty opendj (only copy the data of ou=People), how can I do it.
Do I need to set the second opendj base ...
- 1
0
votes
1
answer
264
views
Getting error while creating the tenant in wso2 Identity server 6.0.0
Im trying to create the tenant though wso2 console. while creating I m getting bellow error on console. " error Failed to add tenant config. tenant-domain: , tenant-admin: "
in server logs, ...
- 15
0
votes
1
answer
140
views
OpenDJ: Editing 'gecos' schema syntax causes 'posixAccount' to be removed and creates a duplicate OID
OpenDJ 4.4.11
RHEL 7.9
Currently, our production LDAP servers are on OpenDJ 4.4.11. We did not have a pre-prod environment so I decided to make one for upgrade testing. While setting up the server to ...
- 41
0
votes
1
answer
131
views
OPENDJ: LDAP: SCHEMA: [Unable to register attribute type name with the server schema...]
I keep getting the following error on restart of the opendj service. bin/stop-ds --restart.
[20/Dec/2022:15:32:30 -0500] category=CORE severity=NOTICE msgID=134 msg=OpenDJ Server 4.4.11 (build ...
- 41
2
votes
1
answer
135
views
Are there any possibilities of upgrading OpenDJ LDAP with minimalistic downtime?
I am planning to update LDAP OpenDJ 2.6.4 version to OpenDJ 4.4.11 version. Is there any recommended way to migrate the data to the new OpenDJ 4.4.11 LDAP server with minimalistic downtime?
The ...
- 33
0
votes
1
answer
241
views
Facing an Forgerock object execption in OpenDJ Reset password with OPenAM
I have been facing this issue while resetting the password through open-DJ(apache directory).
Getting a exception message stated that
The LDAP password modify operation failed with result code 65
...
- 57
-2
votes
1
answer
275
views
Have to decrpt a SHA1 password to Forgerock OpenIDM
I have a requirement to decrypt the SHA1 user password from Active Directory to Forgerock OpenIDM, using below java script I am able to decrypt the password in base64.
if (source != null)
{
var ...
- 7
0
votes
2
answers
183
views
Why an OpenDJ non-admin user can copy and remove, but cannot move an item?
Results as I see them
The non-admin user must move an entry from the People group to the AMI group. The operation fails with the message:
Error while moving entry
- [LDAP result code 50 - ...
- 24.4k
0
votes
1
answer
510
views
opendj (2.6), how to MANUALLY unlock a user who has locked his account due to failed logins
I need to implement a lock and unlock mechanism in opendj 2.6 based on a fixed failed login attempt. I've already seen that there are two methods (https://backstage.forgerock.com/docs/opendj/2.6/admin-...
1
vote
0
answers
92
views
OpenAM reset password email sending to old email id
I am using Forgerock OpenAM 13.0.0 as an identity provider.
I have tried email Id change and resetting the password through REST API. But when I tried to reset the password it is sending Email to the ...
- 331
0
votes
1
answer
428
views
OpenAM (Forgerock) - "ds replication" Session replication problem
I have two WEB nodes/servers where two “OpenAM” instances run under “Apache Tomcat” Web Server.
I would like to apply the “Session Replication”, on these two nodes, using the OpenAM’s standard "...
- 1
1
vote
1
answer
196
views
Can openldap sync Directory Information Tree data using syncrepl from opendj as provider?
My scenario is that we have a centralized Opendj in cloud and we want to sync(pull) the Directory data from this Opendj to an Openldap instance running in same cloud.
I am trying to achieve this by ...
- 13
0
votes
0
answers
637
views
No Such Attribute: Entry cn=schema cannot be modified because the attempt to update attribute objectclasses
I am facing this issue while trying to upgrade Forgerock OpenAM from 13.5.2 to 14.6.4. Can anyone help as to what is the cause for this error. Does it require any changes to be done from OpenDJ side?
...
- 185
0
votes
1
answer
130
views
how to Inactive multiple users in openAM
How can I inactive my OpenAM user in a one Go.
I have more than 500 users, and I'd like to inactive my 250 users at one go. How to?
Rest API will also work for multiple users.
Thanks in Advance
- 57
1
vote
1
answer
659
views
LDAP bind response - password expiring overrides force password change
I'm implementing the LDAP feature of forcing password change on first login, when a user is added or when admin is changing user's password.
I set ds-cfg-force-change-on-add and ds-cfg-force-change-on-...
- 127
0
votes
1
answer
1k
views
Forgerock: Message when trying to start OpenDJ after reinstallation
After opendj installation.
run ./start-ds
The Directory Server could not acquire an exclusive lock on file /Space/Tests/XX/opendj/locks/server.lock:
The attempt to obtain an exclusive lock on file /...
- 1
0
votes
1
answer
493
views
Connect host ldap server to local VM
I have a server installed on VM and a LDAP(opendj) server created using Apache Directory Studio on my host computer. Now, I would like to connect that LDAP server to local VM so that the VM server can ...
0
votes
1
answer
60
views
How multi-master ldap nodes handle concurrent update?
How multi master handle concurrent update to an element attribute?
Is it the last update win ?
Thanks
- 327
0
votes
2
answers
895
views
How to copy data from one OpenDJ server to another?
How can one copy LDAP records from one OpenDJ server to another ?
0
votes
2
answers
2k
views
How to setup OpenDJ as an external Identity Store/Repository for OpenAM?
How do you set up the LDAPv3 compliant directory service OpenDJ as an external Identity store for the Access Management solution OpenAM?
- 472
1
vote
2
answers
437
views
Does limiting an LDAP search by baseDN provide any benefit when the attribute being searched on has an index?
We are designing an LDAP schema (specifically for OpenDJ) and we primarily need to be able to search on the mail attribute. We don't need to do a substring search as the user would provide the whole ...
- 524
1
vote
0
answers
3k
views
Getting LDAP: error code 49 - Invalid Credentials . nested exception is javax.naming.AuthenticationException during login
Getting [LDAP: error code 49 - Invalid Credentials]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials] error.
When I try to login from spring ...
0
votes
1
answer
219
views
Upgrade Opendj from 2.6.4 to 3.5.3 for replication server
I'm trying to perform an upgrade on an environments 2 OpenDJ directory servers with 1 standalone replication server between them referring to the 3.5 Upgrade doc. However, I could not find information ...
- 185
0
votes
0
answers
556
views
Run OpenDJ Cluster on Kubernetes
I would like to run an OpenDJ cluster in my kubernetes cluster. In order to do so I used this procedure
I've created a StetefulSet, service and storageclass.
In order to initialize the replication, I ...
- 159
0
votes
1
answer
1k
views
How to configure ssl for ldap/opendj while using ISTIO service mesh
I have a couple of microservices and our backend is opendj/ldap. It has been configured to use SSL. Now we are trying to use ISTIO as our k8s service mesh. Every other service works fine but the ldap ...
- 979
0
votes
2
answers
879
views
supervisor manages a process which is started up with a shell script
I'm using supervisord to run multi-service in a container. I want a ldap service for my web application. So I installed and started opendj with the follow info,
Dockerfile
RUN dpkg -i $APP_HOME/...
- 3,722
0
votes
1
answer
278
views
opendj control panel CertificateException
After install opendj3.0.0 in my PC windows10 with the GUI, I want to administer the local server with OpenDJ Control Panel. Unfortunately I got an error CertificateException. What special steps should ...
- 3,722
0
votes
0
answers
445
views
How to import custom attribute types and objectclasses to OpenDJ 3.0?
I have OpenDJ v3.0.0 and need to import custom attribute typesand objectclasses from OUD - Oracle Unified Directory. Unfortunately I can't use GUI - Control Panel due to a problem with x11.
/tmp/...
- 1,229
0
votes
0
answers
720
views
Troubleshooting failure of importing oud schema on OpenDJ 3.0.0
I tried to import exiting schema from Oracle Unified Directory (OUD) into OpenDJ 3.0.0 by following this: https://backstage.forgerock.com/docs/opendj/3/admin-guide/#importing-exporting-ldif
However ...
- 1,229
0
votes
1
answer
619
views
How to verify OpenDJ respond to ldap request?
I stood up OpenDJ v3.0.0 on rhel 7 server with java version 1.8.0_251. I set ssl/tls to yes with self sign cert generated and it is empty no ldap schema is imported yet only baseDN was stated.
Once ...
- 1,229
0
votes
1
answer
697
views
The path for certificate, private key and pfx files for OpenDJ version 3.0 install to be completed
I am new to OpenDJ from ForgeRock. I installed version 3.0 on rhel 7 server along with Java version: 1.8.0_251 by following this instruction: https://backstage.forgerock.com/docs/opendj/3/install-...
- 1,229
0
votes
0
answers
470
views
ForgeRock AM 6.5, OpenDJ unable to force users to change password after reset
ForgeRock AM 6.5, OpenDJ
I am trying to ask users to change their password once it has been reset by the admin on ForgeRock AM 6.5 with OpenDJ. I have enabled the force-change-on-reset flag under the ...
- 679
-3
votes
1
answer
1k
views
ldapsearch where we need to find users created/updated in openDJ like from specific time [closed]
Can you please help with ldapsearch where we need to find users created/updated in openDJ like from lastweek/yesterday .Basically looking for a filter that pull up users that got updated like password ...
- 1
0
votes
1
answer
329
views
Migration from 389 Directory Server to External OpenDJ
Working with Community edition of OpenAM.
Currently, our datastore configured with 389 Directory Server contains the Configuration data of openAM.
Now, setup the datastore external OpenDJ but not ...
- 186
1
vote
2
answers
3k
views
How to connect to OpenDJ LDAP server (Docker)
I am trying to connect(bind) to an OpenDJ server in Docker.
(I know how to connect to regular (not Docker) OpenDJ server)
OpenDJ seems to run, but when I try to connect to it with a ldap browser, ...
- 3,486
0
votes
1
answer
162
views
Can administrative privileges be limited to a certain DN in OpenDJ?
In my case, I want to create a new administration user who has full privileges, such as add/modify/delete entities and properties, on in a certain DN (and maybe its sub). According to the document, in ...
- 930
0
votes
1
answer
79
views
How to disable the property of password-generator in OpenDJ
By default, the value of password-generator in Default Password Policy is Random Password Generator, and then if I try to set a password for a user, I'll get an error shows I cannot provide a password....
- 930
1
vote
1
answer
151
views
java.lang.IllegalArgumentException: Illegal character OpenIAM-SCIM connector
I'm trying to run a query to perform a user search in OpenIAM using a SCIM connector. Testing on a Linux virtual machine, attacking a URL and using OpenDJ I can filter users through their id and using ...
- 75
0
votes
1
answer
26
views
Frequent changes on attributes, is it wise to use Directory Service
I am trying to design a access solution using opendj, down the line i realized system will have frequent changes on accounts, users in the tree.
With your experience dealing with Open DJ / Directory ...
- 1
0
votes
1
answer
67
views
Hierarchical (URN) ex(urn:serviceid:partitionId:parent:child) scripted custom attribute in OPEN DJ
I am trying to build a custom attribute in OPEN DJ / LDAP which should be like a custom urn to uniquely identify a resource by resource id which is URN . like a person would be identified by his urn (...
- 1
0
votes
1
answer
236
views
Can we load Schema (base schema) for OpenDJ using Novel Ldap api?
We are using Novel Ldap Api for all LDAP operations, i want to load my base schema ldif file to opendj without restarting the openDJ server.
So far, post setup we are manually copying the schema file ...
- 1,026
0
votes
1
answer
2k
views
OpenDJ create new schema elements object classes and attributes types on cmd line
There’re any tutorial to explain how can i create ‘object classes’ and ‘attributes types’ on DS 6.5 from command line?
I’d like to import by command line a ldif file which have the following ...
- 3,064
0
votes
1
answer
181
views
opendj-core 6.5.0 maven dependency
On OpenDJ 2.6.4, i’m using the dependency “opendj-ldap-sdk” in order to use the
following classes:
org.forgerock.opendj.asn1.ASN1;
org.forgerock.opendj.asn1.ASN1Writer;
org.forgerock.opendj.ldap....
- 3,064
0
votes
1
answer
173
views
Migration OpenDJ to Directory Services 6.5
I'm currently use OpenDJ 2.6.4 in Suse Linux 11 and my goal is to upgraded to Directory Services 6.5.
From what I read, especialy on Chapter 9. Before You Upgrade
and Chapter 10. Upgrading a Directory ...
- 3,064
0
votes
1
answer
411
views
OpenDJ vs Directory Services
I'm exploring the ForgeRock Product Documentation and i'm not sure what's the difference between "Directory Services 6.5" and "OpenDJ 3". There was a re-brand and it's the OpenDJ was renamed "...
- 3,064
0
votes
2
answers
140
views
(opendj-ldap-sdk-2.6.0) bind method parameter - password char [ ]
I'm using opendj-ldap-sdk-2.6.0 jar library to search LDAP entry.
I am following the guide.
(https://backstage.forgerock.com/docs/opendj/2.6/dev-guide/#chap-using-the-sdk)
source code :
import org....
- 3,486