• eDirectory Services start with after restore server

    Hi Team. After restore a snapshot from server and restar the O.S the nds services start with errors. We try to start using systemctl start ndsdtmpl-etc-opt-novell-eDirectory-conf-nds.conf@-etc-opt-novell-eDirectory-conf-env.service and when check…
  • Resetting Inherited Rights Filter in eDirectory

    Hi there, I was testing the Inherited Rights Filter in a LAB environment using Identity Console, because I wanted to restrict the access that users have by default to the AppConfig object inside the User Application Driver; this way, not all users would…
  • Negative number of remaining grace logins

    Hi, recently I came across an issue, where a user had -23 "Login grace remaining". She was able to log in anywhere using her credentials. OES client dropped an error message during login, that the she needs a password change, but she just ignored it…
  • iManager is not getting up - unable to find valid certification path to requested target

    I am unable to access iManager. I tried stopping and starting then trying to access iManager but I am getting a blank white page on the browser. In the log, I am getting errors, attached logs for your reference. 23-Sep-2024 09:58:36.333 INFO [main…
  • It appears our DNS server is accepting recursive DNS queries that are being abused to create denial of service attacks

    Hello, We have been notified that our DNS server is accepting recursive DNS queries that are being abused to create denial of service attack. I am not seeing anything obvious in my DNSDHCP tool on how to resolve this. We are running SLES 15sp4 and…
  • Bulk deletion of users

    Hi, I'm taking over the main administration of the domain for the college I work in, I've come across over 14,500 inactive accounts from the last 6/7/8/? years and want to delete them. These accounts are under the main tree but under different OU…
  • determine edir object creation time

    Hi, What is the reliable way to determine edir object creation time? createTimeStamp -> gets updated when object is moved (verified via LDAP) query:readObject($srcQueryProcessor, '', $dn, 'User', 'creatorsName')/attr[@attr-name='creatorsName'…
  • novlxregd will not start, in addition to LUM or NSS (OES2023, eDirectory)

    It was brought to my attention that a branch was having issues (and have for a little while) with scanning via ftp ... I started looking into the issue and it looks like LUM is not starting. I did all kinds of troubleshooting, eventually leading to doing…
  • User creation slow - do-set-local-variable

    Hello. Recently I noticed my eDirectory environment is slow creating user accounts. It receives data from an active directory remote loader but then hangs for 1-2 minutes during the account creation process. The driver code was created by an employee…
  • eDir query with Powershell gives weird values for some attributes

    Hi New to LDAP queries and eDirectory. We have multiple IDM environments were sometimes driver packages get out of sync during testing/development. My boss asked me if it was possible to quickly query and compare all the packages in our environments…
  • eDirectory 8.8.8.11 SMB

    Hi I have eDirectory 8.8.8.11 in Linux. I need to connect from other server (SUSE Linux Enterprise Server 12 SP5 64 bits) through SMB protocol in order to recursively list folders and files of eDirectory. I could not find any driver for it. …
  • Troubleshooting password sync between NetIQ (eDirectory) and AD

    Not sure why my password sync has failed. Error message from the driver log Status: Error Message: <message>Password set failed.</message> <ldap-err ldap-rc="53" ldap-rc-name="LDAP_UNWILLING_TO_PERFORM"> <client-err ldap-rc="53" ldap-rc-name="LDAP_UNWILLING_TO_PERFORM…
  • users not assigned to the correct folder OU in File and Print Tree

    I have some users are not being assigned tot he correct folder OU in file and print tree in eDirectory. eg. User was in the Y11 OU but now should be in the Y12 OU. This should be automatic change. I'm not sure where to check what this automatic change…
  • Block unusual login attempts

    We have a requirement to detect unusual login attempts, as given below. 1. 5 Invalid login attempts in 5 mins. 2. 10 successful logins in 1 min by the same user. Please help me to achieve the above use cases. We are using eDirectory 9.2.6.
  • eDir LDAP Misbehaviour

    We have 3 LDAP (2 Replika +1 Master) eDirServer (OES2018SP3 last patches). Master und 1 Replikaserver (the second is IDM) services LDAP-Requests via F5 Loadbalancer. Works great, but since some month we have the issue, that the replicaserver stops…
  • Could not connect to server, Error : -602

    I have just installed OES Server 2018 SP2 and configured the server to join an existing tree. now when i run the ndsrepair -T , I see the below error for all servers including the server itself Could not connect to server, Error : -602 What could…
  • OES2018-SP3-DVD-x86_64-DVD1.iso with autoinst.xml for autoyast clone install.

    documentation.suse.com/.../Invoking.html OES2018-SP3-DVD-x86_64-DVD1.iso with autoinst.xml for autoyast clone install. i'm trying to connect and boot a vm to this iso and trigger automation of a clone with autoyast via autoinst.xml for unattended…
  • eDir Common High Privileged Groups/Roles

    Hi, In eDirectory, what are the common groups or roles that are usually deemed highly privileged? From inspection, I am seeing edirectory administration, user management, and nmas management. What are other's thoughts/views? Best Regards!
  • eDir Filter

    Hi, I am using an LDAP browser to carry out directory searches. Only tool available to me by the way. I want to search/filter to results to just accounts (employees, machine, app, etc accounts), and not include objects or results that are not accounts…
  • linux LDAP command required

    can anyone provide command to check tuning parameter, index, number of users, schema, ACI in e-directory?
  • Best way to delete users

    We are running eDir 9.2.3 in a replica ring with 4 servers (2 servers running IDM 4.8.2 and 2 servers ldap-only, all 8 CPUs and 32GB ram). All servers have all partitions locally. We need to remove around 2.5 million users from this tree, which is pretty…
  • Errors when accessing a service in Identity Console

    I have installed the Container version of Identity Console 1.3.0 in one of my clients servers. The Docker container is running without any problem and I can login successfully into the Identity Console home page. The problem comes when I try to access…
  • LDAP use-ssl

    NetIQ eDirectory 9.2.2 v40203.00 product edition="Standard" version="4.7.1.0 Following the sparse documentation at Driver Configuration - NetIQ Identity Manager Driver for LDAP Implementation Guide Configured keystore and added the ROOTCA that signed…
  • REST eDirAPI - How do I perform a search (for example)

    Hi, I am trying to get to know how to use the eDirAPI (using simple login mode for now), it seems that the sequence for performing a search should be: 1) POST to “session” 2) GET getanticsrftoken 3) Perform whatever is needed 4) DELETE session I have…
  • edirAPI 1.3.0 / REST Services Container refuses to start

    Dear community, I am trying to get eDirAPI 1.3.0 up & running in a lab environment. I followed the current documentation here: https://www.netiq.com/documentation/edirectory-92/edir_admin/data/t4af2wk1pvji.html Setup: eDirectory 9.2.4.2 (standalone…