--On Wednesday, April 13, 2011 3:09 PM +0000 [email protected] wrote:
As a follow up -- This issue is caused by instantiating overlays outside of the database. Specifically this will trigger the problem: # INCLUDES include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/dyngroup.schema # RUNFILE LOCATIONS pidfile /usr/local/var/run/openldap/slapd.pid argsfile /usr/local/var/run/openldap/slapd.args security ssf=127 # MODULES modulepath /usr/local/libexec/openldap moduleload back_hdb moduleload refint moduleload dynlist moduleload memberof # OVERLAYS AND OVERLAY CONFIG overlay refint refint_attributes member uniqueMember seeAlso refint_nothing cn=EMPTY overlay dynlist dynlist-attrset groupOfURLs memberURL member overlay memberof memberof-refint TRUE # DATABASE database hdb directory /usr/local/var/openldap-data # GLOBAL LDAP SETTINGS suffix "dc=example,dc=org" rootdn "cn=root,dc=example,dc=org" rootpw blahblahblah # SSL / TLS - note - these are all real, valid, issued certs. TLSCACertificatePath /etc/ssl/certs TLSCACertificateFile /etc/ssl/certs/gd_bundle.crt TLSCertificateFile /etc/ssl/certs/ldap.example.org.combined.crt TLSCertificateKeyFile /etc/ssl/private/ldap.example.org.key access to * by * write # PERFORMANCE index objectClass eq index cn eq,sub,pres,approx index uid eq,sub,pres index sn eq,sub,approx index member eq index givenName eq,sub,approx index mail eq,sub,approx #limits limits users size=10000 size.pr=unlimited -- Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
