Kaveh,
Am 27.06.2016 um 18:36 Uhr schrieb Kaveh Ehsani:
I am using this for the first time so if there are protocols to follow
please let me know.
please, describte your problem in the subject as clear as possible!
and try to run the same ldapmodify as:
ldapmodify -H ldapi:/// -x -D
Am 18.02.2016 um 12:26 Uhr schrieb Michael Ströder:
Marc Patermann wrote:
Am 17.02.2016 um 19:03 Uhr schrieb Quanah Gibson-Mount:
--On Wednesday, February 17, 2016 5:54 PM + Howard Chu
<h...@symas.com> wrote:
Marc Patermann wrote:
should chain-uri work with an URI with a blank t
Am 17.02.2016 um 19:03 Uhr schrieb Quanah Gibson-Mount:
--On Wednesday, February 17, 2016 5:54 PM + Howard Chu
<h...@symas.com> wrote:
Marc Patermann wrote:
should chain-uri work with an URI with a blank the DIT path?
like in:
Spaces are never legal in URLs, LDAP or otherwise.
In
Hi,
should chain-uri work with an URI with a blank the DIT path?
like in:
chain-uri "ldap://servername/ou=far bar,c=de"
I'm getting a parsing error here with 2.4.43.
Feb 17 18:35:01 slapd[1765]: /etc/openldap/slapd.conf: line 156
(chain-uri "ldap://servername/ou=foo bar,c=de")
Feb 17
Hi,
Am 16.02.2016 um 17:42 Uhr schrieb Quanah Gibson-Mount:
--On Tuesday, February 16, 2016 4:00 PM +0100 Marc Patermann
<hans.mo...@ofd-z.niedersachsen.de> wrote:
Am 16.02.2016 um 14:56 Uhr schrieb Mary Kao:
I have very simple requirements for "users" e.g. representative
Mary,
Am 16.02.2016 um 14:56 Uhr schrieb Mary Kao:
I have very simple requirements for "users" e.g. representative of user
accounts with userid and password.
a "user" for "authentication" in LDAP ist mostly an object you can bind to.
The easiest way to bind to an LDAP server is "simple" bind,
Timothy,
Am 12.02.2016 um 02:14 Uhr schrieb Timothy Keith:
I used this slapcat, I did not specific a config database.
slapcat -v -l backup.ldif
Do you know, if you use a config file (like /etc/openldap/slapd.conf) or
the config backend (cn=config)?
If not, read the admin guide about it!
Am 08.02.2016 um 22:33 Uhr schrieb Quanah Gibson-Mount:
--On Monday, February 08, 2016 4:50 PM +0100 Marc Patermann
<hans.mo...@ofd-z.niedersachsen.de> wrote:
Am 30.12.2015 um 11:49 Uhr schrieb Marc Patermann:
I want to activate chaining for a single backend.
The server is a repli
Hi,
Am 30.12.2015 um 11:49 Uhr schrieb Marc Patermann:
I want to activate chaining for a single backend.
The server is a replication consumer and has a few glued database backends.
Only one is containing linux accounts with ppolicy overlay.
This should use chaining to replicate the ppolicy
Hi,
I want to activate chaining for a single backend.
The server is a replication consumer and has a few glued database backends.
Only one is containing linux accounts with ppolicy overlay.
This should use chaining to replicate the ppolicy changes which
otherwise stay local.
Can this be
Hi,
according to this list a change of a structural object class should work
with:
# ldapmodify -E relax
OID of relax control is 1.3.6.1.4.1.4203.666.5.12, right?
My servers do not advertise this control, do they?
# extended LDIF
#
# LDAPv3
# base <> with scope baseObject
# filter:
Dora,
Am 01.12.2015 um 20:37 Uhr schrieb Dora Paula:
#This modify operation seems to be ignored by memberOf-overlay:
#
cat << EOF | ldapmodify -x -H "ldap://localhost:2389/; -D
"cn=admin,dc=example,dc=com" -w admin
dn: cn=device,dc=example,dc=com
changetype: modify
add: objectClass
objectClass:
Hi,
Am 27.10.2015 um 11:00 Uhr schrieb Howard Chu:
Marc Patermann wrote:
Am 24.10.2015 um 07:24 Uhr schrieb Howard Chu:
Quanah Gibson-Mount wrote:
--On Friday, October 23, 2015 1:15 PM -0700 Jason Whitener
<jwhit...@pcc.edu>
wrote:
If I had a multi-valued attribute like
cn: var0:va
Howard,
Am 24.10.2015 um 07:24 Uhr schrieb Howard Chu:
Quanah Gibson-Mount wrote:
--On Friday, October 23, 2015 1:15 PM -0700 Jason Whitener
wrote:
If I had a multi-valued attribute like
cn: var0:value
cn: var2:value
cn: var3:value
I think you're looking for the valsort
Howard,
Am 27.10.2015 um 11:00 Uhr schrieb Howard Chu:
Marc Patermann wrote:
Am 24.10.2015 um 07:24 Uhr schrieb Howard Chu:
Quanah Gibson-Mount wrote:
--On Friday, October 23, 2015 1:15 PM -0700 Jason Whitener
<jwhit...@pcc.edu>
wrote:
If I had a multi-valued attribute like
cn: var0
Hi,
Am 14.10.2015 um 16:06 Uhr schrieb Campbell, Courtney:
I am curious if a ppolicy can be applied to a subtree so that it is
added to a user account when newly created?
Unfortunately not. I would like to have that too.
As far as I know ppolicy overlay is a database setting. See man
Hi,
Andrew Findlay schrieb (27.04.2015 21:06 Uhr):
On Mon, Apr 27, 2015 at 06:27:39PM +, Ross, Daniel B. wrote:
All of my customers so far have chosen the parallel approach, as that
allows the Unix LDAP to continue working if it loses access to AD.
Ideally this includes installing a
Igor,
Igor Shmukler schrieb (20.03.2015 11:21 Uhr):
Unfortunately, your email does not clear anything, FOR ME. It does not
mean you are not 100% correct. I am just slow, I guess. Sorry.
do simple things first! Do more complex things later!
- Configure a rootdn with rootpw for each database.
Igor,
Igor Shmukler schrieb (20.03.2015 11:59 Uhr):
- or make your first steps with ACLs and another user entry.
What do I do here?
read about ACL in the man pages and the admin guide!?
Do you need multiple mappings?
I understand that config database would allow me to have unto fifty
Igor,
Igor Shmukler schrieb (20.03.2015 07:24 Uhr):
Indeed, slapacl(8) shows that I have read only access to DIT entries.
I tried hijacking DIT databases, as in below:
olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by anonymou
s auth by dn=cn=admin,dc=ldap,dc=com write by
Igor Shmukler schrieb (20.03.2015 13:43 Uhr):
I need a way to alter records in any/every DIT
database using another root - one that would work on ALL DITs.
Use ACL!
Makes sense. I just don't know how to get ACLs to work, nor does anyone else.
be the first, read the docs!
Igor,
Igor Shmukler schrieb (20.03.2015 12:22 Uhr):
I do have entries for each database. If my suffix is, for example
dc=test,dc=org, administrator would be cn=admin,dc=test,dc=org
Administrators have manage access to their databases. This part is
working fine. I add and remove records as
Tony,
Tony S. Wu schrieb (23.01.2015 20:19 Uhr):
please keep replies on the list.
We kinda did this out of necessity.
This is hell of an answer! :)
Out ultimate goal is to remove
001, move web UI to 002, and move the replication hub role to 002.
The reason we haven't done so is because of
Tony,
Tony S. Wu schrieb (21.01.2015 22:30 Uhr):
We have 5 servers running OpenLDAP, 001 - 005. Server is CentOS 6.4,
LDAP version is openldap-servers-2.4.23-32.el6_4.1.x86_64, current
replication topology is:
001 = 002
001 = 003
001 = 004
001 = 005
001 is where the phpLDAPAdmin GUI is
Леонид Юрьев schrieb (20.01.2015 16:22 Uhr):
This is the bug, which reproduced stably in our production environment.
I plan fix it in our version (fork of OpenLDAP), immediatly after other crashes.
See https://github.com/ReOpen/ReOpenLDAP/issues/3
how does patching your fork help anyone here?
Hi,
I was wondering what spam filter was working on this message and found
this in the header:
X-Spam-Report: Spam detection software, running on the system
gauss.openldap.net, has
identified this incoming email as possible spam. The original message
has been attached to this so you can
Onno,
Onno van der Straaten schrieb (26.11.2014 12:13 Uhr):
Andanother one. Amazing. So hard to understand the OpenLDAP
interface. Might just as well have been in Chinese.
$ ldapmodify -h zimbra.server.com http://zimbra.server.com -p 389 -D
cn=config -f olc_password_hash.ldif -W
On
Igor,
Igor Shmukler schrieb (12.11.2014 11:36 Uhr):
I am guess making wild guesses...
Could it be that I need to adjust the below line:
dn: olcOverlay=sssvlv,olcDatabase={1}bdb,cn=config
Should I perhaps replace cn=config with dc=nodomain or something else?
No.
With slapd.d config instead of
Jerry,
Jerry schrieb (08.11.2014 13:07 Uhr):
Before changing over to mdb from bdb, I ran a script that used slapcat to
generate an LDIF file every night. Since updating to mdb, that script fails
if slapd is running. That is expected behavior from what I have been
reading.
Adam,
Adam Goryachev schrieb (08.07.2014 06:28 Uhr):
PS, the context is to try and replace MS Outlook with Mozilla
Thunderbird. With email in IMAP4, that works well. I can share the
calendar from thunderbird to iphones/android phones with
http://calendarserver.org/. Now I'm just trying to
Bruno Furtado schrieb (27.06.2014 21:45 Uhr):
can I promote a LDAP slave server to master?
yes
Hi,
is there no specific error message if the mdb maxsize is too big (for
the containing filesystem)?
I used my ansible (great tool!) playbook to create an ldap server in a
test VM. This was only 8 GB small. My initial slapadd failed and I did
not why. (On my real hardware test machine this
Hello,
http://www.openldap.org/doc/admin24/overlays.html#Chaining says:
On each replica, add this near the top of the slapd.conf(5) file
(global), before any database definitions - so chaining works as a
global directive for all databases in the example.
I get it to work this way.
But I want
Scott,
Mulligan, Scott schrieb (20.05.2014 03:40 Uhr):
I am running openldap-2.4.23 on SUSE 10 with no problems. After
upgrading to SUSE 11, I cannot start slapd. I get an error that it can’t
find libltdl.so.3. I noticed that libltdl.so.7 is in /usr/lib64.
My question is: Will
Hi,
I searching for proven extention to use my OpenLDAP directory data
with an SAML identity provider.
I found LemonLDAP:NG and OpenAM as possible candidates.
Howtos and success stories are welcome!
Marc
Michael,
Michael schrieb (27.03.2014 21:58 Uhr):
I have two servers i'd like to setup to do MMR. I have several BDB
backends that I would like to replicate. My question is do I need to
create a replicate user for each BDB backend as well as a syncrepl
statement under each BDB definition and
Hi,
I used to build newer versions of openldap on openSuSE Build Service
derived from the ones at network:ldap (from Ralf Haferkamp; which is
stuck at .33). I did this for 2.4.33, .34 and .35.
When I tried to build 2.4.36 something changed (at the build service?)
and now my builds - even
Ulrich Windl schrieb (29.08.2013 09:48 Uhr):
When I examine my slapcat of the config database (multi-master replication), I
see a duplicate contextCSN; one of them seems obsolete:
contextCSN: 20130722065709.189194Z#00#000#00
contextCSN: 20130729112421.079210Z#00#001#00
Jacky,
ctosgh schrieb (09.08.2013 10:54 Uhr):
To meet the following requirement:
groupA contains user entries:
cn=a,ou=users,dc=test,dc=com
cn=b,ou=users,dc=test,dc=com
groupB contains groupA
I have following questions:
1 Which object classes should I use to implement above
Meike Stone schrieb (26.04.2013 14:34 Uhr):
Is it possible to simulate the present phase with ldapsearch, to look
if the provider needs so long and if, what part (entries updated or
unchanged entry ) needs so long?
look at
# man ldapsearch
for -E and sync=rp[/cookie][/slimit]
Quanah,
Quanah Gibson-Mount schrieb (26.03.2013 17:55 Uhr):
--On Tuesday, March 26, 2013 5:20 PM +0100 Marc Patermann
hans.mo...@ofd-z.niedersachsen.de wrote:
But I think, this in not the case. How should the two servers know about
each other?
His question was if it is ok to copy
Takashi,
Takashi Komatsubara schrieb (26.03.2013 09:26 Uhr):
This is my first time to post a question.
Please forgive me if I am making miss-posting.
I have a big ldap master which is based on openldap-2.4.33.
The mdb file size is 50 GB.
In order to setup an replica server quickly, can
Walter,
Walter Werner schrieb (15.03.2013 10:58 Uhr):
I get a strange replication problem. After i didn't find a solution
somewhere on internet i decided to post to this mailing-list. Probably
i should describe my system settings. Both consumer and provider are
running on suse 12.1. And i got
Adam schrieb (13.03.2013 07:18 Uhr):
mirrormode on
overlay syncprov
syncprov-nopresent TRUE
syncprov-reloadhint TRUE
man slapo-syncprov:
syncprov-nopresent TRUE | FALSE
Specify that the Present phase of refreshing should be
skipped.
This value should only be
Jignesh,
Jignesh Patel schrieb (11.03.2013 00:51 Uhr):
How to configure s/mime with openldap 2.4.23?
What do you think S/MIME - Secure/Multipurpose Internet Mail
Extensions - is for and how is this related to openldap?
Marc
Carlo,
Carlo Santos schrieb (04.02.2013 09:02 Uhr):
olcSyncRepl: {2}rid=002 provider=ldaps://ldap2.myorganization.org
binddn=cn=admin,dc=myorganization,dc=org bindmethod=simple
credentials=password searchbase=dc=myorganization,dc=org
type=refreshOnly interval=00:00:05:00 retry=5 5 300 5
santosh malavade schrieb (29.11.2012 07:46 Uhr):
We are using openldap version 2.0.27 on RHEL AS 3 with Postfix 2.2.10
Don't touch things you see in a museum! ;)
Marc
Hi,
from a central master/provider server we replicate to (a lot of)
sync-repl slave/consumers.
Which are then - of course - read-only.
We have passwordpolicy turned on on all the servers.
Now we have three accounts - each an another home replica - which have
a newer modifyTimestamp value on
Craig,
Whiteman, Craig schrieb (29.10.2012 11:59 Uhr):
A bug in a PHP script
http://www.linuxquestions.org/questions/showthread.php?p=4813771
has caused some entries in the LDAP database
http://www.linuxquestions.org/questions/showthread.php?p=4813771 to
have invalid values:
by invalid you
rodrigo,
rodrigo tavares schrieb (02.08.2012 21:43 Uhr):
binddn=cn=syncrepl,dc=defensoria,dc=mg,dc=gov,dc=br
-D
'uid=syncrepl,ou=defensoria,dc=defensoria,dc=mg,dc=gov,dc=br' -W
uid=syncrepl,ou=defensoria not equal to cn=syncrepl (under
dc=defensoria,dc=mg,dc=gov,dc=br).
Hi,
Michael Ströder schrieb (05.07.2012 21:57 Uhr):
Gavin Henry wrote:
On 5 July 2012 16:44, Gavin Henry gavin.he...@gmail.com wrote:
On 5 July 2012 08:23, Michael Ströder mich...@stroeder.com
wrote:
xsun wrote:
I don't remember if we talked about a wiki in the past but
it's definitely a
Hi,
Michael Ströder schrieb (21.04.2012 20:12 Uhr):
b...@bitrate.net wrote:
given an entry such as:
dn=cn=abuse,ou=example.net,ou=mail,ou=groups,dc=example,dc=com
objectclass=mailgroup
cn=abuse
member=uid=jdoe,ou=people,ou=accounts,dc=example,dc=com
i'd like the entry to also include an
Quanah,
Quanah Gibson-Mount schrieb (08.05.2012 17:12 Uhr):
--On Tuesday, May 08, 2012 3:41 PM +0200 Marc Patermann
hans.mo...@ofd-z.niedersachsen.de wrote:
while extending an object by adding a lot of maildrop values, slapd
refused to MOD with err 80:
Can anyone tell me what happens here
Hi,
Quanah Gibson-Mount schrieb (09.05.2012 10:17 Uhr):
--On May 9, 2012 9:45:52 AM +0200 Marc Patermann
hans.mo...@ofd-z.niedersachsen.de wrote:
Quanah Gibson-Mount schrieb (08.05.2012 17:12 Uhr):
--On Tuesday, May 08, 2012 3:41 PM +0200 Marc Patermann
hans.mo...@ofd-z.niedersachsen.de wrote
Hi,
while extending an object by adding a lot of maildrop values, slapd
refused to MOD with err 80:
May 4 15:31:57 rzhs720 slapd[27004]: conn=1007 op=3 MOD
dn=ou=infogroup,ou=foo
May 4 15:31:57 rzhs720 slapd[27004]: conn=1007 op=3 MOD
attr=objectClass ou cn mail member maildrop
May 4
Nick,
Nick Milas schrieb (28.04.2012 21:06 Uhr):
On 1/3/2012 6:32 μμ, Marc Patermann wrote:
from a provider with pre 2.4.30 (from Feb. 21st) and four consumers
with exact the same config (checked by md5sum), two with 2.4.26, one
with pre 2.4.29 and one with the same pre 2.4.30 version, I
Hi,
on a master server overlay syncprov and overlay refint
(refint_attributes member memberOf) are set.
Now on object, which is in a group is deleted.
Refint changes the group by deleting the member.
The changed user object and the group are to be replicated.
The user is.
The group is not:
Cosmin,
Cosmin Ciuraru schrieb (12.04.2012 08:07 Uhr):
I am trying to use the ppolicy overlay with openldap, version 2.4.20,
installed on a SLES 11 SP1 x64, as a package. I have made the following
for a more recent version check out this repo:
Nick,
Nick Milas schrieb (30.03.2012 16:08 Uhr):
On 30/3/2012 4:27 μμ, Howard Chu wrote:
Test builds are not meant to be packaged.
Even if it is so, in practice I use packaged builds for testing because
in this way I can control better what happens to the system and manage
versioning.
Hi,
Howard Chu schrieb (24.02.2012 21:36 Uhr):
Marc Patermann wrote:
With this sorted out, this is what I get (both pre 2.4.30 code):
- slapadd the provider with current data
- slapadd the consumer with older data
- present check, exact sync
- ldap changes on provider
- reset and slapadd
stefano,
stefano schrieb (23.02.2012 10:40 Uhr):
STATE B slapd is stopped run /etc/init.d/slapd start---it works
checking pid pgrep slaps---2237 stopping slapd /etc/init.d/slapd
stop--- slapd is stopped pgrep slapd---2237 -the process is still
active- starting slapd /etc/init.d/slapd start
Hi,
due to the DEL don't get replicated issue, I have inconsistent data on
the consumers.
I set up a test pair with a provider with current master data and a
consumer with current slave data.
The data set differs in a few entries which DEL were not replicated.
Is there any way to get the
stefano,
stefano schrieb (22.02.2012 10:00 Uhr):
i tryied to comment everything in ldap.conf and restart the ldap server
but is failed.
You can forget about all the ldap.conf things before you did not solved
this:
checking in syslog the error is
daemon: bind(6) failed errno=98
Buchan,
Buchan Milne schrieb (21.02.2012 11:38 Uhr):
As far as I have read in changelogs and ITS, anything from
OPENLDAP_REL_ENG_2_4 (including 2.4.29) before:
commit 10c81e2a46c9b603ba1dfcf53422573d5068ba04
Author: Howard Chu h...@openldap.org
Date: Sun Feb 12 21:07:25 2012 -0800
Buchan,
Buchan Milne schrieb (21.02.2012 12:48 Uhr):
On Tuesday, 21 February 2012 12:41:40 Marc Patermann wrote:
Buchan Milne schrieb (21.02.2012 11:38 Uhr):
As far as I have read in changelogs and ITS, anything from
OPENLDAP_REL_ENG_2_4 (including 2.4.29) before:
commit
Nick Milas schrieb (01.02.2012 11:03 Uhr):
On 31/1/2012 10:16 μμ, Quanah Gibson-Mount wrote:
If you'd like to test it, that would certainly help make its release
be more towards the near future than the far future.
I would surely like to test it. However, I haven't got a clue on
building the
Hi,
under some circumstances DEL don't get replicated to the consumers
(SyncRepl). I think this has to do with other changes at the some moment.
I attached two logs excepts in sync.log.
In the first except there is only a DEL
Jan 31 09:16:01 ldapserver slapd[10641]: conn=79138 op=2 DEL
Hi,
under some circumstances DEL don't get replicated to the consumers
(SyncRepl). I think this has to do with other changes at the some moment.
I attached two logs excepts in sync.log.
In the first except there is only a DEL
Jan 31 09:16:01 ldapserver slapd[10641]: conn=79138 op=2 DEL
Hi,
Howard Chu schrieb (31.01.2012 12:08 Uhr):
Marc Patermann wrote:
under some circumstances DEL don't get replicated to the consumers
(SyncRepl). I think this has to do with other changes at the some moment.
Already known, ITS#7052.
Thanks.
So this is fixed in 2.6.27 (and later
Howard,
Howard Chu schrieb (31.01.2012 14:22 Uhr):
Marc Patermann wrote:
Howard Chu schrieb (31.01.2012 12:08 Uhr):
Marc Patermann wrote:
under some circumstances DEL don't get replicated to the consumers
(SyncRepl). I think this has to do with other changes at the some
moment.
Already
Howard,
Howard Chu schrieb (31.01.2012 14:22 Uhr):
Marc Patermann wrote:
Howard Chu schrieb (31.01.2012 12:08 Uhr):
Marc Patermann wrote:
under some circumstances DEL don't get replicated to the consumers
(SyncRepl). I think this has to do with other changes at the some
moment.
Already
Hi,
Marc Patermann schrieb (16.01.2012 17:44 Uhr):
short question first:
Is overlay memberOf supposed to work with glued databases in any direction?
Hm, nobody?
Did I make a configuration error?
Is it a bug?
Is it worth a feature request?
Will it never work that way?
Marc
Howard,
Howard Chu schrieb (19.01.2012 18:14 Uhr):
Marc Patermann wrote:
Marc Patermann schrieb (16.01.2012 17:44 Uhr):
short question first:
Is overlay memberOf supposed to work with glued databases in any
direction?
Hm, nobody?
Did I make a configuration error?
Is it a bug?
Is it worth
Hi,
short question first:
Is overlay memberOf supposed to work with glued databases in any direction?
I tried with 2.4.28 and get the following results:
slapd.conf with two databases
1. step
---
This is simple. MemberOf overlay only in one database
ou=groups,ou=foo,ou=bar
Angel,
Angel L. Mateo schrieb (11.01.2012 13:37 Uhr):
Is there any way to configure the openldap server to disable this
mechanisms?, because I don't want any sasl authentication.
Shouldn't this be done by the mech_list parameter in the SASL
application config file (which is slapd.conf in your
Axel,
Axel Birndt schrieb (14.12.2011 21:36 Uhr):
apache.conf---
.
AuthType basic
AuthBasicProvider ldap
AuthName LDAP-geschuetztes Verzeichnis
AuthLDAPUrl ldap://localhost:389/ou=user,dc=2axels-company,dc=de?cn?sub;
AuthLDAPBindDN
Michael,
Michael Ströder schrieb (01.12.2011 18:55 Uhr):
masar...@aero.polimi.it wrote:
slapo-memberof(5) does not support tool mode; in order to populate the
memberOf attribute of an existing database you need to use ldapadd(1).
You could, for example, dump your group entries, remove them,
Nick,
Nick Milas schrieb (28.11.2011 11:04 Uhr):
On 28/11/2011 11:37 πμ, Quanah Gibson-Mount wrote:
Can I somehow run a (consumer) server in syncrepl debugging mode, in
order to capture *in adequate detail* problems that MIGHT arise, despite
a possible high debug logging volume (which would
Eli,
E.S. Rosenberg schrieb (13.11.2011 17:13 Uhr):
I was wondering is it possible to set a slapd syncprov consumer to
trigger a script when it receives changes to the db (updates of
specific attributes).
I think you might be able to replicate to a server instance with
back-perl or back-shell
sim123,
sim123 schrieb (02.11.2011 20:59 Uhr):
I am trying to setup syncrepl, and consumer needs only one subtree from
provider and I want to create another subtrees in consumer side,
something like this mentioned in this post:
Nick,
Nick Milas schrieb (18.10.2011 08:07 Uhr):
# Load dynamic backend modules:
modulepath /usr/local/openldap/lib64
could it be that you have to load some modules here?
Look at the directory for what is in there.
Marc
Hi,
sim123 schrieb (12.09.2011 07:15 Uhr):
Well, while browsing for solution I realized that I was misinterpreting
RDN, so basically what I want is any third party application to
authenticate against my ldap using attributes other then DN, I guess its
the job of application to do a search
Michel,
Michel Gruau schrieb am 19.08.2011 13:13 Uhr:
It have a slapd-meta configuration as follows:
database meta
suffix dc=com
uri ldap://server1:389/dc=suffix1,dc=com
uri ldap://server2:389/dc=suffix2,dc=com
uri ldap://server3:389/dc=suffix3,dc=com
so while the 3 server serve different
Hi,
pradyumna dash schrieb am 27.08.2011 12:23 Uhr:
I want to achieve ldaps, that means all the communication should use 636
port, i have changed the parameters in the /etc/openldap/sysconfig file,
but no luck.
I don't understand what you want, either.
As you wrote netstat .lnap |grep ldap
Rupesh,
Rupesh Thakkar schrieb:
#syncrepl Provider for primary db
overlay syncprov
syncprov-checkpoint 1000 60
# Let the replica DN have limitless searches
limits
dn.exact=umObjectGUID=218afb42cb5e11e09542001a64e587d4,ou=People,dc=Avaya
time.soft=unlimited
Howard,
Howard Chu schrieb am 15.08.2011 23:20 Uhr:
Marc Patermann wrote:
Why does slapd crash here?
This looks like the same trace as ITS#6892, but that was already
patched/fixed in 2.4.26.
# rpm -qa openldap2
openldap2-2.4.26-143.1
(the Ralf Haferkamp SLES rpms)
Need a bit more info
Howard,
Howard Chu schrieb am 15.08.2011 23:20 Uhr:
Marc Patermann wrote:
Why does slapd crash here?
This looks like the same trace as ITS#6892, but that was already
patched/fixed in 2.4.26. Need a bit more info from the crash. E.g.
print *ss
print *ss-s_op
Is this, what you
Howard Chu schrieb am 15.08.2011 23:20 Uhr:
Marc Patermann wrote:
Why does slapd crash here?
This looks like the same trace as ITS#6892, but that was already
patched/fixed in 2.4.26. Need a bit more info from the crash. E.g.
print *ss
print *ss-s_op
(gdb) print *ss
No symbol ss
Hi,
I have the following problem:
On a sycrepl provider I have lots (100+) consumers in refresh and
persist mode.
After upgrading the provider from 2.3.x to 2.4.25 I can crash the server
by a single mod on the root object of one database.
Aug 15 14:18:37 trzs721boot kernel: [544888.798212]
Marc Patermann schrieb am 15.08.2011 15:00 Uhr:
I tried to create a core dump, but I could not get it work.
I used this howto. The top example works, I get a core file for user
ldap. With slapd it is not.
sorry, I forgot the link:
http://www.unix.com/security/55651-how-set-coredump-suse-10
Dmitriy,
Dmitriy Kirhlarov schrieb am 11.08.2011 16:38 Uhr:
Our company has some core ldap servers.
Also we have many replicas from this core, all supported by different
persons. I need to get the full list of these replicas.
I supposed to find this information in slapd.log, with sync
Michel,
michel.gruau schrieb am 02.05.2011 11:34 Uhr:
I implemented a slapd-meta configuration with several backend directories.
I would like to know whether slapd-meta is capable to switch requests to
an « alternate target » when a given target is unavailable.
Reading all the documentation,
Oliver,
Olivier schrieb am 18.04.2011 16:50 Uhr:
OR
SHOULD I EDIT DIRECTLY FILES IN SLAPD.D AND DEFINITIVELY
REMOVE THE SLAPD.CONF FILE ?
you do _not_ edit files unter slapd.d. You modify the cn=config backend
(which in most cases is stored in slapd.d) with ldap.
Marc
Michel,
michel.gruau schrieb am 11.04.2011 17:22 Uhr:
I am trying to configure an LDAP proxy towards 2 LDAP targets and I'm
using the meta backend as follows:
database meta
suffix ou=A,o=B,c=C
uri ldap://server1/ou=S1,ou=A,o=B,c=C
uri ldap://server2/ou=S2,ou=A,o=B,c=C
It is working fine
Peter,
Peter Schober schrieb am 06.04.2011 16:48 Uhr:
How do I control access to operational attributes, in this case
memberOf by the eponymous overlay? While I can put an index on
'memberOf' I can't seem to use it in an attrlist as part of an ACL:
unknown attr memberOf in to clause
I didn't
Hi,
Michael Ströder schrieb am 01.04.2011 08:35 Uhr:
Yes, 3rd LDAPcon 2011 is organized by DAASI, October 10 – 11 in Heidelberg,
Germany.
see http://www.ldapcon.org
Great!
Marc
Simon,
sim123 schrieb am 29.03.2011 23:47 Uhr:
I have openLDAP server up and running and trying to integrate it with
Confluence. My LDAP structure looks like
[...]
I guess I should be able to do LDAP_BIND with any attribute and LDAP
should be able to search user's DN based on the attribute
sim123,
(no top posting, please!)
sim123 schrieb am 24.03.2011 01:10 Uhr:
On Wed, Mar 23, 2011 at 5:01 PM, Indexer inde...@internode.on.net
mailto:inde...@internode.on.net wrote:
On 24/03/2011, at 10:22, sim123 wrote:
I am designing LDAP schema and the structure looks like :
Vinay,
Vinay Kalkoti schrieb am 23.02.2011 09:10 Uhr:
I wanted to know what all complex characters can be included for an
UID attribute.
I have the following user names (uid).
Please let me know which which of the following uid's are invalid -
test_user: IT (LOC)
sup_12$
test_user:IT(LOC)
1 - 100 of 127 matches
Mail list logo