On 9 Nov 2015 11:37, "PRAJITH" wrote:
>
> Hi,
>
> Could you please add more info about the TOTP modul? I could not find any
single article about this.
Could you file a doc request on the OpenLDAP ITS?
Thanks.
> I would offer to contribute to the documentation, but due to its lack of
usefulness, do not have an understanding of the basic concepts myself. The
best I would be able to do is describe my experience and provide the steps
that I followed to get a basic installation working.
>
> Hopefully someone
> I would offer to contribute to the documentation, but due to its lack of
usefulness, do not have an understanding of the basic concepts myself. The
best I would be able to do is describe my experience and provide the steps
that I followed to get a basic installation working.
>
> Hopefully someone
Hi all,
List what you love about our docs:
List what you hate:
List what you'd love to see:
List what you can help with:
Thanks.
--
Kind Regards,
Gavin Henry.
>
> I guess what I'm trying to say, from my mobile phone, is if the
documentation were more "agile" in engaging the community for identifying
issues and taking in corrections, we may all be happier.
>
Some great feedback. Maybe we could host something like gitlab for this.
Will have a chat on #ope
Hi all,
I'll be back on this in June. Been a busy month at work.
Thanks.
Hi all,
I'll be back on this in June. Been a busy month at work.
Thanks.
On 8 September 2009 at 13:30, Venish Khant wrote:
> Michael Ströder wrote:
>>
>> Venish Khant wrote:
>>
>>>
>>> You have any idea about how to
>>> upgrade openldap.
>>> Because, my openldap version 2.4.15 so, I want upgrade.
>>>
>>
>>
Old one, but I'm just using this code too:
http://search.cpa
Thanks Tom. Will take a look.
We've never had an installation script like this as it's normally part
of the distro packaging system. The OpenLDAP just ships the source
code and every distro likes things in different places even with the
FHS v3.0
gavin.
--
Kind Regards,
Gavin Henry.
>
> Brilliant. Look forward to playing with it and vuejs.
Hi all,
I'm doing this for a supportControl subentry delete:
https://metacpan.org/pod/Net::LDAP::Control
like so:
my $subentry_ctrl = Net::LDAP::Control->new(
type => '1.3.6.1.4.1.4203.1.10.1',
value=> 'Subentries',
critical => 1
);
This isn't implemented in Net::LDAP yet. Please ignore :-)
https://github.com/perl-ldap/perl-ldap/issues/59#issuecomment-751496848
On Thu, 12 Aug 2021 at 18:05, Wayne McNaught
wrote:
>
> I have previously asked this question with no response 18 months ago, I would
> still like some assistance I have configured multiple LDAPs in a Mirror-Mode
> configuration and fronted by OpenLDAP in proxy mode. I understand that the
> li
Same question as your other email :-)
Hi Wayne,
Ah, OK. What's your concern with just running with N-Way?
Thanks.
On Fri, 13 Aug 2021 at 21:33, Wayne McNaught
wrote:
>
> Hi Gavin,
> Thanks for responding. At the moment we have 3 back-end OpenLDAP servers V2.4
> in Multi-Master mode with N-Way Multi-Provider replication. We have th
any way to manually create a hidden entry, in a similar style
> to the contextCSN, or would this require the an overlay to be written?
That's what the contextCSN is for. Just ldapsearch for it and if they
match, they are up to date:
http://blog.suretecsystems.com/archives/146-OpenLDAP-Quick-Tips-Checking-the-state-of-replication.html
I really need to start those "Quick Tips" up again!
If anyone wants to contribute some?
--
Kind Regards,
Gavin Henry.
OpenLDAP Engineering Team.
E ghe...@openldap.org
Community developed LDAP software.
http://www.openldap.org/project/
est? (Only acls, I already tryed -1 without
> success (looking for denying information))
> Sorry my low know how in this issue, but I realy need to finish this job.
> Thanks.
"man slapacl" will help
--
Kind Regards,
Gavin Henry.
OpenLDAP Engineering Team.
E ghe...@openldap.o
you have any suggestions for improvements to the docs?
Thanks.
--
Kind Regards,
Gavin Henry.
OpenLDAP Engineering Team.
E ghe...@openldap.org
Community developed LDAP software.
http://www.openldap.org/project/
gt; debug output), I get the following error:
>
> Configuration error: Error : Could not alloc node id at 192.168.7.40
> port 1186: No free node id found for mysqld(API).
Did you resolve this?
Thanks.
--
Kind Regards,
Gavin Henry.
OpenLDAP Engineering Team.
E ghe...@openldap.org
Com
If any one needs the help in same.. :)
Doc contributions are welcome!
--
Kind Regards,
Gavin Henry.
OpenLDAP Engineering Team.
E ghe...@openldap.org
Community developed LDAP software.
http://www.openldap.org/project/
and as I'm already
> running OpenLDAP 2.4 is makes sense to just roll it from there.
>
> I found a VERY useful article at
> http://oracle-cookies.blogspot.com/2007/01/get-tnsnamesora-from-openldap.html
> which I think will help enormously.
How did you get on with this?
--
- "Matheus Morais" wrote:
> Hi Gavin,
>
> Sorry for the late reply, I need to organize my mail box, I just not seen
> this email!
>
>
> On Mon, Jul 26, 2010 at 2:24 PM, Gavin Henry < ghe...@openldap.org > wrote:
>
> > I want thank
ound: Compile with CPPFLAGS=-D_GNU_SOURCE.
what is the Presumably ? can you pls give me the full command that should i
follow ???
Thx !!
--
Kind Regards,
Gavin Henry.
OpenLDAP Engineering Team.
E ghe...@openldap.org
Community developed LDAP software.
http://www.openldap.org/project/
ts?
Thanks,
Gavin.
>
> ATB,
>
> Mark.
>
> --
> Mark Cave-Ayland - Senior Technical Architect
> PostgreSQL - PostGIS
> Sirius Corporation plc - control through freedom
> http://www.siriusit.co.uk
> t: +44 870 608 0063
>
> Sirius Labs: http://www.siriusit.co.uk/labs
>
>
--
Kind Regards,
Gavin Henry.
OpenLDAP Engineering Team.
E ghe...@openldap.org
Community developed LDAP software.
http://www.openldap.org/project/
or
installs, setup etc. as they all bundle their own out of date versions.
Do we skip that bit and just talk about config or what?
I'm happy to write stuff if we want to work on a small table of contents.
What about adopting the Zytrax stuff, updating it and get them to do a 301
redirect
+44 (0)116 2522254
> University of Leicester, University Road
> Leicestershire LE1 7RH, United Kingdom
>
>
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretecsystems.com
Open Source. Open Solutions(t
s changing so everything we wrote
> about it was already out of date.
Has SoC passed? Maybe we could get some funding for it?
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretecsystems.com
Open Source. Ope
On 4 July 2012 22:34, xsun wrote:
> Hello guys,
>
> I can help on documentation in my spare time. I tryed to submit a patch for
> ITS#6339 in the past but I don't know why it was not accepted and I did not
> received any feedback about it. There is some TODO list for documentation?
>
There is a T
On 5 July 2012 16:44, Gavin Henry wrote:
> On 5 July 2012 08:23, Michael Ströder wrote:
>> xsun wrote:
>>> I don't remember if we talked about a wiki in the past but it's definitely a
>>> good idea. I mean, if available, we could start to migrate/re
>
> For anyone reading french, I published some times ago such kind of cookbook,
> in Linux magazine (the french one):
> https://www.zarb.org/~guillomovitch/articles/openldap.pdf
Looks good. All the overlay stuff and replication we have covered I
think, maybe not as much ACLs and no Posix things,
HI all,
Taking advantage of the technical list for once and the OpenLDAP
"related" questions :-)
Anyone messed with ejabberd and OpenLDAP? I'm looking for an XMPP
server with the best LDAP support.
ejabberd does auth, rosters and vcards but the ability to load a list
of hosts/domains from LDAP l
So where are we?
Wiki - no then?
Or Wiki like dokuwiki which does plain text files, stick them in the
back of a git repo, add some hooks to do commits so we can all work
offline and use the Dokuwiki PDF exports?
We just need something to look "new" :-)
--
http://www.suretecsystems.com/services
There's me getting reminded with have one at
http://www.openldap.org/wiki My bad.
Forgot my password, reset a few times now and it won't let me in. Kurt?
--
http://www.suretecsystems.com/services/openldap/
http://www.surevoip.co.uk
If you take out the first table of each and saved
at txt file it would be much easier.
Best of luck
Lars
2011/5/2 Olivier 'Babar' Raginel
>
> On Mon, May 02, 2011 at 09:46:07PM +0100, Gavin Henry wrote:
> > I'm the doc dev for the OpenLDAP project (ghe...@openlda
>> HI all,
>>
>> Taking advantage of the technical list for once and the OpenLDAP
>> "related" questions :-)
>>
>> Anyone messed with ejabberd and OpenLDAP? I'm looking for an XMPP
>> server with the best LDAP support.
>>
>> ejabberd does auth, rosters and vcards but the ability to load a list
>> o
>> HI all,
>>
>> Taking advantage of the technical list for once and the OpenLDAP
>> "related" questions :-)
>>
>> Anyone messed with ejabberd and OpenLDAP? I'm looking for an XMPP
>> server with the best LDAP support.
>
> I don't know about "best". I picked ejabberd due to stability, and how it
>
User accounts? Something we do for
this to keep the DIT level shallow, is to keep all user accounts in
ou=Users and filter based on o=CompanyA which is an attribute on that
user entry. Then you can use slapo-dynlist to create company groups
etc.
Not sure what ACLs you've got or the overal
ons,
billions and trillions!
> Also can i define various roles inside openldap?Can I also define groups
> inside openldap?
If you're already using it you must have asked yourself these
questions already? What are you trying to do so we can help explain
the options?
Thanks.
--
Kind Reg
/buildd/openldap-2.4.21/debian/build/servers/slapd
>
> I'm wondering do I need to upgrade the master (slave is Ubuntu 12.04), could
> this be related to the version of slapd or gnutls?
Check out:
man slapd-ldap as slapo-chain uses that which has the same tls
settings as slapd.
Th
r best bet is to set up something in your dev environment, if you
haven't already, then for ease switch to a simple slapd.conf testing
your ACLs with slapacl and/or ldapsearch. Once, happy convert the
slapd.conf to a slapd.d setup and reference the right LDIF output to
import/update on your test environ
produce it since?
Thanks.
--
Kind Regards,
Gavin Henry.
OpenLDAP Engineering Team.
E ghe...@openldap.org
Community developed LDAP software.
http://www.openldap.org/project/
correctly.
>
> is there a way to have the deletions by logpurge replicated as well?
Hi Marvin,
What version are you on?
Thanks.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretecsystems.com
Open
e can help.
Thanks.
--
Kind Regards,
Gavin Henry.
OpenLDAP Engineering Team.
E ghe...@openldap.org
Community developed LDAP software.
http://www.openldap.org/project/
>> Hi Dave,
>>
>> Have you been able to reproduce it since?
>>
>> Thanks.
>
> So far I've only had the one failure and I haven't been able to
> reproduce it since.
>
That's tricky then. Did you file an ITS? Will check...
--
Kind Regards,
LDAP over SSL isn't.
Thanks.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretecsystems.com
Open Source. Open Solutions(tm).
http://www.suretecsystems.com/
Suretec Systems is a limited company registered
> There are some good instances where StartTLS isn't attractive: when the LDAP
> servers are behind F5 BigIPs for example.
> My 2 cents.
Yeah, true. Depends on environment and some kit just won't do StartTLS.
return a subset of users. Github Enterprise would only "see" a few
> hundred users instead of thousands. Is this doable? Is there a better
> solution?
Or you could use back-ldap too.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
ething like cn=My Name,ou=Users,dc=example,dc=com with
uid in the entry or
uid=ghenry,ou=Users,dc=example,dc=com ?
Thanks.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretecsystems.com
Open So
DIT looks like.
The problem with translucent is the management moving forward.
Thanks.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretecsystems.com
Open Source. Open Solutions(tm).
http://www.suretecsyste
provider
is older)
http://www.openldap.org/its/index.cgi/Archive.Software%20Bugs?id=4744;selectid=4744;usearchives=1
but will take a closer look at your config.
Thanks.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretec
enldap.org/doc/admin24/appendix-ldap-result-codes.html#strongerAuthRequired
(8)
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretecsystems.com
Open Source. Open Solutions(tm).
http://www.suretecsystems.com/
Su
because when
> I login my machine with uid, it works, but if I login with common
> name, it fails.
http://www.catb.org/~esr/faqs/smart-questions.html as you can find out
what RDN is by Google which
is quicker than what you wrote.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 12
>> Remove your dn{} line.
>
> Sorry, which dn line do you mean?
>
> This?
>
> authzTo: {0}dn:*
Yeah.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretecsystems.com
Open Source. O
On 29 Jul 2012, at 11:08, "elekktrett...@exemail.com.au"
wrote:
> No difference.
>
> What were you hoping it would do?
>
Sorry, I replied in a rush!
Gavin.
On 29 Jul 2012, at 13:42, "elekktrett...@exemail.com.au"
wrote:
> Well looks like I figured it out. In the bottom of slapo-chain man page,
> it says
>
> "All URIs not listed in the configuration are chained anonymously. "
>
> my chain-uri was "ldap://ldap.provider.net:389/";
>
> but my updateref
t; correctly.
Hi Chris,
It depends on how you've formed your DN. What does it look like? Check
the objectClass definitions for those attributes and look up the
syntax type. That will tell you.
Thanks.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44
Hi all,
What attribute are you using to represent an internal telephone extension?
Can't see any standards based ones.
Thanks.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretec.co.uk
Open Source.
lapo-rwm ?
Thanks.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretecsystems.com
Open Source. Open Solutions(tm).
http://www.suretecsystems.com/
Suretec Systems is a limited company registered in Scotland.
> I have a requirement to support personalization. I didn't find many articles
> to do that. Please point me some of the articles related to it.
HI,
Please explain more.
Thanks.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +
need to do to change my
> release from BDB to MDB.
>
> Can anyone point me where i can find these document.
This is in the man page - please read "man slapd-mdb" as you would
with most Open Source
software :-)
Thanks.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44
On 10 August 2012 15:48, Hallvard Breien Furuseth
wrote:
> Gavin Henry wrote:
>>
>> What attribute are you using to represent an internal telephone extension?
>
>
> Our site just uses telephoneNumber with the full number,
> and leaves it to the users to know when they
, with out hard coding group name in the conf.
I guess I'll have to create branches to split up users. Then again,
I'm adding a group to ou=Groups, why shouldn't I at the same time add
a new ACL via cn=config?
Cheers.
--
Kind Regards,
Gavin Henry.
Managing Direc
#x27;ll need to register to edit.
Thanks.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretec.co.uk
Open Source. Open Solutions(tm).
http://www.suretecsystems.com/
Suretec Systems is a limited company registe
> I'm pretty sure all these topics are still relevant and I've added some more:
>
> http://wiki.suretec.org/openldap:cookbook
>
> Feel free to add anything in the right place. You'll need to register to edit.
I think we'll need to add mdb :-)
--
Kind Regards,
On 10 Aug 2012, at 18:01, NetNinja <2bitni...@gmail.com> wrote:
> This a nice page, but have you added any content at all?
>
Doesn't look like it :)
Gavin.
using
a coupon I'll send you:
http://www.surevoip.co.uk/products/surevoip-numbers
Free for one year.
Cheers.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretec.co.uk
Open Source. Open Solutions(tm).
http://www.suretecsy
-map attribute telephoneNumber
> rwm-map attribute *
Sneeky! something like telephoneExtNumber would be perfect.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretecsystems.com
Open Source. Open Solutions(tm).
http:
> Ok so what did he add to the site? I don't care about a UK phone number.
With DokuWiki, anything "green" means it's a valid link with content. So just
go to:
http://wiki.suretec.org/openldap:cookbook
and look for green.
Gavin.
--
Kind Regards,
Gavin Henry.
Manag
> Gavin Henry wrote:
>>> is there a possibility to create an acl statement that grants access to any
>>> (unknown) value of an attribute but denys access to all values of the same
>>> attribute?
>>
>> Can you explain that again?
>
> BTW: Your answer
On 12 August 2012 00:00, Patrick Hemmer wrote:
> Sent: Sat Aug 11 2012 18:06:49 GMT-0400 (EDT)
> From: Jeff Dickens
> To: Gavin Henry openldap-technical@openldap.org
>
> Subject: Re: got into a "checksum error" situation
>
> Yes, I edited it by hand. Clearly n
Excellent. Thanks for following up.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretec.co.uk
Open Source. Open Solutions(tm).
http://www.suretecsystems.com/
Suretec Systems is a limited company registered in
lapd
or not stop/start if using cn=config and make sure mdb module is
loaded if slapd built that way
Thanks.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretec.co.uk
Open Source. Open Solutions(tm).
http://www.s
ptures between "access by" statements and my
> ACLs are flawed based on what you're searching for, which would be
> perfect. The goal being users in the same group can only see users on
> ou=Users of that group, with out hard coding group name in the conf.
>
> I g
> #Load the syncprov and accesslog modules.
> dn: cn=module{0},cn=config
> changetype: modify
> add: olcModuleLoad
> olcModuleLoad: syncprov
Are you using the Ubuntu OpenLDAP build?
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
in
slapd.d/* and then slapadd it back. Checksums will sort themselves.
> As an aside, my TLS config does indeed work now.
Nice work!
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretec.co.uk
Open Source. Open
ver to use.
Then you only set the one server on the client side. You could also go
further and load balance/HA the directory proxy in each area. Not sure
on your requirements.
Thanks.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824
> You could setup up an directory proxy server using back-ldap:
Sorry, "setup up a directory proxy server". Wrong grammar.
Cheers.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretecsystems.com
Open
. Thanks
Hi Jeevan,
You chain to a Master/Provider.
Thanks.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretecsystems.com
Open Source. Open Solutions(tm).
http://www.suretecsystems.com/
Suretec Systems is a lim
Hi,
I presume you're using pam_ldap?
What are your settings?
Thanks.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretecsystems.com
Open Source. Open Solutions(tm).
http://www.suretecsystems.com/
Su
> Thanks for the reply Gavin. So that means I need to configure and add the
> overlays only on the slaves and not on the master, right?
Yep.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretecsystems.com
http://searchdatacenter.techtarget.com/feature/IT-pros-suffer-OpenLDAP-configuration-headaches
Any one been in touch with them?
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretec.co.uk
Open Source. Open
81 matches
Mail list logo