Update: the serverSort thing was a false-positive this morning, I guess the client was still caching. ... Oct 18 15:52:23 examplehost slapd[24946]: conn=9373 op=168 SEARCH RESULT tag=101 err=18 nentries=0 text=serverSort control: No ordering rule Oct 18 15:52:23 examplehost slapd[24946]: conn=9373 op=168 do_search: get_ctrls failed Oct 18 15:52:52 examplehost slapd[24946]: conn=10575 fd=28 ACCEPT from IP=10.0.0.1:35464 (IP=0.0.0.0:389) Oct 18 15:52:52 examplehost slapd[24946]: conn=10575 op=0 BIND dn="cn=proxyuser,ou=system,ou=people,dc=example,dc=de" method=128 Oct 18 15:52:52 examplehost slapd[24946]: => bdb_entry_get: found entry: "cn=proxyuser,ou=system,ou=people,dc=example,dc=de" Oct 18 15:52:52 examplehost slapd[24946]: => bdb_entry_get: found entry: "cn=default,ou=pwdpolicy,dc=example,dc=de" Oct 18 15:52:52 examplehost slapd[24946]: => access_allowed: result not in cache (userPassword) Oct 18 15:52:52 examplehost slapd[24946]: => access_allowed: auth access to "cn=proxyuser,ou=system,ou=people,dc=example,dc=de" "userPassword" requested Oct 18 15:52:52 examplehost slapd[24946]: => acl_get: [1] attr userPassword Oct 18 15:52:52 examplehost slapd[24946]: => acl_mask: access to entry "cn=proxyuser,ou=system,ou=people,dc=example,dc=de", attr "userPassword" requested Oct 18 15:52:52 examplehost slapd[24946]: => acl_mask: to value by "", (=0) Oct 18 15:52:52 examplehost slapd[24946]: <= check a_dn_pat: cn=ldapadm,dc=example,dc=de Oct 18 15:52:52 examplehost slapd[24946]: <= check a_dn_pat: cn=proxyuser,ou=system,ou=people,dc=example,dc=de Oct 18 15:52:52 examplehost slapd[24946]: <= check a_dn_pat: anonymous Oct 18 15:52:52 examplehost slapd[24946]: <= acl_mask: [3] applying auth(=xd) (stop) Oct 18 15:52:52 examplehost slapd[24946]: <= acl_mask: [3] mask: auth(=xd) Oct 18 15:52:52 examplehost slapd[24946]: => slap_access_allowed: auth access granted by auth(=xd) Oct 18 15:52:52 examplehost slapd[24946]: => access_allowed: auth access granted by auth(=xd) Oct 18 15:52:52 examplehost slapd[24946]: conn=10575 op=0 BIND dn="cn=proxyuser,ou=system,ou=people,dc=example,dc=de" mech=SIMPLE ssf=0 Oct 18 15:52:52 examplehost slapd[24946]: => bdb_entry_get: found entry: "cn=proxyuser,ou=system,ou=people,dc=example,dc=de" Oct 18 15:52:52 examplehost slapd[24946]: conn=10575 op=0 RESULT tag=97 err=0 text= Oct 18 15:52:52 examplehost slapd[24946]: conn=10575 op=1 SEARCH RESULT tag=101 err=18 nentries=0 text=serverSort control: No ordering rule Oct 18 15:52:52 examplehost slapd[24946]: conn=10575 op=1 do_search: get_ctrls failed Oct 18 15:52:52 examplehost slapd[24946]: conn=10575 op=2 UNBIND Oct 18 15:52:52 examplehost slapd[24946]: conn=10575 fd=28 closed ...
Is someone able to tell me what specific attributes I have to set for simple passwd/group/sudoers listing/sorting? Thank you. On Mon, Oct 18, 2010 at 09:45, Benjamin Griese <der.dar...@gmail.com> wrote: > Hi diego, > > thanks for you advise. I created two new Overlays as you said and > tried to set the attribute-set that I googled from some other guys. > These are probably wrong. Finally, that solved the messages that > appeared in the slapd log, but didn't solve the problem on the solaris > hosts. > Too bad. :/ > > While reading to the log file once again, I find it quite strange, > that the client is asking for specific objectClasses and Attributes > that doesn't exist in my DIT. > I've imported the solaris.schema while preparing the DIT and setup the > "nisDomainObject" in the root Object, because the Client asked for > that in the autoconfig-process. > But the rest is from duaconfig.schema. By looking through the > solaris.schema, the requested obj and attr below are in there. But > this is all in all just guess work. > > for example: > > Oct 16 19:15:00 examplehost slapd[24946]: conn=1026 op=102 SRCH > base="ou=people,dc=example,dc=de" scope=2 deref=3 > filter="(&(objectClass=NisKeyObject)(uidNumber=3))" > Oct 16 19:15:00 examplehost slapd[24946]: conn=1026 op=102 SRCH > attr=nisPublickey nisSecretkey > > Oct 16 19:15:00 examplehost slapd[24946]: conn=1026 op=103 SRCH > base="ou=people,dc=example,dc=de" scope=2 deref=3 > filter="(&(?objectClass=SolarisUserAttr)(uid=sys))" > Oct 16 19:15:00 examplehost slapd[24946]: conn=1026 op=103 SRCH > attr=uid SolarisUserQualifier SolarisAttrReserved1 > SolarisAttrReserved2 SolarisAttrKeyValue > > Oct 16 19:15:00 examplehost slapd[24946]: conn=1026 op=104 SRCH > base="ou=projects,dc=example,dc=de" scope=2 deref=3 > filter="(&(?objectClass=SolarisProject)(?=undefined))" > Oct 16 19:15:00 examplehost slapd[24946]: conn=1026 op=104 SRCH > attr=SolarisProjectName SolarisProjectID description memberUid > memberGid SolarisProjectAttr > > LDIFs of the overlays: > > version: 1 > > dn: olcOverlay={4}sssvlv,olcDatabase={1}hdb,cn=config > objectClass: olcSssVlvConfig > objectClass: olcOverlayConfig > objectClass: olcConfig > objectClass: top > olcOverlay: {4}sssvlv > > ========================================= > > version: 1 > > dn: olcOverlay={5}valsort,olcDatabase={1}hdb,cn=config > objectClass: olcValSortConfig > objectClass: olcOverlayConfig > objectClass: olcConfig > objectClass: top > olcOverlay: {5}valsort > olcValSortAttr: memberuid ou=groups,dc=example,dc=de alpha-ascend > olcValSortAttr: uid ou=people,dc=example,dc=de alpha-ascend > > Actually these seems to be a question to the Solaris LDAP Mailinglist, > am I right? > But if you have an further hints, these are much appreciated. > > Thanks and kind regards, Benjamin. > > > On Fri, Oct 15, 2010 at 18:41, Diego Lima <li...@diegolima.org> wrote: >> Hi Benjamin, >> >> It looks like your LDAP client is asking the server to return ordered >> results from looking at this line: >> >>> tag=101 err=18 nentries=0 text=serverSort control: No ordering rule >> >> You may want to take a look at the server-side sorting overlay >> (slapo-sssvlv) and/or the value sorting overlay (slapo-valsort) and >> see if activating them on the server will fix your problems. >> >> >> -- >> Diego Lima >> http://www.diegolima.org >> > > > > -- > To be or not to be -- Shakespeare | To do is to be -- Nietzsche | To > be is to do -- Sartre | Do be do be do -- Sinatra > -- To be or not to be -- Shakespeare | To do is to be -- Nietzsche | To be is to do -- Sartre | Do be do be do -- Sinatra