date:20100114

Debian Lenny and Openldap installation Problem?

2010-01-14 Thread Murat Uğur Eminoğlu


Dear List,

I changed debian/configure.options

--enable-backends=yes
--enable-bdb=yes
--enable-ldbm=yes

dpkg-buildpackage -b

errors

cp: cannot stat `./debian/tmp/etc/ldap/schema': No such file or directory
dh_install: command returned error code 256
make: *** [binary-arch] Error 1
dpkg-buildpackage: failure: debian/rules binary gave error exit status 2


how i can solve this problem ?

thanks.
--
Murat Uğur Eminoğlu
http://ipucu.murat.ws
http://fotoblog.murat.ws

2.4.19 freezed at Debian Lenny

2010-01-14 Thread Frank Bonnet


Hello

I've compiled and installed 2.4.19 on a Debian Lenny server (64 bits)
it freezed few hours ago I had to restart slapd to make it working again.

any info about this problem at this release ?

Thank you

Some openldap 2.4 questions

2010-01-14 Thread Radosław Antoniuk

Hi,

Three quick issues about slapd 2.4.

1. I'm setting up a syncrepl replication. In the process of testing, I had
added three syncprov overlays instead of one, and I ended up with:
dn: olcOverlay={0}syncprov,olcDatabase={0}config,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
structuralObjectClass: olcSyncProvConfig
entryUUID: 600b89e6-9317-102e-9872-8714c398f98b
creatorsName: cn=admin,cn=config
createTimestamp: 2010060900Z
entryCSN: 2010060900.858973Z#00#000#00
modifiersName: cn=admin,cn=config
modifyTimestamp: 2010060900Z

dn: olcOverlay={1}syncprov,olcDatabase={0}config,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {1}syncprov
olcSpCheckpoint: 20 10
structuralObjectClass: olcSyncProvConfig
entryUUID: 600ba142-9317-102e-9873-8714c398f98b
creatorsName: cn=admin,cn=config
createTimestamp: 2010060900Z
entryCSN: 2010060900.859584Z#00#000#00
modifiersName: cn=admin,cn=config
modifyTimestamp: 2010060900Z

dn: olcOverlay={2}syncprov,olcDatabase={0}config,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {2}syncprov
olcSpSessionlog: 500
structuralObjectClass: olcSyncProvConfig
entryUUID: 600badea-9317-102e-9874-8714c398f98b
creatorsName: cn=admin,cn=config
createTimestamp: 2010060900Z
entryCSN: 2010060900.859909Z#00#000#00
modifiersName: cn=admin,cn=config
modifyTimestamp: 2010060900Z

The thing is, that I cannot delete any of them because cn=config does not
support delete operation.
Is this ok to leave it as is? or any workaround to get rid of the unwanted
ones?

2. About N-Way replication... What's the best authentication to use? Because
RootDN is the admin, and in simple authentication I would store cleartext
password in the syncrepl configuration, I'm assuming that the best here
would be to use some SASL mech?

3. Assuming a running normal replication(master-slave) with
refreshAndPersist, is there any method of checking of the status of the
replication? like show slave status in MySQL. I have tested it with cutting
the transmission by iptables, and ok, it caught up after reconnection, but
the master did not complain at all when the connection was not there...

-- 
Best regards,
Radosław Antoniuk

Some openldap 2.4 questions

2010-01-14 Thread Radosław Antoniuk

Hi,

Three quick issues about slapd 2.4.

1. I'm setting up a syncrepl replication. In the process of testing, I had
added three syncprov overlays instead of one, and I ended up with:
dn: olcOverlay={0}syncprov,olcDatabase={0}config,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
structuralObjectClass: olcSyncProvConfig
entryUUID: 600b89e6-9317-102e-9872-8714c398f98b
creatorsName: cn=admin,cn=config
createTimestamp: 2010060900Z
entryCSN: 2010060900.858973Z#00#000#00
modifiersName: cn=admin,cn=config
modifyTimestamp: 2010060900Z

dn: olcOverlay={1}syncprov,olcDatabase={0}config,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {1}syncprov
olcSpCheckpoint: 20 10
structuralObjectClass: olcSyncProvConfig
entryUUID: 600ba142-9317-102e-9873-8714c398f98b
creatorsName: cn=admin,cn=config
createTimestamp: 2010060900Z
entryCSN: 2010060900.859584Z#00#000#00
modifiersName: cn=admin,cn=config
modifyTimestamp: 2010060900Z

dn: olcOverlay={2}syncprov,olcDatabase={0}config,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {2}syncprov
olcSpSessionlog: 500
structuralObjectClass: olcSyncProvConfig
entryUUID: 600badea-9317-102e-9874-8714c398f98b
creatorsName: cn=admin,cn=config
createTimestamp: 2010060900Z
entryCSN: 2010060900.859909Z#00#000#00
modifiersName: cn=admin,cn=config
modifyTimestamp: 2010060900Z

The thing is, that I cannot delete any of them because cn=config does not
support delete operation.
Is this ok to leave it as is? or any workaround to get rid of the unwanted
ones?

2. About N-Way replication... What's the best authentication to use? Because
RootDN is the admin, and in simple authentication I would store cleartext
password in the syncrepl configuration, I'm assuming that the best here
would be to use some SASL mech?

3. Assuming a running normal replication(master-slave) with
refreshAndPersist, is there any method of checking of the status of the
replication? like show slave status in MySQL. I have tested it with cutting
the transmission by iptables, and ok, it caught up after reconnection, but
the master did not complain at all when the connection was not there...

-- 
Best regards,
Radosław Antoniuk

Re: Unable to Search/Authenticate Users

2010-01-14 Thread Michael Ströder

Todd Reed wrote:
 
 
 I’m trying to get a Web Application to authenticate to OpenLDAP.  I have
 one user account that I am binding as (user: webldapauth).  I have
 another user account that I am trying to log in via the application
 (user: webuser).  The “webuser” is in a OU called “WebAppUsers”.  With
 an LDAP Browser, I can bind to LDAP as both users.  But, when I try to
 log in to the web app, I’m binding with the user “webldapauth”, but
 cannot log in with the “webuser” account.  The web application calls are
 good because I can point it to an ActiveDirectory server and it works
 fine.  This is my first attempt with OpenLDAP.  I believe there is a
 configuration problem with OpenLDAP, but I’m not sure where to look or
 troubleshoot at.  Would anyone be able to provide any guidance?  I’ve
 looked at the manuals and other help files, but nothing has worked so far.

I'd check the ACLs.

Ciao, Michael.

Need help setting up n-way + cn=config

2010-01-14 Thread Alex Samad

Hi

I am in the process of testing a new n-way setup, I have come across
some problem's.

when trying to setup unique I keep getting undefined attribute error

dn: olcOverlay={2}unique,olcDatabase={1}hdb,cn=config   

  
changetype: modify  

  
add: olcunique_uri  

  
olcunique_uri: ldap:///?uid?sub 

  


  


  
but it fails

  
ldap_modify: Undefined attribute type (17)  

  
additional info: olcunique_uri: AttributeDescription contains   

  
inappropriate characters

  

also while trying to setting olcaccess parameter I can't find any
information on how setup a ipv6 network


Currently I have

  


  
'to dn.sub=ou=SUDOers,dc=samad,dc=com,dc=au '.

  
'by dn.exact=cn=libnss-ldap,ou=Roles,dc=samad,dc=com,dc=au read '.

  
'by dn.exact=cn=libpam-ldap,ou=Roles,dc=samad,dc=com,dc=au read '.

  
'by peername.ip=192.168.12.0%255.255.252.0 read '.  

  
'by peername.ip=192.168.8.0%255.255.252.0 read '.   

  
'by peername.ip=192.168.4.0%255.255.252.0 read '.   

  
'by peername.ip=127.0.0.1 read '.   

  
'by peername.ipv6=::1 read '.   

  
'by peername.path=/var/run/slapd/ldapi read '.  

  
'by * none ',   

  


  
I have a ipv6 network 2002:3cf1:f856::/48 but I can't seem to put in

  
'by peername.ipv6=2002:3cf1:f856::%48 read '.   

  


  
do I need to write out a complete mask

Re: Some openldap 2.4 questions

2010-01-14 Thread Howard Chu

Radosław Antoniuk wrote:
 Hi,
 
 Three quick issues about slapd 2.4.
 
 1. I'm setting up a syncrepl replication. In the process of testing, I had
 added three syncprov overlays instead of one, and I ended up with:

 The thing is, that I cannot delete any of them because cn=config does not
 support delete operation.
 Is this ok to leave it as is? or any workaround to get rid of the unwanted 
 ones?

Since it's just a test installation, your best action is to delete it all and
start over with the correct LDIF.

 2. About N-Way replication... What's the best authentication to use? Because
 (1) RootDN is the admin, and (2) in simple authentication I would store 
 cleartext
 password in the syncrepl configuration, I'm assuming that (3) the best here 
 would
 be to use some SASL mech?

What do any of these 3 points have to do with each other, let alone with N-way
replication?

 3. Assuming a running normal replication(master-slave) with refreshAndPersist,
 is there any method of checking of the status of the replication? like show
 slave status in MySQL. I have tested it with cutting the transmission by
 iptables, and ok, it caught up after reconnection, but the master did not
 complain at all when the connection was not there...

If you had read the docs http://www.openldap.org/doc/admin24/replication.html
you wouldn't need to ask such questions.

-- 
  -- Howard Chu
  CTO, Symas Corp.   http://www.symas.com
  Director, Highland Sun http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

Debian Lenny and Openldap installation Problem?

2.4.19 freezed at Debian Lenny

Some openldap 2.4 questions

Some openldap 2.4 questions

Re: Unable to Search/Authenticate Users

Need help setting up n-way + cn=config

Re: Some openldap 2.4 questions

7 matches

Site Navigation

Mail list logo

Footer information