Re: Recommended BerkeleyDB version?
Hi Quanah, thanks for the answer. If I would like to stay up-to-date with this information, where can I find it? I saw this url http://www.openldap.org/doc/admin24/appendix-recommended-versions.html but it still lists BDB versions 4.4 through 4.7. Thanks again Marco On Mon, Sep 20, 2010 at 5:35 PM, Quanah Gibson-Mount qua...@zimbra.comwrote: --On Monday, September 20, 2010 9:35 AM +0200 Marco Pizzoli marco.pizz...@gmail.com wrote: Hi all, I would like to know if is there a recommended version of BerkeleyDB to be used with OpenLDAP. Days ago, on this mailing list, I read comments about 4.8.30. On the Oracle site I see there are also: - 5.0.21 - 5.0.26 - 5.1.19 5.0.x has not yet been heavily tested with OpenLDAP. Recommended versions remain 4.6.x through 4.8.x, as long as you have all patches applied for 4.6 4.7. --Quanah -- Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc Zimbra :: the leader in open source messaging and collaboration -- _ Non è forte chi non cade, ma chi cadendo ha la forza di rialzarsi. Jim Morrison
Automate Create Home Directory
Hi, i'm testing a new openldap server, and i have everything set, i can add users, groups, and log on in differents machines with the same user. Everything works fine. but i have a problem, i have to create the home directory for each new user on each new machine that I log on. is there a way that this process can be automatic?. Ideas?
Re: Automate Create Home Directory
Hi On Mon, Sep 20, 2010 at 11:25 PM, Alejandro Rodriguez Luna el_alexl...@yahoo.com.mx wrote: Hi, i'm testing a new openldap server, and i have everything set, i can add users, groups, and log on in differents machines with the same user. Everything works fine. but i have a problem, i have to create the home directory for each new user on each new machine that I log on. is there a way that this process can be automatic?. Ideas? I googled for 'openldap automatically create home directories' and found http://www.rjsystems.nl/en/2100-openldap-client.php HTH Regardfs, Serge Fonville http://www.sergefonville.nl Convince Google!! They need to support Adsense over SSL https://www.google.com/adsense/support/bin/answer.py?hl=enanswer=10528 http://www.google.com/support/forum/p/AdSense/thread?tid=1884bc9310d9f923hl=en
Re: Automate Create Home Directory
On 20-9-2010 23:25, Alejandro Rodriguez Luna wrote: Hi, i'm testing a new openldap server, and i have everything set, i can add users, groups, and log on in differents machines with the same user. Everything works fine. but i have a problem, i have to create the home directory for each new user on each new machine that I log on. is there a way that this process can be automatic?. Ideas? pam_mkhomedir.so http://www.boosten.org/creating-my-own-ldap-directory-part-3/ Peter -- http://www.boosten.org
How to slapadd cn=config
Dear list! If I have an LDIF backup of a cn=config database, taken with slapcat, how would I use it to bootstrap a new server, for example, in a desaster recovery setting? I tried it and slapadd required a configuration, but cn=config *is* the configuration and I am trying to restore it. So this is a bit of a chicken and egg problem, isn't it? Is there an official way of doing that? Regards, Torsten
Re: How to slapadd cn=config
Torsten Schlabach (Tascel eG) wrote: Dear list! If I have an LDIF backup of a cn=config database, taken with slapcat, how would I use it to bootstrap a new server, for example, in a desaster recovery setting? I tried it and slapadd required a configuration, but cn=config *is* the configuration and I am trying to restore it. So this is a bit of a chicken and egg problem, isn't it? It looked that way, when we started designing this 4 years ago. But yes, we have a solution. Is there an official way of doing that? Exactly the same way as you slapcat'd it. What was the exact command line you used for slapcat? -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
Re: How to slapadd cn=config
Hi Robert! Slapd, etc. needs an /etc/openldap/slapd.conf file Well, either an /etc/openldap/slapd.conf file *or* a cn=config database, I guess. Ok, maybe a possible trick is to have a minimal slapd.conf file which just declares a cn=config database to be able to load it that way. In that case, a cut paste example somewhere would come in handy. But I understand that in OpenLDAP 2.5 they think about doing away with slapd.conf entirely. This would then break your approach again. Maybe Howard will explain a bit better what he meand by slapadd the same way you slapcat. Regards, Torsten On Tue, 21 Sep 2010 07:54:13 -0400, Robert Heller hel...@deepsoft.com wrote: At Tue, 21 Sep 2010 10:35:32 + Torsten Schlabach (Tascel eG) tschlab...@tascel.net wrote: Dear list! If I have an LDIF backup of a cn=config database, taken with slapcat, how would I use it to bootstrap a new server, for example, in a desaster recovery setting? I tried it and slapadd required a configuration, but cn=config *is* the configuration and I am trying to restore it. So this is a bit of a chicken and egg problem, isn't it? Is there an official way of doing that? Slapd, etc. needs an /etc/openldap/slapd.conf file, which contains some root-level (eg bootstrap) configuration. You need to copy this file from the original server to the replacement server, and possibly edit it slightly (depending on how much of a 'clone' you are making, eg stuff like server IP numbers, hostnames, etc.). Regards, Torsten -- Robert Heller -- Get the Deepwoods Software FireFox Toolbar! Deepwoods Software-- Linux Installation and Administration http://www.deepsoft.com/ -- Web Hosting, with CGI and Database hel...@deepsoft.com -- Contract Programming: C/C++, Tcl/Tk
Re: How to slapadd cn=config
On Tuesday 21 September 2010 13:55:08 Torsten Schlabach (Tascel eG) wrote: Hi Howard! Exactly the same way as you slapcat'd it. I don't actually understand ... ?? What was the exact command line you used for slapcat? slapcat -b 'cn=config' Then try: slapadd -F empty/slapd.d/directory -bcn=config -l ldiffile Regards, Torsten [..] -- Ralf
Re: How to slapadd cn=config
Hi Ondrej! You're right, it's a classic RTFM: From the slapadd man page: -n dbnum Add entries to the dbnum-th database listed in the configuration file. The -n cannot be used in conjunction with the -b option. To populate the config database slapd-config(5), use -n 0 as it is always the first database. It must physically exist on the filesystem prior to this, however. I tried -b 'cn=config' instead of -n 0, which is semantically the same, but not technially. Problem solved, I think. Regards, Torsten On Tue, 21 Sep 2010 14:45:33 +0200, Ondrej Kuznik ondrej.kuz...@acision.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/21/2010 02:23 PM, Torsten Schlabach (Tascel eG) wrote: Hi Robert! Slapd, etc. needs an /etc/openldap/slapd.conf file Well, either an /etc/openldap/slapd.conf file *or* a cn=config database, I guess. Ok, maybe a possible trick is to have a minimal slapd.conf file which just declares a cn=config database to be able to load it that way. In that case, a cut paste example somewhere would come in handy. But I understand that in OpenLDAP 2.5 they think about doing away with slapd.conf entirely. This would then break your approach again. Maybe Howard will explain a bit better what he meand by slapadd the same way you slapcat. I asked a similar question on the #openldap irc channel some time ago, the advice was to use: slapadd -n0 -l slapdconfig.ldif -F /path/to/new/slapd.d (the directory /path/to/new/slapd.d must already exist and should be an empty directory) That way you need no prior configuration in the form of slapd.conf. Ondra -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkyYqO0ACgkQ9GWxeeH+cXv1QACdHgrI5G/W760M2QCJ1PKiHbNM lIIAn0wiPptdEEcCftO5gBDPk01dQcMi =h2Z3 -END PGP SIGNATURE- This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
Undefined attribute type (17)
Hi, I am getting the following error when trying to modify an entry via the ldapmodify command Any help would be appreciated, Thanks, Mike c:\open-ldap\OpenLDAPldapmodify -f useradd1.ldif -v -D cn=Manager,dc=loda,dc=l ocal -w secret ldap_initialize( DEFAULT ) replace change-type: modify replace add: uid replace uid: larry modifying entry cn=Larry Anderson, dc=loda, dc=local modify complete ldap_modify: Undefined attribute type (17) additional info: change-type: attribute type undefined The LDIF file looks like dn: cn=Larry Anderson, dc=loda, dc=local change-type:modify add:uid uid:larry The current entry in the database dn: cn=Larry Anderson,dc=loda,dc=local cn: Larry Anderson objectClass: person sn:: QW5kZXJzb24gICAgICAgICAg structuralObjectClass: person entryUUID: 91801ba1-103b-4277-85fc-56dfa2ae0bd7 creatorsName: cn=Manager,dc=loda,dc=local modifiersName: cn=Manager,dc=loda,dc=local createTimestamp: 20100915201014Z modifyTimestamp: 20100915201014Z entryCSN: 20100915201014Z#01#00#00 http://www.arraynetworks.net/entry.asp?PageID=395 image001.jpg
RE: Undefined attribute type (17)
Thanks much -Original Message- From: openldap-technical-boun...@openldap.org [mailto:openldap-technical-boun...@openldap.org] On Behalf Of Emmanuel Lecharny Sent: Tuesday, September 21, 2010 11:04 AM To: openldap-technical@openldap.org Subject: Re: Undefined attribute type (17) On 9/20/10 5:00 PM, Michael Ostrowski wrote: Hi, I am getting the following error when trying to modify an entry via the ldapmodify command Any help would be appreciated, The uid AttributeType is not allowed for an entry with the person ObjectClass. -- Regards, Cordialement, Emmanuel Lécharny www.iktek.com
Re: Filter on higher rdn and read lower rdn attributes
Under the circumstance, I am thinking that one way to go about getting the required attribute data is to add 'accessFlag' attribute at the required rdn. This is going to be duplicate piece of data and any updates to 'accessFlag', would now result in two updates. However, I will be able to save multiple reads. In my scenario, we do lot more reads than the updates on the 'accessFlag' field. If you're confident you can keep those flags in sync, then it's probably the easiest way to go. p.
slapo-rwm : concatenate rule
Hi, I would like to create a rewrite rule with slapo-rwm using back-relay to concatenate two different attributes in an other one? Something like this with an approximate syntax: map attribute cn concat(givenName sn) or with Perl syntax: map attribute cn $givenName $sn Is it possible to do this with rewriteRules directives? Thanks for help, -- Anthony Milan
Re: Recommended BerkeleyDB version?
--On Wednesday, September 22, 2010 9:36 AM +1200 Ian Collins i...@ianshome.com wrote: Is there any formal testing documented? I inadvertently built my servers with 5.0.21 and they are running well. I'd be happy to run tests on my development host. End-user reports of issues encountered or not. The OpenLDAP test suite does basic testing, but a lot of times issues in Berkeley DB only surface under load or unusual circumstances. --Quanah -- Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc Zimbra :: the leader in open source messaging and collaboration