Buchan Milne wrote:
On Thu, 2007-11-15 at 22:51 +, andylockran wrote:
Buchan,
I've just configured slurpd on a couple of servers running of the 2.3 rpms
(latest) of your repo.
When will you be upgrading to 2.4 - and will that mean I should reconfigure my
servers to the new mechanism
Hi,
Based on my experiences with implementing a RFC4533 (synchronization)
client with JLDAP I created a small howto. You can find it on my blog:
http://day-to-day-stuff.blogspot.com/2007/11/howto-extend-ldap-in-java-with-jldap.html.
Have fun,
Erik.
--
Erik van Oosten
Hello,
from reading the AdminGuide and a quick search through the FAQ-o-Matic I
couldn't gather how I'd insert a new ACL between the existing rules 2
and 3...
Do I have to replace the complete olcAccess-Attribute? Or can I somehow
instruct an LDIF - Modify/Add to insert the Value in a specific
Hello.
Howard Chu wrote:
Christian Marg wrote:
from reading the AdminGuide and a quick search through the FAQ-o-Matic I
couldn't gather how I'd insert a new ACL between the existing rules 2
and 3...
Reread section 5.3.6 of the Admin Guide. This has been documented for
more than a year.
I
On Thu, 2007-11-15 at 14:59 -0800, Howard Chu wrote:
...
I suppose we need to update our published roadmap. I don't consider SSS or
VLV
to be particularly important or well-designed features. In fact OpenLDAP has
an RFC-compliant implementation of SSS which is a pure no-op; this is
Hello again,
Christian Marg wrote:
Howard Chu wrote:
In OpenLDAP you would set an equality index on uidNumber and do a query
for, e.g., (uidNumber=2147483647) with sizelimit=1.
Sounds like an intriguing way to find the highest uidNumber, but
1. it doesn't seem to work:
... because
Hello,
Howard Chu wrote:
In OpenLDAP you would set an equality index on uidNumber and do a query
for, e.g., (uidNumber=2147483647) with sizelimit=1.
Sounds like an intriguing way to find the highest uidNumber, but
1. it doesn't seem to work:
ldapsearch -x -W -z1 (uidnumber=65534) uidnumber
#
Christian Marg wrote:
Hello,
Howard Chu wrote:
In OpenLDAP you would set an equality index on uidNumber and do a query
for, e.g., (uidNumber=2147483647) with sizelimit=1.
Sounds like an intriguing way to find the highest uidNumber, but
Sorry I misspoke, I was thinking of something else. We
Clowser, Jeff (Contractor) wrote:
Unknown:
I guess unknown means you couldn't determine the status of support in
slapd.
- RFC 3672 (subentries)
Searching for subentries is supported in slapd. Not sure about whether
subentries are used at all.
- RFC 3909 LDAP Cancel operation
Is
Hi all,
I have problem getting ppolicy working..
I use 2.3.38 version(bichan rpms), and this is a part of my slapd.conf :
--
...
include /usr/share/openldap2.3/schema/ppolicy.schema
moduleload ppolicy.la
moduleload syncprov.la
Smith, Matt wrote:
On Thu, 2007-11-15 at 14:59 -0800, Howard Chu wrote:
...
I suppose we need to update our published roadmap. I don't consider SSS or VLV
to be particularly important or well-designed features. In fact OpenLDAP has
an RFC-compliant implementation of SSS which is a pure no-op;
Dave Horsfall wrote:
On Thu, 15 Nov 2007, Howard Chu wrote:
In OpenLDAP you would set an equality index on uidNumber and do a query
for, e.g., (uidNumber=2147483647) with sizelimit=1.
Why would that return the highest? Or are you counting upon the current
LIFO behaviour and if so, is this
Christian Marg wrote:
Hello,
from reading the AdminGuide and a quick search through the FAQ-o-Matic I
couldn't gather how I'd insert a new ACL between the existing rules 2
and 3...
Reread section 5.3.6 of the Admin Guide. This has been documented for more
than a year.
--
-- Howard Chu
Howard Chu writes:
Imagine I just want to know what's the max uidNumber used in my directory.
actually, i ask the server to give all the uidNumbers and my client sort
them. isn't it an horrible waste of bandwidth ?
In OpenLDAP you would set an equality index on uidNumber and do a query for,
Clowser, Jeff (Contractor) wrote:
Unknown:
I guess unknown means you couldn't determine the status of support in
slapd.
Correct - means _I_ couldn't find it in the faq, admin guide, or man pages
(doesn't mean it wasn't there, just that I couldn't find it :) ).
Thanks for the rest of the
Christian Marg wrote:
Hello.
Howard Chu wrote:
Christian Marg wrote:
from reading the AdminGuide and a quick search through the FAQ-o-Matic I
couldn't gather how I'd insert a new ACL between the existing rules 2
and 3...
Reread section 5.3.6 of the Admin Guide. This has been documented for
Hello,
I am using:
OpenLDAP 2.3.38
on RHEL 4
Back-sql
with MySQL
Quick question. In the ldap_attr_mappings table there is a column
called param_order. I have discovered that if I set it to the default
of 3, that the information is passed to my stored procedures as
attribute value, keyval (id).
from reading the AdminGuide and a quick search through the
FAQ-o-Matic I
couldn't gather how I'd insert a new ACL between the existing rules
2
and 3...
Reread section 5.3.6 of the Admin Guide. This has been documented for
more than a year.
I took my time to read that section, for a third
I see one valuable use for SSS - guaranteed search return order.
Regardless of the sort algorithm, knowing that searches will always
return entries in the same order allows for easy comparison, merge
sorts, or differentials with another list - as in necessary during
the
reconciliation or join
I had this problem in 2.4.6 too. Set 'bindmethod' back to 'simple' add:
TLSVerifyClient try|allow|never
to your global section.
The default TLSVerifyClient value (seems to have) changed from 'never' to
'demand' in 2.4.6.
Mark
Lawrence Strydom writes:
Thanks Howard
I updated my config
From: Hallvard Breien Furuseth [mailto:[EMAIL PROTECTED]
Are you interested in non-RFC features in OpenLDAP that Sun does not
have? First you say yes, then no.
Also, are you interested in clients? The library? Otherwise don't say
just OpenLDAP, since that's both server, libraries and clients.
On Thu, 2007-11-15 at 22:51 +, andylockran wrote:
Buchan,
I've just configured slurpd on a couple of servers running of the 2.3 rpms
(latest) of your repo.
When will you be upgrading to 2.4 - and will that mean I should reconfigure
my servers to the new mechanism now?
The 2.4.6
Clowser, Jeff (Contractor) wrote:
i.e. to get a definitive list of features it's missing that Sun has
and what it has that Sun doesn't have, etc. (...) have just focused
on those associated with 1) RFC compliance (...) and 2) features to
match the Sun DS (which it would be replacing).
Are
Dieter Kluenter wrote:
Hi,
as in the past few years OpenLDAP will be present at the Systems,
Munich, http://www.systems-world.de/
as part of Open Source Community booth. We (Peter Gietz and me) are in
need of *volunteers* to man the booth. Whoever is willing to join the
team may contact either
Howard Chu [EMAIL PROTECTED] writes:
I suppose we need to update our published roadmap. I don't consider
SSS
or VLV to be particularly important or well-designed features. In
fact
OpenLDAP has an RFC-compliant implementation of SSS which is a pure
no-op; this is perfectly compliant because
stefek143 wrote:
Hello
why if i want to add user to base i have error: ldap_add: Invalid DN
syntax (34) , i can't find where can be problem :/ , somebody know which
mistake i do ?
[EMAIL PROTECTED] openldap]# ldapsearch -x -b dc=aaa,dc=ws,dc=com'
# extended LDIF
#
# LDAPv3
# base
--On Friday, November 16, 2007 1:13 PM -0800 Howard Chu [EMAIL PROTECTED]
wrote:
That's a fair statement. I'll note that many companies are doing this
exact same evaluation, it's a well-trodden path. The first several
overlays released in OpenLDAP 2.3 were commissioned by Hewlett-Packard to
Clowser, Jeff (Contractor) wrote:
I'm also looking to feature match the Sun directory server (since that's
what it would be replacing). I need to know that it either supports a
given feature Sun supports, or that it doesn't and we have to determine
how important lack of said function is to us.
Clowser, Jeff (Contractor) wrote:
While I agree with what people are saying about the negatives of SSS and
poor design (such as how do you sort using a multivalued attribute as a
key [which val do you use?] - it generally expects attributes to have a
single value or only uses the first value
quote who=Gavin Henry
Dieter Kluenter wrote:
Hi,
as in the past few years OpenLDAP will be present at the Systems,
Munich, http://www.systems-world.de/
as part of Open Source Community booth. We (Peter Gietz and me) are in
need of *volunteers* to man the booth. Whoever is willing to join the
I'm configuring slapd to use TLS. First I just want to make it work,
then I'll go into requiring encryption.
The system is SLES 9.3
The openldap2 is 2.3.39
Other certifictes are in /etc/ssl/certs as specified by default in
slapd.conf for openldap2 2.3.39.
The database is currently empty, just
--On Friday, November 16, 2007 5:01 PM -0800 Keagle, Chuck
[EMAIL PROTECTED] wrote:
I'm configuring slapd to use TLS. First I just want to make it work,
then I'll go into requiring encryption.
The system is SLES 9.3
The openldap2 is 2.3.39
Other certifictes are in /etc/ssl/certs as specified
32 matches
Mail list logo