Am Tue, 04 Jan 2011 21:59:52 +0100
schrieb Thomas D. Dahlmann domi...@domingo.dk:
something like:
ldapmodify -D cn=config -W -H ldap://some.host
dn:olcDatabase={1}hdb,cn=config
changetype: modify
replace: olcAccess
olcAccess: {1} to dn.subtree=ou=addressbook,dc=example,dc=net by
Am Tue, 4 Jan 2011 16:52:06 +
schrieb rui guidevelo...@gmail.com:
Hi
I am trying to enable tls based session with openldap from a client. I
created a self signed certificate based on command from
http://www.openldap.org/pub/ksoper/OpenLDAP_TLS.html#4.1
My server.pem file is in
Hello,
I'd like to know what the meaning of LDAP_OPT_RESTART is and how it
works? Is there someone here who could shed some light on this for me?
First of all: next to the description in the manual is a FIXME and
it doesn't say what needs to be fixed exactly. Second of all: I've
tried my
I apologize if I am posting to the wrong group. I am currently trying to
configure v2.4.23 with the --enable-ipv6 and I get back the following error:
configure: error: IPv6 support requires getaddrinfo() and inet_ntop()
I was able to get around the getaddrinfo() by defining _WIN32_WINNT 0x501.
Hi,
Please help me or tell - if this is possible to make this one?
I fight with this 2 days and I can't found resolve.
Thanks!
BR,
Rafal
Hi,
The is not readable by ldap error happens when i start ldap using
/etc/rc.d/init.d/ldap restart
These three lines are the source of the problem, if i remove them then
no warning message on restart.
TLSCACertificateFile server.pem
TLSCertificateFile server.pem
On Tue, Jan 04, 2011 at 05:44:25PM +0200, E.S. Rosenberg wrote:
How do I get to see the contents of cn=config?
Things I have tried:
ldapsearch -b cn=config -D cn=admin,dc=mydomain -W
ldapsearch -x cn=config
ldapsearch -D cn=admin,dc=mydomain -W cn=config
Some help/pointers
Hi folks,
Compiling the Debian sources for the OpenLDAP packages can take over
an hour on my relatively fast workstation. Much of that time seems to
be spent running a slapd server with all kinds of test routines. Is
that what's actually going on? Whatever, perhaps someone could explain.
Hi folks,
Compiling the Debian sources for the OpenLDAP packages can take over
an hour on my relatively fast workstation. Much of that time seems to
be spent running a slapd server with all kinds of test routines. Is
that what's actually going on? Whatever, perhaps someone could explain.
On Wed, 5 Jan 2011, Jaap Winius wrote:
Hi folks,
Compiling the Debian sources for the OpenLDAP packages can take over an hour
on my relatively fast workstation. Much of that time seems to be spent
running a slapd server with all kinds of test routines. Is that what's
actually going on?
Hi all,
I would like to know if is it possibile to have accesslog overlay to write
to a remote ldap server.
I have 2 OL instances and I would like to aggregate accesslog data on 1
server dedicated to serve accesslog query.
Thanks in advance
Marco
--
_
Hi,
I have problem with OpenLdap and permission to file.
---
First - I set this in my slapd.conf:
overlay dynlist
dynlist-attrset labeledURIObject labeledURI
---
Second - I make cn=test,ou=Projects,dc=example,dc=com with:
dn: cn=test,ou=Projects,dc=example,dc=com
gidNumber:
Hi all,
I would like to know if is it possibile to have accesslog overlay to
write
to a remote ldap server.
I have 2 OL instances and I would like to aggregate accesslog data on 1
server dedicated to serve accesslog query.
In principle, yes (not tested). Log to an ldap database pointing
Am Wed, 5 Jan 2011 13:07:48 +
schrieb rui guidevelo...@gmail.com:
Hi,
The is not readable by ldap error happens when i start ldap using
/etc/rc.d/init.d/ldap restart
These three lines are the source of the problem, if i remove them
then no warning message on restart.
Hi list,
I've been fighting with ACLs for quite a bit now and most things seems
to work but I not quite everything I need. I am using OpenLDAP 2.4.21
(2.4.21-0ubuntu5.3) on Ubuntu 10.04.
A DN for a typical user looks like this (horribly long):
I read manual for slapo-dynlist and I tried found sth. about autogroup.
Can you show my some example to this?
Or this is possible to make that dyngroup and posixGroup in linux?
Please keep replies on the list. Dyngroup works exactly like dynlist, as
far as I remember. I know little about
Quoting masar...@aero.polimi.it:
Perhaps someone at Debian could. You need to explicitly request make
test to run the test suite using OpenLDAP's make. That's all that ships
with OpenLDAP. The rest isn't ours.
I think I found the cause. It's the last three lines in Makefile.in
(Apr 13
--On Wednesday, January 05, 2011 6:22 PM +0100 Jaap Winius
jwin...@umrk.nl wrote:
Quoting masar...@aero.polimi.it:
Perhaps someone at Debian could. You need to explicitly request make
test to run the test suite using OpenLDAP's make. That's all that ships
with OpenLDAP. The rest isn't
Quoting masar...@aero.polimi.it:
Perhaps someone at Debian could. You need to explicitly request make
test to run the test suite using OpenLDAP's make. That's all that
ships
with OpenLDAP. The rest isn't ours.
I think I found the cause. It's the last three lines in Makefile.in
(Apr 13
LinkedIn
Alejandro Leyva requested to add you as a connection on LinkedIn:
--
Edward,
I'd like to add you to my professional network on LinkedIn.
- Alejandro Leyva
Accept invitation from Alejandro Leyva
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/05/11 20:34, Alejandro Leyva via LinkedIn wrote:
LinkedIn
Alejandro Leyva requested to add you as a connection on LinkedIn:
--
Edward,
I'd like to add you to my professional network on
cn=config has its own rootdn, olcDatabase={0}cn=config, if not
configured, it should be cn=config
That was it. I missed out on the fact that there are multiple rootdn's.
Rebuilding my structure and login in with right rootdn did the job.
Thank you all for your input ;-)
-Dieter
Hi,
I have the same problem. Did you find resolve for this?
Thanks for help.
BR,
Rafal Kaminski
slapo-dynlist(5) only allows direct membership, not reverse. Read the man
page: when an entry with a specific objectClass is being returned, URL
expansion may take place. So if you *search* with a dynamic member in the
filter, nothing is returned. What you are trying to accomplish cannot be
Hi, sorry that it took me a while to reply.
So I do have the config backend, since debian moved me over automatically.
So far the slapcat method has been working very nicely for me.
Another question I ran into is how do you edit cn=config, by default I have
not been able to figure out.
I have so
E.S. Rosenberg wrote:
Hi, sorry that it took me a while to reply.
So I do have the config backend, since debian moved me over automatically.
So far the slapcat method has been working very nicely for me.
Another question I ran into is how do you edit cn=config, by default I have
not been able
Hi, sorry that it took me a while to reply.
So I do have the config backend, since debian moved me over automatically.
So far the slapcat method has been working very nicely for me.
Another question I ran into is how do you edit cn=config, by default I
have
not been able to figure out.
I
Andreas Ntaflos wrote:
So what do I need to do so users can specify dc=example,dc=com as
search base and traverse the directory tree down to their own DN entry?
Read the Operation Requirements section of slapd.access(5).
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
2011/1/4 Quanah Gibson-Mount qua...@zimbra.com:
--On Tuesday, January 04, 2011 1:43 AM +0100 Steeg Carson
steeg.car...@googlemail.com wrote:
I simulate this on my database just right now:
I suggest you read:
http://www.openldap.org/lists/openldap-technical/201011/msg00146.html
to
Steeg Carson wrote:
2011/1/4 Quanah Gibson-Mountqua...@zimbra.com:
--On Tuesday, January 04, 2011 1:43 AM +0100 Steeg Carson
steeg.car...@googlemail.com wrote:
I simulate this on my database just right now:
I suggest you read:
2011/1/6 Howard Chu h...@symas.com:
Steeg Carson wrote:
2011/1/4 Quanah Gibson-Mountqua...@zimbra.com:
--On Tuesday, January 04, 2011 1:43 AM +0100 Steeg Carson
steeg.car...@googlemail.com wrote:
I simulate this on my database just right now:
I suggest you read:
--On Thursday, January 06, 2011 1:08 AM +0100 Steeg Carson
steeg.car...@googlemail.com wrote:
Can you recommend a good book, where I can read all such things and
understand, how openldap really works? This are all very important
things for design and operation.
Your specific issue isn't a
is there any reason that a posix usernames, groups, passwords, etc. must
be stored in distinct locations in a directory ? I realize this mostly
applies to the padl pam/nis and the libnsspam-ldapd module specific.
can they be stored in other structures effectively and usefully? can
they be
Steeg Carson wrote:
2011/1/6 Howard Chuh...@symas.com:
Steeg Carson wrote:
2011/1/4 Quanah Gibson-Mountqua...@zimbra.com:
--On Tuesday, January 04, 2011 1:43 AM +0100 Steeg Carson
steeg.car...@googlemail.comwrote:
I simulate this on my database just right now:
I suggest you read:
Christ Schlacta wrote:
is there any reason that a posix usernames, groups, passwords, etc. must
be stored in distinct locations in a directory ? I realize this mostly
applies to the padl pam/nis and the libnsspam-ldapd module specific.
can they be stored in other structures effectively and
On 1/5/2011 17:01, Howard Chu wrote:
Christ Schlacta wrote:
is there any reason that a posix usernames, groups, passwords, etc. must
be stored in distinct locations in a directory ? I realize this mostly
applies to the padl pam/nis and the libnsspam-ldapd module specific.
can they be stored
36 matches
Mail list logo