Mark Cairney wrote:
Hi,
Has anyone experienced problems with the cn=config directory syncing the same
change across all nodes and breaking the configuration?
In the past I've had problems where the syncrepl parameters are synced
across all nodes, including that node itself, which results in
Jaap Winius wrote:
Quoting sarathkrishn...@gmail.comsarathkrishn...@gmail.com:
For authenticating via OpenLDAP, the principles needs to be rewritten (using
authz-policy and authz-regexp). We know how to do
that in older version of OpenLDAP which had (slapd.conf) but don't know how
to do the
Hi,
Like a lot of people I guess, I'm having trouble configuring slapd to work as a proxy server in
front of Microsoft's Active Directory. AD in this case is configured to refuse to allow
anonymous searches but I want to allow anonymous searches on the proxy. Therefore the
configuration
I'm running openldap-2.3.43-12.el5 on a RHEL 5.5 system:
I believe I have TLS encryption working but I'd like to be able to verify my
client connections.
On my LDAP server I have the following in slapd.conf
TLSCipherSuite HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3
TLSCertificateFile
This may have been discussed, but i can not seem to find out why the
transaction logs are not getting removed when I use DB_LOG_AUTOREMOVE in
DB_CONFIG. This is on a Redhat 5 openldap 2.3 server.
DB_CONFIG has the following:
set_lg_dir /var/lib/ldap/bdblogs
set_flags DB_LOG_AUTOREMOVE
Doing
Just to elaborate on some of my own points below:
Like a lot of people I guess, I'm having trouble configuring slapd to
work as a proxy server in front of Microsoft's Active Directory. AD in
this case is configured to refuse to allow anonymous searches but I want
to allow anonymous searches on
On Tuesday, 8 February 2011 23:48:02 l...@mm.st wrote:
This may have been discussed, but i can not seem to find out why the
transaction logs are not getting removed when I use DB_LOG_AUTOREMOVE in
DB_CONFIG. This is on a Redhat 5 openldap 2.3 server.
DB_CONFIG has the following:
set_lg_dir
On Wednesday, 9 February 2011 01:13:38 masar...@aero.polimi.it wrote:
As far as I recall, what you need is not possible. You can:
- have authenticated users proxied with their identity asserted, or
- all users, including unauthenticated ones auth'd as a fixed identity
but not both.