Re: Multimaster replication of cn=config working too well?!

Mark Cairney wrote: Hi, Has anyone experienced problems with the cn=config directory syncing the same change across all nodes and breaking the configuration? In the past I've had problems where the syncrepl parameters are synced across all nodes, including that node itself, which results in

Re: Handling slapd.d in OpenLDAP and Kerberos

Jaap Winius wrote: Quoting sarathkrishn...@gmail.comsarathkrishn...@gmail.com: For authenticating via OpenLDAP, the principles needs to be rewritten (using authz-policy and authz-regexp). We know how to do that in older version of OpenLDAP which had (slapd.conf) but don't know how to do the

slapd.conf for proxy to AD

Hi, Like a lot of people I guess, I'm having trouble configuring slapd to work as a proxy server in front of Microsoft's Active Directory. AD in this case is configured to refuse to allow anonymous searches but I want to allow anonymous searches on the proxy. Therefore the configuration

tls_checkpeer directive

I'm running openldap-2.3.43-12.el5 on a RHEL 5.5 system: I believe I have TLS encryption working but I'd like to be able to verify my client connections. On my LDAP server I have the following in slapd.conf TLSCipherSuite HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3 TLSCertificateFile

DB_CONFIG - Auto remove logs

This may have been discussed, but i can not seem to find out why the transaction logs are not getting removed when I use DB_LOG_AUTOREMOVE in DB_CONFIG. This is on a Redhat 5 openldap 2.3 server. DB_CONFIG has the following: set_lg_dir /var/lib/ldap/bdblogs set_flags DB_LOG_AUTOREMOVE Doing

Re: slapd.conf for proxy to AD

Just to elaborate on some of my own points below: Like a lot of people I guess, I'm having trouble configuring slapd to work as a proxy server in front of Microsoft's Active Directory. AD in this case is configured to refuse to allow anonymous searches but I want to allow anonymous searches on

Re: DB_CONFIG - Auto remove logs

On Tuesday, 8 February 2011 23:48:02 l...@mm.st wrote: This may have been discussed, but i can not seem to find out why the transaction logs are not getting removed when I use DB_LOG_AUTOREMOVE in DB_CONFIG. This is on a Redhat 5 openldap 2.3 server. DB_CONFIG has the following: set_lg_dir

Re: slapd.conf for proxy to AD

On Wednesday, 9 February 2011 01:13:38 masar...@aero.polimi.it wrote: As far as I recall, what you need is not possible. You can: - have authenticated users proxied with their identity asserted, or - all users, including unauthenticated ones auth'd as a fixed identity but not both.