On 08/15/2012 10:27 PM, Emmanuel Lécharny wrote:
Then can you provide an example of base64 encoded value that we can
evaluate ?
May be you can provide an example which will show plain text password?
--
sergio.
Hello, Wes.
I'm not a programmer by any stretch of the imagination but it appears
to me that the LDIF generator is hard-coded to always base64-encode
the userPassword value.
Yes, looks you're right.
I don't see any justification in the file for doing so, but the RFC
says any value MAY be
sergio wrote:
I don't see any justification in the file for doing so, but the RFC
says any value MAY be encoded. I think Michael's advice is very
prudent.
MAY be encoded, yes. This means that ldapsearch or slapcat can output
all values base-64 encoded. But it's very inconvenient. When
Le 8/16/12 7:49 AM, sergio a écrit :
On 08/15/2012 10:27 PM, Emmanuel Lécharny wrote:
Then can you provide an example of base64 encoded value that we can
evaluate ?
May be you can provide an example which will show plain text password?
What are you talking about ?
You have asked that
Hi Howard,
2012/8/15 Howard Chu h...@symas.com:
Karsten Heymann wrote:
I know this is difficult to answer, but is the mdb backend as it comes
in 2.4.32 ready for a productive master-master setup with somewhat
less tham 1mio entries?
[...]
But feature-wise back-mdb is complete, and we know
On 08/16/2012 11:07 AM, Howard Chu wrote:
*Ignorance* is inconvenient. What does any of this have to do with
pass-through authentication? When slapd handles an authentication it uses the
binary value. base64 has nothing to do with it.
Under pass-through authentication I mean magic tokens for
On 08/16/2012 11:33 AM, Emmanuel Lécharny wrote:
You have asked that openLDAP not to encode the UserPassword value, when
OpenLDAP does *not* encode anything.
Sorry, I should write slapcat or ldapsearch in the original letter.
The value is *always* store in binary format. This is the
On Thu, 16 Aug 2012, JET JETASIK wrote:
From truss during simple bind, I can see it read the radius.conf and
sendto() my radius server, also got recvfrom() it, but nothing hit my radius
server actually.
Below is output of truss -p slapd_pid
Honestly, that looks like it *is* working from the
I am trying to write acl statements that implement to following scenario:
with the exception of cn=radius,ou=sa,dc=test,dc=com every user should
be able to see all objects under ou=users,dc=test,dc=com.
cn=radius,ou=sa,dc=test,dc=com should only see objects under
Hi All,
I'm pretty sure that this isn't possible, but wanted to check as my
head hurts now.
I guess I'll need to re-work my DIT then to make this design sane.
Thanks.
I have dynamic lists using slapo-dynlist with the Organization
attribute of 'o' and I am trying to keep my DIT as flat as
Aaron Richton wrote:
On Thu, 16 Aug 2012, JET JETASIK wrote:
From truss during simple bind, I can see it read the radius.conf and
sendto() my radius server, also got recvfrom() it, but nothing hit my
radius server actually.
Below is output of truss -p slapd_pid
Honestly, that looks
On Thu, 16 Aug 2012, JET JETASIK wrote:
[2012/08/16|14:06:22.578125][02492][MINOR][ValidationTask::getNASLocationFro
mPacket] No NAS-IP or NAS-Identifier attribute found.
[2012/08/16|14:06:22.578125][02492][MAJOR][ValidationTask::routePacket]
Rejecting RADIUS request due to missing NAS
Aaron Richton wrote:
On Thu, 16 Aug 2012, JET JETASIK wrote:
[2012/08/16|14:06:22.578125][02492][MINOR][ValidationTask::getNASLocat
ionFro mPacket] No NAS-IP or NAS-Identifier attribute found.
[2012/08/16|14:06:22.578125][02492][MAJOR][ValidationTask::routePacket
] Rejecting RADIUS
I cannot seem to find anything helpful about this issue. I had it working
before when I first setup OpenLDAP and I have not changed any settings
since then. The only thing I can seem to find is suggestion saying to use
-x when running ldappasswd. When I use -x I get the error below
Result:
On 08/16/12 14:06 -0700, Jeffrey Parker wrote:
I cannot seem to find anything helpful about this issue. I had it working
before when I first setup OpenLDAP and I have not changed any settings
since then. The only thing I can seem to find is suggestion saying to use
-x when running ldappasswd.
Hello List,
is it OK to glue a database via replication from different suffixes together?
What I tried:
syncreplrid=010
16 matches
Mail list logo