Hi,
I used to build newer versions of openldap on openSuSE Build Service
derived from the ones at network:ldap (from Ralf Haferkamp; which is
stuck at .33). I did this for 2.4.33, .34 and .35.
When I tried to build 2.4.36 something changed (at the build service?)
and now my builds - even
Caveat with using ppolicy to sync pwdfailures, etc:
I've failed in my attempts to get both of the following to work at same time:
1) passwords are actually checked (vs anything submitted for password will work)
2) and getting ppolicy pwdfailures to replicate from slaves to the master
Obviously
Regarding #2, you do have ppolicy_forward_updates enabled in your
configuration, correct?
-Michael Proto
On Wed, Sep 18, 2013 at 1:02 PM, Chris Jacobs chris.jac...@apollogrp.eduwrote:
Caveat with using ppolicy to sync pwdfailures, etc:
I've failed in my attempts to get both of the
Did; didn't work without other options which then resulted in the defeat of the
purpose of passwords.
See: http://www.openldap.org/lists/openldap-technical/201005/msg1.html
The configs in that message (from May 2010) weren't the only configs I tried,
but it seemed the most correct as a
From: Quanah Gibson-Mount [mailto:qua...@zimbra.com]
slapo-auditlog?
From the documentation, it looks like that only logs changes, not
accesses/binds?
slapo-accesslog?
That is one of the options I mentioned in my initial inquiry, it's just
going to induce a bit more overhead than I would
--On Wednesday, September 18, 2013 11:03 AM -0700 Chris Jacobs
chris.jac...@apollogrp.edu wrote:
http://www.openldap.org/lists/openldap-technical/201005/msg1.html
The configs in that message (from May 2010) weren't the only configs I
tried, but it seemed the most correct as a starting
Paul B. Henson wrote:
our security group is pushing us to enable failed login lockout
..which will stupidly open a DoS attack vector...
Ciao, Michael.
smime.p7s
Description: S/MIME Cryptographic Signature
I've started testing an LDAP server here using MDB and ran across a
few caveats that might be of use to others looking into using it. But
first off, let me say a hearty THANKS to anyone who's contributed to it.
In this first OpenLDAP server I've converted over to MDB it's
*dramatically*
--On Wednesday, September 18, 2013 2:01 PM -0600 Brent Bice bb...@sgi.com
wrote:
On a SLES11 system, for instance with the 2.6.32.12
kernel
This is because the SLES folks seem to love to seek out ways to break
things for servers. I'm not really sure why they call themselves an
enterprise
Brent Bice wrote:
I've started testing an LDAP server here using MDB and ran across a
few caveats that might be of use to others looking into using it. But
first off, let me say a hearty THANKS to anyone who's contributed to it.
In this first OpenLDAP server I've converted over to MDB it's
On 09/18/2013 02:26 PM, Quanah Gibson-Mount wrote:
This is because the SLES folks seem to love to seek out ways to break
things for servers. I'm not really sure why they call themselves an
enterprise server product anymore. It is trivial to fix this:
ulimit -v unlimited
I didn't think it
--On Wednesday, September 18, 2013 2:41 PM -0600 Brent Bice bb...@sgi.com
wrote:
On 09/18/2013 02:26 PM, Quanah Gibson-Mount wrote:
This is because the SLES folks seem to love to seek out ways to break
things for servers. I'm not really sure why they call themselves an
enterprise server
From: Michael Ströder [mailto:mich...@stroeder.com]
Paul B. Henson wrote:
our security group is pushing us to enable failed login lockout
..which will stupidly open a DoS attack vector...
Preaching to the choir on that one, my friend. I already promised our ISO
that the day we turn it on
Hi
I tried to use ciphers that bring PFS for OpenLDAP, but it did not work.
I used this cipher specification:
TLSCipherSuite ECDH:DH:!SHA:!MD5:!aNULL:!eNULL
I test it this way:
for i in `openssl ciphers ALL|tr ':' '\n'` ; do
echo ''|openssl s_client -cipher $i -connect server:636 \
14 matches
Mail list logo
