On Wed, 13 Nov 2013, Ulrich Windl wrote:
It doesn't do cert chain checking so it will accept self-signed certs.
Even if it does cert chain checking, a self-signed certificate will be
accepted! What are you saying?
His use of the phrase cert chain checking was misleading.
With 'allow', the
On Wed, 13 Nov 2013, Ulrich Windl wrote:
Philip Guenther guenther+ldapt...@sendmail.com schrieb am 12.11.2013 um
16:37
in Nachricht alpine.BSO.2.11.1311120655310.19673@morgaine.local:
On Tue, 12 Nov 2013, Jan Synacek wrote:
quoting ldap.conf(5):
TLS_REQCERT level
...
try
Ulrich Windl wrote:
At this point I wonder whether there is some tool you can feed with a
collection of LDAP schemas to find conflicts
You should define in detail what find conflicts means.
and at the end the tool should output the merge of all schemas (without
duplicates).
What should the
On Wed, 13 Nov 2013, Ulrich Windl wrote:
Quanah Gibson-Mount qua...@zimbra.com schrieb am 13.11.2013 um 02:24 in
Nachricht 90CA8980100EF12CE4C38252@[192.168.1.93]:
--On Tuesday, November 12, 2013 6:03 PM -0600 Alex Moen al...@ndtel.com
wrote:
Any advice on this? What would the proper
Philip Guenther guenther+ldapt...@sendmail.com schrieb am 13.11.2013 um
09:25
in Nachricht alpine.BSO.2.11.1311130018240.11726@morgaine.local:
On Wed, 13 Nov 2013, Ulrich Windl wrote:
Quanah Gibson-Mount qua...@zimbra.com schrieb am 13.11.2013 um 02:24 in
Nachricht
Alex Moen wrote:
Hi all,
We are migrating from a Mirapoint OpenLDAP server to a new, Centos
6.4 OpenLDAP server:
[root@ldap1 ~]# /usr/local/openldap/libexec/slapd -V
@(#) $OpenLDAP: slapd 2.4.36 (Aug 21 2013 09:39:54) $
dn: uid=maxUid,dc=europaschule,dc=do,dc=nw,dc=schule,dc=de
objectClass: top
objectClass: inetOrgPerson
objectClass: extensibleobject
uid: maxUid
uidNumber: 55083
sn: maxUid
cn: maxUid
--
Harry Jede
On 11/13/2013 08:20 AM, Ulrich Windl wrote:
Philip Guenther guenther+ldapt...@sendmail.com schrieb am 12.11.2013 um
16:37
in Nachricht alpine.BSO.2.11.1311120655310.19673@morgaine.local:
On Tue, 12 Nov 2013, Jan Synacek wrote:
quoting ldap.conf(5):
TLS_REQCERT level
...
tryThe
On 11/12/2013 04:37 PM, Philip Guenther wrote:
On Tue, 12 Nov 2013, Jan Synacek wrote:
quoting ldap.conf(5):
TLS_REQCERT level
...
tryThe server certificate is requested. If no certificate is
provided, the session proceeds normally. If a bad certificate is
provided, the session
On 11/12/2013 07:24 PM, Quanah Gibson-Mount wrote:
--On Tuesday, November 12, 2013 6:03 PM -0600 Alex Moen
al...@ndtel.com wrote:
Any advice on this? What would the proper way to fix it be?
Add a structural objectClass to the entry. All objects are required to
have a basic structural
Hi,
We are running 2 replicas one local and the other is remote. When there is a
network interruption replication fails and I have to delete the entire database
in the remote replica, and let it re-synch again.
Is there a way to make the remote continue its replication after the network
On Wed, 13 Nov 2013, Darouichi, Aziz wrote:
Hi,
We are running 2 replicas one local and the other is remote. When there is a
network interruption replication fails and I have to delete the entire database
in the remote replica, and let it re-synch again.
Is there a way to make the remote
Hi Aaron,
I do have keep alive in the slapd.conf:
syncrepl rid=006
provider=ldap://192.168.19.43
tls_cert=/etc/pki/tls/certs/ldap-tls.curry.edu.cert.pem
tls_key=/etc/pki/tls/private/ldap-tls.curry.edu.key.pem
tls_cacert=/etc/pki/tls/certs/cacert.pem
tls_reqcert=demand
Am 13.11.2013 um 16:11 schrieb Denny Fuchs linuxm...@4lin.net:
{4}to dn.regex=^(.+,)?ou=services,ou=(.+,)?dc=example,dc=com$
by * none
changed this rule to:
{3}to dn.regex=^(.+,)?ou=mail,ou=services,ou=(.+)?,dc=example,dc=com$
by dn.regex=cn=mail,ou=roles,ou=$2,dc=example,dc=com read
now,
--On Wednesday, November 13, 2013 10:09 AM -0500 Darouichi, Aziz
adaro...@post03.curry.edu wrote:
Hi Aaron,
I do have keep alive in the slapd.conf:
syncrepl rid=006
provider=ldap://192.168.19.43
tls_cert=/etc/pki/tls/certs/ldap-tls.curry.edu.cert.pem
Sorry if I neglected to include that info in my original email.
Local Openldap is running 2.4.23
Remote is running 2.4.33
-Original Message-
From: Quanah Gibson-Mount [mailto:qua...@zimbra.com]
Sent: Wednesday, November 13, 2013 11:07 AM
To: Darouichi, Aziz; Aaron Richton
Cc:
--On Wednesday, November 13, 2013 11:33 AM -0500 Darouichi, Aziz
adaro...@post03.curry.edu wrote:
Sorry if I neglected to include that info in my original email.
Local Openldap is running 2.4.23
Remote is running 2.4.33
Upgrade your local openldap first.
--Quanah
--
Quanah Gibson-Mount
Am Wed, 13 Nov 2013 16:11:03 +0100
schrieb Denny Fuchs linuxm...@4lin.net:
hi,
I plan the new ACL layout for our Wheezy LDAP server.
Our layout:
Main suffix: dc=example,dc=com
than the first department:
ou=department1,dc=example,dc=com
ou=people,ou=department1,dc=example,dc=com
Is it necessary to upgrade? I have to take my case to Management...
-Original Message-
From: Quanah Gibson-Mount [mailto:qua...@zimbra.com]
Sent: Wednesday, November 13, 2013 12:06 PM
To: Darouichi, Aziz; Aaron Richton
Cc: openldap-technical@openldap.org
Subject: RE: Replication
--On Wednesday, November 13, 2013 1:02 PM -0500 Darouichi, Aziz
adaro...@post03.curry.edu wrote:
Is it necessary to upgrade? I have to take my case to Management...
Well, that depends. Do you want syncrepl to work, or do you want it to not
work? I strongly advise you to read the
Hi.
I have properly runnig setup of three multimaster OpenLDAP servers (version
2.4.36 from ltb project) with bdb database backend. Everything was working
flawless so I decided to try out ‚new shiny' mdb database with the same
configuration - the only thing I changed was removing ‚cache’
Aleksander Dzierżanowski wrote:
Hi.
I have properly runnig setup of three multimaster OpenLDAP servers (version
2.4.36 from ltb project) with bdb database backend. Everything was working
flawless so I decided to try out ‚new shiny' mdb database with the same
configuration - the only thing I
Well, it looks like using single user for replication is bad idea for MDB.
debug log:
slapd[23170]: do_bind: version=3 dn=cn=repmgr,ou=ldapusers,o=test1 method=128
slapd[23170]: daemon: epoll: listen=7 active_threads=0 tvp=zero
slapd[23170]: = mdb_entry_get: ndn: cn=repmgr,ou=ldapusers,o=test1
--On Wednesday, November 13, 2013 11:01 PM +0100 Aleksander Dzierżanowski
o...@e-lista.pl wrote:
Well, it looks like using single user for replication is bad idea for MDB.
debug log:
slapd[23170]: do_bind: version=3 dn=cn=repmgr,ou=ldapusers,o=test1
method=128 slapd[23170]: daemon: epoll:
Quanah Gibson-Mount qua...@zimbra.com schrieb am 13.11.2013 um 19:07 in
Nachricht 58534BED9C430B31FE4F6B5E@[192.168.1.93]:
--On Wednesday, November 13, 2013 1:02 PM -0500 Darouichi, Aziz
adaro...@post03.curry.edu wrote:
Is it necessary to upgrade? I have to take my case to Management...
Howard Chu h...@symas.com schrieb am 13.11.2013 um 22:45 in Nachricht
5283f2e7.6050...@symas.com:
Aleksander Dzierżanowski wrote:
Hi.
I have properly runnig setup of three multimaster OpenLDAP servers (version
2.4.36 from ltb project) with bdb database backend. Everything was working
26 matches
Mail list logo