On 26.11.2013 16:27, slacker lnx wrote:
Hello,
I have a few ldap clients which were set up by my previous sys-admin.
1. In some of the servers I see that the configuration is done in
/etc/pam_ldap.conf, /etc/nslcd.conf and there is a nslcd process running on
the clients.
2. On other
of the groupOfUniqueNames object class on the
returned objects.
The second one only returns objects with the groupOfUniqueNames object
class under baseDN with all their (non-operative) attributes.
Regards,
Christian Manal
,
set the environment variable CFLAGS=-m32 before running configure.
That'll pass the -m32 switch to gcc, which tells it to make 32 bit binaries.
Regards,
Christian Manal
On 07.06.2013 12:05, Ashwin Kumar wrote:
On Fri, Jun 7, 2013 at 3:04 PM, Christian Manal
moen...@informatik.uni-bremen.de wrote:
-m32
Can I not pass -m32 flag to make while compiling?
I'm note sure about that. You could just try to run
make CFLAGS=-m64
but that'd override
-END PGP SIGNATURE-
Hi,
take a look at slapo-constraint(5). See the Admin Guide [1] for the
short version.
Regards,
Christian Manal
[1] http://www.openldap.org/doc/admin24/overlays.html#Constraints
, give default with System
user.
If i change the value gecos in LDAP before te fist login, the gecos is with
value correct.
Any sugesstion ?
Thanks.
Rodrigo Faria
Hi,
Samba takes the users name from the attribute displayName, not gecos.
Regards,
Christian Manal
in the tarball under
contrib/slapd-modules/smbk5pwd/
Regards,
Christian Manal
read and write EVERYTHING! [...]
[...]
rootdn dn
Specify the distinguished name that is not subject to
access control or administrative limit restrictions for
operations on this database. [...]
Regards,
Christian Manal
Am 21.11.2011 18:52, schrieb Michael Ströder:
Christian Manal wrote:
As for custom code, I already need that to change the other attributes I
mentioned, plus some from a homebrew schema. So, at least for my
environment, it doesn't really matter.
You can make the other attributes invisible
Am 22.11.2011 11:25, schrieb Buchan Milne:
On Monday, 21 November 2011 16:17:33 Christian Manal wrote:
Am 21.11.2011 14:25, schrieb Jayavant Patil:
Hi,
I am using openldap-2.4.19-4 on fedora 12 machine. Does anybody know
how
to enable/disable a user account in openLDAP? I know
the loginShell prevents PublicKey logins and 'D' in
sambaAcctFlags disables logins with Samba and Heimdal Kerberos.
Regards,
Christian Manal
Am 21.11.2011 15:59, schrieb Michael Ströder:
Christian Manal wrote:
Am 21.11.2011 14:25, schrieb Jayavant Patil:
Hi,
I am using openldap-2.4.19-4 on fedora 12 machine. Does anybody know how
to enable/disable a user account in openLDAP? I know ppolicy overlay but I
don't require
Am 21.11.2011 18:21, schrieb Michael Ströder:
Christian Manal wrote:
Am 21.11.2011 15:59, schrieb Michael Ströder:
Christian Manal wrote:
Am 21.11.2011 14:25, schrieb Jayavant Patil:
Hi,
I am using openldap-2.4.19-4 on fedora 12 machine. Does anybody know
how
to enable/disable a user
with contrators on a thin client solution.
Thanks for your help. After I get this working I will wright up a
document explaining how to do this. I have run into at least 2 other
people on the forums with the same problem I have.
On Wed, Oct 12, 2011 at 3:18 AM, Christian Manal
moen
Am 09.10.2011 14:33, schrieb NetNinja:
On Sat, Oct 8, 2011 at 4:54 AM, Christian Manal
moen...@informatik.uni-bremen.de wrote:
Am 07.10.2011 23:58, schrieb NetNinja:
Ok that's good to know.
I was reading in the book Solaris 10 System Administration Essential
and it says on pg 365
:41 PM, Christian Manal
moen...@informatik.uni-bremen.de
mailto:moen...@informatik.uni-bremen.de wrote:
Am 07.10.2011 20:25, schrieb NetNinja:
Hello,
I have been reading up on OpenLDAP. I have installed it on RHEL
5.5 but
I have seen documention saying that openldap
info you can provide wold be great.
Thanks
Hi,
I've been running OpenLDAP on Solaris 10 for years now. It works out of
the tarball, no patches needed.
Regards,
Christian Manal
want to log with
the loglevel setting in slapd.conf.
Regards,
Christian Manal
Am 19.09.2011 10:57, schrieb Nick Urbanik:
Dear Christian,
On 19/09/11 09:52 +0200, Christian Manal wrote:
QUESTIONS:
1. What should I expect to be logged at info priority with loglevel -1?
2. Does anyone have any suggestions of what I may be missing here?
Hi,
as far as I know, OpenLDAP
Net::LDAP does support slapo-ppolicy. You could probably
cook something up with that.
http://search.cpan.org/~gbarr/perl-ldap/lib/Net/LDAP/Control/PasswordPolicy.pm
http://search.cpan.org/~gbarr/perl-ldap/lib/Net/LDAP/Extension/SetPassword.pm
Regards,
Christian Manal
, that the Monitor-Part isn't resolved correctly (returns
empty and thus empty for the whole set).
Regards,
Christian Manal
=bar add
Regards,
Christian Manal
filter=((objectClass=posixAccount)(gidNumber=1000)(gidNumber=1000)
by users add
Regards,
Christian Manal
acl based on conditional attributes.
You mean something like this?
access to attrs=mail
by group=cn=publish mail,ou=Groups,dc=example,dc=com read
by * none
See slapd.access(5) for details.
Regards,
Christian Manal
the output?
This is the returned entry:
dn:
namingContexts: dc=example,dc=com
ldapsearch even tells you everything went OK:
result: 0 Success
And how many entries were returned:
# numEntries: 1
Regards,
Christian Manal
Am 16.02.2011 01:27, schrieb MJ Hughes:
On Wed, Feb 16, 2011 at 2:50 AM, Christian Manal
moen...@informatik.uni-bremen.de wrote:
Am 15.02.2011 08:04, schrieb MJ Hughes:
Hi,
I'm an LDAP newbie who has inherited the maintenance of an LDAP system,
and
am learning on the fly. Until now
Am 16.02.2011 10:16, schrieb Pierangelo Masarati:
Christian Manal wrote:
Am 15.02.2011 08:04, schrieb MJ Hughes:
Hi,
I'm an LDAP newbie who has inherited the maintenance of an LDAP
system, and
am learning on the fly. Until now I've been able to puzzle out all the
issues I've faced
Am 16.02.2011 09:43, schrieb Christian Manal:
Am 16.02.2011 01:27, schrieb MJ Hughes:
On Wed, Feb 16, 2011 at 2:50 AM, Christian Manal
moen...@informatik.uni-bremen.de wrote:
Am 15.02.2011 08:04, schrieb MJ Hughes:
Hi,
I'm an LDAP newbie who has inherited the maintenance of an LDAP
.html
Double quotes around the RDN will solve your problem.
Regards,
Christian Manal
or not present, go for
the group(s). Or the other way around; get the attribute from the group,
then check all members for individual overrides.
Regards,
Christian Manal
-valued attribute, there can be no other value than the DN of the
creator.
But that still doesn't prevent non-creator DNs in the 'member' attribute...
Updated ACLs:
http://openldap.pastebin.com/VCxM7YzL
Regards,
Christian Manal
at the
pwdPolicyChecker/pwdCheckModule parts.
Regards,
Christian Manal
Am 11.10.2010 15:25, schrieb Meghanand Acharekar:
On Mon, Oct 11, 2010 at 6:42 PM, Christian Manal
moen...@informatik.uni-bremen.de wrote:
Am 11.10.2010 14:41, schrieb Meghanand Acharekar:
Hi,
I am using ppolicy overlay to enforce password policies.
Following is my ppolicy configuration
Am 11.10.2010 16:06, schrieb Meghanand Acharekar:
On Mon, Oct 11, 2010 at 7:08 PM, Christian Manal
moen...@informatik.uni-bremen.de wrote:
Am 11.10.2010 15:25, schrieb Meghanand Acharekar:
On Mon, Oct 11, 2010 at 6:42 PM, Christian Manal
moen...@informatik.uni-bremen.de wrote:
Am
open indefinitely (and reconnect if it goes down), waiting
for the master to push changes through that open connection.
Regards,
Christian Manal
are allowed to write to child entries
of ou=Misc,... and the dn.regex rule then restricts to which
children users may write.
Regards,
Christian Manal
=com)
by dn=cn=admin1,dc=domain,dc=com write
by * read
access to filter=(creatorsName=cn=admin2,dc=domain,dc=com)
by dn=cn=admin2,dc=domain,dc=com write
by * read
Regards,
Christian Manal
-monitor
specific part of the configuration. Put the syncrepl part before the
monitor definition and behind the bdb definition.
Regards,
Christian Manal
and doesn't touch the Samba
attributes. smbk5pwd will take care of the Samba passwords.
Best regards,
Christian Manal
Ralf Zimmermann schrieb:
Hi Christian,
* Christian Manal moen...@informatik.uni-bremen.de [16.02.2010 16:05]:
the option 'ldap passwd sync' is set to yes. I will looking to the
overlay
smbk5pwd again. But I think it will not resolve the problem because samba
makes
a modify
Ralf Zimmermann schrieb:
Hi Christian,
* Christian Manal moen...@informatik.uni-bremen.de [16.02.2010 16:18]:
Ralf Zimmermann schrieb:
Hi Christian,
* Christian Manal moen...@informatik.uni-bremen.de [16.02.2010 16:05]:
the option 'ldap passwd sync' is set to yes. I will looking
41 matches
Mail list logo
