>>> Stefan Kania schrieb am 08.03.2023 um 13:47 in
Nachricht <7079926e-76af-748c-0447-d1b503dc0...@kania-online.de>:
> Hi to all,
>
> I just installed a fresh 2.5 server with the symas-packages and debian
> 11. I can start the service, but as soon as I try to authenticate for
> example with:
>
>>> Ede Wolf schrieb am 22.02.2023 um 11:03 in
>>> Nachricht
<6ad6c4b7-3f7d-3e2b-b1bd-936bd6060...@nebelschwaden.de>:
>> It seems the backslash notation is not actually defined for LDIF.
>
> That indeed is a valuable hint, out of curiosity I will test, wether
> other ldap server
>>> Ede Wolf schrieb am 21.02.2023 um 16:10 in
>>> Nachricht
<5fed02ec-1e12-5264-305f-a3f69a335...@nebelschwaden.de>:
>> The same way you would enter Unicode in any other application. This is not
> an LDAP- or LDIF-specific question.
>>
>> 1) use a terminal and locale that support UTF-8.
>>
>>> Shawn McKinney schrieb am 03.02.2023 um 00:08 in
Nachricht <92dcba07-e4ea-4c9f-bce1-8f37b6644...@symas.com>:
...
> The following platforms are available:
>
> - RHEL7/8/9
> - Debian 10/11
> - Ubuntu 18.04/20.04/22.04
> - SLES 15.3
Note: Current is SLES 15.4 (with 15.5 already in beta AFAIK);
>>> Simon Kainz schrieb am 02.02.2023 um 15:57 in
>>> Nachricht
:
> Hello,
>
> i am looking for a way to set an ACL entry for cn=accesslog, which is
> where i am logging the slapo-accesslog overlay entries to.
>
> I tried to set set it with the following:
>
> dn: olcDatabase{1}mdb,cn=config
>>> Quanah Gibson-Mount schrieb am 19.01.2023 um 19:18 in
Nachricht :
>
> --On Thursday, January 19, 2023 8:25 AM +0100 Ulrich Windl
> wrote:
>
>>>>> Quanah Gibson-Mount schrieb am 18.01.2023 um
>>>>> 14:50 in
>> Nachricht <3D6
>>> Quanah Gibson-Mount schrieb am 18.01.2023 um 14:50 in
Nachricht <3D6804DEBBC5413284159965@[192.168.1.14]>:
...
> I would note that it is not advised to use XFS with back-mdb.
Would you explain why? Here we use XFS for all database filesystems.
Regards,
Ulrich
>>> Howard Chu schrieb am 17.01.2023 um 17:40 in Nachricht
:
> Ulrich Windl wrote:
>> Hi!
>>
>> I'm working on a program that "mangles" existing LDIF files so that the LDAP
> server accepts them.
>> So say 75% passed, 25% had errors (need add
Hi!
I'm working on a program that "mangles" existing LDIF files so that the LDAP
server accepts them.
So say 75% passed, 25% had errors (need additional fixes).
I'm using ldapadd with "-c" (continue) and "-S skipped.ldif" (skipped entries)
to add the input LDIF.
The idea was to iterate over
Hi!
As you use IP addresses to connect, do your certificates specify those IP
addresses as alternate subjects, too?
Regards,
Ulrich
>>> Jarett DeAngelis schrieb am 09.01.2023 um 22:10 in
Nachricht <768dfc4e-53a9-4f05-ad61-61c00ed52...@bioteam.net>:
> hi - using OpenLDAP 2.6.3 and finding
>>> Christopher Paul schrieb am 31.12.2022 um
>>> 00:35
in Nachricht
> Hello OpenLDAP-Technical,
>
>
>
> Using the oldie but goodie LDAP performance testing tool, SLAMD, I've been
> doing performance tests. What I found was that stats logging (olcLogLevel:
> 256) degrades performance
Hi!
Maybe the binary or build process should use a test vector to warn if that
produces the wrong result, assuming the problem is the SHA code itself.
Regards,
Ulrich
29.12.2022 00:39:44 Howard Chu :
> Ralf Hildebrandt wrote:
>> Using slapd 2.5.13+dfsg-1ubuntu1 on ubuntu 22.10:
>>
>>> Stefan Kania schrieb am 15.12.2022 um 18:55 in
Nachricht <4c04e864-2b72-c9d2-96b9-036c11f58...@kania-online.de>:
>
> Am 15.12.22 um 17:56 schrieb Quanah Gibson-Mount:
>>
>>
>> --On Thursday, December 15, 2022 3:02 PM +0100 Stefan Kania
>> wrote:
>>
>>> --
>>> dn: cn=config
>>> schrieb am 12.12.2022 um 16:47 in
>>> Nachricht
<20221212154750.5262.89...@hypatia.openldap.org>:
> Hello,
>
> Under typical circumstances we run a config database and have a single
> application database for ldap data. We run consumers replicating from
> providers where they replicate
Hi!
Examining changes of the database via LDIF, I noticed one thing:
-userPassword: {SSHA}XY94+nfFELR3iy0AYTsS0DHqxIOwFNz79zcnniA==
+userPassword: {SSHA}yt98Od1WHak3kYIyZWYoCewg4D+f9ffp
I had thought that the encoded SSHA passwords all have the same length.
Could it depend on the program being
>>> Quanah Gibson-Mount schrieb am 01.11.2022 um 20:54
in
Nachricht :
>
> ‑‑On Tuesday, November 1, 2022 7:16 PM + jar...@bioteam.net wrote:
>
>> Hi,
>>
>> I am attempting to have SSSD do logins to my OpenLDAP 2.6.3 installation,
>> however, I get "permission denied" when trying to log in
HA}oTEDKWKn0fimGo6J8de0I5qRixGWJxhJ" was correct
overall)
Maybe check if these problems still exist in the current version.
Regards,
Ulrich Windl
>>> Norman Gray schrieb am 19.09.2022 um 20:44 in Nachricht
<55d788c7-f3d6-4389-bc24-a26318af0...@nxg.name>:
> Greetings.
>
> On 19 Sep 2022, at 17:54, Howard Chu wrote:
>
>> Then, I would like to propose a full Open Source first realease of a CRUD
> REST Web Service to manipulate OpenLDAP's
>>> Quanah Gibson-Mount schrieb am 15.09.2022 um 18:09
in
Nachricht <1F341BC71D7ADCBA8A4880D3@[192.168.1.17]>:
> ‑‑On Thursday, September 15, 2022 5:49 PM +0100 Howard Chu
> wrote:
>
>
>> There's nothing to wait for. Index generation is in a background thread,
>> it doesn't block cn=config.
>>> Uwe Sauter schrieb am 14.09.2022 um 17:46 in
Nachricht <449ea0c3-97d9-7228-ef16-a36022c32...@gmail.com>:
>> Stop server 1
>> change slapd.conf
>> slapindex -q -f /path/to/slapd.conf -b "your base"
>> start server 1
>>
>> stop server 2
>> change slapd.conf
>> slapindex -q -f
>>> Howard Chu schrieb am 08.09.2022 um 17:30 in Nachricht
:
> Ulrich Windl wrote:
>>>>> Howard Chu schrieb am 08.09.2022 um 01:34 in Nachricht
>> <4bc80e7e-17f9-b385-6b11-2aab806ed...@symas.com>:
>>> Steffen Michels wrote:
>>>> H
>>> Søren Holm schrieb am 08.09.2022 um 20:23 in Nachricht
:
> Den 08.09.2022 kl. 18.20 skrev Howard Chu:
>> Søren Holm wrote:
>>>
>>>
>>> Den 08.09.2022 kl. 17.30 skrev Howard Chu:
>>>> Ulrich Windl wrote:
>>>>>>>
>>> Ulrich Windl schrieb am 28.08.2022 um
18:08
in Nachricht :
> Hi!
>
> Good catch! I overlooked that! I'll try with that change and report.
Of course that was it! Worked now. Sorry for the noise, but I didn't see it
before, even when looking at it.
>
> Thanks,
> U
f Maryland, College Park
>
>> On Aug 26, 2022, at 7:29 AM, Ulrich Windl
>> wrote:
>>
>> Hi!
>>
>> I'm programming some automated changes to our LDAP database, and I have an
>> issue:
>>
>> # Error: Invalid DN syntax (34), additional info:
Hi!
I'm programming some automated changes to our LDAP database, and I have an
issue:
# Error: Invalid DN syntax (34), additional info: invalid new RDN
dn: cn=subntbcst_tftp@247/tcp,dc=services,dc=net,dc=...,dc=de
changetype: modrdn
newrdn: subntbcst-tftp@247/tcp
deleteoldrdn: 1
So is the new
>>> Norbert schrieb am 24.08.2022 um 11:27 in Nachricht
<7c7bb2e6-d037-7069-9e32-0851e685c...@freakix.de>:
> Hi,
>
> with OpenLDAP 2.4.47 (running on Debian 10) but also with 2.5.13 from
> ltb-project.org (running on same Debian
> 10) I can observe the following:
>
> given following rough
Hi!
Several years ago I added ipService to our LDAP Database, then I thought it's
time to update it.
Now I have a conceptual problem:
Some services have multiple protocols and port numbers. For example
"compressnet".
While it's possible to assign unique names like
cn=compressnet@2/tcp,...
p" on Linux if you still have netstat.
Regards,
Ulrich
>
> Thanks,
> Bradley Gill, CISSP, CCSP
>
> -Original Message-
> From: Ulrich Windl
> Sent: Thursday, July 28, 2022 5:35 AM
> To: Bradley T Gill ; openldap-technical@openldap.org
> Subject: [EXTERNAL
>>> Bradley T Gill schrieb am 27.07.2022 um 15:59 in Nachricht
<84030354e2e44d13b5463c6c070e3...@aep.com>:
> All,
> I have been struggling with upgrading OpenLDAP from 2.4 to 2.5/2.6
> for some time. We have finally found that we needed to rebuild the schema
> from scratch and re‑add
>>> Quanah Gibson-Mount schrieb am 12.07.2022 um 18:19
in
Nachricht :
>
> ‑‑On Tuesday, July 12, 2022 1:31 PM +0200 Francesco Malvezzi
> wrote:
>
>> [...]
>>>
>>> Whatever "it works" really means. Without seeing example entries and
>>> their pwdChangedTime values it's impossible to say
>>> Quanah Gibson-Mount schrieb am 22.06.2022 um 17:29
in
Nachricht :
>
> ‑‑On Wednesday, June 22, 2022 9:03 AM +0200 Ulrich Windl
> wrote:
>
>> Ignoring the loadbalancer issues, I think you add a race condition when
>> reading possibly older data from yo
>>> schrieb am 20.06.2022 um 13:33 in
>>> Nachricht
<20220620113345.5262.56...@hypatia.openldap.org>:
> Hi,
>
> I am new to ldap. We have 4 ldap servers, 2 of them are in mirror-mode
> providers, 2 of them are just consumers/replicas.
> I am working on loadbalancer for these 4 ldap servers
>>> Cezary Drozak schrieb am 16.06.2022 um 22:42 in
>>> Nachricht
<3a3f4745-56fc-91c5-0f0e-2cce6a473...@drozak.net>:
> Hello,
>
> I am trying to set up OpenLDAP on Arch Linux on my server, following
> instruction on Arch Wiki[1]. I prepared the config.ldif file, replacing
> every $BASEDN and
>>> fredd fredddo schrieb am 15.06.2022 um 19:46 in
Nachricht
:
> Hello,
>
> I have a problem understanding how cacert.pem works on openldap 2.4 under
> centos.
>
> I have an extremely heterogeneous machine park (with openldap customers and
> other owners)
>
> So I have 2 Certificates (CA and
>>> "Bliss, Aaron" schrieb am 14.06.2022 um 17:03 in
Nachricht
> Carsten,
> As a best practice whenever possible services in general should be ran
> within the context of a user that has the least amount of privilege
possible.
> In this case, it's entirely supported and straightforward to
>>> Quanah Gibson-Mount schrieb am 08.06.2022 um 18:03
in
Nachricht <1AA0097E3E4235DC5675E461@[192.168.1.17]>:
> discover that password. I'd also advise them to change it, since you
> publicly shared the SHA‑1 hash with the world. I'd also advise them to use
Ignoring weak passwords, what
co_tosa_thales -f
> sizelimit.ldif
> ldap_initialize( ldap://10.136.16.197 )
> replace olcSizeLimit:
> unlimited
> modifying entry "cn=config"
> ldap_modify: Insufficient access (50)
That was expected; does you manager have access?
>
> root@laselain
>>> RAIMBAULT Alain - Contractor
schrieb
am 03.06.2022 um 14:51 in Nachricht
:
...
> # cat sizelimit.ldif
> dn: cn=config
> changetype: modify
> replace: olcSizeLimit
> olcSizeLimit: ‑1
Despite of the rest we use a large positive number here, and the docs here
mention "unlimited", but not -1.
>>> Michael Ströder schrieb am 05.06.2022 um 23:16 in
Nachricht <51b7e769-522d-a547-4b4e-637e9d035...@stroeder.com>:
> On 6/5/22 23:02, Felix Schäfer wrote:
>>> Am 05.06.2022 um 22:36 schrieb Michael Ströder :
>>>
>>> But, like it or not, POSIX names are case-sensitive. So with
>>> posixGroup
>>> Michael Ströder schrieb am 07.06.2022 um 08:27 in
Nachricht <7ea49afd-d5f1-b7dc-e41a-709e523fd...@stroeder.com>:
> On 6/7/22 08:25, Ulrich Windl wrote:
>>>>> Michael Ströder schrieb am 05.06.2022 um 23:16
in
>> Nachricht <51b7e769-522d-a547-4b4e-63
>>> Howard Chu schrieb am 23.05.2022 um 18:04 in Nachricht
:
> Ulrich Windl wrote:
>>>>> "Paul B. Henson" schrieb am 22.05.2022 um 04:51 in
>>>>> Nachricht
>> <5d343067-aef3-b499-63e3-996f3d680...@acm.org>:
>>> On 5/1
>>> "Paul B. Henson" schrieb am 22.05.2022 um 04:51 in
>>> Nachricht
<5d343067-aef3-b499-63e3-996f3d680...@acm.org>:
> On 5/11/2022 3:48 AM, Soisik Froger wrote:
>
>> Are this performance issues an expected side-effect of switching to
>> dynlist - as the memberOf attributes are now dynamically
>>> Quanah Gibson-Mount schrieb am 30.04.2022 um 00:54
in
Nachricht <28499A685B1FAE689838078F@[192.168.1.17]>:
>
> ‑‑On Friday, April 29, 2022 10:42 PM + gerson.gar...@itron.com wrote:
>
>> Quanah,
>>
>> Yes I read it and tried replace "by * read" by "by * auth" and "by *
>> none" but then
>>> Quanah Gibson-Mount schrieb am 27.04.2022 um 17:06
in
Nachricht <979B8C9BF3027ACA9450E58E@[192.168.1.20]>:
>
> --On Wednesday, April 27, 2022 9:41 AM +0200 Ulrich Windl
> wrote:
>
>
>>> 0).
>>> Apr 26 18:31:27 apollo11 systemd‑cor
>>> Magnus Morén schrieb am 26.04.2022 um 19:56 in
Nachricht
> Migrating to new ldap server and getting problems.
>
> OS: Rocky Linux 8 (== RHEL/CentOS 8). Fully updated.
> LDAP software: symas‑openldap‑servers‑2.6.1‑2.el8.x86_64
>
>
> cn=config and and data import (via ldif) on master.
>>> Quanah Gibson-Mount schrieb am 31.03.2022 um 17:45
in
Nachricht :
>
> ‑‑On Thursday, March 31, 2022 9:11 AM +0200 Ulrich Windl
> wrote:
>
>> I think the point was that you can bind even when not having started TLS
>> before.
>
> Correct.
>
>>> Ondrej Kuzník schrieb am 01.04.2022 um 11:23 in
Nachricht
<20220401092310.ge26...@mistotebe.net>:
> On Fri, Apr 01, 2022 at 11:03:43AM +0200, Ulrich Windl wrote:
>>> On Wed, Mar 23, 2022 at 03:07:25PM +0100, Michael Ströder wrote:
>>>> Do you have any p
>>> Ondrej Kuzník schrieb am 31.03.2022 um 17:55 in
Nachricht
<2022033118.gd26...@mistotebe.net>:
> On Wed, Mar 23, 2022 at 03:07:25PM +0100, Michael Ströder wrote:
>> On 3/23/22 12:19, Ondřej Kuzník wrote:
>>> On Tue, Mar 22, 2022 at 08:03:35PM +0100, Michael Ströder wrote:
>>> > On 3/22/22
>>> schrieb am 31.03.2022 um 06:29 in
>>> Nachricht
<20220331042904.5262.30...@hypatia.openldap.org>:
> Quanah Gibson-Mount wrote:
>> --On Wednesday, March 30, 2022 8:28 PM +0200 Stefan Kania
>> >
>> > That's what can be found in the FAQ on openldap.org:
>> >
>> >
>>> Quanah Gibson-Mount schrieb am 30.03.2022 um 19:54
in
Nachricht :
>
> ‑‑On Wednesday, March 30, 2022 8:28 PM +0200 Stefan Kania
> wrote:
>
>> That's what can be found in the FAQ on openldap.org:
>>
>> https://www.openldap.org/faq/data/cache/605.html
>>
>> I would trust this more then
me and modifyTimestamp?
Regards,
Ulrich
>
> Brgds,
> Jean-Luc
>
> On 9 Mar 2022, at 09:33, Ulrich Windl
> wrote:
>
>>>>> schrieb am 08.03.2022 um 17:43 in Nachricht
>> <20220308164344.5262.14...@hypatia.openldap.org>:
>>> Dears,
>
>>> schrieb am 08.03.2022 um 17:43 in Nachricht
<20220308164344.5262.14...@hypatia.openldap.org>:
> Dears,
>
> I've a tricky issue with this attribute.
> I context of 4 MMR & 4 replicas, I've defined a rootdn and a replication
> user. When I create "ADD" a new entry in my DB with rootdn as
>>> Quanah Gibson-Mount schrieb am 28.02.2022 um 18:13
in
Nachricht :
>
> ‑‑On Monday, February 28, 2022 8:01 AM +0100 Ulrich Windl
> wrote:
>
>> ldapsearch ‑Y EXTERNAL ‑H ldapi:/// ‑b 'cn=Subschema' ‑s base
>> '(olcSchemaConfig=*)' 'attributeTypes'
&g
>>> Quanah Gibson-Mount schrieb am 24.02.2022 um 16:41
in
Nachricht <5634EEEFC927B18BF1B59D49@[192.168.1.12]>:
>
> ‑‑On Thursday, February 24, 2022 8:22 AM +0100 Ulrich Windl
> wrote:
>
>> So my guess is that my query is still wrong:
>># ldapsearch ‑Y
>>> Felix Natter schrieb am 23.02.2022 um 21:45 in Nachricht
<87wnhl9uru@bitburger.home.felix>:
> hello Ulrich,
>
> thanks for your reply! My replies are inline:
>
> "Ulrich Windl" writes:
>>>>> Felix Natter schrieb
>>> Quanah Gibson-Mount schrieb am 23.02.2022 um 17:46
in
Nachricht <930DB73AD6C9D8388B3A80F5@[192.168.1.12]>:
>
> --On Wednesday, February 23, 2022 8:25 AM +0100 Ulrich Windl
> wrote:
>
>>>>> Yes, if you query the right place. I.e., cn=subschema:
>>> Quanah Gibson-Mount schrieb am 22.02.2022 um 17:49
in
Nachricht <6D8946CEFE1406A76522A36F@[192.168.1.12]>:
>
> --On Tuesday, February 22, 2022 12:44 PM +0100 Ulrich Windl
> wrote:
>
>>>>> Quanah Gibson-Mount schrieb am 18
>>> Felix Natter schrieb am 22.02.2022 um 19:00 in Nachricht
<87h78qlr1i@bitburger.home.felix>:
> hello Michael,
>
> many thanks for your reply!
>
> Michael Ströder writes:
>> On 2/20/22 18:14, Felix Natter wrote:
>>> my password policies (openldap 2.5.11) are not enforced and Roland
>>>
>>> Quanah Gibson-Mount schrieb am 18.02.2022 um 22:37
in
Nachricht <8A1ED4C1E941394D45838C24@[192.168.1.12]>:
>
> ‑‑On Friday, February 18, 2022 9:03 AM +0100 Ulrich Windl
> wrote:
>
>> But I should be able to query it, right? If so what is the correct
>>> Quanah Gibson-Mount schrieb am 17.02.2022 um 18:19
in
Nachricht <49ADC11B5FB3A8060B8AC3C5@[192.168.1.12]>:
>
> ‑‑On Thursday, February 17, 2022 11:20 AM +0100 Ulrich Windl
> wrote:
>
>> Interestingly I found that userPassword is commented out in core
>>> Frederic Dussurget schrieb am 16.02.2022
um
14:53 in Nachricht :
> Hi,
> We're facing the following issue :
>
> * From one side, we have to store two values (same password with two
> different encodings) within the userPassword attribute (eg.
>
>>> "Paul B. Henson" schrieb am 16.02.2022 um 04:10 in
>>> Nachricht
<114ede97-a51b-5fbd-0613-47208945a...@acm.org>:
...
> I can certainly just throw memory at it and hope the problem goes away.
Remember there are some classic tools like sar, vmstat, iostat, etc. to display
or store some
>>> "Paul B. Henson" schrieb am 16.02.2022 um 06:13 in
Nachricht
<5f015d2d-8965-6c70-0c6d-7a96e9ec2...@acm.org>:
> On 2/15/2022 1:57 AM, Ondřej Kuzník wrote:
>
>> - if, to answer that query, you need to crawl a large part of the DB,
>>the OS will have to page that part into memory
>
> Do
>>> "Paul B. Henson" schrieb am 15.02.2022 um 03:01 in
>>> Nachricht
:
...
>> How much RAM do you have on the system?
>
> 2GB. I don't think I'm running low on memory, there's usually a bit
> free:
...
Independent of LDAP my guess is that 2GB is somewhat tight these days, and my
guess is
>>> Chandeshwar Mishra schrieb am 14.02.2022 um
23:26 in Nachricht
:
> Hi Quanah,
>
> Thanks for your response. Our setup is a very old one and we are planning
> to migrate it to the latest stable version but Since this openldap is
> deployed in Production
> it is not possible for us to upgrade
>>> "Paul B. Henson" schrieb am 06.02.2022 um 03:19 in
Nachricht
:
> On Sat, Feb 05, 2022 at 09:57:15AM ‑0300, Andreas Hasenack wrote:
>> openldap also has a monitor backend IIRC, have you looked into that?
>
> Yes, historically we've used that with icinga and munin, although we're
> looking to
>>> "Ken Wenzel" schrieb am 31.01.2022 um 08:16 in Nachricht
<002001d81672$866fdb30$934f9190$@gmx.net>:
> Hello,
>
>
>
> I like to implement an autogrow functionality for LMDB.
>
> The documentation for mdb_env_set_mapsize says that no transactions should
> be active when using this function.
>>> "Ulrich Windl" schrieb am 28.01.2022 um
08:49 in Nachricht <61f3a01f02a100047...@gwsmtp.uni-regensburg.de>:
>>>> Alan Andrea schrieb am 27.01.2022 um 17:04 in
>>>> Nachricht
> <1969009486.3151222.1643299488...@mail.ya
>>> Alan Andrea schrieb am 27.01.2022 um 17:04 in
>>> Nachricht
<1969009486.3151222.1643299488...@mail.yahoo.com>:
> I have a question regarding password rules that are enforced when a user
> changes their password in OpenLDAP. We have a need to implement a dictionary
> rule whereby words and
Hi!
I just discovered a minor typo in my version of the slapo-ppolicy manual page
(possibly it's fixed alrerady):
The manual page lists "pwdGraceAuthnLimit", but the attribute returned by
slapcat is "pwdGraceAuthNLimit" (different case for 'N')
The name from the schema also is
>>> Quanah Gibson-Mount schrieb am 20.01.2022 um 18:02 in
Nachricht <65ABF4684C2D1F77600EF736@[192.168.1.27]>:
>
> ‑‑On Wednesday, January 19, 2022 4:26 PM +0200 skeletor
> wrote:
>
>> Hi.
>> I use delta‑sync replication on version 2.4. Sometimes, some records
>> don't send to slave. Insofar
>>> skeletor schrieb am 19.01.2022 um 15:26 in Nachricht
<17e37982-716f-795c-e810-70c483b6d...@lissyara.su>:
> Hi.
> I use delta-sync replication on version 2.4. Sometimes, some records
> don't send to slave. Insofar as this is delta-sync after a new update
> slave receive only last update.
>>> Quanah Gibson-Mount schrieb am 10.01.2022 um 17:13 in
Nachricht :
>
> ‑‑On Monday, January 10, 2022 5:02 PM +0100 Stefan Kania
> wrote:
>
>> The problem is solved,
>> in my configuration I wrote:
>>
>> dn: olcDatabase={2}mdb,cn=config
>> objectClass: olcmdbConfig
>>
>>> David White schrieb am 04.01.2022 um 21:56 in
Nachricht
:
...
> root@ldap-provider:~# slapcat -b cn=config
> slapcat: could not open database.
>
> root@ldap-provider:~# slapcat -n0
> slapcat: could not open database.
Did you try the -v or -d option to get more info?
...
Regards,
Ulrich
4.1.1466.115.121.1.24 SINGLE-VALUE
USAGE directoryOperation )
>
> On Fri, Dec 31, 2021, 11:23 AM Michael Ströder
wrote:
>
>> On 12/27/21 12:04, Ulrich Windl wrote:
>> >>>> kevin martin schrieb am 22.12.2021 um 22:42 in
>> Nachricht
>> > :
>>> kevin martin schrieb am 22.12.2021 um 22:42 in Nachricht
:
> it appears from looking at ppolicy.c that pwdAccountLockedTime is not
> supported in openlda. is there another way to lock a users account in
> openldap outside of simply changing the users password?
I found out the hard way: When
>>> Dieter Klünter schrieb am 18.12.2021 um 07:28 in
Nachricht <20211218072816.769b4...@pink.fritz.box>:
> Am Fri, 17 Dec 2021 16:34:41 +0100
> schrieb Stefan Kania :
>
>> Hello to all,
>>
>> I'm trying to get GSSAPI authentication running with the
>> symas-packages. I generated a ldap.keytab
>>> Quanah Gibson-Mount schrieb am 10.12.2021 um 18:00 in
Nachricht <2A5F43DA950658AE64FEE654@[192.168.1.3]>:
>
> --On Friday, December 10, 2021 8:14 AM +0100 Ulrich Windl
> wrote:
>
>>>> OpenLDAP 2.6 is the current release series. OpenLDAP 2.4 is
>>> Quanah Gibson-Mount schrieb am 09.12.2021 um 17:54 in
Nachricht <9E71A1C6CC6C9A43887B2B56@[192.168.1.3]>:
>
> ‑‑On Tuesday, December 7, 2021 8:39 AM ‑0800 Quanah Gibson‑Mount
> wrote:
>
>>
>>
>> ‑‑On Tuesday, December 7, 2021 9:57 AM + santoshk.se...@tcs.com wrote:
>>
>>> Thanks
>>> schrieb am 07.12.2021 um 10:57 in Nachricht
<20211207095727.5262.37...@hypatia.openldap.org>:
> Thanks Emmanuel,
> Is it a stable version we can reply upon? Because the request is for a
> production environment which are running critical business applications
>
> As part the OS upgrade (6.4
>>> schrieb am 02.12.2021 um 11:28 in Nachricht
<20211202102836.5262.15...@hypatia.openldap.org>:
> HI,
>
> We have OpenLDAP 2.4.xx running in RHEL6.4. We are planning to upgrade the
> RHEL version to 7.9 and then upgrade the OpenLDAP to 2.6.
>
> The OpenLDAP installed are all RPMs
>
> #rpm
Hi!
I have a question: When using ppolicy, is tthere a simple way for a user to
detect that he/she is "on grace logins", i.e. the poassword has to be changed
soon?
We had a situation where some monitoring tools uses periodic logins to sume
user account. When that user should have changed the
>>> "A. Schulze" schrieb am 26.11.2021 um 23:34 in
Nachricht :
> Hello,
>
> using slapo-ppolicy I could configure slapd to hash a password if it's sent
> unhashed.
>
> moduleload ppolicy.la
> moduleload argon2.la
> password-hash {ARGON2}
>
> database mdb
> suffix dc=test
> ...
> overlay
Hi!
Maybe explain the steps you did to convert B from slave to master first.
Regards,
Ulrich
>>> Enrico Weigelt, metux IT consult 30.11.2021, 17:26 >>>
Hello friends,
I'm in huge trouble: my MMR setup (Zimbra) isn't syncing completely.
* host A is the old master, host B a new one.
* host
>>> Quanah Gibson-Mount schrieb am 25.10.2021 um 17:15 in
Nachricht :
>
> ‑‑On Monday, October 25, 2021 1:29 PM + bourgu...@gmail.com wrote:
>
>> Dears,
>>
>> I found the cause if I can tell it like this, in fact, it's only for
>> cn=config for which there are replication settings set for
>>> Quanah Gibson-Mount schrieb am 21.10.2021 um 19:29 in
Nachricht <125627C2D6AF4AE00EF3FCDF@[192.168.1.11]>:
>
> --On Thursday, October 21, 2021 7:54 PM +0300 Nick Milas
> wrote:
>
>> On 21/10/2021 6:39 μ.μ., Nick Milas wrote:
>>
>>> From the journal, some excerpts (it is very long):
>>
>>
Hi!
Wondering about "LimitNOFILE=96": Wouldn't that limit the open sockets
(connections) as well?
Regards,
Ulrich
>>> Michael Ströder schrieb am 19.10.2021 um 18:17 in
Nachricht :
> On 10/19/21 17:10, Quanah Gibson-Mount wrote:
>> --On Tuesday, October 19, 2021 1:00 AM -0700 "Paul B. Henson"
>>> Jürgen Baier schrieb am 07.10.2021 um 08:07 in
Nachricht
:
> Hi,
>
> I'm using LMDB for mapping MD5 hash codes to some data. I noticed that a
> virtualized environment (Xen/Windows on our own servers and AWS/Windows)
> slows down LMDB significantly (e.g. a certain workload is executed in
>>> Quanah Gibson-Mount schrieb am 23.09.2021 um 18:23 in
Nachricht :
> --On Thursday, September 23, 2021 6:45 PM +0200 Michael Ströder
> wrote:
>
>> Personally I have on my systems:
>>
>> In file /etc/systemd/journald.conf:
>>
>> [Journal]
>> Storage=none
>> ForwardToSyslog=yes
>>
>> In
>>> schrieb am 14.09.2021 um 11:56 in Nachricht
<20210914095659.5262.94...@hypatia.openldap.org>:
> Thank you for your prompt response and suggestion, Howard.
> I did try your suggestion and increased the olcListenerThreads (based on
> number of CPUs) but that did not help. Got the same
>>> Quanah Gibson-Mount schrieb am 26.08.2021 um 18:26 in
Nachricht :
>
> --On Thursday, August 26, 2021 10:49 AM +0200 Michael Ströder
> wrote:
>
>> On 8/26/21 9:41 AM, Ulrich Windl wrote:
>>> Honestly I'm quite afraid of the "space explosion" t
Hi!
Honestly I'm quite afraid of the "space explosion" that seems to be an
inherent feature of MDB. 8-(
(Maybe that's just because of my bad experience with earlier BtrFS filesystem
(that seems to use similar concepts IMHO))
Regards,
Ulrich
>>> Michael Ströder schrieb am 25.08.2021 um 13:43 in
Hi!
It might get interesting if you sync cn=config, however.
Regards,
Ulrich
>>> kevin martin schrieb am 19.08.2021 um 19:35 in Nachricht
:
> i understand that ldap is a protocol but it occurred to me that a database
> change (where tables and the like might be different and slapd version
>
>>> Quanah Gibson-Mount schrieb am 18.08.2021 um 17:34 in
Nachricht <1ACF53407B440BCD96A18A3F@[192.168.1.4]>:
>
> ‑‑On Wednesday, August 18, 2021 9:15 AM +0200 Ulrich Windl
> wrote:
>
>>> idlexp value increases the index slot range by a power of 2.
>>> Quanah Gibson-Mount schrieb am 16.08.2021 um 23:20 in
Nachricht <45379D5CBFA94DE3B1EA38E5@[192.168.1.4]>:
>
> ‑‑On Monday, August 16, 2021 10:00 PM + Petteri Stenius
> wrote:
>
>>
>> Thank you for your quick response.
>>
>>
>> If idlexp is the accepted solution then I'd like to
>>> Michael Ströder schrieb am 11.08.2021 um 15:58 in
Nachricht <68f0b325-4ad4-7b86-d5be-a6a98aa07...@stroeder.com>:
> HI!
>
> How to profile performance of different ACLs?
>
> In theory one could run slapd with debug symbols under control of a
> profiler for C code. But personally I don't have
>>> Michael Ströder schrieb am 11.08.2021 um 16:36 in
Nachricht :
> HI!
>
> Frankly I forgot whether I asked this before:
>
> Let there be ACLs with dn.regex="..", attrs=foo,bar and val.regex=".."
> in the clauses.
>
> Obviously depending on complexity of regex-pattern and length of DNs /
>
>>> Michael Ströder schrieb am 11.08.2021 um 19:48 in
Nachricht :
> HI!
>
> I'm looking at a Prometheus graph of cn=Read,cn=Waiters,cn=Monitor
> (slapd 2.4.59).
>
> The object class is monitorCounterObject, the attribute is called
> monitorCounter.
>
> If it's a counter I'd expect the value to
>>> Howard Chu schrieb am 11.08.2021 um 19:59 in Nachricht
<588cc1a2-4efd-e0e5-94a6-d550319fc...@symas.com>:
> Michael Ströder wrote:
>> HI!
>>
>> I'm looking at a Prometheus graph of cn=Read,cn=Waiters,cn=Monitor
>> (slapd 2.4.59).
>>
>> The object class is monitorCounterObject, the attribute
>>> Michael Ströder schrieb am 11.08.2021 um 20:50 in
Nachricht <56a569c5-658d-86f6-18b9-eda2194f9...@stroeder.com>:
> On 8/11/21 7:59 PM, Howard Chu wrote:
>> Michael Ströder wrote:
>>> I'm looking at a Prometheus graph of cn=Read,cn=Waiters,cn=Monitor
>>> (slapd 2.4.59).
>>>
>>> The object
1 - 100 of 546 matches
Mail list logo
