On Sat, Feb 19, 2011 at 10:37 AM, Leonardo Carneiro
Hey, it finally worked! I've added the follwing in the cn=config database:
olcAccess: {0}to * by * read
Since there was no acl rules for this cn or the bdb.
I cannot thanks enough everyone that helped me, specially Andrews, Howard
and
On Sun, Feb 20, 2011 at 2:26 PM, masar...@aero.polimi.it wrote:
On Sat, Feb 19, 2011 at 10:37 AM, Leonardo Carneiro
Hey, it finally worked! I've added the follwing in the cn=config
database:
olcAccess: {0}to * by * read
Since there was no acl rules for this cn or the bdb.
I
On Thu, Feb 17, 2011 at 1:03 PM, Pierangelo Masarati
masar...@aero.polimi.it wrote:
Dieter Kluenter wrote:
Am Thu, 17 Feb 2011 11:28:59 -0200
schrieb Leonardo Carneiro chesterma...@gmail.com:
On Thu, Feb 17, 2011 at 9:09 AM, Andrew Findlay
andrew.find...@skills-1st.co.uk wrote:
On
On Thu, Feb 17, 2011 at 1:03 PM, Pierangelo Masarati
masar...@aero.polimi.it wrote:
Dieter Kluenter wrote:
Am Thu, 17 Feb 2011 11:28:59 -0200
schrieb Leonardo Carneiro chesterma...@gmail.com:
On Thu, Feb 17, 2011 at 9:09 AM, Andrew Findlay
andrew.find...@skills-1st.co.uk wrote:
On
On Sat, Feb 19, 2011 at 10:16 AM, masar...@aero.polimi.it wrote:
On Thu, Feb 17, 2011 at 1:03 PM, Pierangelo Masarati
masar...@aero.polimi.it wrote:
Dieter Kluenter wrote:
Am Thu, 17 Feb 2011 11:28:59 -0200
schrieb Leonardo Carneiro chesterma...@gmail.com:
On Thu, Feb 17, 2011
On Sat, Feb 19, 2011 at 10:37 AM, Leonardo Carneiro
chesterma...@gmail.comwrote:
On Sat, Feb 19, 2011 at 10:16 AM, masar...@aero.polimi.it wrote:
On Thu, Feb 17, 2011 at 1:03 PM, Pierangelo Masarati
masar...@aero.polimi.it wrote:
Dieter Kluenter wrote:
Am Thu, 17 Feb 2011 11:28:59
On Wed, Feb 16, 2011 at 04:37:45PM -0200, Leonardo Carneiro wrote:
The new slapd.d was created successfully and now i can do searches
anonymously. Searches like:
ldapsearch -x -h server -D cn=config -w [passwd] -b cn=config
ldapsearch -x -h server -b dc=dominio,dc=com,dc=br
are working
On Wednesday, 16 February 2011 20:37:45 Leonardo Carneiro wrote:
On Wed, Feb 16, 2011 at 8:43 AM, Andrew Findlay
andrew.find...@skills-1st.co.uk wrote:
On Tue, Feb 15, 2011 at 05:08:43PM -0200, Leonardo Carneiro wrote:
In the original question:
Hello everyone,
I upgraded my debian
On Thu, Feb 17, 2011 at 7:50 AM, Buchan Milne bgmi...@staff.telkomsa.netwrote:
On Wednesday, 16 February 2011 20:37:45 Leonardo Carneiro wrote:
On Wed, Feb 16, 2011 at 8:43 AM, Andrew Findlay
andrew.find...@skills-1st.co.uk wrote:
On Tue, Feb 15, 2011 at 05:08:43PM -0200, Leonardo
On Wed, Feb 16, 2011 at 03:29:45PM -0800, Howard Chu wrote:
Similarly I cannot find anything that
clearly describes the use of SASL EXTERNAL with ldapi.
http://tools.ietf.org/html/draft-chu-ldap-ldapi-00
Excellent, thanks. That one is remarkably hard to find without a direct
pointer. Could
On Thu, Feb 17, 2011 at 9:09 AM, Andrew Findlay
andrew.find...@skills-1st.co.uk wrote:
On Wed, Feb 16, 2011 at 03:29:45PM -0800, Howard Chu wrote:
Similarly I cannot find anything that
clearly describes the use of SASL EXTERNAL with ldapi.
On Thu, Feb 17, 2011 at 11:28:59AM -0200, Leonardo Carneiro wrote:
Here is the search that Apache is doing. Note that usuarios in the search
means users in portuguese. It doesn't seems even to check if the user
really does part of the group defined in the apache config.
That is a simple
Am Thu, 17 Feb 2011 11:28:59 -0200
schrieb Leonardo Carneiro chesterma...@gmail.com:
On Thu, Feb 17, 2011 at 9:09 AM, Andrew Findlay
andrew.find...@skills-1st.co.uk wrote:
On Wed, Feb 16, 2011 at 03:29:45PM -0800, Howard Chu wrote:
[...]
Here is the search that Apache is doing. Note
Dieter Kluenter wrote:
Am Thu, 17 Feb 2011 11:28:59 -0200
schrieb Leonardo Carneiro chesterma...@gmail.com:
On Thu, Feb 17, 2011 at 9:09 AM, Andrew Findlay
andrew.find...@skills-1st.co.uk wrote:
On Wed, Feb 16, 2011 at 03:29:45PM -0800, Howard Chu wrote:
[...]
Here is the search that
On Tue, Feb 15, 2011 at 05:08:43PM -0200, Leonardo Carneiro wrote:
fileserver:/etc/ldap# /usr/sbin/slapd -h ldapi:/// ldap:/// -g openldap -u
openldap -F /etc/ldap/slapd.d -d 128
Aha! Your server is using LDAP-based config so it is ignoring the config
file entirely.
Does these changes that
Andrew Findlay wrote:
On Tue, Feb 15, 2011 at 05:08:43PM -0200, Leonardo Carneiro wrote:
fileserver:/etc/ldap# /usr/sbin/slapd -h ldapi:/// ldap:/// -g openldap -u
openldap -F /etc/ldap/slapd.d -d 128
Aha! Your server is using LDAP-based config so it is ignoring the config
file entirely.
On Wed, Feb 16, 2011 at 02:51:19AM -0800, Howard Chu wrote:
I also suspect that there may not be a valid password set on the
cn=config suffix, so you will not be able to manage the server through
LDAP either.
Since it's starting on ldapi:/// he should just do a SASL EXTERNAL
bind on
On Wed, Feb 16, 2011 at 8:51 AM, Howard Chu h...@symas.com wrote:
Andrew Findlay wrote:
On Tue, Feb 15, 2011 at 05:08:43PM -0200, Leonardo Carneiro wrote:
fileserver:/etc/ldap# /usr/sbin/slapd -h ldapi:/// ldap:/// -g openldap
-u
openldap -F /etc/ldap/slapd.d -d 128
Aha! Your server is
On Wed, Feb 16, 2011 at 10:22:58AM -0200, Leonardo Carneiro wrote:
As far as i'm concerned, i didn't have the need to use SASL, and it seems
that all this SASL mechanism was auto-introduced in my setup after the
upgrade. Is it safe to edit /etc/defaults/slapd and remove the ldapi:///
--On Wednesday, February 16, 2011 12:16 PM + Andrew Findlay
andrew.find...@skills-1st.co.uk wrote:
I don't have a Debian Squeeze server at present so I cannot
check that.
Where is this documented? I am having great trouble finding
any clear description of how to actually access cn=config
--On Wednesday, February 16, 2011 4:34 PM + Andrew Findlay
andrew.find...@skills-1st.co.uk wrote:
(2) Using ldapi: - particularly with SASL EXTERNAL, which is
almost essential if you want to do a file-free bootstrap.
I don't get where you're getting this idea from. I've
On Wed, Feb 16, 2011 at 8:43 AM, Andrew Findlay
andrew.find...@skills-1st.co.uk wrote:
On Tue, Feb 15, 2011 at 05:08:43PM -0200, Leonardo Carneiro wrote:
fileserver:/etc/ldap# /usr/sbin/slapd -h ldapi:/// ldap:/// -g openldap
-u
openldap -F /etc/ldap/slapd.d -d 128
Aha! Your server is
Andrew Findlay wrote:
On Wed, Feb 16, 2011 at 02:51:19AM -0800, Howard Chu wrote:
I also suspect that there may not be a valid password set on the
cn=config suffix, so you will not be able to manage the server through
LDAP either.
Since it's starting on ldapi:/// he should just do a SASL
Leonardo Carneiro wrote:
On Wed, Feb 16, 2011 at 8:51 AM, Howard Chu h...@symas.com
mailto:h...@symas.com wrote:
Andrew Findlay wrote:
On Tue, Feb 15, 2011 at 05:08:43PM -0200, Leonardo Carneiro wrote:
fileserver:/etc/ldap# /usr/sbin/slapd -h ldapi:/// ldap:/// -g
On Mon, Feb 14, 2011 at 12:37:24PM -0200, Leonardo Carneiro wrote:
I upgraded my debian machine from lenny to squeeze (the new stable)
that comes with samba 3.5.6 and openldap 2.4.23. this machines works
primarily as a PDC.
these services do bind to the server, but it cannot find the users.
On Tue, Feb 15, 2011 at 10:24 AM, Andrew Findlay
andrew.find...@skills-1st.co.uk wrote:
It sounds as if there is no data in the LDAP server.
Debian Lenny seems to use OpenLDAP 2.4.11 with db4.2
I suspect that Squeeze uses later versions of both, so it is very
unlikely to be able to read the
On Tue, Feb 15, 2011 at 11:13:03AM -0200, Leonardo Carneiro wrote:
The ldapsearch you gave me returned the following output:
chester@reploid:~$ ldapsearch -h ldap.server -x -LLL -b '' -s base
'(objectclass=*)' namingcontexts
dn:
namingContexts: dc=dominio,dc=com,dc=br
I think It's ok,
On Tue, Feb 15, 2011 at 11:24 AM, Andrew Findlay
andrew.find...@skills-1st.co.uk wrote:
On Tue, Feb 15, 2011 at 11:13:03AM -0200, Leonardo Carneiro wrote:
The ldapsearch you gave me returned the following output:
chester@reploid:~$ ldapsearch -h ldap.server -x -LLL -b '' -s base
On Tue, Feb 15, 2011 at 11:37:59AM -0200, Leonardo Carneiro wrote:
fileserver:/var/log# ldapsearch -h 127.0.0.1 -x -b dc=dominio,dc=com,dc=br
'(objectclass=*)'
# extended LDIF
#
# LDAPv3
# base dc=dominio,dc=com,dc=br with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
#
On Tue, Feb 15, 2011 at 02:13:40PM -0200, Leonardo Carneiro wrote:
To: Andrew Findlay andrew.find...@skills-1st.co.uk
Please keep replies on the list so that other people can
benefit from the discussion in future.
Aha! How many entries did that search return? Was is about the same
number
On Tue, Feb 15, 2011 at 2:30 PM, Andrew Findlay
andrew.find...@skills-1st.co.uk wrote:
On Tue, Feb 15, 2011 at 02:13:40PM -0200, Leonardo Carneiro wrote:
To: Andrew Findlay andrew.find...@skills-1st.co.uk
Please keep replies on the list so that other people can
benefit from the discussion
On Tue, Feb 15, 2011 at 02:52:19PM -0200, Leonardo Carneiro wrote:
###
# Specific Directives for database #1, of type bdb:
# Database specific directives apply to this databasse until another
# 'database' directive occurs
On Tue, Feb 15, 2011 at 4:40 PM, Andrew Findlay
andrew.find...@skills-1st.co.uk wrote:
On Tue, Feb 15, 2011 at 04:04:57PM -0200, Leonardo Carneiro wrote:
Hmm, still did not worked.
If i do a ldapsearch specifying '-D cn=root,dc=dominio,dc=com,dc=br and
the
password, the search goes
On Tue, Feb 15, 2011 at 5:08 PM, Leonardo Carneiro
chesterma...@gmail.comwrote:
On Tue, Feb 15, 2011 at 4:40 PM, Andrew Findlay
andrew.find...@skills-1st.co.uk wrote:
On Tue, Feb 15, 2011 at 04:04:57PM -0200, Leonardo Carneiro wrote:
Hmm, still did not worked.
If i do a ldapsearch
Hello everyone,
I upgraded my debian machine from lenny to squeeze (the new stable)
that comes with samba 3.5.6 and openldap 2.4.23. this machines works
primarily as a PDC.
i have 3 services authenticating on ldap: samba, apache and redmine.
samba is acting very weird, but it's kinda working,
On Mon, Feb 14, 2011 at 12:37 PM, Leonardo Carneiro
chesterma...@gmail.com wrote:
Hello everyone,
I upgraded my debian machine from lenny to squeeze (the new stable)
that comes with samba 3.5.6 and openldap 2.4.23. this machines works
primarily as a PDC.
i have 3 services authenticating on
On 14/02/11 12:37 -0200, Leonardo Carneiro wrote:
Hello everyone,
I upgraded my debian machine from lenny to squeeze (the new stable)
that comes with samba 3.5.6 and openldap 2.4.23. this machines works
primarily as a PDC.
i have 3 services authenticating on ldap: samba, apache and redmine.
37 matches
Mail list logo
