OpenLDAP duplication

[25Dollar Tech]

Hello Team,

I just want to know the below

According to my understanding, LDAP authenticates (binds) with DN
(distinguish name) and password. E.g. CN=bob, OU=Users,DC=test,DC=com.

So OpenLDAP allows the same CN in a different OU.

 Is there any option to prevent it. ?


-- 
*Thanks & Regards,
25dollarTech Team
https://sites.google.com/site/25dollartech/*
*Email: 25dollartechh...@gmail.com*

str2entry: invalid value for attributeType objectClass #2 URGENT

[25Dollar Tech]

Hello Team,

I have a problem with OpenLDAP exporting and importing in to a different
machine.

When I use slapadd -l /backupfilname.ldif I used to get below error message

_   0.16% eta 05m31s elapsednone spd   6.7
k/s 51f0c75b str2entry: invalid value for attributeType objectClass #2
(syntax 1.3.6.1.4.1.1466.115.121.1.38)
slapadd: could not parse entry (line=168)
.   0.28% eta 04m29s elapsednone spd  12.1
k/s
Closing DB...

Below is the line 168

 168 dn: ou=Idmap,dc=example,dc=test,dc=com
  169 objectClass: top
  170 objectClass: organizationalUnit
  171 objectClass: sambaUnixIdPool
  172 ou: Idmap
  173 structuralObjectClass: organizationalUnit
  174 entryUUID: 22da7a76-16e0-102f-87b0-799f55e47d38
  175 creatorsName: cn=admin,dc=example,dc=test,dc=com
  176 createTimestamp: 20100628090609Z
  177 uidNumber: 1000
  178 gidNumber: 20001
  179 entryCSN: 20100814084304.552975Z#00#002#00
  180 modifiersName: cn=admin,dc=example,dc=test,dc=com
  181 modifyTimestamp: 20100814084304Z

I already installed samba.schema.

what could be the reason then.



-- 
*Thanks & Regards,
25dollarTech Team
https://sites.google.com/site/25dollartech/*
*Email: 25dollartechh...@gmail.com*

OpenLDAP multimaster

[25Dollar Tech]

Hello Team,

I have a few concern about OpenLDAP multimaster restoration and migration.

Scenario

I have OpenLDAP multimaster configured on ubuntu 9.04 and OPenLDAP version
is 2.4.15. i.e. NODE1 and NODE2

Unfortunatly NODE2 has crashed due to server hardware failure. and running
my OpenLDAP infra for a while without multi-master server but I have
multimaster confoguraiton on NODE1 which is working without any issues.

Question
1) Is it possible to bind new OpenLDAP version and OS ubuntu 12.04 with
existing OpenLDAP multimaster server; existing NODE1 server has config DB
and HDB already configured and it contains more than 1 entry. and NODE2
is already crashed.

2) If yes then what will be procedure to replicate config DB or how to
equalize the database.

-- 
*Thanks & Regards,
25dollarTech Team
https://sites.google.com/site/25dollartech/*
*Email: 25dollartechh...@gmail.com*

Multi master replication

[25Dollar Tech]

Hello Team,

I am facing an issue with multi-master replication.

After Multi-Master configuration when I add entry it is susccessfully
replicating only one time second time it is not repplicating. what could be
the reson. below is the logs (stat and -1)

stat logs from one server when I add entry in server 2

Jun 20 11:37:06 vm2 slapd[1559]: conn=-1 fd=21 ACCEPT from IP=
192.168.122.87:46965 (IP=0.0.0.0:389)
Jun 20 11:37:06 vm2 slapd[1559]: do_syncrep2: rid=005 LDAP_RES_INTERMEDIATE
- SYNC_ID_SET
Jun 20 11:37:06 vm2 slapd[1559]: do_syncrep2: rid=005 LDAP_RES_SEARCH_RESULT
Jun 20 11:37:06 vm2 slapd[1559]: do_syncrep2: rid=005
cookie=rid=005,csn=20130620073703.737390Z#00#000#00
Jun 20 11:37:06 vm2 slapd[1559]: nonpresent_callback: rid=005 present UUID
0cbd9aa0-6dba-1032-8208-dff4fce29a41, dn dc=emb,dc=slb,dc=com
Jun 20 11:37:06 vm2 slapd[1559]: nonpresent_callback: rid=005 present UUID
0cbe2902-6dba-1032-8209-dff4fce29a41, dn cn=admin,dc=emb,dc=slb,dc=com
Jun 20 11:37:06 vm2 slapd[1559]: nonpresent_callback: rid=005 present UUID
5c8269b0-6dc1-1032-80e1-8fddbab869b5, dn ou=Groups,dc=emb,dc=slb,dc=com
Jun 20 11:37:06 vm2 slapd[1559]: slap_queue_csn: queing 0x7f5f10109b40
20130620073703.737390Z#00#000#00
Jun 20 11:37:06 vm2 slapd[1559]: slap_graduate_commit_csn: removing
0x7f5f1010b540 20130620073703.737390Z#00#000#00
Jun 20 11:37:14 vm2 slapd[1559]: conn=1013 fd=19 ACCEPT from IP=
192.168.122.199:35866 (IP=0.0.0.0:389)
Jun 20 11:37:14 vm2 slapd[1559]: conn=1013 op=0 BIND
dn="cn=admin,dc=emb,dc=slb,dc=com" method=128
Jun 20 11:37:14 vm2 slapd[1559]: conn=1013 op=0 BIND
dn="cn=admin,dc=emb,dc=slb,dc=com" mech=SIMPLE ssf=0
Jun 20 11:37:14 vm2 slapd[1559]: conn=1013 op=0 RESULT tag=97 err=0 text=
Jun 20 11:37:14 vm2 slapd[1559]: conn=1013 op=1 SRCH
base="dc=emb,dc=slb,dc=com" scope=2 deref=0 filter="(objectClass=*)"
Jun 20 11:37:14 vm2 slapd[1559]: conn=1013 op=1 SRCH attr=* +
Jun 20 11:37:14 vm2 slapd[1559]: conn=1013 op=1 SEARCH RESULT tag=101 err=0
nentries=0 text=
Jun 20 11:37:14 vm2 slapd[1559]: conn=1013 op=2 UNBIND
Jun 20 11:37:14 vm2 slapd[1559]: conn=1013 fd=19 closed


loglevel -1 enabled and below are the logs from the server1 when I add
entry in server2


Jun 20 16:30:13 vm2 slapd[13074]: => access_allowed: search access to
"dc=emb,dc=slb,dc=com" "entryCSN" requested
Jun 20 16:30:13 vm2 slapd[13074]: <= root access granted
Jun 20 16:30:13 vm2 slapd[13074]: => access_allowed: search access granted
by manage(=mwrscxd)
Jun 20 16:30:13 vm2 slapd[13074]: <= test_filter 6
Jun 20 16:30:13 vm2 slapd[13074]: <= test_filter_and 6
Jun 20 16:30:13 vm2 slapd[13074]: <= test_filter 6
Jun 20 16:30:13 vm2 slapd[13074]: nonpresent_callback: rid=005 present UUID
b49be142-6dd7-1032-821e-bd2e8e19723c, dn dc=emb,dc=slb,dc=com
Jun 20 16:30:13 vm2 slapd[13074]: => test_filter
Jun 20 16:30:13 vm2 slapd[13074]: AND
Jun 20 16:30:13 vm2 slapd[13074]: => test_filter_and
Jun 20 16:30:13 vm2 slapd[13074]: => test_filter
Jun 20 16:30:13 vm2 slapd[13074]: LE
Jun 20 16:30:13 vm2 slapd[13074]: => access_allowed: search access to
"cn=admin,dc=emb,dc=slb,dc=com" "entryCSN" requested
Jun 20 16:30:13 vm2 slapd[13074]: <= root access granted
Jun 20 16:30:13 vm2 slapd[13074]: => access_allowed: search access granted
by manage(=mwrscxd)
Jun 20 16:30:13 vm2 slapd[13074]: <= test_filter 6
Jun 20 16:30:13 vm2 slapd[13074]: <= test_filter_and 6
Jun 20 16:30:13 vm2 slapd[13074]: <= test_filter 6
Jun 20 16:30:13 vm2 slapd[13074]: nonpresent_callback: rid=005 present UUID
b49c7e5e-6dd7-1032-821f-bd2e8e19723c, dn cn=admin,dc=emb,dc=slb,dc=com
Jun 20 16:30:13 vm2 slapd[13074]: => test_filter
Jun 20 16:30:13 vm2 slapd[13074]: AND
Jun 20 16:30:13 vm2 slapd[13074]: => test_filter_and
Jun 20 16:30:13 vm2 slapd[13074]: => test_filter
Jun 20 16:30:13 vm2 slapd[13074]: LE
Jun 20 16:30:13 vm2 slapd[13074]: => access_allowed: search access to
"ou=Groups4,dc=emb,dc=slb,dc=com" "entryCSN" requested
Jun 20 16:30:13 vm2 slapd[13074]: <= root access granted
Jun 20 16:30:13 vm2 slapd[13074]: => access_allowed: search access granted
by manage(=mwrscxd)
Jun 20 16:30:13 vm2 slapd[13074]: <= test_filter 6
Jun 20 16:30:13 vm2 slapd[13074]: <= test_filter_and 6
Jun 20 16:30:13 vm2 slapd[13074]: <= test_filter 6
Jun 20 16:30:13 vm2 slapd[13074]: nonpresent_callback: rid=005 present UUID
3e8b5198-6dd9-1032-8006-655e62f4c8e4, dn ou=Groups4,dc=emb,dc=slb,dc=com
Jun 20 16:30:13 vm2 slapd[13074]: => test_filter
Jun 20 16:30:13 vm2 slapd[13074]: AND
Jun 20 16:30:13 vm2 slapd[13074]: => test_filter_and
Jun 20 16:30:13 vm2 slapd[13074]: => test_filter

ANybody please help me to solve this issue.

Operating system Ubuntu 12.04
OpenLDAP version: openldap-2.4.28  (Debian build)

Note:- When I try to delete /var/lib/ldap/* and start one server it is able
to replicate but after that again stoped for any new entry or any changes
in another server.

-- 
*Thanks & Regards,
25dollarTech Team
https://sites.google.com/site/25dollartech/*
*Email: 2

OpenLDAP multimaster

[25Dollar Tech]

Hello Team,

I am facing an issue with setting up OpenLDAP multimaster replicaiton. It
is happening only one time and it is giving an error in the server log file
that *"hdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found".
*

Below are my configuration details.

Operating system: Ubuntu 12.04.2
cat /etc/ldap/slapd.d/cn\=config.ldif

# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
# CRC32 96647d53
dn: cn=config
objectClass: olcGlobal
cn: config
olcArgsFile: /var/run/slapd/slapd.args
olcLogLevel: none
olcLogLevel: -1
olcPidFile: /var/run/slapd/slapd.pid
olcToolThreads: 1
structuralObjectClass: olcGlobal
creatorsName: cn=config
olcAllows: bind_v2
olcServerID: 3 ldap://vm3.test.example.com
olcServerID: 4 ldap://vm4.test.example.com
entryUUID: 7bfbb79a-6d19-1032-9008-c1a20821a82c
createTimestamp: 20130619104813Z
entryCSN: 20130619104813.603914Z#00#000#00
modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
modifyTimestamp: 20130619104813Z
contextCSN: 20130619104818.925492Z#00#000#00
---
cat /etc/ldap/slapd.d/cn\=config/olcDatabase\=\{1\}hdb.ldif
# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
# CRC32 2b434e34
dn: olcDatabase={1}hdb
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=test,dc=example,dc=com
olcLastMod: TRUE
olcDbCheckpoint: 512 30
olcDbConfig: {0}set_cachesize 0 2097152 0
olcDbConfig: {1}set_lk_max_objects 1500
olcDbConfig: {2}set_lk_max_locks 1500
olcDbConfig: {3}set_lk_max_lockers 1500
olcDbIndex: objectClass eq
structuralObjectClass: olcHdbConfig
entryUUID: 7bfd08b6-6d19-1032-9012-c1a20821a82c
createTimestamp: 20130619104813Z
creatorsName: cn=config
olcRootDN: cn=admin,dc=test,dc=example,dc=com
olcRootPW:: YWRtaW5AMTIz
olcSyncrepl: {0}rid=500
provider=ldap://vm3.test.example.combinddn="cn=admin,dc=te
 st,dc=example,dc=com" bindmethod=simple
credentials=admin@123searchbase="dc=emb,d
 c=slb,dc=com" type=refreshOnly interval=00:00:00:10 retry="5 5 300 +"
timeout
 =1
olcSyncrepl: {1}rid=600
provider=ldap://vm4.test.example.combinddn="cn=admin,dc=te
 st,dc=example,dc=com" bindmethod=simple
credentials=admin@123searchbase="dc=emb,d
 c=slb,dc=com" type=refreshOnly interval=00:00:00:10 retry="5 5 300 +"
timeout
 =1
olcMirrorMode: TRUE
entryCSN: 20130619105336.281097Z#00#000#00
modifiersName: cn=admin,cn=config
modifyTimestamp: 20130619105336Z

cat /etc/ldap/slapd.d/cn\=config/olcDatabase\=\{0\}config.ldif
# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
# CRC32 882cef38
dn: olcDatabase={0}config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcAccess: {0}to * by
dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external
 ,cn=auth manage by * break
structuralObjectClass: olcDatabaseConfig
entryUUID: e237277c-6d1b-1032-87ac-4153a9d6c230
creatorsName: cn=config
createTimestamp: 20130619110523Z
olcRootDN: cn=admin,cn=config
olcRootPW:: YWRtaW5AMTIz
olcSyncrepl: {0}rid=100
provider=ldap://vm3.test.example.combinddn="cn=admin,cn=co
 nfig" bindmethod=simple credentials=admin@123 searchbase="cn=config"
type=ref
 reshAndPersist retry="5 5 300 5" timeout=1
olcSyncrepl: {1}rid=200
provider=ldap://vm4.test.example.combinddn="cn=admin,cn=co
 nfig" bindmethod=simple credentials=admin@123 searchbase="cn=config"
type=ref
 reshAndPersist retry="5 5 300 5" timeout=1
olcMirrorMode: TRUE
entryCSN: 20130619110524.008790Z#00#000#00
modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
modifyTimestamp: 20130619110524Z
-

:/var/lib/ldap# ls -ltrh
total 1.4M
-rw-r--r-- 1 openldap openldap   96 Jun 19 15:05 DB_CONFIG
-rw--- 1 openldap openldap 8.0K Jun 19 15:05 objectClass.bdb
-rw--- 1 openldap openldap  32K Jun 19 15:05 id2entry.bdb
-rw--- 1 openldap openldap 8.0K Jun 19 15:05 dn2id.bdb
-rw--- 1 openldap openldap  10M Jun 19 15:05 log.01
-rw--- 1 openldap openldap  32K Jun 19 15:05 __db.006
-rw--- 1 openldap openldap 160K Jun 19 15:05 __db.004
-rw--- 1 openldap openldap 360K Jun 19 15:05 __db.002
-rw--- 1 openldap openldap  24K Jun 19 15:05 __db.001
-rw-r--r-- 1 openldap openldap 2.0K Jun 19 15:05 alock
-rw--- 1 openldap openldap 2.6M Jun 19 15:05 __db.003
-rw--- 1 openldap openldap 1.3M Jun 19 15:05 __db.005





-- 
*Thanks & Regards,
25dollarTech Team
https://sites.google.com/site/25dollartech/*
*Email: 25dollartechh..