Hi,
thx I have some probleme to edit man page on my server , i have just
found them on openLdap web site ... how i have a doc.
thx
Kevin Spicer [EMAIL PROTECTED] 02/09 9:26
On Thu, 2006-02-09 at 08:15 +, Eudes LEDUCQ wrote:
Hi,
I have you an example of ppolicy_default entry to
Hi,
I have you an example of ppolicy_default entry to help me ? and how I
can know how a password change ?
thx
Kevin Spicer [EMAIL PROTECTED] 02/08 9:13
On Wed, 2006-02-08 at 17:16 +0100, Eudes LEDUCQ wrote:
is it possible on openLdap to know when a user change its password ?
I
need to
On Thu, 2006-02-09 at 08:15 +, Eudes LEDUCQ wrote:
Hi,
I have you an example of ppolicy_default entry to help me ? and how I
can know how a password change ?
man slapo-ppolicy should help. The attribute that stores the password
change time is 'pwdChangedTime'
Hi,
i try to add a default pwdPolicy entry, like this
dn: cn=default,o=policies,dc=mydirectory,dc=fr
objectclass: pwdPolicy
objectclass: pwdPolicyChecker
objectclass: top
cn: default
pwdAttribute : userPassword
i have this error :
ldap_add: Internal (implementation specific) error (80)
From: Eudes LEDUCQ [mailto:[EMAIL PROTECTED]
i try to add a default pwdPolicy entry, like this
dn: cn=default,o=policies,dc=mydirectory,dc=fr
objectclass: pwdPolicy
objectclass: pwdPolicyChecker
objectclass: top
cn: default
pwdAttribute : userPassword
i have this error :
ldap_add:
Hi,
it's work thx. So I have a new problem, when i change a password
(small than 5) the server don't check the syntax. I don't understand why
? do you know what i must add to the user entry to have the
pwdChangedTime attribute ?
thx
I have configured my slap.conf like this:
# password
I looked at the slapd.conf directives (e.g., sizelimit, timelimit,
conn_max_pending, conn_max_auth, conn_max_pending_auth,
sockbuf_max_incoming, sockbuf_max_incoming_auth, limits (size and time),
etc.) and it seems like conn_max_pending and conn_max_auth might be
worth a try. I agree with Howard
On 2/9/06, David Hawes [EMAIL PROTECTED] wrote:
On Thursday 09 February 2006 01:00, Howard Chu wrote:
David Hawes wrote:
On Wednesday 08 February 2006 18:45, Quanah Gibson-Mount wrote:
On Wednesday 08 February 2006 13:41, David Hawes wrote:
I have been testing OpenLDAP 2.3.19 to
On Wednesday 08 February 2006 21:34, Ramseyer, Ken wrote:
I am trying to protect against a client that has somehow ended up in an
infinite loop with no sleep or delay, and this client is calling
ldap_search thousands of times a second. Just one unruly or demanding
client can adversely affect
--On Thursday, February 09, 2006 11:25 AM -0500 matthew sporleder
[EMAIL PROTECTED] wrote:
I've reproduced this behavior, it's due to the same reason as ITS#4385.
Now fixed in HEAD back-bdb/cache.c. A potential workaround is to issue
a few no-op requests to the slapd server while the
On Mon, 2006-02-06 at 14:41 -0500, Aaron Richton wrote:
That's been on my todo list for over a year now. (So I'll join in the
request for a copy if there is such a script!)
If anybody does write this, it's important to note that something that
strictly compares contextcsns is likely useless
This may be of interest to openldap users.
- Forwarded message from Dave Segleau [EMAIL PROTECTED] -
From: Dave Segleau [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Date: Tue, 7 Feb 2006 17:31:46 -0800
X-Mailer: Microsoft Outlook, Build 10.0.6626
Subject: [sleepycat-ann] Two new patches for
This issue involves ldap-kerberos integration. I'm not sure if this is
a kerberos or an ldap configuration problem so have sent it both to the
openldapldap-software and the kerberos lists.
openldap-2.2.15-2; krb5-libs-1.2.5-15; cyrus-sasl-2.1.10-1
Passwords are stored in the kerberos
All,
We are in the process of rebuilding our LDAP infrastructure. Due to
legacy email client configuration, each client is configured to use US
as the default search scope. Of course, our humble enterprise is not the
entire US. How would one have searches for US return entries for the
salk?
You might consider using back-ldap or back-meta to make the
your entries available in the alternative context
Kurt
At 09:02 AM 2/9/2006, Chad A. Prey wrote:
All,
We are in the process of rebuilding our LDAP infrastructure. Due to
legacy email client configuration, each client is configured
* Karen R McArthur [EMAIL PROTECTED] [060209 20:06]:
Is this an ldap configuration issue? Or is it kerberos? Any ideas
would be greatly appreciated!
For Simple-Bind you need the saslauthd running on your LDAP-Server.
The OpenLDAP-Server itself must be set up, to use the saslauthd, for
that,
On Thu, 2006-02-09 at 09:02 -0800, Chad A. Prey wrote:
All,
We are in the process of rebuilding our LDAP infrastructure. Due to
legacy email client configuration, each client is configured to use US
as the default search scope. Of course, our humble enterprise is not the
entire US. How
Karen R McArthur wrote:
This issue involves ldap-kerberos integration. I'm not sure if this
is a kerberos or an ldap configuration problem so have sent it both to
the openldapldap-software and the kerberos lists.
openldap-2.2.15-2; krb5-libs-1.2.5-15; cyrus-sasl-2.1.10-1
Passwords are
Kurt D. Zeilenga wrote:
You might consider using back-ldap or back-meta to make the
your entries available in the alternative context
back-relay should work better for this purpose.
Kurt
At 09:02 AM 2/9/2006, Chad A. Prey wrote:
All,
We are in the process of rebuilding our LDAP
Hi,
I currently try to move from 2.1 to 2.3 and notices that I get syntax errors
during slapadd, for the OpenLDAPaci Attribute. The new syntax validation for
ACIs doesn't like [entry] and [children] as attributes. Aren't they
necessary anymore?
Additionaly it doesn't accepts more then one
On Thu, 2006-02-09 at 21:03 +0100, Gerald Richter wrote:
Hi,
I currently try to move from 2.1 to 2.3 and notices that I get syntax errors
during slapadd, for the OpenLDAPaci Attribute. The new syntax validation for
ACIs doesn't like [entry] and [children] as attributes. Aren't they
On Thu, Feb 09, 2006 at 10:35:01PM +0100, T M wrote:
todd:
this is what i do:
ldapadd -f file.ldif -x -w pass -D cn=Manager,dc=ireas,dc=cz
and it says:
adding new entry cn=Ryvolová Ivana,[EMAIL PROTECTED]
ldap_add: Server is unwilling to perform (53)
additional info: no global superior
todd:
this is what i do:
ldapadd -f file.ldif -x -w pass -D cn=Manager,dc=ireas,dc=cz
and it says:
adding new entry cn=Ryvolová Ivana,[EMAIL PROTECTED]
ldap_add: Server is unwilling to perform (53)
additional info: no global superior knowledge
:(
sajag:
i changed /etc/openldap/slapd.conf
On Thursday 09 February 2006 12:15, Quanah Gibson-Mount wrote:
--On Thursday, February 09, 2006 11:25 AM -0500 matthew sporleder
[EMAIL PROTECTED] wrote:
I've reproduced this behavior, it's due to the same reason as
ITS#4385. Now fixed in HEAD back-bdb/cache.c. A potential workaround
It looks to me like DB 4.4 has a db-compact method that doesn't seem to
have been available in earlier versions. I would think that this could
come in handy for collapsing btrees into fewer levels. (back-bdb uses
btrees, right?) This ought to reclaim storage and performance, even when
there
Eric Irrgang wrote:
It looks to me like DB 4.4 has a db-compact method that doesn't seem to
have been available in earlier versions. I would think that this could
come in handy for collapsing btrees into fewer levels. (back-bdb uses
btrees, right?) This ought to reclaim storage and
On Fri, Feb 10, 2006 at 12:26:40AM +0100, T M wrote:
structure of directory? what do you mean? im pasting both conf files:
The rootdn.
/etc/openldap/ldap.conf
suffix dc=ireas,dc=cz
As in this above.
adding new entry cn=Ryvolová Ivana,[EMAIL PROTECTED]
ldap_add: Server is unwilling
[please reply on the list]
On Thu, 2006-02-09 at 15:32 -0800, Chad A. Prey wrote:
Unrecognized database type (relay)
is there some module that I need to load...is there a good book on
OpenLDAP...the Oreilley one?
You need to:
1) use a current (namely: not historic) version; for example,
Hi,
Additionaly it doesn't accepts more then one attribute, also while
looking throught the source in aci.c it seems that the ACI code
itself, still support multiple attributes. Here is an example:
OpenLDAPaci:
1#entry#grant;r,s,c;cn#access-id#cn=admin,dc=testuml,dc=test
Hi,
I have a problem, the server don't check the syntax of the password for
example when i change it to a small than 5 caracteres. I don't
understand why ?
and when do you know what i must add to the user entry to have the
pwdChangedTime attribute ?
thx
I have configured my slap.conf like
31 matches
Mail list logo