How can I visit cn=config

2006-04-11 Thread Kent G
I hava a OpenLDAP 2.3.19 on Fedora5. when I search "cn=config",it will return "Insufficient access". How can I do? thanks.

Re: ldapadd error

2006-04-11 Thread Quanah Gibson-Mount
--On Tuesday, April 11, 2006 8:37 PM -0500 Adam Williams <[EMAIL PROTECTED]> wrote: Quanah Gibson-Mount wrote: As I noted, you need to have -x as part of the options to do a simple bind. every combination I try gives a syntax error, such as: ldapsearch -D adam -W -x -b "dc=mda

Re: ldapadd error

2006-04-11 Thread Adam Williams
Quanah Gibson-Mount wrote: As I noted, you need to have -x as part of the options to do a simple bind. every combination I try gives a syntax error, such as: ldapsearch -D adam -W -x -b "dc=mdah,dc=state,dc=ms,dc=us" Enter LDAP Password: ldap_bind: Invalid DN syntax (34) add

Re: ldapadd error

2006-04-11 Thread Quanah Gibson-Mount
--On Tuesday, April 11, 2006 7:52 PM -0500 Adam Williams <[EMAIL PROTECTED]> wrote: Quanah Gibson-Mount wrote: Nope... The -D and -W flags say: Bind to the server using the DN specified with -D, and the password entered after -W using -x with those options means to do a simple bind.

Re: ldapadd error

2006-04-11 Thread Adam Williams
Quanah Gibson-Mount wrote: Nope... The -D and -W flags say: Bind to the server using the DN specified with -D, and the password entered after -W using -x with those options means to do a simple bind. Ok, I'm not quite sure what I should use for my bind dn. I tried: ldapsearch -W -D

Re: ldapadd error

2006-04-11 Thread Quanah Gibson-Mount
--On Tuesday, April 11, 2006 5:37 PM -0500 Adam Williams <[EMAIL PROTECTED]> wrote: Quanah Gibson-Mount wrote: That is an anonymous search. I bet that anonymous doesn't have read access, thus you get no such object returned. I advise you do a simple bind as a part of your search, just

Re: ldapadd error

2006-04-11 Thread Adam Williams
Quanah Gibson-Mount wrote: That is an anonymous search. I bet that anonymous doesn't have read access, thus you get no such object returned. I advise you do a simple bind as a part of your search, just like you are doing with your add. I'm very new to openldap, so I'm not quite sure

Re: ldapadd error

2006-04-11 Thread Quanah Gibson-Mount
--On Tuesday, April 11, 2006 4:28 PM -0500 Adam Williams <[EMAIL PROTECTED]> wrote: Quanah Gibson-Mount wrote: Yes, you must create it in your LDAP database, too, with LDIF. See the URL's above. Ok, I did that, and I have an error: ldapadd -x -D "cn=adam,dc=mdah,dc=state,dc=ms,dc=us

Re: ldapadd error

2006-04-11 Thread Adam Williams
Quanah Gibson-Mount wrote: Yes, you must create it in your LDAP database, too, with LDIF. See the URL's above. Ok, I did that, and I have an error: ldapadd -x -D "cn=adam,dc=mdah,dc=state,dc=ms,dc=us" -W -h roark.mdah.state.ms.us -f stanford.LDIF Enter LDAP Password: adding new entry

Re: slapd no response

2006-04-11 Thread Quanah Gibson-Mount
--On Tuesday, April 11, 2006 5:01 PM -0400 matthew sporleder <[EMAIL PROTECTED]> wrote: Our openldap 2.2.24 running on Solaris 9 x86 suddently stopped functioning this morning:( . It can still be started up but doesn't give any response to queries: # ps -ef |grep slapd ro

Re: ldapadd error

2006-04-11 Thread Quanah Gibson-Mount
--On Tuesday, April 11, 2006 3:46 PM -0500 Adam Williams <[EMAIL PROTECTED]> wrote: Quanah Gibson-Mount wrote: Did you create "dc=mdah,dc=state,dc=ms,dc=us" ? And as a side note, "ou" stands for Organizational Unit. Most places do not consider "people" one of their organizational unites,

Re: slapd no response

2006-04-11 Thread matthew sporleder
> Our openldap 2.2.24 running on Solaris 9 x86 suddently stopped functioning > this morning:( . > >It can still be started up but doesn't give any response to queries: > > # ps -ef |grep slapd > root 648 1 0 11:18:33 ?0:00 /usr/local/libexec/slapd > -h ldap:/// lda

Re: no slapd.d(5) ??

2006-04-11 Thread Gavin Henry
> > > --On Tuesday, April 11, 2006 3:37 PM +0100 Gavin Henry > <[EMAIL PROTECTED]> wrote: > >> Dear List, >> >> There doesn't appear to be a slapd.d man page, when building from source >> using 2.3.21, as per http://www.openldap.org/doc/admin23/slapdconf2.html >> >> "This section details commonly

Re: ldapadd error

2006-04-11 Thread Adam Williams
Quanah Gibson-Mount wrote: Did you create "dc=mdah,dc=state,dc=ms,dc=us" ? And as a side note, "ou" stands for Organizational Unit. Most places do not consider "people" one of their organizational unites, and I doubt yours does either. ;) I would suggest using "cn". You may want to look a

slapd no response

2006-04-11 Thread Taolizhong
Hello -- Our openldap 2.2.24 running on Solaris 9 x86 suddently stopped functioning this morning:( . It can still be started up but doesn't give any response to queries: # ps -ef |grep slapd root 648 1 0 11:18:33 ?0:00 /usr/local/libexec/slapd -h ldap:/

Re: ldapadd error

2006-04-11 Thread Howard Chu
Quanah Gibson-Mount wrote: Most sites (and graphical browsers) understand "ou" to be a generic folder and as a common usage it makes sense. I recommend against using "cn" to name everything; that negates one of the advantages of the directory naming structure. I.e., use naming attributes that

Re: ldapadd error

2006-04-11 Thread Quanah Gibson-Mount
--On Tuesday, April 11, 2006 12:14 PM -0700 Howard Chu <[EMAIL PROTECTED]> wrote: Quanah Gibson-Mount wrote: And as a side note, "ou" stands for Organizational Unit. Most places do not consider "people" one of their organizational unites, and I doubt yours does either. ;) I would suggest

Re: OpenLDAP: Object class modification

2006-04-11 Thread John Quigley
Everyone: Thanks so much for your insightful replies, they're very much appreciated. A few follow-up notes and questions, that you may be able to help me with: >> First, I note that 2.1 is historic. However, 2.3 behaves in the >> same manner. See

Re: ldapadd error

2006-04-11 Thread Howard Chu
Quanah Gibson-Mount wrote: And as a side note, "ou" stands for Organizational Unit. Most places do not consider "people" one of their organizational unites, and I doubt yours does either. ;) I would suggest using "cn". Most sites (and graphical browsers) understand "ou" to be a generic fold

Re: no slapd.d(5) ??

2006-04-11 Thread Howard Chu
Quanah Gibson-Mount wrote: --On Tuesday, April 11, 2006 3:37 PM +0100 Gavin Henry <[EMAIL PROTECTED]> wrote: Dear List, There doesn't appear to be a slapd.d man page, when building from source using 2.3.21, as per http://www.openldap.org/doc/admin23/slapdconf2.html "This section details c

Re: no slapd.d(5) ??

2006-04-11 Thread Quanah Gibson-Mount
--On Tuesday, April 11, 2006 3:37 PM +0100 Gavin Henry <[EMAIL PROTECTED]> wrote: Dear List, There doesn't appear to be a slapd.d man page, when building from source using 2.3.21, as per http://www.openldap.org/doc/admin23/slapdconf2.html "This section details commonly used configuration d

Re: ldapadd error

2006-04-11 Thread Quanah Gibson-Mount
--On Tuesday, April 11, 2006 5:50 AM -0500 Adam Williams <[EMAIL PROTECTED]> wrote: Steve Feehan wrote: Create an ldif file with the following content: dn: ou=People,dc=mdah,dc=state,dc=ms,dc=us ou: People objectClass: organizationalUnit Assuming the file is named people.ldif, you add

Re: OpenLDAP: Object class modification

2006-04-11 Thread Quanah Gibson-Mount
--On Tuesday, April 11, 2006 10:47 AM -0700 "Kurt D. Zeilenga" <[EMAIL PROTECTED]> wrote: First, I note that 2.1 is historic. However, 2.3 behaves in the same manner. See for a discussion of this error. I note that, in 2.4, we hope to intro

Re: Back-meta status

2006-04-11 Thread Pierangelo Masarati
On Tue, 2006-04-11 at 10:35 -0700, Qiao Yang wrote: > Hi, > > I am new to OpenLDAP and found back-meta is very useful. It provides > features that back-ldap doesn't provide. But when I went through the mailing > list messages, somehow it is mentioned here and there that back-meta > eventually will

Re: OpenLDAP: Object class modification

2006-04-11 Thread Kurt D. Zeilenga
At 10:47 AM 4/11/2006, Kurt D. Zeilenga wrote: >First, I note that 2.1 is historic. However, 2.3 behaves in the >same manner. See >for a discussion of this error. Actually, this answer is too a related question. I've added http://www.openldap.o

Back-meta status

2006-04-11 Thread Qiao Yang
Hi, I am new to OpenLDAP and found back-meta is very useful. It provides features that back-ldap doesn't provide. But when I went through the mailing list messages, somehow it is mentioned here and there that back-meta eventually will go away. Is back-meta still under maintenance and development?

Re: OpenLDAP: Object class modification

2006-04-11 Thread Kurt D. Zeilenga
First, I note that 2.1 is historic. However, 2.3 behaves in the same manner. See for a discussion of this error. I note that, in 2.4, we hope to introduce a control which will allow administrators (and other authorized users) to request this (and

OpenLDAP: Object class modification

2006-04-11 Thread John Quigley
Hey Folks! Here's my scenario: I've got several hundred user accounts, stored as OpenLDAP records. Here's an example: # test user dn: cn=tuser,ou=employee,ou=csinternal,dc=hostname,dc=com cn: tuser sn: test user objectclass: person objectclass: organizationalperson objectclass: posixaccount uid:

Re: ldapadd error

2006-04-11 Thread Adam Williams
Steve Feehan wrote: Create an ldif file with the following content: dn: ou=People,dc=mdah,dc=state,dc=ms,dc=us ou: People objectClass: organizationalUnit Assuming the file is named people.ldif, you add it via the command: ldapadd -x -D "cn=adam,dc=mdah,dc=state,dc=ms,dc=us" -W \ -h roa

no slapd.d(5) ??

2006-04-11 Thread Gavin Henry
Dear List, There doesn't appear to be a slapd.d man page, when building from source using 2.3.21, as per http://www.openldap.org/doc/admin23/slapdconf2.html "This section details commonly used configuration directives. For a complete list, see the slapd.d(5) manual page." Any ideas? Thanks, Ga