Hi all,
i'm using openldap 2.2.13 as a proxy to an other ldap server. it works and
after few days, authentications doesn't work any more. and i have an error 52
in my ldap log:
ar 29 17:51:13 guardsdef1 slapd[23444]: conn=4 op=5 SRCH
base="ou=personnes,o=st" scope=2 deref=3
filter="(&(objectCl
as
> Message du 30/03/07 à 16h19
> De : "Aaron Richton"
> A : "[EMAIL PROTECTED]"
> Copie à : openldap-software@openldap.org
> Objet : Re: err=52
>
> back-ldap has had an unbelievable amount of work done to it since 2.2.13.
> Case on point, I started usi
OK i will test our Red Hat gold support. it's the fisrt time !
and if they cannot do anything i will upgrade openldap.
Thomas
> Message du 02/04/07 à 15h50
> De : "Aaron Richton"
> A : "[EMAIL PROTECTED]"
> Copie à : openldap-software@openldap.org
&g
Raffaele Viola schrieb:
Hi all,
I downloaded openldap-2.3.35.tgz now I have to add the back-ldap modules
to my own installation under gentoo .
How can I make it?
If you don't have the "minimal" use flag set, back-ldap should be there,
see the 2.3.35-r1 ebuild for details. Additionally, you ha
Tony Earnshaw schrieb:
[EMAIL PROTECTED] skrev, on 07-05-2007 16:57:
I downloaded openldap-2.3.35.tgz now I have to add the back-ldap
modules to my own installation under gentoo .
How can I make it?
If you don't have the "minimal" use flag set, back-ldap should be
there, se
Hi list,
I need to replicate information from a remote LDAP server, however the
target server populates the userPassword field with '*' and
stores credentials in a custom SASL backend to auth SASL binds and
simple binds.
What I need is:
a) enable clients to do simple binds to my ope
Adam Brandizzi schrieb:
Hi, people!
The problem is that they've requested me to follow the bad way: it was
required that the data must be stored on the minor, local server
first, and replicated to the central server after. I know it is
multimaster replication and it is dangerous, not kosher an
Adam Brandizzi schrieb:
Hi!
On 5/22/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
I'd setup the central server as a syncrepl consumer to all the branch
offices, with one database context for each. Optionally those can be
glued together with back-ldap.
I tried it, but I&
Simon Gao schrieb:
Hi,
I am interested in knowing more about chain overlay and have some
questions. Anyone can provide more sources or links for me to read?
Read the slapo-chain manpage, come back here if you have specific questions.
cheers
Paul
José Marco schrieb:
Nice! I'm almost done with my nested groups overlay. I'm wishing to
contribute it! (Some previous cleaning and translation needed before,
though ;) )
Hi José Marco,
Did you suceed with your nested groups overlay? I'd be interested if I
could use/adapt it for my replicat
Hi list,
I played around to find out how overlays work but hit a brickwall when
running make. The error is:
liboverlays.a(statover.o):(.data+0x58): undefined reference to
'nestedgroup_initialize'
collect2: ld returned 1 exit status
nestedgroup_initialize is the initialization hook for my modu
Gavin Henry schrieb:
Hi list,
I played around to find out how overlays work but hit a brickwall when
running make. The error is:
liboverlays.a(statover.o):(.data+0x58): undefined reference to
'nestedgroup_initialize'
collect2: ld returned 1 exit status
nestedgroup_initialize is the initializa
Gavin Henry schrieb:
the linking error suggests there is still something missing.
HEAD? 2.3.x??
2.3.36. Turned out the build env was broken due to copying files from
windows... ;)
thanks anyway
Paul
No prob. Anything you'd like to contribute?
Sure, if I ever get this working ;) This i my fi
Keryx Info schrieb:
Hi all!
# Only three lines changed by me
suffix "dc=lb,dc=labbnet,dc=ne,dc=keryx,dc=se"
rootdn "uid=root,dc=lb,dc=labbnet,dc=ne,dc=keryx,dc=se"
rootpw {CRYPT}tecdIjhx8TVq.
# Temporary p
Jeremiah Lopez schrieb:
[uid, userPassword missing in core.schema]
I was wondering how I go about enabling these attributes?
I have already tried creating another schema file and including that
in my slapd.conf, but when I attempted to run, it stated that those
attributes already exist.
And it i
[ I posted this to the OpenLDAP tech list, and they suggested
re-posting here. It was suggested to upgrade to a newer version of
OpenLDAP, but for various reasons, upgrading to is problematic, and
I'm willing to endure an unreasonable amount of pain to try to get it
working with my ancient version.
Hello List,
what settings do i need to write my ldap changes (almost) immedialtely
to disk?
I do not need much of performance but would rather have a higher security.
Thanks, Mario
Hi,
Howard Chu schrieb:
[EMAIL PROTECTED] wrote:
Hello List,
what settings do i need to write my ldap changes (almost) immedialtely
to disk?
I do not need much of performance but would rather have a higher
security.
That is the default behavior for slapd, no other settings are needed.
In
openldap 2.4.9
Suse 11.0
The following entries has been added successfully:
dn: o=my-org,dc=my-domain,dc=com
dn: ou=People,o=my-org,dc=my-domain,dc=com
dn: uid=rvg,ou=People,o=my-org,dc=my-domain,dc=com
dn: ou=Servers,o=my-org,dc=my-domain,dc=com
Working with he
Sounds like an old version of Ubuntu.
Sellers
On 11/13/08 1:13 PM, "Net Warrior" <[EMAIL PROTECTED]> wrote:
> Running an slapindex -v was sufficient, very kind of you.
> anyway, ubuntu runs slapd as root, that surprised me, on most systems
> /var/lib/ldap is owned by ld
Does openLDAP support password controls such as,
2.16.840.1.113730.3.4.4 LDAP_CONTROL_PWEXPIRED
"Using Password Policy Controls".
2.16.840.1.113730.3.4.5 LDAP_CONTROL_PWEXPIRING
"Using Password Policy Controls"
The ldap.h file does not list those controls. It also
says some of t
Hi,
Thanks for your replies. I am interested in the server
side password policy implementations. I see that it is
a work in progress but shall check it out and do some
testing.
Best regards,
Neo
--- On Tue 07/12, =?ISO-8859-1?Q?Michael_Str=F6der?= < [EMAIL PROTECTED] >
wrote:
From:
Hello
I did install and configure a primary ldap server. Is it possible to
change the scenario to primary + backup ldap server where data are
synchronized to each other on the time of updates? If so can I use this
for fail over and load balanicing as we do in NIS? I am a newbie and if
I ask a
Hi
I am planning to implement sync replication for ldap replication
purposes. But the problem is that when I add the following entries to
slapd.conf and restart ldap
overlay syncprov
syncprov-checkpoint 1 10
syncprov-sessionlog 1000
I get
[19:37:28] [EMAIL PROTECTED] - ~> /etc/init.d/l
it's possible Can somebody say how I can add a new entry using the
following ldif file.
dn: cn=sadique,ou=addressbook,dc=srtachyonldap,dc=com
cn: sadique
displayName: Sadique Puthen Peedikayil
givenName: Sadique
mail: [EMAIL PROTECTED]
mobile: 9895643639
homePhone: 0466-2254274
objectClass: inetOrgP
Hello
I know what I am asking is a basic question.
For replication with slurpd I have to add a directives
binddn="cn=Replicator,dc=example,dc=com"
bindmethod=simple credentials=secret
I have given write access for the binddn in slave slapd and it has been
set as the updatedn but I am not sure
the local proxy cache server with cache-hit
For option 2, I ensure the cache miss by searching sequentially for
users. The searches are of the type ([EMAIL PROTECTED])
and return Attribute is mailRoutingAddress. where n = from 1 to 10,000
For option 3, I do the test once all the entries are
Hello
I did migrate user databases using scritps from
/usr/share/openldap/migration. But I found after setting up ldap server
that ldap userdatase does not set up expire date and shadow minvalue in
the database. Now I want to add these two attributes - ShadowMin and
shadowExpire - for all users.
ting bind error.
slap_sasl_init : SASL library version mismatch : expected 2.1.22, got 2.1.19
i've checked /usr/lib and looked like i've had a couple of versions of sasl,
so I removed link to 2.1.22. does the default version of openldap for linux
install sasl?
Anyway, i tried 'make
Hi,
I know this is a common error, but I don't know how to fix it
http://www.openldap.org/faq/data/cache/577.html
[EMAIL PROTECTED] ~]# ldapsearch
ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
additional info: SASL(-4): no mechanism available: No worthy mechs
Hi,
I've installed openldap-2.3.20 but password policy does not appear to be
working as I expect.
I initially installed openldap with the following configuration
./configure -q --enable-syncprov=no --enable-ppolicy=yes
--enable-accesslog=yes
--with-cyrus-sasl=yes
This I believe installed ope
I'm having difficulty processing the response from the password policy control
returned by slapd
here is an extract of the log:
send_ldap_result: conn=45 op=4 p=3
send_ldap_result: err=19 matched="" text="Password is in history of old
passwords"
send_ldap_response: msgid=5 tag=103 err=19
ldap_w
Hi everybody,
I'am configuring slapd(8) 2.3.27 for use as a proxy to another LDAP server.
Unfortunately this (non-OpenLDAP) LDAP directory uses non standard attributes
stored in a .ldif file.
i have to use one of this non standard attributes in the slapd.conf file for
binddn:
database ldap
uri l
VerifyClient never
database ldap
suffix ou=personnes,o=sg
uri ldaps://192.168.239.210:1636
thank you for your help
jey
> Message du 30/11/06 à 17h52
> De : "Kurt D. Zeilenga"
> A : [EMAIL PROTECTED]
> Copie à : openldap-software@openldap.org
> Objet : Re: openldap
Hi,
i'm using openldap as a ldap proxy to an an other ldap server.
I'd like to get a ldaps connexion between this 2 servers.
so, i configured ldap.conf like this:
TLS_CACERT /usr/local/etc/raddb/RTFE/conca.pem
TLS_REQCERT demand
My issue is that the ssl connexion still works if i comment the line
thank you for your help.
but i still don't understand why the ssl connection works without any CA in
TLS_CACERT whereas i put TLS_REQCERT "demand" ?
Thomas
> Message du 29/12/06 à 18h28
> De : "Owen DeLong"
> A : "Rafal (sxat)"
> Copie à : openldap-software@openldap.org
> Objet : Re: cetific
hi,
I'am configuring slapd(8) 2.3.27 for use as a proxy to another LDAP server.
the purpose is to do an ldap authentication to a ldap backend, that need that
an administator account bind to do a search, with applications that can only do
an anonymous bind.
can openldap rewrite the anonynous co
01/07 à 20h12
> De : "[EMAIL PROTECTED]"
> A : openldap-software@openldap.org
> Copie à :
> Objet : openldap proxy issue
>
>
> hi,
>
> I'am configuring slapd(8) 2.3.27 for use as a proxy to another LDAP server.
> the purpose is to do an ldap authentica
age du 06/01/07 à 00h38
> De : "Pierangelo Masarati"
> A : [EMAIL PROTECTED]
> Copie à : openldap-software@openldap.org
> Objet : Re: openldap proxy issue
>
> [EMAIL PROTECTED] wrote:
> >
> > hi,
> >
> >
> > I'am configuring slapd(8)
t;
> A : [EMAIL PROTECTED]
> Copie à : openldap-software@openldap.org
> Objet : Re: openldap proxy issue
>
> [EMAIL PROTECTED] wrote:
> >
> >
> > thank you very much: it works very well with slapd(8) 2.3.27.
> >
> > my issue now is that i will have to use
[EMAIL PROTECTED] wrote:
Sorry for no info in last message.
I have a certificate with non-ascii characters in it. Then i try to
search this certificate there is no luck(but ok with others). Is it
possible to encode no-ascii character to something that openldap can
understand?
Can you
[EMAIL PROTECTED] wrote:
Now I am running OpenLdap and get one error code from syslog.
But I have no any references about the detailed meaning of OpenLdap's error
code.
Where can I get the detailed meaning of OpenLDAP's Error Code?
It's likely that it's simply a LDAP
42 matches
Mail list logo
