How do I control access to operational attributes, in this case
memberOf by the eponymous overlay? While I can put an index on
'memberOf' I can't seem to use it in an as part of an ACL:
unknown attr "memberOf" in to clause
(This is on 2.4.22 with all default settings for the memberof overlay
a
Hallo,
> >I got the following log entries in /var/log/messages
> >
> >Apr 5 13:19:51 myhost slaptest: auxpropfunc error
invalid parameter supplied
> >Apr 5 13:19:51 myhost slapd[18435]: auxpropfunc error
invalid parameter supplied
[..]
> However, the actual source of the error is probab
Nick Urbanik wrote:
> What is the best/right way to exempt system users (entries that have the
> simpleSecurityObject objectclass) from the ppolicy default policy?
>
> Is it to create another policy without restrictions and specify that
> each system user should use that policy using pwdPolicySube
On 04/08/2011 10:16 AM, Noel Akins wrote:
> I have a dumb question. I've been struggling with LDAP for a couple of weeks
> now, working on it at home at night. I seem to have something working here
> given the ldapsearch i tried doing below. I had started with a base.ldif and
> added a user v
Judith Flo Gaya wrote:
> On 04/06/2011 02:44 PM, Aaron Richton wrote:
> > On Tue, 5 Apr 2011, Judith Flo Gaya wrote:
> >
> > [with ldappasswd I get]
> >
> >> e01ENX1pMjcvdjYyeEFvNmI4R212YUdQeDZ3PT0=
> >
> > [but with passwd I get]
> >
> >> e2NyeXB0fSQxJER1VDNiMEtQJE1GNmQ5UGo4YXhSQXp0RW9VNDVUNDA=
>
On 4/8/11 4:16 PM, Noel Akins wrote:
I have a dumb question. I've been struggling with LDAP for a couple of weeks
now, working on it at home at night. I seem to have something working here
given the ldapsearch i tried doing below. I had started with a base.ldif and
added a user via a add_user.ld
I have a dumb question. I've been struggling with LDAP for a couple of weeks
now, working on it at home at night. I seem to have something working here
given the ldapsearch i tried doing below. I had started with a base.ldif and
added a user via a add_user.ldif. I assume the numEntries: 1 is t
Hello everybody,
Is there a way to achieve what the subject says? For example, we can
imagine users like:
uid=user,ou=people,dc=example,dc=com
And the group that I wish the users should be able to join using
ldapmodify is:
cn=group,dc=example,dc=com.
What I wish to achieve is to let a use
On 08/04/2011 15:34, George Mamalakis wrote:
Hello everybody,
Is there a way to achieve what the subject says? For example, we can
imagine users like:
uid=user,ou=people,dc=example,dc=com
And the group that I wish the users should be able to join using
ldapmodify is:
cn=group,dc=example,d
What can I do to maximize the performance of my setup? System has 16gb of ram.
OpenLDAP 2.4.19-15
Import LDIF is 4,611,156 bytes. Backend is BDB.
du -c -h *.bdb
6.5Mcn.bdb
8.0KdisplayName.bdb
1.9Mdn2id.bdb
3.3MgivenName.bdb
17M id2entry.bdb
5.6Mmail.bdb
740Kobject
Dear Folks,
What is the best/right way to exempt system users (entries that have the
simpleSecurityObject objectclass) from the ppolicy default policy?
Is it to create another policy without restrictions and specify that
each system user should use that policy using pwdPolicySubentry?
--
Nick Ur
All-
I'm getting back to the project of upgrading our OpenLDAP infrastructure,
which I started last summer but was interrupted by email outsourcing...
As things currently stand, I'll be deploying 2.4.25 + BDB 4.8.30 on RHEL
5.6. I'm starting with a DB_CONFIG of
set_cachesize 0 536870912 1
set
One of the recommended ways we learned via this list (and other sources)
to determine the the bdb cache size is to get the size of the entire db
using this: "du -ch /var/lib/ldap/*.bdb". Which we have done and seems
to be working good for the initial settings for our ldap rebuild. We
have "set_ca
Hi,
When starting openldap, i'm getting this error:
line 27 (modulepath /usr/lib/openldap)
/usr/local/etc/openldap/slapd.conf: line 27: keyword ignored
I'm using openldap-2.4.25 on CentOs 5.
The config command was:
export LDFLAGS='-L/usr/local/lib -L/usr/local/lib -L/usr/local/lib'
export CPPF
Quanah Gibson-Mount wrote on 05/04/2011 19:02:45:
> Quanah Gibson-Mount
> 05/04/2011 19:03
>
> A
>
> Stéphane PURNELLE , openldap-
> techni...@openldap.org
>
> cc
>
> Objet
>
> Re: help needed for tuning my openldap
>
>
>
> --On April 5, 2011 9:25:11 AM +0200 Stéphane PURNELLE
> wrote
Hi,
I was wondering if there was an overlay that worked somewhat like the
slapo-accesslog overlay, but instead of logging the information to another
OpenLDAP database, I'd like the data to be written to a CSV file or something
similar. Does such a beast exist?
Tim Gustafson
Baskin School of E
On 04/06/2011 02:44 PM, Aaron Richton wrote:
On Tue, 5 Apr 2011, Judith Flo Gaya wrote:
[with ldappasswd I get]
e01ENX1pMjcvdjYyeEFvNmI4R212YUdQeDZ3PT0=
[but with passwd I get]
e2NyeXB0fSQxJER1VDNiMEtQJE1GNmQ5UGo4YXhSQXp0RW9VNDVUNDA=
[after running]
authconfig --enableforcelegacy --disa
Judith Flo Gaya writes:
> Hello,
>
> After some time dealing with ldap and fedora, I'm stuck with an
> strange behaviour.
> I can successfully change the password for a certain user using the
> ldappasswd command, after this change (either done by the manager of
> the ldap or the same user) I can
On Tue, 5 Apr 2011, Judith Flo Gaya wrote:
[with ldappasswd I get]
e01ENX1pMjcvdjYyeEFvNmI4R212YUdQeDZ3PT0=
[but with passwd I get]
e2NyeXB0fSQxJER1VDNiMEtQJE1GNmQ5UGo4YXhSQXp0RW9VNDVUNDA=
[after running]
authconfig --enableforcelegacy --disablecachecreds --enableldap
--enableldapauth --ld
Judith Flo Gaya wrote:
> Hello,
>
> After some time dealing with ldap and fedora, I'm stuck with an
> strange behaviour.
> I can successfully change the password for a certain user using the
> ldappasswd command, after this change (either done by the manager of
> the ldap or the same user) I can su
On Tue, Apr 05, 2011 at 10:33:24AM +0200, Olivier PAVILLA wrote:
> Apr 5 06:28:38 luz2 slapd[21213]: syncrepl_message_to_entry: rid=008
> mods check (objectClass: value #4 invalid per syntax)
> Apr 5 06:28:38 luz2 slapd[21213]: do_syncrepl: rid=008 retrying
> Apr 5 06:38:38 luz2 slapd[21213]: do
Hi All -
We are currently attempting to migrate from a commercial LDAP server to
OpenLDAP. Luckily our data is pretty standard, and the migration itself
will be simple. I am having issues with our groups that programatically
have large numbers of adds and deletes done to its member list. This
t
22 matches
Mail list logo
