Il 21/04/2011 11:05, Howard Chu ha scritto:
>
> If you don't understand LDAP and LDIF then you cannot effectively
> administer an LDAP server. Period. There is no chicken and egg here -
> you must understand LDAP. You must know what "DIT" means. You must know
> what a DN is. You must know what a s
Hi!
On Thu, Apr 21, 2011 at 3:42 PM, Howard Chu wrote:
> Jose Ildefonso Camargo Tolosa wrote:
>>
>> On Thu, Apr 21, 2011 at 12:05 AM, Howard Chu wrote:
>>>
>>> There are many possibilities. The most obvious is leaving random
>>> whitespace
>>> at the end of a line, which frequently trips up peop
Michael Ströder wrote:
Howard Chu wrote:
If you don't understand LDAP and LDIF then you cannot effectively
administer an LDAP server. Period. There is no chicken and egg here -
you must understand LDAP. You must know what "DIT" means. You must know
what a DN is. You must know what a schema is. Y
All-
In the email that started this thread, I asked several questions about
clarifications or updates to the Admin Guide or man pages.
Quanah's first response is below with my status updates inline.
I received further clarifications from Marco Pizzoli and Howard.
I have status updates on three
Jose Ildefonso Camargo Tolosa wrote:
On Thu, Apr 21, 2011 at 12:05 AM, Howard Chu wrote:
There are many possibilities. The most obvious is leaving random whitespace
at the end of a line, which frequently trips up people who manually edit
flat text files. I won't go into the other possibilities
Howard Chu wrote:
> If you don't understand LDAP and LDIF then you cannot effectively
> administer an LDAP server. Period. There is no chicken and egg here -
> you must understand LDAP. You must know what "DIT" means. You must know
> what a DN is. You must know what a schema is. You must know what
2011/4/21 Jose Ildefonso Camargo Tolosa :
> On Thu, Apr 21, 2011 at 1:02 PM, Erwann ABALEA wrote:
>> 2011/4/21 Jose Ildefonso Camargo Tolosa :
>> [...]
Or use the ldapi:// URI, with "EXTERNAL" SASL mechanism, and correct ACL.
>>>
>>> Ok can you elaborate? if you can do this, I feel that t
On Thu, Apr 21, 2011 at 10:36 AM, sim123 wrote:
> Hi All,
>
> I am using ldap_search_ext_s C API and having strange results, not sure if
> I am missing something or its an API bug:
>
> My Directory Tree looks like this:
>
> | -- dc=example,dc=com
> | -- ou=users,dc=example,dc=com
> |
On Thu, Apr 21, 2011 at 1:02 PM, Erwann ABALEA wrote:
> 2011/4/21 Jose Ildefonso Camargo Tolosa :
> [...]
>>> Or use the ldapi:// URI, with "EXTERNAL" SASL mechanism, and correct ACL.
>>
>> Ok can you elaborate? if you can do this, I feel that this is
>> almost a security problem (where you ca
Hi All,
I am using ldap_search_ext_s C API and having strange results, not sure if I
am missing something or its an API bug:
My Directory Tree looks like this:
| -- dc=example,dc=com
| -- ou=users,dc=example,dc=com
| -- uid=1,ou=users,dc=example,dc=com
| --- cn=john
| ---
2011/4/21 Jose Ildefonso Camargo Tolosa :
[...]
>> Or use the ldapi:// URI, with "EXTERNAL" SASL mechanism, and correct ACL.
>
> Ok can you elaborate? if you can do this, I feel that this is
> almost a security problem (where you can bypass LDAP authentication by
> using an external auth that w
On Thu, Apr 21, 2011 at 12:32 PM, Erwann ABALEA wrote:
> 2011/4/21 Jose Ildefonso Camargo Tolosa :
>> On Thu, Apr 21, 2011 at 11:47 AM, Olivier Guillard
>> wrote:
No, that is not the meaning of "add".
>>>
>>> In that case, how can you change
>>> olcRootPW: MySecretPassword
>>
>> If you forgo
2011/4/21 Jose Ildefonso Camargo Tolosa :
> On Thu, Apr 21, 2011 at 11:47 AM, Olivier Guillard
> wrote:
>>> No, that is not the meaning of "add".
>>
>> In that case, how can you change
>> olcRootPW: MySecretPassword
>
> If you forgot your rootdn pass, and have no other user that with write
> privi
--On April 21, 2011 6:19:20 PM +0200 Olivier wrote:
No, that is not the meaning of "add".
In that case, how can you change
olcRootPW: MySecretPassword
If it already exists but you want to change it ?
With an ldap modify operation, the same way you do any other type of
modification to
On Thu, Apr 21, 2011 at 11:47 AM, Olivier Guillard
wrote:
>> No, that is not the meaning of "add".
>
> In that case, how can you change
> olcRootPW: MySecretPassword
If you forgot your rootdn pass, and have no other user that with write
privileges to cn=config, I guess you would need to slapcat y
On Thu, Apr 21, 2011 at 12:05 AM, Howard Chu wrote:
>
> There are many possibilities. The most obvious is leaving random whitespace
> at the end of a line, which frequently trips up people who manually edit
> flat text files. I won't go into the other possibilities because frankly,
> it's an inter
>> No, that is not the meaning of "add".
In that case, how can you change
olcRootPW: MySecretPassword
If it already exists but you want to change it ?
---
Olivier
On Thu, Apr 21, 2011 at 12:13 AM, Howard Chu wrote:
> Quanah Gibson-Mount wrote:
>>
>>
>> --On April 20, 2011 11:40:32 PM -0430 Jose Ildefonso Camargo Tolosa
>> wrote:
>>
>>> Ok, then... either:I'm missing something obvious, or no one have any
>>> idea on this... Should I create a bug report ba
On 04/21/2011 12:19 PM, piccardi wrote:
> On 20/04/2011 22:38, Howard Chu wrote:
>> Jose Ildefonso Camargo Tolosa wrote:
>>> Resending on-list.
>>> Well, I actually got used to cn=config pretty quickly, nevertheless, I
>>> still find easier to understand and modify the slapd.conf file than
>>> the
On 21/04/11 02:05 -0700, Howard Chu wrote:
Your slaptest is OK because there was no broken dependency. ProxyAuth
doesn't require SASL. Whoever told you so was wrong. (They overlooked
the ProxyAuthz control, which is independent of SASL.)
That was my mistake.
~$ ldapsearch -LLL -x -H ldap://ld
Olivier Guillard wrote:
On a fresh installation that has not yet been configured: ...
Thanks howard, it helps.
For other readers I add this found in the slapadd doc :
LIMITATIONS
Your slapd(8) should not be running when you do this to ensure consis‐
tency of the database.
So
On 20/04/2011 22:38, Howard Chu wrote:
> Jose Ildefonso Camargo Tolosa wrote:
>> Resending on-list.
>
>> Well, I actually got used to cn=config pretty quickly, nevertheless, I
>> still find easier to understand and modify the slapd.conf file than
>> the directory structure under slapd.d... it is d
Olivier wrote:
Hi Howard,
The directory structure under slapd.d is private/internal to slapd.
Forget it is even there. As far as you're concerned, it does not even exist.
Could you please concretly explain how you let say tune or add
rootdse operational attributes imediatly after having insta
LALOT Dominique wrote:
Hello Howard,
Nothing else to discuss? When I started a long time ago, the learning edge was
a little bit easier, as to start your configuration you don't need to use ldap
tools. You know the problem of chicken and eggs.
If you don't understand LDAP and LDIF then you can
Hi Howard,
> The directory structure under slapd.d is private/internal to slapd.
> Forget it is even there. As far as you're concerned, it does not even exist.
Could you please concretly explain how you let say tune or add
rootdse operational attributes imediatly after having installed
a fresh op
Hello Howard,
Nothing else to discuss? When I started a long time ago, the learning edge
was a little bit easier, as to start your configuration you don't need to
use ldap tools. You know the problem of chicken and eggs.
On other ldap servers, software comes with a GUI to configure. If you don't
d
26 matches
Mail list logo