--On Tuesday, August 02, 2011 3:47 PM -0700 "Mahadevan, Venkatasubramanian"
wrote:
Hi Howard,
I have tried the slapd -c option with a rid value, and it
also tries to resync the entire directory when doing that
while comparing CSNs. There is also a cid value which can
be passed to the -c optio
Hi Howard,
I have tried the slapd -c option with a rid value, and it
also tries to resync the entire directory when doing that
while comparing CSNs. There is also a cid value which can
be passed to the -c option, but I was unable to find an
example of what to pass in there. Is it just a contextCSN
Mahadevan, Venkatasubramanian wrote:
Hi David,
Thanks much for your response.
That's what I did but when I do that it seems to take forever to recover
using syncrepl as it goes through all the entries in the databases comparing
CSNs. So what I did was stop slapd and rebuild the database using sl
Hi David,
Thanks much for your response.
That's what I did but when I do that it seems to take forever to recover
using syncrepl as it goes through all the entries in the databases comparing
CSNs. So what I did was stop slapd and rebuild the database using slapadd
with the -w option to preserve s
On 02/08/11 15:14 +0100, Sergio NNX wrote:
It's still not working guys! I tried with Cyrus SASL 2.1.23 last night and
the same issue. Does anyone have a working combination of DB, SASL and
OpenLDAP i could download and test now?
thanks again.
Sergio.
Did you download binaries of these package
2011/8/2 Howard Chu :
> David Hawes wrote:
[...]
>> What is gained is that the server can be explicit about what client
>> certificates it will accept. This is useful if you want to use a
>> separate CA for client auth and do not want to accept certs from the CA
>> that signed the server's cert.
>
It's still not working guys! I tried with Cyrus SASL 2.1.23 last night and the
same issue. Does anyone have a working combination of DB, SASL and OpenLDAP i
could download and test now?
thanks again.
Sergio.
Parliamentary ICT
Houses of Parliament
UK
http://www.parliament.uk/
> Date:
deconya wrote:
> Im using openldap database with samba and Im with the database broken
> with this message
Being in your situation I'd do two things:
1. Try to generate a LDIF backup with command-line too slapcat and see whether
recent modifications are in there and recover with slapadd. Make sur
2011/8/2 Howard Chu :
> Erwann ABALEA wrote:
>>
>> 2011/8/1 Howard Chu:
>>>
>>> David Hawes wrote:
>>
>> [...]
>>>
>>> Think about why you would configure such a setup, and what it actually
>>> means. When you have a certificate of your own, signed by a particular
>>> CA,
>>> that obviously means t
2011/8/2 Howard Chu :
> Erwann ABALEA wrote:
>> 2011/8/1 Howard Chu:
>> [...]
>>>
>>> If there were indeed anything to be gained by such a feature, it would
>>> also
>>> need to be implemented on clients. Look around - do any web browsers
>>> allow
>>> you to isolate CAs like this?
>>
>> Yes. You c
Erwann ABALEA wrote:
2011/8/1 Howard Chu:
David Hawes wrote:
[...]
Think about why you would configure such a setup, and what it actually
means. When you have a certificate of your own, signed by a particular CA,
that obviously means that you must trust that CA. If you're going to accept
a cer
Erwann ABALEA wrote:
2011/8/1 Howard Chu:
[...]
If there were indeed anything to be gained by such a feature, it would also
need to be implemented on clients. Look around - do any web browsers allow
you to isolate CAs like this?
Yes. You can basically isolate CAs into 3 categories (they can in
David Hawes wrote:
On 2011-08-01 13:07, Howard Chu wrote:
David Hawes wrote:
On 2011-07-30 14:14, Howard Chu wrote:
Erwann ABALEA wrote:
Actual OpenLDAP configuration would be to place B (and maybe B1)
certificate in TLSCACertificateFile/Path element, to be able to verify
the Client certifica
HI
Im using openldap database with samba and Im with the database broken
with this message
Aug 2 11:20:43 earth slapd[4145]: slap_client_connect:
URI=ldap://earth.esci.es DN="cn=admin,dc=esci,dc=es" ldap_sasl_bind_s
failed (80)
Aug 2 11:20:43 earth slapd[4145]: do_syncrepl: rid=005 retrying (1
14 matches
Mail list logo