Re: ldapmodify is crashing the slapd process

Le mardi 07 février 2012 à 15:23 -0800, Quanah Gibson-Mount a écrit : > --On Tuesday, February 07, 2012 5:05 PM -0500 Daniel Savard > wrote: (...) > I would first upgrade to a more recent release. I would also generally > advise using something more secure than GnuTLS, such as OpenSSL, to link

Re: Password-less operation

--On Tuesday, February 07, 2012 6:22 PM -0500 Jean-Luc Wasmer wrote: Hi, The user db on my system is stored in LDAP and integrated with PAM and NSS. The LDAP db also contain address book data for each user. I would like to be able to call ldap utilities (e.g. ldapsearch) without having the us

Re: Chinese characters in mail search causes failed assertion in slapd

Alfie John wrote: On Tue, Feb 7, 2012, at 11:34 AM, Charles T. Brooks wrote: Non-english character sets are going to become part of hostnames and DNS. That's inevitable. Mail addresses are based on DNS hostnames. Ergo, mail attributes will one day need to support all possible characters. Th

Re: ldapmodify is crashing the slapd process

--On Tuesday, February 07, 2012 5:05 PM -0500 Daniel Savard wrote: Le mardi 07 février 2012 à 16:09 -0500, Daniel Savard a écrit : (...) add: olcTLSCipherSuite olcTLSCipherSuite: AES256 (...) Seems the cipher list is the offending value which cause the crash. I did start the slapd process w

Password-less operation

Hi, The user db on my system is stored in LDAP and integrated with PAM and NSS. The LDAP db also contain address book data for each user. I would like to be able to call ldap utilities (e.g. ldapsearch) without having the user to enter his/her password everytime. I would also like for scripts r

Re: Is putting slapd into read-only mode sufficient for backups?

On Tue, 7 Feb 2012, Brian Reichert wrote: The thread overall suggests the tried-and-true tactic of using slapcat to extract and LDIF file, to be imported later. But, our application's DB if large enough that reimportation is prohibitive. First off, I'd try the latest-greatest RE24 with the la

Re: ldapmodify is crashing the slapd process

Le mardi 07 février 2012 à 16:09 -0500, Daniel Savard a écrit : (...) > add: olcTLSCipherSuite > olcTLSCipherSuite: AES256 (...) Seems the cipher list is the offending value which cause the crash. I did start the slapd process with the debug flag and got the following message (I did try with HIGH

Is putting slapd into read-only mode sufficient for backups?

I'm curious if the tactics described in this thread are currently sufficient: http://www.openldap.org/lists/openldap-software/200608/msg00152.html The thread overall suggests the tried-and-true tactic of using slapcat to extract and LDIF file, to be imported later. But, our application's DB if

ldapmodify is crashing the slapd process

Hi everyone, I am trying to do a number of changes into the configuration database using the following ldif entries: dn: cn=config changetype: modify add: olcTLSCACertificatePath olcTLSCACertificatePath: /etc/ssl/certs - add: olcTLSCertificateFile olcTLSCertificateFile: /etc/openldap/ssl/slapd.ce

RE: Chinese characters in mail search causes failed assertion in slapd

On Tue, Feb 7, 2012, at 11:34 AM, Charles T. Brooks wrote: > Non-english character sets are going to become part of hostnames and > DNS. That's inevitable. > > Mail addresses are based on DNS hostnames. > > Ergo, mail attributes will one day need to support all possible > characters. Thanks f

Re: Chinese characters in mail search causes failed assertion in slapd

On Tue, Feb 7, 2012, at 02:49 PM, Dieter Klünter wrote: > All you could do, is creating a new private attribute type with syntax > directory string and configure applications to use this new attribute > type. As I said before we have no control over user environments, so configuring application

Re: Chinese characters in mail search causes failed assertion in slapd

On Tue, Feb 7, 2012, at 02:19 PM, Pierangelo Masarati wrote: > If, as you say, slapd asserts, then there's also a bug in the code, > since invalid data should be catched earlier. Fixing this has little to > do with solving your problem, but would improve the software. Sorry for the confusion.

SYNC_ID_SET missing?

Hi, on a consumer with two replicated databases I get this on startup: # grep sync Feb 7 17:16:52 rfas099 slapd[4263]: Config: ** successfully added syncrepl rid=401 "ldap://master.foo.de"; Feb 7 17:16:52 rfas099 slapd[4263]: line 124 (syncrepl ***) Feb 7 17:16:52 rfas099 slapd[4263]: Confi

Re: Got error while enabling SASL

On 02/07/12 11:01 +0530, Gaurav Gugnani wrote: Hello All, Thks to all for helping me out. i hope now the destination is not too far as i achieved the SASL but it is storing using sasldb. However, i want it to store information in ldap direcotry. I've installed the corresponding package: cyrus-s

Re: Chinese characters in mail search causes failed assertion in slapd

Am Tue, 07 Feb 2012 22:57:31 +1100 schrieb Alfie John : > On Tue, Feb 7, 2012, at 09:14 AM, Pierangelo Masarati wrote: > > In addition, I suggest you check whether the problem persists with > > the latest release; in case, please file an ITS following > > instructions here

Re: Non-personal mail accounts

You may add the objectClass mailrecipient to accounts or posixaccounts. otherwise, we use objectclass qmail (to define mailboxes) qmailControl (to define acceptable domains) to define our mail environment. you may find the corresponding schemas in the Internet. suomi On 02/07/2012 09:39 AM, N

Re: Chinese characters in mail search causes failed assertion in slapd

On 02/07/2012 12:57 PM, Alfie John wrote: On Tue, Feb 7, 2012, at 09:14 AM, Pierangelo Masarati wrote: In addition, I suggest you check whether the problem persists with the latest release; in case, please file an ITS following instructions here .

Re: Got error while enabling SASL

Hi All, I hope now i'm only 1 step far: I've enabled the ldapdb auxprop plugin. /u01/app/openldap/product/2.4.26/etc/openldap>pluginviewer -a Installed auxprop mechanisms are: ldapdb sasldb List of auxprop plugins follows Plugin "ldapdb" , API version: 4 supports store: yes Plug

Re: dynlist and DSA IT Control

El 07/02/12 12:34, Pierangelo Masarati escribió: On 02/07/2012 11:33 AM, Angel L. Mateo wrote: Hello, I have an openldap using dynlist to get some attributes of the entries. When I manually performs search, I can get these attributes (obtained through the dynlist overlay) without any problem,

Re: Chinese characters in mail search causes failed assertion in slapd

On Tue, Feb 7, 2012, at 09:14 AM, Pierangelo Masarati wrote: > In addition, I suggest you check whether the problem persists with the > latest release; in case, please file an ITS following instructions here > . Thanks for the pointer. I was using

Re: Chinese characters in mail search causes failed assertion in slapd

Hi Dieter, On Tue, Feb 7, 2012, at 08:56 AM, Dieter Klünter wrote: > Never modify a standard track attribute type, all you can do is to > create a subtype of mail. On the other hand, your intention does > not comply to RFC-5322 which requires that header fields MUST be > composed of printable US-A

Re: Global modifications

On 31/1/2012 9:52 μμ, Charles T. Brooks wrote: T Hi Charles, (Note that your last message was strangely encoded and I had some trouble reading it.) Thanks for all this info. I noticed that most (if not all) of the sendmail.schema definitions are actually included in the misc.schema bund

Re: dynlist and DSA IT Control

On 02/07/2012 11:33 AM, Angel L. Mateo wrote: Hello, I have an openldap using dynlist to get some attributes of the entries. When I manually performs search, I can get these attributes (obtained through the dynlist overlay) without any problem, but when an application (a CAS server to be precis

Re: Got error while enabling SASL

Hello All, i was working on this problem and figured out that ldapdb plugin auxprop is missing. /u01/app/openldap/product/2.4.26/etc/openldap>pluginviewer Installed SASL (server side) mechanisms are: CRAM-MD5 ANONYMOUS DIGEST-MD5 PLAIN LOGIN EXTERNAL ... Installed auxprop mechanisms are: sasld

dynlist and DSA IT Control

Hello, I have an openldap using dynlist to get some attributes of the entries. When I manually performs search, I can get these attributes (obtained through the dynlist overlay) without any problem, but when an application (a CAS server to be precise) tries to do the same search, wit

Non-personal mail accounts

Hello, We are storing user accounts in OpenLDAP. Main classes used are: objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: eduPerson User email address(es) is (are) stored in the "mail" attribute and are also used by Po

Re: Chinese characters in mail search causes failed assertion in slapd

On 02/07/2012 08:56 AM, Dieter Klünter wrote: Am Tue, 07 Feb 2012 13:10:36 +1100 schrieb Alfie John: Hi guys, When searching for Chinese names in the "to:" field under Thunderbird, I get an assertion failing in slapd. I see that this is because the "mail" attribute in the default schema is of