Re: LDAP entries missing from search results depending on search base.

--On Wednesday, April 04, 2012 4:15 PM -0300 Brandon Hume wrote: I have a large number of mail aliases stored in LDAP used by sendmail. They're stored off by themselves as opposed to hung off the user objects, so that the mail servers can have their own LDAP replicas containing only a portio

Re: AD proxy in OpenLDAP

(feeling a tad silly, now that I have discovered I was not replying to the actual mailing list but to single people.) OK so I have managed to get both the ldap and hdb databases to coexist, mostly through copying code straight from the ldapglue test in the OpenLDAP build files. The ldif file I us

RE24 testing call #1 (2.4.31)

If you know how to build OpenLDAP manually, and would like to participate in testing the next set of code for the 2.4.31 release, please do so. Generally, get the code for RE24: Config

Re: LDAP entries missing from search results depending on search base.

Brandon Hume wrote: > I have a large number of mail aliases stored in LDAP used by sendmail. > They're stored off by themselves as opposed to hung off the user objects, so > that the mail servers can have their own LDAP replicas containing only a > portion of the tree rather than all the user obje

LDAP entries missing from search results depending on search base.

I have a large number of mail aliases stored in LDAP used by sendmail. They're stored off by themselves as opposed to hung off the user objects, so that the mail servers can have their own LDAP replicas containing only a portion of the tree rather than all the user objects as well. An example

Re: Hashing the userPassword

Thansk MIchael 2012/4/4 Michael Ströder > Please post your follow-ups on the mailing list so others can respond and > learn as well. > > Suneet Shah wrote: > > So if create a user and then set the password on an existing user then, > the > > password-hash attribute will work? And I can send the

RE: ppolicy master/slave issue

Nope - I merely left out the chain directives. Given the choice between "forward ppolicy updates" or "allow users to change their passwords anywhere", we went with the former. We never identified how to get them to /both/ work and require actual user authentication. This is ok in our environmen

Re: Replication and user password change

updateref ldap://ldapmaster.symas.com http://www.openldap.org/doc/admin24/replication.html#Replication%20Technology suomi On 04/04/2012 04:13 PM, Jacques Foucry wrote: Hello the list, I'm new here, new at OpenLDAP and I have an issue. I've search for many time now an explanatio

R: openldap proxy to AD

-Messaggio originale- Da: Jonathan Clarke [mailto:jonat...@phillipoux.net] Inviato: martedì, 3. aprile 2012 18:12 A: Induni, Marco Cc: openldap-technical@openldap.org Oggetto: Re: openldap proxy to AD On 03/04/12 16:47, Induni, Marco wrote: > Hi all, > I'm building an openldap proxy to an

Referral Problem with SQL Backend

Hi, I have a problem with my Openldap Server 2.4.23 with SQL Backend. I have configured a referral to another Openldap server, but the referral dn is always the same as the bind dn from my ldapsearch command. So the referral dn is overwritten with the bind dn. The server localhost:389 has root

Replication and user password change

Hello the list, I'm new here, new at OpenLDAP and I have an issue. I've search for many time now an explanation but I saw nothing. Here is my problem. I ran a OpenLDAP server on a Debian VM # slapd -V @(#) $OpenLDAP: slapd 2.4.11 (Jul 23 2010 21:37:26) $ @barber:/build/buildd-openldap_2.4.11-

Re: Hashing the userPassword

Please post your follow-ups on the mailing list so others can respond and learn as well. Suneet Shah wrote: > So if create a user and then set the password on an existing user then, the > password-hash attribute will work? And I can send the password to OpenLDAP in > clear text? Yes. Also note t

Re: Convert *.schema to *.ldif

Le 4/4/12 2:03 PM, Jonathan Clarke a écrit : Le 03/04/12 20:39, Francis Swasey a écrit : On 4/3/12 11:50 AM, Howard Chu wrote: I don't see any description in the admin guide about how to convert a *.schema file into a *.ldif file. Google tells me that most people are using slaptest with the

Re: Convert *.schema to *.ldif

On 3/4/2012 9:39 μμ, Francis Swasey wrote: If anyone is interested, I've thrown together a short perl script I believe it would be useful to all of us (I am interested too)! So, if it's OK with you, it would be nice of you if you published it here. Thanks, Nick

Re: Convert *.schema to *.ldif

Le 03/04/12 20:39, Francis Swasey a écrit : On 4/3/12 11:50 AM, Howard Chu wrote: I don't see any description in the admin guide about how to convert a *.schema file into a *.ldif file. Google tells me that most people are using slaptest with the -F and -f parameters with a specially crafte

Re: Password expiration

On Tuesday, 3 April 2012 23:16:43 Collins, Cris wrote: > The problem was resolved by adding the following per the nis schema. My > statement below was incorrect. shadowLastChange was not updating, as > "getent shadow username" showed me. > > access to attrs=shadowLastChange,shadowMax > by

Re: centralized sudo policies : ACL issue

On Tuesday, 3 April 2012 16:52:35 Olivier wrote: > A quite trivial issue I have : > > I have installed centralized policy sudo rules in ldap server > (I use "schema.OpenLDAP" from "http://www.sudo.ws"; ). > > I also have configured linux clients to check ldap rules to > grant sudo access to certa

Re: Hashing the userPassword

On Wednesday, 4 April 2012 08:50:08 Michael Ströder wrote: > Suneet Shah wrote: > > I am creating a user in OpenLDAP using Java. The user is being > > successfully created, but the passwords are being stored in clear text. > > How do you set the password? If you send attribute userPassword along w

Re: Hashing the userPassword

Suneet Shah wrote: > I am creating a user in OpenLDAP using Java. The user is being successfully > created, but the passwords are being stored in clear text. How do you set the password? If you send attribute userPassword along when creating the user's entry with a AddRequest you have to perform t