LDIF and cn=config

2014-01-21 Thread Côme BERNIGAUD
Hello, I'm trying to figure out what's happening with my LDAP. I insert an LDIF modifying a schema in cn=schema,cn=config, OpenLDAP gives me an error No such object, but it still does the modification. How can I do to avoid having this error while the modification is working? I can't just

re: sudoCommand limitation

2014-01-21 Thread Juergen.Sprenger
Hi Michel, Are there any limitations of the sudoCommand values? e.g. length = 64 attributetype ( 1.3.6.1.4.1.15953.9.1.3 NAME 'sudoCommand' DESC 'Command(s) to be executed by sudo' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) The LDAP definition for

Re: Implementing PPolicy

2014-01-21 Thread Dieter Klünter
Am Mon, 20 Jan 2014 19:48:40 -0700 schrieb Joshua Schaeffer jschaeffer0...@gmail.com: Thanks for the explanation that really helped, I didn't know about the '+'and was able to see some ppolicy operational attributes on my uid. I read the slapo-ppolicy manual page and that also helped

Adding attributes to cn=config

2014-01-21 Thread Borresen, John - 0442 - MITLL
Ok, Trying to add the following: objectClass: olcGlobal -- this is the objectClass on another server that has SSL already set up. dn: cn=config changetype: add olcTLSCipherSuite: HIGH:MEDIUM+TLSv1+SSLv3 olcTLSCertificateFile: /usr/local/openldap/etc/openldap/CA/cacert.pem

Re: Adding attributes to cn=config

2014-01-21 Thread Quanah Gibson-Mount
--On Tuesday, January 21, 2014 11:38 AM -0500 Borresen, John - 0442 - MITLL john.borre...@ll.mit.edu wrote: Ok, Trying to add the following: objectClass: olcGlobal  à this is the objectClass on another server that has SSL already set up. dn: cn=config changetype: add Why are you

RE: Adding attributes to cn=config

2014-01-21 Thread Borresen, John - 0442 - MITLL
I tried both ldapmodify and ldapadd (with a couple of different ldifs). I was trying to add an attribute(s) (olcTLSCertificateFile; olcCipherSuite olcCertificateKeyFile) to the cn=config. No matter what I tried to do, it either returned the error indicated on the original email or it killed

RE: Adding attributes to cn=config

2014-01-21 Thread Quanah Gibson-Mount
--On Tuesday, January 21, 2014 1:39 PM -0500 Borresen, John - 0442 - MITLL john.borre...@ll.mit.edu wrote: I tried both ldapmodify and ldapadd (with a couple of different ldifs). I was trying to add an attribute(s) (olcTLSCertificateFile; olcCipherSuite olcCertificateKeyFile) to the

RE: Adding attributes to cn=config

2014-01-21 Thread Jon C Kidder
Quanah's point is that changetype: add is for adding new objects. I'm assuming cn=config already exists. You need to be using changetype: modify to modify or add attributes to an existing object. You need to use the add: operation before each new attribute you're adding. You also need to

RE: Adding attributes to cn=config

2014-01-21 Thread Borresen, John - 0442 - MITLL
Thanks, my apologies for posting a stupid question. -Original Message- From: Quanah Gibson-Mount [mailto:qua...@zimbra.com] Sent: Tuesday, January 21, 2014 2:10 PM To: Borresen, John - 0442 - MITLL; openldap-technical@openldap.org Subject: RE: Adding attributes to cn=config --On

RE: Adding attributes to cn=config

2014-01-21 Thread Quanah Gibson-Mount
--On Tuesday, January 21, 2014 2:58 PM -0500 Borresen, John - 0442 - MITLL john.borre...@ll.mit.edu wrote: Thanks, my apologies for posting a stupid question. Tsk, I never said it was stupid. But I was trying to point you in the right direction. ;) --Quanah -- Quanah Gibson-Mount