Sets are for access control only and used internally at the server!
And sets are very fast in my experience on indexed attributes!
Am 2015-09-03 08:38, schrieb Fischer, Johannes:
I have some trouble to realize a search, based on the set.
Just to get in touch with the syntax I've tried to retu
I have some trouble to realize a search, based on the set.
Just to get in touch with the syntax I've tried to return all member DNs listed
in cn=admin with no result:
(&
(cn=admin,ou=groups,dc=vfk,dc=ldap,dc=com/member)
(objectClass=*)
)
When I try to add the "[]" a bad char error appe
Hi Dieter,
just thank you for your help. Now I'm able to learn the syntax of the logfile,
step by step.
Again, Thank you
Greetings
John
-Ursprüngliche Nachricht-
Von: Dieter Klünter [mailto:die...@dkluenter.de]
Gesendet: Mittwoch, 2. September 2015 21:55
An: Fischer, Johannes
Betref
Is there any other possibility to implement the wanted but without the set
stuff.
At the moment we "only" design and test our system, so we are in the beginning
of the process so we are able to implement everything.
Greetings
John
-Ursprüngliche Nachricht-
Von: openldap-technical [ma
Armando Martins wrote:
> Hi,
>
> I'm trying to sync a active directory with a openldap and for update the
> entries i use the objectsid binary attribute of the active directory as the
> link attribute between the two directories.
>
> I'm having an issue with the binary data inserted in a octetst
Simone Taliercio wrote:
> 2015-08-25 13:42 GMT+02:00 Michael Ströder Being the author of http://web2ldap.de I'm biased.
>
> Great! Any plans to port on Mac OS X ? ;-)
Thanks to Python it should simply run on Mac OS X provided you have all the
dependencies installed.
Ciao, Michael.
smime.
Dieter Klünter wrote:
> you may test sets
> http://www.openldap.org/faq/data/cache/1133.html
But be warned that sets are damn slow!
Ciao, Michael.
smime.p7s
Description: S/MIME Cryptographic Signature
Often times client software doesn't support more than one ldap node.
A VIP using the same cert as the nodes simplifies things (e.g.: cert name
ldapvip with altnames ldap01, ldap02, and ldapvip itself jic). We use ldap
pairs (slaves) in all our environments behind VIPs with the active-spare
mult
On 09/02/2015 04:10 AM, Andrew Findlay wrote:
Depending on exactly what you want to achieve, you may not need to run
a separate service at all.
Much LDAP client software allows you to specify multiple servers,
which will be tried in rotation until one answers. This gives protection
against unrea
Thank you. Will try to understand the man page. Appreciate your help.
On Wed, Sep 2, 2015 at 4:59 PM, Dieter Klünter wrote:
> Am Wed, 2 Sep 2015 15:59:28 +0300
> schrieb Igor Shmukler :
>
>> $ slapd -V
>> @(#) $OpenLDAP: slapd (Ubuntu) (Mar 17 2014 21:20:08) $
>>
>> I tried olcSizeLimit, before
Am Wed, 2 Sep 2015 15:59:28 +0300
schrieb Igor Shmukler :
> $ slapd -V
> @(#) $OpenLDAP: slapd (Ubuntu) (Mar 17 2014 21:20:08) $
>
> I tried olcSizeLimit, before adding olcSizeLimits. Perhaps there is a
> bug.
Ther is no bug. Read the manual page slapd-config(5) on olclimits,
base DN and DN typ
On 09/02/15 08:25 -0500, Dan White wrote:
dn:
supportedSASLMechanisms: GSSAPI
supportedSASLMechanisms: LOGIN
supportedSASLMechanisms: CRAM-MD5
supportedSASLMechanisms: DIGEST-MD5
supportedSASLMechanisms: PLAIN
If you have a olcSaslAuxprops configured, verify it includes EXTERNAL.
That's a mis
On 08/31/15 19:43 -0400, Frank Crow wrote:
If set the TLSClientVerify to "allow" or "try" and attempt to use "-Y
EXTERNAL", I get the following message:
SASL/EXTERNAL authentication started
ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
additional info: SASL (-4):
$ slapd -V
@(#) $OpenLDAP: slapd (Ubuntu) (Mar 17 2014 21:20:08) $
I tried olcSizeLimit, before adding olcSizeLimits. Perhaps there is a bug.
On Wed, Sep 2, 2015 at 3:55 PM, Dieter Klünter wrote:
> Am Wed, 2 Sep 2015 14:27:39 +0300
> schrieb Igor Shmukler :
>
>> Hi DIeter,
>>
>> Thank you again
Am Wed, 2 Sep 2015 14:27:39 +0300
schrieb Igor Shmukler :
> Hi DIeter,
>
> Thank you again. I changed the config. Now, slapcat shows:
> olcSizeLimit: size.prtotal=disabled
> olcLimits: {0}dn=* size.soft=1000 size.hard=1000 size.prtotal=disabled
you should either user sizelimit or limit in order
Hi,
I have a question about the alias dereferencing and mdb performance.
I installed from source ldap 2.4.42 with mdb support.
In our current directory we have 367 007 objects and 42262 aliases. During
the test I observed that the MDB is slower than the HDB during search with
aliases dereferencing.
On 02/09/15 10:14, Howard Chu wrote:
> Kristian Amlie wrote:
>> Hey,
>>
>> there was some discussion about robust mutexes in LMDB about a year ago,
>> and I was told there was a patchset being worked on. I'm just wondering
>> what's the state of this project now. Is it likely to be included in
>> u
Hi Frank,
if you want SASL to work, you need to have the cyrus-sasl libraries
installed. And slapd has to be compiled with sasl support:
# rpm -qa | grep sasl
cyrus-sasl-lib-2.1.23-8.el6.x86_64
cyrus-sasl-2.1.23-8.el6.x86_64
cyrus-sasl-plain-2.1.23-8.el6.x86_64
# ldd /usr/sbin/slapd
...
lib
Hi DIeter,
Thank you again. I changed the config. Now, slapcat shows:
olcSizeLimit: size.prtotal=disabled
olcLimits: {0}dn=* size.soft=1000 size.hard=1000 size.prtotal=disabled
Still the same story:
# filter: (objectclass=*)
# requesting: ALL
# with pagedResults critical control: size=5
#
# sssv
Geert Hendrickx wrote:
> On Tue, Aug 25, 2015 at 15:12:22 +0200, Geert Hendrickx wrote:
>> On Tue, Aug 25, 2015 at 13:46:09 +0100, Howard Chu wrote:
>>> Geert Hendrickx wrote:
Hi,
I noticed uniqueness constraints enforced by the slapo-unique overlay can
be bypassed when using th
Am Wed, 2 Sep 2015 12:50:59 +0300
schrieb Igor Shmukler :
> Hello DIeter,
>
> Thank you for the clarification.
> I modified the LDIF to apply the page size limit to a specific
> database. Now, slapcat(8) shows limits for my DIT database:
> olcSizeLimit: size.prtotal=disabled
> olcLimits: {0}dn=*
On Thu, Aug 27, 2015 at 01:46:53PM +0300, Igor Shmukler wrote:
> Is it possible to disable OpenLDAP server-side support of simple paged
> results control, so the OpenLDAP server would respond that this
> control is unavailable?
>
> I don't have an LDAP proxy, nor ODSEE configured. OpenLDAP saved
On Fri, Aug 28, 2015 at 02:38:33PM +0800, Eileen(=^ω^=) wrote:
>I have two LDAP servers using mirrormode. I want to run a FREE service to
> achieve load balancer for these servers.
>Due to i can't find any load balancer information in OpenLDAP-Admin-Guide,
> so my question is which kind
Hello DIeter,
Thank you for the clarification.
I modified the LDIF to apply the page size limit to a specific
database. Now, slapcat(8) shows limits for my DIT database:
olcSizeLimit: size.prtotal=disabled
olcLimits: {0}dn=* size.soft=unlimited size.hard=unlimited
The only difference from an exam
Am Wed, 2 Sep 2015 10:05:13 +0200
schrieb Dieter Klünter :
> Am Wed, 2 Sep 2015 08:38:42 +0300
> schrieb Igor Shmukler :
>
> > Hello Dieter,
> >
> > Thank you for replying.
> >
> > > slapd silently ignores the control request, but sizelimit still
> > > comes into effect.
> >
> > Given that, as
Am Wed, 2 Sep 2015 08:38:42 +0300
schrieb Igor Shmukler :
> Hello Dieter,
>
> Thank you for replying.
>
> > slapd silently ignores the control request, but sizelimit still
> > comes into effect.
>
> Given that, as well as the other relevant information...
>
> Is "olcSizieLimit: size.prtotal=di
Am Mon, 31 Aug 2015 19:43:39 -0400
schrieb Frank Crow :
> Hi,
>
> I'm trying to configure OpenLDAP 2.4.23 (running on RHEL6.5) to use
> client-side certificates via the SASL/EXTERNAL mechanism. I have
> successfully configured server-side certs with TLS and was wanting to
> expand my configurat
Kristian Amlie wrote:
Hey,
there was some discussion about robust mutexes in LMDB about a year ago,
and I was told there was a patchset being worked on. I'm just wondering
what's the state of this project now. Is it likely to be included in
upcoming releases?
If you had been watching this mail
Am Wed, 2 Sep 2015 08:38:42 +0300
schrieb Igor Shmukler :
> Hello Dieter,
>
> Thank you for replying.
>
> > slapd silently ignores the control request, but sizelimit still
> > comes into effect.
>
> Given that, as well as the other relevant information...
>
> Is "olcSizieLimit: size.prtotal=di
29 matches
Mail list logo
