Re: Integrate Openldap and Windows Active Directory Server

2015-11-17 Thread Clément OUDOT
2015-11-16 13:45 GMT+01:00 Kaushal Shriyan : > Hi, > > Is there a way to integrate Openldap ldap server with Windows Server > Active Directory wherein AD will act as Authentication and Openldap will be > setup for Authorization? > > Any help will be highly appreciable. >

Re: Searches with dereferncing causing high CPU load.

2015-11-17 Thread Andrew Findlay
On Tue, Nov 17, 2015 at 11:11:04AM +, Mark Cairney wrote: > Just as an update- we've managed to restore service. It turns out that > we had went over the value of 65,535 (66,291) aliases which we think was > the root cause of this behaviour suddenly starting. It's a significant number

Re: Problem making refint_nothing working

2015-11-17 Thread Howard Chu
katgb wrote: Hi all, I tried for some days to make refint overlay work with refint_nothing filled. The slapo-refint man page says : refint_nothing Specify an arbitrary value to be used as a placeholder when the last value would otherwise be deleted from an attribute.

Re: Integrate Openldap and Windows Active Directory Server

2015-11-17 Thread Kaushal Shriyan
Thanks a Lot Clement. I will go through it and ask questions here if i have any during setup. Regards, Kaushal On Tue, 17 Nov 2015 at 16:17 Clément OUDOT wrote: > 2015-11-16 13:45 GMT+01:00 Kaushal Shriyan : > >> Hi, >> >> Is there a way to

Re: Keeping mdb files opened while mmapped

2015-11-17 Thread Hallvard Breien Furuseth
On 12. nov. 2015 00:38, Shlomi Vaknin wrote: When I lsof my process, I am seeing that each mdb file is appearing twice (...) I know that after mmaping a file, it is not needed to be kept open, and it seems it is in lmdb. By default the mmap is read-only, LDMB uses file operations for updates.

Re: Integrate Openldap and Windows Active Directory Server

2015-11-17 Thread Howard Chu
Clément OUDOT wrote: 2015-11-16 13:45 GMT+01:00 Kaushal Shriyan >: Hi, Is there a way to integrate Openldap ldap server with Windows Server Active Directory wherein AD will act as Authentication and Openldap will be

Re: Searches with dereferncing causing high CPU load.

2015-11-17 Thread Mark Cairney
On 17/11/2015 11:26, Andrew Findlay wrote: On Tue, Nov 17, 2015 at 11:11:04AM +, Mark Cairney wrote: Just as an update- we've managed to restore service. It turns out that we had went over the value of 65,535 (66,291) aliases which we think was the root cause of this behaviour suddenly

Problem making refint_nothing working

2015-11-17 Thread katgb
Hi all, I tried for some days to make refint overlay work with refint_nothing filled. The slapo-refint man page says : refint_nothing Specify an arbitrary value to be used as a placeholder when the last value would otherwise be deleted from an attribute. This can be

Re: Searches with dereferncing causing high CPU load.

2015-11-17 Thread Mark Cairney
Hi, Just as an update- we've managed to restore service. It turns out that we had went over the value of 65,535 (66,291) aliases which we think was the root cause of this behaviour suddenly starting. Although it relates to MDB this ITS sounded very similar:

Re: Searches with dereferncing causing high CPU load.

2015-11-17 Thread Michael Ströder
Andrew Findlay wrote: > If this happens again, you could try stopping the server and running > slapindex rather than reloading everything. IIRC depending on the data complete reload with slapadd can be faster than slapindex. I vaguely remember Quanah reporting test results with back-hdb a couple

sasl-auxprop (and sasl/slapd.conf)

2015-11-17 Thread Simone Piccardi
I'm trying to understand which values I can use for the sasl-auxprop directives and how to configure (if possible) sasl/slapd.conf. I was trying to use the users created with slappasswd2 -c (as written in the Administration guide) but no sasldb file was open by the server (I straced out a

Re: Integrate Openldap and Windows Active Directory Server

2015-11-17 Thread Michael Ströder
Howard Chu wrote: > For simple passthru there is also the slapo-pbind overlay. Is there any way I can limit which entries are passed through? It would be very handy if I could specify conditions based on dn regex and/or LDAP filter. Well, slapo-rwm and a separate backend could be used but

Re: Searches with dereferncing causing high CPU load.

2015-11-17 Thread Howard Chu
Michael Ströder wrote: Andrew Findlay wrote: If this happens again, you could try stopping the server and running slapindex rather than reloading everything. IIRC depending on the data complete reload with slapadd can be faster than slapindex. I vaguely remember Quanah reporting test results

Re: slapd-meta

2015-11-17 Thread Quanah Gibson-Mount
--On Tuesday, November 17, 2015 7:57 PM +0200 Fr3ddie wrote: Il 10/11/2015 13:06, Fr3ddie ha scritto: Hello to the list, Nobody has any hint? I suggest reading the code, because the answer is actually fairly obvious if you look at slapd-meta/config.c:

Re: slapd-meta

2015-11-17 Thread Fr3ddie
Il 10/11/2015 13:06, Fr3ddie ha scritto: Hello to the list, Nobody has any hint?

Re: sasl-auxprop (and sasl/slapd.conf)

2015-11-17 Thread Dan White
On 11/17/15 18:38 +0100, Simone Piccardi wrote: I'm trying to understand which values I can use for the sasl-auxprop directives and how to configure (if possible) sasl/slapd.conf. That's a lot more painful to determine than it should be. Do: # cat > /sasl/pluginviewer.conf << EOF ldapdb_uri: