Re: Is there any directory server in public use?

Le mar. 23 avr. 2019 à 17:40, Derek Zhou a écrit : > > > On April 20, 2019 2:56:15 AM GMT+08:00, Howard Chu wrote: > >This appears to be a > >combination of colleges only teaching SQL (if they teach anything about > >databases at all) and again, HR-oriented software only interacting with > >SQL

Re: Attribute pwdPolicySubentry

Otoh, making it user modifiable was a mistake and broke the rfc specification, which says it's a NO-USER-MODIFIABLE attribute. Le samedi 19 décembre 2015, a écrit : > In my opinion, the pwdPolicySubentry attribute should be read-only > generated by the server. > > We had made the error in Sun Di

Re: Attribute pwdPolicySubentry

That makes sense. An even smarter system would use the administrative model to handle password policies. Le samedi 19 décembre 2015, a écrit : > In my opinion, the pwdPolicySubentry attribute should be read-only > generated by the server. > > We had made the error in Sun Directory Server to allo

Re: top object class contains all possible attributes?

This is certainly not the right place. This maling list is for suestion related to OpneLDAP. Le mardi 28 avril 2015, dE a écrit : > On 04/28/15 11:18, Dario Zanzico wrote: > >> On Tue, Apr 28, 2015, at 07:21 AM, dE wrote: >> >>> From https://tools.ietf.org/html/rfc4512 >>> >>> it >>>

Re: openldap 2.2.x

Le 1 nov. 2012 13:52, "Pörschke, Gunnar" a écrit : > > Hi all, > > we have an very old openldap running and we need to migrate data to latest openldap version. I create an ldif but the data in that file are encoded "base64". Is there a trick to disable that? My plan is to export everything from op

Re: Private OID range(s) ?

For completness, the reason OIDs are starting with 0, 1 or 2 and nothing else is that the two first numbers are encoded in one byte. Using a higher value is not a good idea. Le 25 févr. 2012 13:16, "Michael Ströder" a écrit : > Nick Milas wrote: > >> On 25/2/2012 1:30 μμ, Michael Ströder wrote: >

Re: How do I reset rootdn password?

On 2/5/12 6:58 PM, Jose Ildefonso Camargo Tolosa wrote: Hi Howard! I had the feeling you would reply to my post :) On Sat, Feb 4, 2012 at 9:41 PM, Howard Chu wrote: Jose Ildefonso Camargo Tolosa wrote: Hi, On Sat, Feb 4, 2012 at 1:56 AM, Daniel Savardwrote: I would like to know how to

Re: DEL don't get synced

On 2/1/12 7:16 PM, Quanah Gibson-Mount wrote: --On Wednesday, February 01, 2012 1:40 PM +0100 Michael Ströder wrote: Nick Milas wrote: On 1/2/2012 12:19 μμ, Emmanuel Lecharny wrote: Any direction on how to test the build and to check out the branch in order to run the tests ? Can

Re: DEL don't get synced

On 1/31/12 9:16 PM, Quanah Gibson-Mount wrote: --On Tuesday, January 31, 2012 9:58 PM +0200 Nick Milas wrote: On 31/1/2012 6:35 μμ, Marc Patermann wrote: an additional fix will be in 2.4.29 Is there an anticipated (even approximate) release date for 2.4.29? We never announce release dat

Re: Adding new Indexes while the directory is running

On 10/16/11 9:44 AM, Howard Chu wrote: fuzzy_4711 wrote: Original - Text Next time read the slapd-bdb(5) manpage first before wasting your time and ours. Since I read this list you have answered a lot more stupid questions, which solutions also could have been found in th

Re: V 2.4.x schema extensions

On 10/5/11 8:21 AM, Brett @Google wrote: In the objectclass schema definition you must have one of MAY or MUST, otherwise there are no attributes considered legal by adding your supplimentary objectclass to an object, it wont affect what attributes are considered valid (valid attributes in your

Re: Status of persistent search in OpenLDAP

On 9/1/11 9:25 PM, Michael Ströder wrote: Emmanuel Lecharny wrote: What kind of deficiencies have you found that make the original PSearch spec unusable ? psearch is completely state-less. If a connector using it does not work it will miss deletes. Also restarting the connector will return

Re: Status of persistent search in OpenLDAP

On 8/31/11 7:41 PM, Michael Ströder wrote: Clément OUDOT wrote: I tried to know if the persistent search control (OID 2.16.840.1.113730.3.4.3) was supported in OpenLDAP. The latests messages I read were saying "no", as we can see in this discussion: http://www.openldap.org/lists/openldap-technic

Issue when injecting a new AttributeTypes in OpenLdap

Hi fellows, OpenLDAP 2.4.24, built from sources. Ubuntu 10.10 debug : -1 config : ldif format, no slapd.conf I'm facing some weird issue while trying to inject an new AttributeType using a modify operation : #!ERROR [LDAP: erro

Re: search ldap

On 4/8/11 4:16 PM, Noel Akins wrote: I have a dumb question. I've been struggling with LDAP for a couple of weeks now, working on it at home at night. I seem to have something working here given the ldapsearch i tried doing below. I had started with a base.ldif and added a user via a add_user.ld

Re: entry format

On 3/30/11 10:51 AM, Omer Faruk SEN wrote: Hi, I have a dump of Sun LDAP Directory server (6.3.1) I see dn: cn=me,ou=groups,dc=me,dc=com nsUniqueId: 1255060a-46e511dd-803ce5f5-385faa0b objectClass;vucsn-4869456e0009002d: top objectClass;vucsn-4869456e0009002d: groupOfUniqueNames cn;vucsn

Re: deleting values from multivalued attribute

On 3/25/11 5:27 PM, Hugo Monteiro wrote: I wonder if it's also possible to use the same approach but for value modification. In brief evaluation, my guess is no, since the ldif syntax doesn't provide any way to distinct between the value to be replaced and the one to replace with. I don't und

Re: deleting values from multivalued attribute

On 3/25/11 4:44 PM, Hugo Monteiro wrote: On 03/25/2011 03:00 PM, Emmanuel Lecharny wrote: On 3/25/11 3:51 PM, Hugo Monteiro wrote: Hello list, is it possible to perform the deletion of only a certain number of values, from a multivalued attribute, without having to perform full deletion and

Re: deleting values from multivalued attribute

On 3/25/11 3:51 PM, Hugo Monteiro wrote: Hello list, is it possible to perform the deletion of only a certain number of values, from a multivalued attribute, without having to perform full deletion and then adding the ones we'd like to keep? Of course. http://download.oracle.com/docs/cd/E193

Re: How to obtain Operations Attributes

On 3/19/11 6:23 AM, Suneet Shah wrote: Hello, I am using the Java JDK 1.6.x to query ldap. I am using the query below. However, I need to be able to pull out the operational attributes as well. Any thoughts on how I can obtain the list of operational attributes without having to specify them?

Re: Which backend should I use?

On 2/3/11 5:45 PM, Quanah Gibson-Mount wrote: On Feb 3, 2011, at 1:11 AM, Clément OUDOT wrote: Le 3 février 2011 09:39, Olivier PAVILLA a écrit : Hi. I need your advice again :) I have LDAP server with ldbm database on a fedora core 5 which is running for more than 3 years without any upda

Re: Emergency recovery strategy needed by novice

On 1/7/11 8:17 PM, Richard Troy wrote: On Fri, 7 Jan 2011, Chris Jacobs wrote: Dump: slapcat -l [ldif file] Add from dump, with slapd off: slapadd -l [ldif file] If you're using BDB (typical backend), you can move the contents of the dbdir specified by your config first. - chris THANK YOU,

Re: OpenLDAP on T2000

On 12/2/10 2:36 PM, Nick Folino wrote: I'm evaluating OpenLDAP on various platforms and am having trouble getting the tools (slapadd, slapindex, etc) to perform well on Sun's T2000 servers. For example slapadd is running at about 50k/s. On an x86 server importing the same ldif yields over 1M/s.

Re: Issues migrating from openLDAP 2.0.27-11 to 2.3.43-12.el5_5.2

The Account OC directly inherits from Top, the InetOrgPerson OC has an inheriting hierarchy which is : InetOrgPerson -> OragnizationalPerson -> Person -> Top When defining an entry, you can't have two Structural OCs (Account and InetOrgPerson are Structural) defined at the same time. It's a b

Re: unable to perform authenticated binds

On 11/3/10 11:02 PM, Tim Dunphy wrote: sorry for the frustration all... removing the leading space in front of rootpw did the trick :) the directory is now populating, however I cannot understand why it is choking on this entry # pam_ldap, Services, acadaca.net dn: cn=pam_ldap,ou=Services,dc=ac

Re: Possible bug in ldap_get_values_len?

On 10/18/10 12:48 PM, Howard Chu wrote: But it's certainly stupid for the server to attach the attribute to the response with no values, since this is obviously NOT an attrsOnly search response. What about an AttributeType with an OctetString syntax ? It may have an empty value... -- Regar

Re: help, how to manage the ACL dynamic by C api???

On 9/25/10 5:07 AM, wu johnson wrote: null -pointer-exception ;) (couldn't resists...) -- Regards, Cordialement, Emmanuel Lécharny www.iktek.com

Re: Undefined attribute type (17)

On 9/20/10 5:00 PM, Michael Ostrowski wrote: Hi, I am getting the following error when trying to modify an entry via the ldapmodify command Any help would be appreciated, The uid AttributeType is not allowed for an entry with the person ObjectClass. -- Regards, Cordialement, Emmanue

Re: invalid syntax on pwdPolicy object add

On 9/16/10 12:12 PM, Buchan Milne wrote: On Monday, 13 September 2010 09:30:14 Julien Vehent wrote: I have created the OU 'policies' just fine, but when I try to add a pwdPolicy object, i get the following error: (the< # ldapadd -x -D cn=admin,dc=example,dc=net -W<< EOF dn: cn=defaultpw

Re: invalid syntax on pwdPolicy object add

On 9/14/10 8:40 AM, mailing lists wrote: Hello, I think that the pwdAttribute needs an OID value (specified by the syntax) so you would must use the OID of the userPassword attribute which is 2.5.4.35 I thought that would be a possibility for the failure Kiran and Julien are facing, (plea

Re: invalid syntax on pwdPolicy object add

On Mon, 13 Sep 2010 11:34:56 +0200, Emmanuel Lecharny wrote: On Mon, 13 Sep 2010 10:52:03 +0200, Christian Manal wrote: Hi, pwdPolicy is an auxiliary objectClass. You have to use it in conjunction with a structural objectClass. Look at the example from the admin guide: <h

Re: invalid syntax on pwdPolicy object add

On Mon, 13 Sep 2010 10:52:03 +0200, Christian Manal wrote: Hi, pwdPolicy is an auxiliary objectClass. You have to use it in conjunction with a structural objectClass. Look at the example from the admin guide: Hi I'v

Re: slapcat generate extra "space" characters in LDIF output

On 9/8/10 3:38 PM, Dieter Kluenter wrote: Frank Bonnet writes: Hello I'm in trouble with slapcat when generating a LDIF file it puts some extra "space" characters into some dn longer than 80 characters. is there a way to change the output format of slapcat command to generate lines longer t

Re: cn=Config GUI was: Re: ldap on Ubuntu 10.0.4

On 8/5/10 10:49 AM, Carl Johnstone wrote: I would definitely use Apache Directory Studio if I wanted a GUI now. Note when it comes to some updates in cn=config that ADS doesn't work. These are the attributes where you have to drop all the values and re-add them in. I don't think ADS is to blame

Re: cn=Config GUI was: Re: ldap on Ubuntu 10.0.4

On 8/4/10 1:36 PM, Marcio Merlone wrote: Em 03-08-2010 17:12, Howard Chu escreveu: Chris Jacobs wrote: This has been asked before - and the response has always been any gui ldap browser - like apache directory studio. I used to use jxplorer but that seems not to be actively maintained thes

Re: Question about password storage.

On 7/6/10 11:44 PM, Bryan Boone wrote: Hi everyone. I just read this information. 14.4. Password Storage LDAP passwords are normally stored in the userPassword attribute. RFC4519 specifies that passwords are not stored in encrypted (or hashed) form. *encrypted*. Not encrypted *or* hashed.

Re: How to modify a single attribute from multiple list of attributes

On 7/3/10 1:24 AM, Tom Leach wrote: So, what ldapmodify/ldif syntax is needed to specify which of multiple attributes should be modified? Thanks! Tom Leach dn: cn=config,o=dhcp changetype: modify delete: dhcpStatements dhcpStatements: log-facility local7 - add: dhcpStatements dhcpStatements:

Re: OpenLDAP DB_CONFIG values for a big Server

On 3/12/10 3:33 PM, Echedey Lorenzo wrote: Nice tricks, I have specified an index for my filter search. Populating entries again to take care of it. No need to inject the entries again. You can re-index the base using the CL Regarding shm_key, I have a couple of silly questions: - I shou

Re: OpenLDAP DB_CONFIG values for a big Server

On 3/12/10 1:09 PM, Dieter Kluenter wrote: 1. configure your ldap clients properly, that is, reduce to onelevel scope search and unbind decently, 2. put the transaction logs onto a separate disk, 3. load the whole database into shared memory, 4. use a separate partition for the database files

Re: the parent of a result.

On 2/22/10 7:37 PM, Mihamina Rakotomandimby wrote: Manao ahoana, Hello, Bonjour, I look for the way to search for the parent of the matched target. FOr example, let's image a forum, with multiple topics - boys - girls - dogs Each topic has comments (for simplicit let's make them flat) - boys

Re: performance on Solaris

Stefano Zanmarchi a écrit : Thank you very much Quanah, you sound very encouraging. Does anyone knows how OpenLDAP performs on Sun Solaris (10) on Sun's hardware (sparc cpus)? Some more data to complete the picture. - OpenLDAP 2.4.16 + Berkeley BDB 4.7 + back-bdb - 800.000 entries occupy 880MB

Re: ApacheDS + openLDAP

bren norris a écrit : Anyone using Eclipse based ApacheDS for works with openLDAP? I get a socket closed everytime I try and add a custom objectclass to the DIT... but it works fine with Softerra LDAP administrator. Server is a aptitude installed Ubuntu Karmic release and I thought I'd tap your