Thanks for the clarification.
On Fri, Dec 13, 2013 at 3:15 PM, Dieter Klünter wrote:
> Am Fri, 13 Dec 2013 13:09:07 -0600
> schrieb Jason Brandt :
>
> > My pleasure. That command should work for any changes you need to
> > make to the base config, acl's, indexes, et
My pleasure. That command should work for any changes you need to make to
the base config, acl's, indexes, etc.
On Fri, Dec 13, 2013 at 1:03 PM, Clint Petty wrote:
> Hi Jason,
>
>
>
> Yes, that worked for me.
>
>
>
> Thanks
>
>
>
> *From:* Jas
ent: Thursday, December 12, 2013 7:15 PM
> To: Clint Petty; Jason Brandt
> Cc: openldap-technical@openldap.org
> Subject: Re: ldapsearch limit of 500 entries
>
> Clint Petty wrote:
> > Thanks Jason,
> >
> > I resolved this issue by adding:
> >
> > olc
I don't have the time to always provide in depth explanations. There are
plenty of people on this list who can elaborate, if it's deemed necessary,
as you did. I had an answer for him, and I gave it.
On Thu, Dec 12, 2013 at 9:11 PM, Howard Chu wrote:
> Jason Brandt wrote:
>
&
Note that this will replace any existing limits you have set.
On Thu, Dec 12, 2013 at 1:24 PM, Jason Brandt wrote:
> Global size limit modification ldif file (using cn=config):
>
> dn: cn=config
> changetype: modify
> replace: olcSizeLimit
> olcSizeLimit: size.soft=100 siz
Global size limit modification ldif file (using cn=config):
dn: cn=config
changetype: modify
replace: olcSizeLimit
olcSizeLimit: size.soft=100 size.hard=500
Per user size limit changes:
dn: olcDatabase={1}hdb,cn=config
changetype: modify
replace: olcLimits
olcLimits: dn.exact="uid=user,ou=people
No problem, if you need more config info on the SASL setup, let me know. I
have used with domain controller versions 2003 and up and worked great.
On Wed, Nov 20, 2013 at 11:24 AM, Willy Ramos wrote:
> Em 20/11/2013 14:33, Clément OUDOT escreveu:
>
> 2013/11/20 Willy Ramos :
>>
>>> Em 20/11/2
Well, if you're going to use SASL, then you need to configure your
saslauth.conf like my example, making sure your ldap servers point to your
Active Directory servers. Otherwise if you're going to use some method
besides SASL, then I won't be much help.
On Wed, Nov 20, 2013 at 10:55 AM, Willy Ra
e pointing to
ldap_servers: localhost, instead of your AD servers.
On Wed, Nov 20, 2013 at 7:37 AM, Jason Brandt wrote:
> I can get you my SASL config from my test environment when I get to the
> office. One thing to keep in mind, is that you MUST do an authenticated
> bind to AD, you
I can get you my SASL config from my test environment when I get to the
office. One thing to keep in mind, is that you MUST do an authenticated
bind to AD, you cannot do anonymous bind, so you have to have a service
account setup to allow SASL to authenticate to AD. It can be the most
basic user
You are trying to authenticate through the credentials stored in your
active directory servers, not the passwords stored in LDAP, correct? If
that is the case, then the easiest means to accomplish that are to use SASL
for authentication.
On Tue, Nov 19, 2013 at 12:59 PM, wrote:
> Hi,
> I´m wit
not being pushed in. Have you
gone detailed with debugging mode, etc, to see if any errors are being
logged? It seems to me that this is the source of most of your problems.
I would try and track down the cause of that issue first.
On Tue, Sep 24, 2013 at 9:18 AM, wrote:
>
>
>
>
I hope this doesn't confuse you too much... First off... Your admin account
will be dn="cn=admin,dc=oreillyauto,dc=com", if you are talking about the
default admin account. You also want manage instead of write. I would
also recommend securing your admin account with access lists, only allowing
a
Has it ever worked correctly? It sounds to me as if you're having the same
issue I did to begin with, being that you do not have the appropriate
permissions for the accessLog database. This fixed the issue for me. (my
accessLog database is 2)
dn: olcDatabase={2}hdb,cn=config
changetype: modify
r
This sounds like you're missing schema values. If you inspect your schema,
do you have an attributeType defined for pwdAttribute? If not you'll need
to load additional schema.
On Wed, Jul 10, 2013 at 8:27 AM, Sotomayor, Vicente (ITD) <
vicente.sotoma...@state.ma.us> wrote:
> I had a similar er
You would only specify the CA file if your wildcard file contains the root
CA chain. Otherwise it is also advisable to download your root CA chain
file, and specify it with the olcTLSCACertificateFile directive. To
clarify for you, your certificate file is NOT a CA file. The CA files are
root fi
, Jun 12, 2013 at 10:00 AM, Clément OUDOT wrote:
> 2013/6/12 Jason Brandt :
> > We run in a mixed environment, with both Active Directory and LDAP
> directory
> > servers. Some users exist in both LDAP and AD, while some are just in
> AD.
> > As such, we always have o
We run in a mixed environment, with both Active Directory and LDAP
directory servers. Some users exist in both LDAP and AD, while some are
just in AD. As such, we always have obstacles with password sync between
directories.
Is it possible, to set up an OpenLDAP proxy (if that's the correct term
Thanks, I worked through it and figured out the solution.
On Fri, Jun 7, 2013 at 9:21 AM, Aaron Richton wrote:
> On Fri, 7 Jun 2013, Jason Brandt wrote:
>
> I have done some searching, and have been unable to come up with a
>> solution/answer...
>>
>> I'm lookin
I have done some searching, and have been unable to come up with a
solution/answer...
I'm looking for a way to change the server side search limits on a per user
basis. Currently, if we want to maintain global search result limit, it
appears that we are required to use the administrator account t
20 matches
Mail list logo
