RE: [EXTERNAL] Fwd: [OldapWS] -> Proposal of a REST Web Service for CRUD Operations

This would be great If it were based on SCIM (https://www.simplecloud.info/ ) and then expanded for operations that aren't user specific. JON C KIDDER | ARCHITECT STAFF jckid...@aep.com | D:614.716.4970 1 RIVERSIDE PLAZA, COLUMBUS, OH 43215 -Original Message- From: Howard Chu Sent

RE: [EXTERNAL] Specific outgoing IP for syncrepl

impact all network traffic destined for a specific IP and not just syncrepl traffic. JON C KIDDER | IT ENTERPRISE ARCHITECT jckid...@aep.com | D:614.716.4970 | C:614.580.7302 1 RIVERSIDE PLAZA, COLUMBUS, OH 43215 -Original Message- From: Dale Thompson - NOAA Federal Sent: Friday, April 24

RE: [EXTERNAL] Re: Lazy quantifiers in regex ACLs??

Perfect! Thank you Philip. That was exactly what I needed to keep moving forward! -Jon C. Kidder -Original Message- From: Philip Guenther Sent: Wednesday, October 2, 2019 12:55 PM To: Jon C Kidder Cc: openldap-technical@openldap.org Subject: [EXTERNAL] Re: Lazy quantifiers in regex

Lazy quantifiers in regex ACLs??

Does the regex engine in OpenLDAP not support lazy quantifiers? Why does the ACL processing in this log show only one capture group as if the lazy quantifier in the first capture group isn't recognized? Every tester I plug this regex into produces 2 capture groups which is what I need. I

dynlist and entryUUID

yet. Is this because the overlay doesn’t work with operational attributes? Is this a bug? JON C KIDDER | MIDDLEWARE ADMINISTRATOR LEAD jckid...@aep.com | D:614.716.4970 1 RIVERSIDE PLAZA, COLUMBUS, OH 43215

RE: [EXTERNAL] exempt some users from OpenLDAP password policy

You also have the option of not specifying a default policy but I’m assuming that “no policy” is your exception use case and not what you want as the default. [cid:image001.png@01D3D2F8.96CC7360]<http://www.aep.com/> JON C KIDDER | MIDDLEWARE ADMINISTRATOR LEAD jckid...@aep.com<mai

RE: [EXTERNAL] exempt some users from OpenLDAP password policy

where needed by supplying the DN of the policy in the pwdPolicySubentry attribute of the user. [cid:image001.png@01D3D2F6.EE048DE0]<http://www.aep.com/> JON C KIDDER | MIDDLEWARE ADMINISTRATOR LEAD jckid...@aep.com<mailto:jckid...@aep.com> | D:614.716.4970 1 RIVERSIDE PLAZA, COLUMB

RE: [EXTERNAL] Incosistent config after schema modification

schema I use the replace operation but my ldif contains all of the object class and attribute type definitions related to that schema. This way the schema can be maintained as a versioned artifact in my version control system. JON C KIDDER | MIDDLEWARE ADMINISTRATOR LEAD jckid...@aep.com | D

RE: [EXTERNAL] pwdPolicySubentry: value #0 already exists

]<http://www.aep.com/> JON C KIDDER | MIDDLEWARE ADMINISTRATOR LEAD jckid...@aep.com<mailto:jckid...@aep.com> | D:614.716.4970 1 RIVERSIDE PLAZA, COLUMBUS, OH 43215 From: openldap-technical [mailto:openldap-technical-boun...@openldap.org] On Behalf Of Douglas Duckworth Sent: Wednesday

RE: [EXTERNAL] Re: back-ldap and ldaps not working

handshake only succeeds if the ca cert resides in the 3a89cd48.0 file. JON C KIDDER | MIDDLEWARE ADMINISTRATOR LEAD jckid...@aep.com | D:614.716.4970 1 RIVERSIDE PLAZA, COLUMBUS, OH 43215 -Original Message- From: Quanah Gibson-Mount [mailto:qua...@symas.com] Sent: Monday, July 10, 2017 1:24 PM

RE: [EXTERNAL] Re: back-ldap and ldaps not working

You didn't fail Quanah. I included the version number in my original description of the problem 'cause I didn't want to be "that guy". :D I am running 2.4.44. -Jon -Original Message- From: Quanah Gibson-Mount [mailto:qua...@symas.com] Sent: Monday, July 10, 2017 1:24 PM

Re: [EXTERNAL] Re: back-ldap and ldaps not working

correctly and the option to set the path to the CA cert file is being ignored. -Jon > On Jul 8, 2017, at 6:39 AM, Michael Ströder <mich...@stroeder.com> wrote: > > Jon C Kidder wrote: >> TLS trace: SSL_connect:SSLv3 read server hello A >> TLS certificate verification:

RE: [EXTERNAL] Re: back-ldap and ldaps not working

3Z I guess it's time to start diving into the source. -Jon -Original Message- From: Quanah Gibson-Mount [mailto:qua...@symas.com] Sent: Friday, July 07, 2017 3:45 PM To: Jon C Kidder; openldap-technical@OpenLDAP.org Subject: RE: [EXTERNAL] Re: back-ldap and ldaps not working --On Friday

RE: [EXTERNAL] Re: back-ldap and ldaps not working

cate chain). Thanks again for the assist(s). Any other thoughts? -Jon -Original Message- From: Quanah Gibson-Mount [mailto:qua...@symas.com] Sent: Friday, July 07, 2017 2:03 PM To: Jon C Kidder; openldap-technical@OpenLDAP.org Subject: [EXTERNAL] Re: back-ldap and ldaps n

back-ldap and ldaps not working

tag=103 err=52 text= So, is there something wrong with the value of the olcDBStartTLS attribute that I'm not seeing?? -Jon C. Kidder American Electric Power Complex - Middleware Engineering

RE: [EXTERNAL] Re: [Bad Attachment] Slave won't send referrals

, 2017 11:56 AM To: Jon C Kidder; openldap-technical@OpenLDAP.org Subject: RE: [EXTERNAL] Re: [Bad Attachment] Slave won't send referrals --On Friday, July 07, 2017 4:20 PM + Jon C Kidder <jckid...@aep.com> wrote: > Of course it did!! Lol Let's try this instead.

RE: [EXTERNAL] Re: [Bad Attachment] Slave won't send referrals

Of course it did!! Lol Let's try this instead. https://1drv.ms/t/s!Ahoo4oNE6Txzgx4wf4gzVQkKPjG6 -Jon -Original Message- From: Quanah Gibson-Mount [mailto:qua...@symas.com] Sent: Friday, July 07, 2017 11:06 AM To: Jon C Kidder; openldap-technical@OpenLDAP.org Subject: [EXTERNAL] Re

Slave won't send referrals

overlooking would be greatly appreciated!! Thanks, -Jon C. Kidder American Electric Power Complex - Middleware Engineering. zip renamed as txt to avoid mail scrubbing. PKÊJçJSÅøÛ¯mod.logíYmo"7þ^©ÿÁâ‘¢Óî’€²‘R’¶Ñå:õCU!cς{^{k{/Ðèþ{ǐ„% ¹©÷ XϛόŸš­fvØʚ„i¥Ò8Š

RE: Getting the list of members in an AD group

-Jon C. Kidder American Electric Power Middleware Services Email: jckid...@aep.com Phone: 614-716-4970 -Original Message- From: Sankar P [mailto:sankar.curios...@gmail.com] Sent: Friday, May 02, 2014 1:09 AM To: Jon C Kidder Cc: Mark Pröhl; openldap-technical@openldap.org Subject: Re

RE: Getting the list of members in an AD group

to do it. -Jon C. Kidder American Electric Power Middleware Services Email: jckid...@aep.com Phone: 614-716-4970 -Original Message- From: openldap-technical-boun...@openldap.org [mailto:openldap-technical-boun...@openldap.org] On Behalf Of Sankar P Sent: Friday, April 11, 2014 2:08 AM

RE: Getting the list of members in an AD group

feature that was carried forward in to AD in order to support hybrid NT/AD domains. You must take this into account when querying AD group memberships. -Jon C. Kidder American Electric Power Middleware Services Email: jckid...@aep.com Phone: 614-716-4970 -Original Message- From: openldap

RE: TLS with multiple LDAP servers

server)? Will your client handle fail-over internally and connect directly to each server? Once we have the details around your fail-over solution we can provide more advice on methods for handling the host name validation portion of your TLS handshake. -Jon C. Kidder American Electric Power

RE: Adding attributes to cn=config

/openldap/etc/openldap/CA/cacert.pem -Jon C. Kidder American Electric Power Middleware Services Email: jckid...@aep.com Phone: 614-716-4970 -Original Message- From: openldap-technical-boun...@openldap.org [mailto:openldap-technical-boun...@openldap.org] On Behalf Of Borresen, John - 0442

Custom attribute values created prior to an index are not getting indexed by slapindex

ctscPropertyKeywords: MultiValued # search result search: 2 result: 0 Success # numResponses: 10 # numEntries: 9 -Jon C. Kidder American Electric Power Middleware Services Email: jckid...@aep.commailto:jckid...@aep.com Phone: 614-716-4970 attachment: winmail.dat

slapd appears to incorrectly report an object class violation when renaming an entry

) additional info: object class 'inetOrgPerson' requires attribute 'cn' As you can see from the ldif the cn attribute is clearly present. I am assuming this is a bug and needs reported but wanted to review it with the list members before I submitted the ITS entry. -Jon C. Kidder American