ent* numbers for the same logical group. Then you have a different set
of problems. My thought would be to change things so that all of the systems
agree on the *numbers*, probably by doing a global search and replace
(probably using some sort of script).
>
>
At Sat, 30 Mar 2019 15:24:34 -0700 Billy MacAllister wrote:
>
> On Sat, 30 Mar 2019 16:44:31 -0400 (EDT)
> Robert Heller wrote:
>
> > I have a server running CentOS 6 on the bare metal, running the stock
> > CentOS 6 OpenLDAP packages (openldap-2.4.40-16.el6.x86_
the
Ubuntu 18.04 VM. I have checked everything, but I am coming up empty. I am
thinking there might be some "trick" to getting LDAP Authentication to work
under Ubuntu 18.04 that I am missing.
--
Robert Heller -- 978-544-6933
Deepwoods Software-- Custom Software Se
At Tue, 22 May 2018 18:16:24 -0700 "Paul B. Henson" wrote:
>
> > From: Robert Heller
> > Sent: Tuesday, May 22, 2018 5:37 PM
> >
> > You can suppress the version numbers with the "-avoid-version" LDFLAGS
> > option
>
> Cool, t
At Tue, 22 May 2018 17:20:57 -0700 "Paul B. Henson" wrote:
>
> > From: Robert Heller
> > Sent: Tuesday, May 22, 2018 1:16 PM
> >
> > (specificly Tcl extensions). If using libtool, it *should* create
> symlinks
> > for the .so file without the ver
ed tcl extension and can
also be linked to by a C++ program. This is under Linux, but I do the same
under MacOSX (which is an OpenBSD variant under-the-hood).
>
> Thanks.
>
>
>
--
Robert Heller -- 978-544-6933
Deepwoods Software-- Custom
At Fri, 29 Sep 2017 19:52:05 +0200 =?UTF-8?Q?Michael_Str=c3=b6der?=
wrote:
>
> Robert Heller wrote:
> > But SSSD does not work with ldaps:///...
>
> This is simply not true.
Maybe it is better to say SSSD does not seem to be woring for me with
ldaps:///...
;
> How does one estalish their own CA that's trusted by other Root CA's?
> Perhaps try disabling verification of the chain then see if bind happens.
>
> On Sep 28, 2017 9:14 PM, "Robert Heller" wrote:
>
> > At Thu, 28 Sep 2017 16:08:42 -0700 Quanah Gibson-M
At Thu, 28 Sep 2017 16:08:42 -0700 Quanah Gibson-Mount wrote:
>
> --On Thursday, September 28, 2017 7:28 PM -0400 Robert Heller
> wrote:
>
> > At Thu, 28 Sep 2017 12:29:19 -0700 Quanah Gibson-Mount
> > wrote:
> >
> >>
> >> --On Thursday
At Thu, 28 Sep 2017 12:29:19 -0700 Quanah Gibson-Mount wrote:
>
> --On Thursday, September 28, 2017 3:34 PM -0400 Robert Heller
> wrote:
>
>
> > Slapd is reporting TLS Negotiation failure when SSSD tries to connect to
> > it. For both port 389 (ldap:///) and 6
Will these spit out useful error messages? If I just get "TLS Negotiation
failure" it is not going to be helpful.
At Thu, 28 Sep 2017 12:29:19 -0700 Quanah Gibson-Mount wrote:
>
> --On Thursday, September 28, 2017 3:34 PM -0400 Robert Heller
> wrote:
>
>
&
At Thu, 28 Sep 2017 10:19:43 -0700 Quanah Gibson-Mount wrote:
>
> --On Thursday, September 28, 2017 2:08 PM -0400 Robert Heller
> wrote:
>
> > OK, I have narrowed things down to slapd and sssd not playing nice with
> > each other. slapd is able to listen on ldaps (
50.98/
TLS_CACERT /etc/openldap/certs/ca-cert.pem
TLS_CACERTDIR /etc/openldap/certs
TLS_REQCERT demand
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
# Turning this off breaks GSSAPI used with krb5 when rdns = false
SASL_NOCANONon
TLS_REQCERT allow
--
Robert Heller -
to look. All of the web search results suggest that I am doing the
right things, but slapd is just not behaving for some unspecificed reason.
>
> --Quanah
>
> --
>
> Quanah Gibson-Mount
> Product Architect
> Symas Corporation
> Packaged, certified, and supported LDAP s
02 ESTABLISHED
tcp6 0 0 [::]:ldaps [::]:* LISTEN
Is this correct? I am not sure if I should be using ldaps:/// or not. And I
am not sure what the proper "magic" to get TLS working is.
--
Robert Heller -- 978-544-6933
Dee
At Fri, 22 Sep 2017 16:34:44 +0200 m.wan...@t-online.de wrote:
>
> Am 22.09.2017 um 15:45 schrieb Robert Heller:
> > At Fri, 22 Sep 2017 10:47:29 +0200 Dieter =?UTF-8?B?S2zDvG50ZXI=?=
> > wrote:
> >
> >>
> >> Am Thu, 21 Sep 2017 10:01
At Fri, 22 Sep 2017 07:36:48 -0700 Quanah Gibson-Mount wrote:
>
> --On Friday, September 22, 2017 10:45 AM -0400 Robert Heller
> wrote:
>
>
> > Operation 11 *seems* to be fetching the uid, using self, which has write
> > access, which implies read access, wh
Things are still not working. Here is my olcDatabase=\{2}hdb.ldif file
(which contains the access control):
dn: olcDatabase={2}hdb
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {2}hdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=deepsoft,dc=com
olcRootDN: cn=Manager,dc=dee
At Fri, 22 Sep 2017 10:47:29 +0200 Dieter =?UTF-8?B?S2zDvG50ZXI=?=
wrote:
>
> Am Thu, 21 Sep 2017 10:01:48 -0400 (EDT)
> schrieb Robert Heller :
> [...]
>
> > Sep 21 09:50:01 c764guest.deepsoft.com slapd[17535]: <=3D acl_mask: [1]
> > mask: wr
At Wed, 20 Sep 2017 19:30:17 +0200 Dieter =?UTF-8?B?S2zDvG50ZXI=?=
wrote:
>
> Am Wed, 20 Sep 2017 12:32:37 -0400 (EDT)
> schrieb Robert Heller :
>
> > OK, I fixed the ACLs (I think), but it is still not working. I
> > turned on verbose debugging for sssd[pam] an
pirationTime loginAllowedTimeMap sshPublicKey mail
Sep 20 12:28:01 c764guest.deepsoft.com slapd[26005]: <=
bdb_equality_candidates: (uid) not indexed
Sep 20 12:28:01 c764guest.deepsoft.com slapd[26005]: conn=1092 op=4 SEARCH
RESULT tag=101 err=0 nentries=0 text=
At this point I am totally stuck.
At Wed, 20 Sep 2017 09:09:23 +0200 =?UTF-8?Q?Cl=c3=a9ment_OUDOT?=
wrote:
>
>
>
> Le 19/09/2017 =C3=A0 18:45, Robert Heller a =C3=A9crit :
> > I am having a hard time setting a user password using ldap (OpenLDAP
> > 2.4.40-13.el7) on a CentOS 7 system.
> >
> &
ethods and I am guessing I need to update a configuration somewhere (either
for pam, sssd, or nslcd), but I am not finding it.
--
Robert Heller -- 978-544-6933
Deepwoods Software-- Custom Software Services
http://www.deepsoft.com/ -- Linux Administration Services
hel...@de
ified, and supported LDAP solutions powered by OpenLDAP:
> <http://www.symas.com>
>
>
>
>
--
Robert Heller -- 978-544-6933
Deepwoods Software-- Custom Software Services
http://www.deepsoft.com/ -- Linux Administration Services
hel...@deepsoft.com -- Webhosting Services
any action based on this message
> > or any information herein. If you have received this message in error,
> > please advise the sender immediately by reply e-mail and delete this
> > message. Thank you for your cooperation."
> >
> >
> >
> >
>
>
>
>
>
>
>
--
Robert Heller -- 978-544-6933
Deepwoods Software-- Custom Software Services
http://www.deepsoft.com/ -- Linux Administration Services
hel...@deepsoft.com -- Webhosting Services
nerally* don't make such a big jump, but it looks like that is not always
the case.
>
> Ciao, Michael. (not an Ubuntu user)
>
--
Robert Heller -- 978-544-6933
Deepwoods Software-- Custom Software Services
http://www.deepsoft.com/ -- Linux Administration Services
hel...@deepsoft.com -- Webhosting Services
ple,dc=com
> olcDbIndex: default eq
> olcDbIndex: entryCSN,objectClass,reqEnd,reqResult,reqStart
>
--
Robert Heller -- 978-544-6933 / hel...@deepsoft.com
Deepwoods Software-- http://www.deepsoft.com/
() ascii ribbon campaign -- against html e-mail
/\ www.asciiribbon.org -- against proprietary attachments
anybody know what I should do instead?
> >Thanks.
>
> Consult the manpage for ldap.conf. It should list the correct location, for
> your system, under the FILES section.
Ubuntu 11 has it in /etc/ldap/ldap.conf.
>
--
Robert Heller -- 978-544-6933 / hel..
anks for your comment. It looks indeed somehow difficult to get an
> current version installed. I'll continue trying to find a solution.
>
> Thanks and regards . Götz
There are 'recent' openldap and BerkeleyDB rpms for RHEL 5 on the Ldap
Toolbox project web site:
http://to
openldap-clients-2.3.43-12.el5_5.2
--
Robert Heller -- 978-544-6933 / hel...@deepsoft.com
Deepwoods Software-- http://www.deepsoft.com/
() ascii ribbon campaign -- against html e-mail
/\ www.asciiribbon.org -- against proprietary attachments
slapd.conf file, which contains some
root-level (eg bootstrap) configuration. You need to copy this file
from the original server to the replacement server, and possibly edit it
slightly (depending on how much of a 'clone' you are making, eg stuff
like server IP numbers, hostnames, etc.).
>
At Sun, 6 Dec 2009 02:13:28 +0100 Serge Fonville
wrote:
>
> On Fri, Dec 4, 2009 at 5:55 PM, Robert Heller wrote:
> > I have Openldap set up on a CentOS 5 system (using the stock 2.3.43
> > RPMS) and I want to allow users to change their passwords, but I am
> > confu
At Sat, 05 Dec 2009 21:12:14 +0100 Zdenek Styblik wrote:
>
> Robert Heller wrote:
> > At Sat, 05 Dec 2009 19:41:26 +0100 Zdenek Styblik
> > wrote:
> >
> >> Robert Heller wrote:
> >>> At Sat, 05 Dec 2009 18:29:55 +0100 Zdenek Styblik
> >>
At Sat, 05 Dec 2009 19:41:26 +0100 Zdenek Styblik wrote:
>
> Robert Heller wrote:
> > At Sat, 05 Dec 2009 18:29:55 +0100 Zdenek Styblik
> > wrote:
> >
> >> Robert Heller wrote:
> >>> At Sat, 05 Dec 2009 09:12:46 +0100 "Dieter Kluenter&
At Sat, 05 Dec 2009 18:29:55 +0100 Zdenek Styblik wrote:
>
> Robert Heller wrote:
> > At Sat, 05 Dec 2009 09:12:46 +0100 "Dieter Kluenter"
> > wrote:
> >
> >> Robert Heller writes:
> >>
> >>> I have Openldap set up on a CentOS
At Sat, 05 Dec 2009 09:12:46 +0100 "Dieter Kluenter"
wrote:
>
> Robert Heller writes:
>
> > I have Openldap set up on a CentOS 5 system (using the stock 2.3.43
> > RPMS) and I want to allow users to change their passwords, but I am
> > confused by the do
At Sat, 05 Dec 2009 09:23:16 +0530 Chamith Kumarage wrote:
>
> On Fri, 2009-12-04 at 11:55 -0500, Robert Heller wrote:
> > I have Openldap set up on a CentOS 5 system (using the stock 2.3.43
> > RPMS) and I want to allow users to change their passwords, but I am
&
am unsure of this as well).
--
Robert Heller -- 978-544-6933
Deepwoods Software-- Download the Model Railroad System
http://www.deepsoft.com/ -- Binaries for Linux and MS-Windows
hel...@deepsoft.com -- http://www.deepsoft.com/ModelRailroadSystem/
38 matches
Mail list logo