Re: How to build argon2.so ?

AM, Quanah Gibson-Mount wrote: > > > > --On Wednesday, April 5, 2023 11:38 AM -0700 Scott Classen <mailto:sclas...@lbl.gov>> wrote: > >> Hello, >> >> According to: servers/slapd/pwmods/README.argon2 >> >> Building >> >&g

How to build argon2.so ?

2} So as with previous versions of OpenLDAP I assumed I would need to build and load the argon2 module manually. Sincerely, Scott Classen

Re: OpenLDAP 2.6.0 testing call #3

Hello Quanah, I received this error when running the regression tests: > Starting its8444 ... running defines.sh This test tracks a case where changes are incorrectly skipped See https://bugs.openldap.org/show_bug.cgi?id=8444 for more information. Initializing server configurations... Startin

Re: OpenLDAP 2.6.0 testing call #2

All tests passed on CentOS 7.9.2009 wget https://git.openldap.org/openldap/openldap/-/archive/OPENLDAP_REL_ENG_2_6/openldap-OPENLDAP_REL_ENG_2_6.tar.gz tar zxvf openldap-OPENLDAP_REL_ENG_2_6.tar.gz cd openldap-OPENLDAP_REL_ENG_2_6/ LDFLAGS="-L/usr/lib64/openssl11 -Wl,-rpath,/usr/include/openssl1

Re: OpenLDAP 2.6.0 testing call

Configured and compiled on CentOS7 with openssl 1.1.1g from EPEL repo LDFLAGS="-L/usr/lib64/openssl11 -Wl,-rpath,/usr/include/openssl11" CPPFLAGS="-I/usr/include/openssl11" export CPPFLAGS export LDFLAGS ./configure --with-argon2 --with-systemd --with-tls=openssl --enable-mdb --with-cyrus-sasl

Re: Configure openldap 2.5.6 on CentOS7 with TLS

;-I/usr/include/openssl11" export CPPFLAGS export LDFLAGS ./configure --with-argon2 --with-systemd --with-tls=openssl make depend make make test > On Jul 29, 2021, at 6:49 PM, Quanah Gibson-Mount wrote: > > > > --On Thursday, July 29, 2021 5:13 PM -0700 Scott Cl

Configure openldap 2.5.6 on CentOS7 with TLS

Hello, I’m making some progress with building 2.5.6 on my CentOS 7 machine, but I am stuck getting TLS support First I installed openssl version 1.1.1 from the epel repository: sudo yum install openssl11.x86_64 sudo yum install openssl11-devel.x86_64 sudo yum install openssl11-libs.x

Re: OpenLDAP 2.5 Release Candidate Testing (OpenLDAP 2.5.4)

Is it possible to specify an alternate openssl? The default openssl that is distributed with CentOS7 is 1.0.2 which is too old. I have installed 1.1.1g from the epel repository so I have these packages available: openssl.x86_64 1:1.0.2k-21.el7_9 @updates o

Re: ACL not behaving as I would expect

> On Oct 1, 2020, at 3:27 PM, Quanah Gibson-Mount wrote: > > > > --On Thursday, October 1, 2020 4:22 PM -0700 Scott Classen <mailto:sclas...@lbl.gov>> wrote: > >> Hello, >> >> I'm having trouble understanding why I can't get

ACL not behaving as I would expect

Hello, I’m having trouble understanding why I can’t get a service account to reset a userPassword attribute. ACLs are: {0}to attrs=userPassword by self write by anonymous auth by * none {1}to * by self write by users read by dn.base="uid=pwreset,dc=example,d

Re: syncrepl does not work as expected

Here is an example of setting up mirror mode Syncrepl from the Admin guide: 18.3.4.1. Mirror Node Configuration <> The first step is to configure the syncrepl provider the same as in the Set up the provider slapd s

Re: syncrepl does not work as expected

Hello Kumar, What does the entire olcSyncrepl entry look like on your consumer? There are many options as you can see from the documentation: 5.2.5.8. olcSyncrepl <> olcSyncrepl: rid= provider=ldap[s]://[:port] [type=refreshOnly|refreshAndPersist]

Re: Info needed on OpenLDAP support / compliance on FIPS 140.2

Vijay, Did you build the OpenLDAP binary from source or are you using a binary distribution from somewhere? Like Quanah already stated, you need to determine if the version of OpenSSL you linked against is FIPS compliant. The FIPS designation has nothing to do with OpenLDAP per se. e.g. on my

Re: OpenLDAP with SSL connection and search only with wildcard

What are the full ldapsearch commands you are using? And what is the output? > On Jun 14, 2020, at 11:03 PM, a.le...@consense-gmbh.de wrote: > > I thought maybe the size limit is exceeded. > > But when I go back to a ldap connection (instead of a ldaps-connection) it > works fine. smime.p7s

Re: slapadd gives confusing output - str2entry

Well my ACLs are apparently misconfigured… Thanks for the tip Quanah > On Jun 10, 2020, at 6:01 PM, Quanah Gibson-Mount wrote: > > > > --On Wednesday, June 10, 2020 6:07 PM -0700 Scott Classen > wrote: > >> 5ee172af str2entry: entry -1 has no dn >> slapadd:

Re: slapadd gives confusing output - str2entry

ote: > > Did you export it with slapcat? > > On Wed, Jun 10, 2020 at 8:24 PM Scott Classen <mailto:sclas...@lbl.gov>> wrote: > Heck if I know > > # wc -l slapd.ldif > 160 slapd.ldif > > > >> On Jun 10, 2020, at 5:23 PM, Nick Folino > <

Re: slapadd gives confusing output - str2entry

Heck if I know # wc -l slapd.ldif 160 slapd.ldif > On Jun 10, 2020, at 5:23 PM, Nick Folino wrote: > > What's on line 1500? > > On Wed, Jun 10, 2020 at 8:08 PM Scott Classen <mailto:sclas...@lbl.gov>> wrote: > Hello, > > I’m setting up a new openl

slapadd gives confusing output - str2entry

could not parse entry (line=1500) _ 100.00% eta none elapsednone fast! Closing DB… Slapadd claims to have completed 100%, but also complains about entry -1 having no dn: Any advice? Cheers, Scott ~~ Scott Classen, Ph.D. ALS-

Re: How to add a new schema on N-way multi-master with legacy config

You will probably need to edit your slapd.conf file too. i.e. add a line like: include /usr/local/etc/openldap/schema/kerberos.schema before restarting slapd > On Oct 9, 2018, at 11:32 PM, Martin Božič wrote: > > Hello, > > We've inherited an N-way multi-master setup (based on CentOS Open

Re: make test seg fault related to libc

yum erase cyrus-sasl-ldap fixed the problem. 'make test' completed without problems and no segmentation faults. > On Oct 11, 2017, at 12:49 PM, Quanah Gibson-Mount wrote: > > --On Wednesday, October 11, 2017 1:02 PM -0700 Scott Classen > wrote: > >> # ulimit

Re: make test seg fault related to libc

(-u) 514289 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited > On Oct 11, 2017, at 11:57 AM, Quanah Gibson-Mount wrote: > > --On Wednesday, October 11, 2017 10:44 AM -0700 Scott Classen > wrote: > >> Hello, >> >&

make test seg fault related to libc

Hello, I've built openldap 2.4.45 on a CentOS 7.4.1708 machine with the following configuration: ./configure --enable-bdb=no --enable-hdb=no --enable-mdb --with-tls=openssl --enable-spasswd --enable-syslog --enable-modules --enable-cleartext --enable-overlays --enable-accesslog --enable-auditl

Re: looking for a graphic tool for openldap

I like ApacheDS https://directory.apache.org > On Mar 18, 2016, at 3:05 AM, MichaelLeung wrote: > > i am wondering is there a graphic openldap admin tool that run under Linux ? >

Re: Configuring OpenLDAP server with Linux groups information

Is your /etc/nsswitch file configured to get group info from LDAP? If so everything should just work I believe. Sincerely, Scott > On Sep 15, 2015, at 7:58 AM, JC wrote: > > I have a CentOS system where authentication over the SSH interface is > delegated to an OpenLDAP server by means of PA

Re: openLDAP upgrate

I recently upgrade from source and this is my procedure. Your's will certainly be different, but it gives you the basic steps. First check to make sure we have an LDIF backup of entire LDAP database. 1. install new openldap cd /usr/local/src wget ftp://ftp.openldap.org/pub/OpenLDAP/openlda

Re: How can I add ldap user from linux shell command line?

On Aug 25, 2014, at 11:34 PM, Tian Zhiying wrote: > Hi All > > How can I add ldap user from linux shell command line? > And how can I batch add ldap user from linux shell command line? > > Tian Zhiying slapadd? from man slapadd: > Slapadd is used to add entries specified in LDAP Directory

Re: ldapsearch trying to use SASL

the '-x' option. Anyways it's working now. It's odd that it works as tomcat user from command line without the '-x' but requires the '-x' when run from a webapp. Thanks, Scott On Jan 29, 2013, at 2:19 PM, Dan White wrote: > On 01/29/13 14:08 -0800, Scott Cl

ldapsearch trying to use SASL

Hello, I have a script which checks for the existence of an email address in my LDAP directory. the relevant line is: ldapsearch -D "uid=nss,dc=bah,dc=com" -w mypassword -b "ou=People,dc=blah,dc=com" uid=bobthebuilder mail If I run this script as the root or tomcat user it works as expected a

Re: How do you have LDAP Setup for Apps

You can also create your own custom auxiliary objectClass that you can use as an addition filter. for example: objectClass ( your_custom_OID_here NAME ‘yourcustomPerson' DESC ‘My Custom User INFO' SUP top AUXILIARY MUST ( customUserPriv $ customAuthApp1 $ customStaffMember

Re: Samba, Openldap and ppolicy

What specific errors do you receive? Scott (via thumbs) On Aug 25, 2010, at 1:58 AM, smain...@free.fr wrote: > > > Hi, > > I already have an openldap server configured with a password policy. > Now, i need to implement a samba server in order to authenticate my alfresco > users. > > I would