.conf or in
the db?
On Mon, Jan 3, 2022, 2:52 PM Michael Ströder wrote:
> On 1/3/22 21:39, kevin martin wrote:
> > yes, I'm aware of the 2.5.9 comment.
>
> So why you're still trying with 2.5.7? It was not just a comment. It was
> good advice.
>
> > is that
yes, I'm aware of the 2.5.9 comment. is that why I can't use
pwdAccountLockedTime or is it simply to get me to the latest patched
version?
---
Regards,
Kevin Martin
On Mon, Jan 3, 2022 at 2:34 PM kevin martin wrote:
> so I did this:
>
> ldapsearch -x -LLL -b c
sure how to set it for a user.
---
Regards,
Kevin Martin
On Mon, Jan 3, 2022 at 2:21 PM kevin martin wrote:
> # /usr/local/libexec/slapd -VVV
> @(#) $OpenLDAP: slapd 2.5.7 (Aug 27 2021 21:09:45) $
> r...@newldap0.mgt.ch3.bmi
> :/root/openldap-OPENLDAP_REL_ENG_2_5_7/servers/slapd
>
ldif
monitor
mdb
passwd
relay
I'm not sure how exactly to browse the cn=subschema.
---
Regards,
Kevin Martin
On Mon, Jan 3, 2022 at 11:56 AM Michael Ströder
wrote:
> On 1/3/22 18:45, kevin martin wrote:
> > Hmm, module loaded. I'm not doing a mod
e
proper way to use this now?
On Mon, Jan 3, 2022, 10:41 AM Quanah Gibson-Mount wrote:
>
>
> --On Monday, January 3, 2022 9:39 AM -0600 kevin martin
>
> wrote:
>
> >
> > In 2.4 I was still pulling in the schema. In 2.5 ppolicy is compiled as
> > part of the c
2, 3:21 AM Ulrich Windl
wrote:
> >>> kevin martin schrieb am 01.01.2022 um 00:00 in
> Nachricht
> :
> > Pwdaccountlockedtime isn't an attribute that can be set in the database
> > since ppolicy is now compiled into openldap as opposed to it being a
> schema
> &
ec 31, 2021, 11:23 AM Michael Ströder wrote:
> On 12/27/21 12:04, Ulrich Windl wrote:
> >>>> kevin martin schrieb am 22.12.2021 um 22:42 in
> Nachricht
> > :
> >> it appears from looking at ppolicy.c that pwdAccountLockedTime is not
> >> supported
it appears from looking at ppolicy.c that pwdAccountLockedTime is not
supported in openlda. is there another way to lock a users account in
openldap outside of simply changing the users password?
---
Regards,
Kevin Martin
https://bugs.openldap.org/show_bug.cgi?id=9656
---
Regards,
Kevin Martin
On Mon, Aug 30, 2021 at 10:01 AM Quanah Gibson-Mount
wrote:
>
>
> --On Monday, August 30, 2021 10:41 AM -0500 kevin martin
>
> wrote:
>
> >
> >
> > issue handled. missing pwdC
issue handled. missing pwdCheckModuleArg in the password policy
(apparently not using ppm.conf anymore). once added to the schema the
password change works.
---
Regards,
Kevin Martin
On Fri, Aug 27, 2021 at 7:42 PM Quanah Gibson-Mount
wrote:
>
>
> --On Friday, August 27, 202
}, {ltk_key = 0x1205800, ltk_data =
0x7ff8c0111560, ltk_free = 0x4d5c80}, {ltk_key = 0x4bd260, ltk_data =
0x7ff8ce201010, ltk_free = 0x4bd370}, {ltk_key = 0x4bd1b0, ltk_data =
0x7ff8cf402010, ltk_free = 0x4bd230}, {ltk_key = 0x0, ltk_data = 0x0,
ltk_free = 0x0} }}
kctx =
i =
keyslot =
try and find those and get them installed if that
will help ultimately. what more of the dump might you want to look at,
understanding of course that there might be passwords embedded in the
output since this *is crashing on a password change.
---
Regards,
Kevin Martin
On Fri, Aug 27, 2021
rted slapd and reran the password change and boom,
down went Frazier!
---
Regards,
Kevin Martin
On Fri, Aug 27, 2021 at 11:30 AM Quanah Gibson-Mount
wrote:
>
>
> --On Friday, August 27, 2021 11:44 AM -0500 kevin martin
>
> wrote:
>
> >
> >
> > 41720 sen
EGV +++
still now coredump file. I'll try changing the kernel.core_pattern and see
if we get something somewhere.
---
Regards,
Kevin Martin
On Fri, Aug 27, 2021 at 10:37 AM kevin martin wrote:
> Well, I now know WHAT caused the coredump; a passwd change request. and I
> was stra
Well, I now know WHAT caused the coredump; a passwd change request. and I
was stracing the slapd process while it happened so I have that as well.
---
Regards,
Kevin Martin
On Fri, Aug 27, 2021 at 10:33 AM Maucci, Cyrille
wrote:
> Definitely core dumps are hooked to system-cored
Sorry, didn't finish:
kernel.core_pattern = |/usr/lib/systemd/systemd-coredump %P %u %g %s %t %c
%h %e
yet no coredump under systemd/coredump...
---
Regards,
Kevin Martin
On Fri, Aug 27, 2021 at 10:27 AM kevin martin wrote:
> on systems that are RHEL 8 or equivalent, isn
on systems that are RHEL 8 or equivalent, isn't systemd-coredump used if
kernel.core_pattern is set as such (thereby not needing abrt) or am I
mistaken? my ulimit -c says unlimited and my sysctl setting is:
---
Regards,
Kevin Martin
On Fri, Aug 27, 2021 at 10:20 AM Maucci, Cyrille
hmm, where might the core dump be?
---
Regards,
Kevin Martin
On Fri, Aug 27, 2021 at 10:03 AM Maucci, Cyrille
wrote:
> Grab the core dump and extract the stack traces ?
>
>
>
> *From:* kevin martin [mailto:ktm...@gmail.com]
> *Sent:* Friday, August 27, 2021 5:01 P
ignal'.
is this a known issue? Oracle Linux 8. what can I do to help determine
what occurred?
---
Regards,
Kevin Martin
ah, yes, I see. I made a bad assumption that, when doing a "make" in the
password module, that it would make everything there and under it,
including subdirectories. going into sha2 under password and doing a make
works fine. my bad.
---
Regards,
Kevin Martin
On Thu, Aug 26,
also, apologies as it's a radlib-devel, not radius-devel package.
---
Regards,
Kevin Martin
On Thu, Aug 26, 2021 at 11:38 AM kevin martin wrote:
> so I sb able to take the pw-sha2 module that I compiled for RHEL7 and
> simply move it over to RHEL8? Ugh, so ugly that we can
so I sb able to take the pw-sha2 module that I compiled for RHEL7 and
simply move it over to RHEL8? Ugh, so ugly that we can't remake the module
on RHEL8 (is it unsupported?) due to missing dependencies...
---
Regards,
Kevin Martin
On Thu, Aug 26, 2021 at 11:35 AM Quanah Gibson-Mount
pw-ssha? I had a pw-sha2 module loaded but not pw-ssha. and the password
module won't compile at this time because there's no radius-devel package
for RHEL 8 that I can find in any repos.
---
Regards,
Kevin Martin
On Thu, Aug 26, 2021 at 11:09 AM Quanah Gibson-Mount
wrote:
particular* password-hash line unsupported in the latest 2.5 (building
from source)?
---
Regards,
Kevin Martin
Ok, thanks for the clarification. That's what I needed to know.
---
Regards,
Kevin Martin
On Thu, Aug 19, 2021 at 12:45 PM Quanah Gibson-Mount
wrote:
>
>
> --On Thursday, August 19, 2021 1:35 PM -0500 kevin martin
> wrote:
>
> >
> >
> > i und
th of
work if I could get away with doing it bit by bit over time.
---
Regards,
Kevin Martin
On Thu, Aug 19, 2021 at 12:33 PM Quanah Gibson-Mount
wrote:
>
>
> --On Thursday, August 19, 2021 1:17 PM -0500 kevin martin
> wrote:
>
> >
> >
> > we HAD a passwo
the master
server, might not understand the new format?).
---
Regards,
Kevin Martin
On Thu, Aug 19, 2021 at 12:31 PM Quanah Gibson-Mount
wrote:
>
>
> --On Thursday, August 19, 2021 1:23 PM -0500 kevin martin
> wrote:
>
> >
> >
> > if I have multiple slapd
tries,
and reload it to make the password history stuff work correctly? version
of slapd is 2.4.45.
---
Regards,
Kevin Martin
if I have multiple slapd servers running 2.4 can I update my master server
to 2.5 with the new format and will the 2.4 mirrors be able to handle the
new format or is it an all or nothing upgrade of all servers at once?
---
Regards,
Kevin Martin
On Sat, Aug 7, 2021 at 2:31 PM Quanah Gibson
dd to this is to have the gecos field be checked against the
password being submitted during a change to verify that a users userid
and/or first or last names aren't part of the password. Is this possible
in openldap?
---
Regards,
Kevin Martin
30 matches
Mail list logo