openldap-bugs November 2006

openldap-bugs@openldap.org

34 participants
148 discussions

RE: (ITS#3460) Adding LDAP statistics script to contrib directory
by daveh＠ci.com.au 02 Nov '06

02 Nov '06

On Thu, 2 Nov 2006, Quanah Gibson-Mount wrote: > Peter S, Dave, Peter M, Frank, and Todd, do you also grant such a > release for the work you've done with this script? :) Sure; fame at last :-) -- Dave Horsfall DTM VK2KFU daveh(a)ci.com.au Ph: +61 2 9552-5509 (d) -5500 (sw) Corinthian Eng'ng P/L, Ste 54 Jones Bay Whf, 26-32 Pirrama Rd, Pyrmont 2009, AU

1 0

Re: (ITS#3460) Adding LDAP statistics script to contrib directory
by peter.schober＠univie.ac.at 02 Nov '06

02 Nov '06

quanah et al., * Quanah Gibson-Mount <quanah(a)stanford.edu> [2006-11-02 20:42]: > Peter S, Dave, Peter M, Frank, and Todd, do you also grant such a > release for the work you've done with this script? :) go ahead. actually I though about rewriting it not just once before (it's rather spaghetti-ish, imho) but too many other things keep popping up. regards, -p.schober -- peter.schober(a)univie.ac.at - vienna university computer center Universitaetsstrasse 7, A-1010 Wien, Austria/Europe Tel. +43-1-4277-14155, Fax. +43-1-4277-9140

1 0

Re: (ITS#3460) Adding LDAP statistics script to contrib directory
by tlyons＠ivenue.com 02 Nov '06

02 Nov '06

On Thu, Nov 02, 2006 at 11:42:32AM -0800, Quanah Gibson-Mount wrote: >I'd like to see this script included as well. There were two concern >listed in the ITS: > >#1) Awaiting new version with proper copyright notice. >#2) Need information about incorporated patches to ensure all who have IPR >in this >script have made appropriate license grants. > >I know #1 has been addressed. > >As for #2, I grant such a release for the work I've done on the script. > >Peter S, Dave, Peter M, Frank, and Todd, do you also grant such a release >for the work you've done with this script? :) I do, though I don't think my work amounts to much more than one item in a foreach loop. But I do. -- Regards... Todd when you shoot yourself in the foot, just because you are so neurally broken that the signal takes years to register in your brain, it does not mean that your foot does not have a hole in it. --Randy Bush Linux kernel 2.6.17-5mdv 3 users, load average: 0.00, 0.04, 0.13

1 0

RE: (ITS#3460) Adding LDAP statistics script to contrib directory
by quanah＠stanford.edu 02 Nov '06

02 Nov '06

I'd like to see this script included as well. There were two concern listed in the ITS: #1) Awaiting new version with proper copyright notice. #2) Need information about incorporated patches to ensure all who have IPR in this script have made appropriate license grants. I know #1 has been addressed. As for #2, I grant such a release for the work I've done on the script. Peter S, Dave, Peter M, Frank, and Todd, do you also grant such a release for the work you've done with this script? :) --Quanah -- Quanah Gibson-Mount Principal Software Developer ITS/Shared Application Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

1 0

Re: (ITS#4728) accesslog dont write attributes removing
by hyc＠symas.com 02 Nov '06

02 Nov '06

ando(a)sys-net.it wrote: > Sounds odd; can you provide a log at level "packets" of the request with > php? I suspect it's doing something like > > dn: uid=user,ou=people,dc=example > changetype: modify > replace: autoreply > - > This was the problem, it was ignoring Replace when no values were provided. Fixed now in HEAD and RE23. > or > > dn: uid=user,ou=people,dc=example > changetype: modify > delete: autoreply > autoreply: TRUE > - > > which, although semantically equivalent to what you tried, could be handled differently by acesslog(and that would be a bug) -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc OpenLDAP Core Team http://www.openldap.org/project/

1 0

Re: (ITS#4728) accesslog dont write attributes removing
by ando＠sys-net.it 02 Nov '06

02 Nov '06

surnu(a)alkohol.ee wrote: > i made some test and found that if i use ldapmodify > ldapmodify -x -W -ZZ -H 'ldap://example' -D "cn=admin,dc=example" > > dn: uid=user,ou=people,dc=example > changetype: modify > add: autoreply > autoreply: TRUE > modifying entry "uid=user,ou=people,dc=example" > > dn: uid=user,ou=people,dc=example > changetype: modify > delete: autoreply > modifying entry "uid=user,ou=people,dc=example" > > and accesslog shows everything correct > > dn: reqStart=20061102130447.000000Z,cn=log,dc=example > objectClass: auditModify > structuralObjectClass: auditModify > reqStart: 20061102130447.000000Z > reqEnd: 20061102130447.000001Z > reqType: modify > reqSession: 153 > reqAuthzID: cn=admin,dc=example > reqDN: uid=user,ou=people,dc=example > reqResult: 0 > reqMod: autoReply:+ TRUE > reqMod: entryCSN:= 20061102130447Z#000000#00#000000 > reqMod: modifiersName:= cn=admin,dc=example > reqMod: modifyTimestamp:= 20061102130447Z > entryUUID: 7658ab48-febe-102a-9f6c-19ea2369af21 > creatorsName: cn=log,dc=example > createTimestamp: 20061102130447Z > entryCSN: 20061102130447Z#000000#00#000000 > modifiersName: cn=log,dc=example > modifyTimestamp: 20061102130447Z > > dn: reqStart=20061102130558.000000Z,cn=log,dc=example > objectClass: auditModify > structuralObjectClass: auditModify > reqStart: 20061102130558.000000Z > reqEnd: 20061102130558.000001Z > reqType: modify > reqSession: 153 > reqAuthzID: cn=admin,dc=example > reqDN: uid=user,ou=people,dc=example > reqResult: 0 > reqMod: autoReply:- > reqMod: entryCSN:= 20061102130558Z#000000#00#000000 > reqMod: modifiersName:= cn=admin,dc=example > reqMod: modifyTimestamp:= 20061102130558Z > entryUUID: a041e758-febe-102a-9f6d-19ea2369af21 > creatorsName: cn=log,dc=example > createTimestamp: 20061102130558Z > entryCSN: 20061102130558Z#000000#00#000000 > modifiersName: cn=log,dc=example > modifyTimestamp: 20061102130558Z > > but if i do same thing with phpldapadmin or any other php application i > get acceslog > > dn: reqStart=20061102131503.000002Z,cn=log,dc=example > objectClass: auditModify > structuralObjectClass: auditModify > reqStart: 20061102131503.000002Z > reqEnd: 20061102131503.000003Z > reqType: modify > reqSession: 180 > reqAuthzID: uid=user,ou=people,dc=example > reqDN: uid=user,ou=people,dc=example > reqResult: 0 > reqMod: autoReply:+ TRUE > reqMod: entryCSN:= 20061102131503Z#000000#00#000000 > reqMod: modifiersName:= uid=user,ou=people,dc=example > reqMod: modifyTimestamp:= 20061102131503Z > entryUUID: e55e6432-febf-102a-9f70-19ea2369af21 > creatorsName: cn=log,dc=example > createTimestamp: 20061102131503Z > entryCSN: 20061102131503Z#000000#00#000000 > modifiersName: cn=log,dc=example > modifyTimestamp: 20061102131503Z > > dn: reqStart=20061102131511.000002Z,cn=log,dc=example > objectClass: auditModify > structuralObjectClass: auditModify > reqStart: 20061102131511.000002Z > reqEnd: 20061102131511.000003Z > reqType: modify > reqSession: 182 > reqAuthzID: uid=user,ou=people,dc=example > reqDN: uid=user,ou=people,dc=example > reqResult: 0 > reqMod: entryCSN:= 20061102131511Z#000000#00#000000 > reqMod: modifiersName:= uid=user,ou=people,dc=example > reqMod: modifyTimestamp:= 20061102131511Z > entryUUID: ea4cd596-febf-102a-9f71-19ea2369af21 > creatorsName: cn=log,dc=example > createTimestamp: 20061102131511Z > entryCSN: 20061102131511Z#000000#00#000000 > modifiersName: cn=log,dc=example > modifyTimestamp: 20061102131511Z > > and if using ldap admin (http://ldapadmin.sourceforge.net/) then > accesslog is also correct. > Sounds odd; can you provide a log at level "packets" of the request with php? I suspect it's doing something like dn: uid=user,ou=people,dc=example changetype: modify replace: autoreply - or dn: uid=user,ou=people,dc=example changetype: modify delete: autoreply autoreply: TRUE - which, although semantically equivalent to what you tried, could be handled differently by acesslog(and that would be a bug) p. Ing. Pierangelo Masarati OpenLDAP Core Team SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: pierangelo.masarati(a)sys-net.it ------------------------------------------

1 0

Re: (ITS#4728) accesslog dont write attributes removing
by surnu＠alkohol.ee 02 Nov '06

02 Nov '06

i made some test and found that if i use ldapmodify ldapmodify -x -W -ZZ -H 'ldap://example' -D "cn=admin,dc=example" dn: uid=user,ou=people,dc=example changetype: modify add: autoreply autoreply: TRUE modifying entry "uid=user,ou=people,dc=example" dn: uid=user,ou=people,dc=example changetype: modify delete: autoreply modifying entry "uid=user,ou=people,dc=example" and accesslog shows everything correct dn: reqStart=20061102130447.000000Z,cn=log,dc=example objectClass: auditModify structuralObjectClass: auditModify reqStart: 20061102130447.000000Z reqEnd: 20061102130447.000001Z reqType: modify reqSession: 153 reqAuthzID: cn=admin,dc=example reqDN: uid=user,ou=people,dc=example reqResult: 0 reqMod: autoReply:+ TRUE reqMod: entryCSN:= 20061102130447Z#000000#00#000000 reqMod: modifiersName:= cn=admin,dc=example reqMod: modifyTimestamp:= 20061102130447Z entryUUID: 7658ab48-febe-102a-9f6c-19ea2369af21 creatorsName: cn=log,dc=example createTimestamp: 20061102130447Z entryCSN: 20061102130447Z#000000#00#000000 modifiersName: cn=log,dc=example modifyTimestamp: 20061102130447Z dn: reqStart=20061102130558.000000Z,cn=log,dc=example objectClass: auditModify structuralObjectClass: auditModify reqStart: 20061102130558.000000Z reqEnd: 20061102130558.000001Z reqType: modify reqSession: 153 reqAuthzID: cn=admin,dc=example reqDN: uid=user,ou=people,dc=example reqResult: 0 reqMod: autoReply:- reqMod: entryCSN:= 20061102130558Z#000000#00#000000 reqMod: modifiersName:= cn=admin,dc=example reqMod: modifyTimestamp:= 20061102130558Z entryUUID: a041e758-febe-102a-9f6d-19ea2369af21 creatorsName: cn=log,dc=example createTimestamp: 20061102130558Z entryCSN: 20061102130558Z#000000#00#000000 modifiersName: cn=log,dc=example modifyTimestamp: 20061102130558Z but if i do same thing with phpldapadmin or any other php application i get acceslog dn: reqStart=20061102131503.000002Z,cn=log,dc=example objectClass: auditModify structuralObjectClass: auditModify reqStart: 20061102131503.000002Z reqEnd: 20061102131503.000003Z reqType: modify reqSession: 180 reqAuthzID: uid=user,ou=people,dc=example reqDN: uid=user,ou=people,dc=example reqResult: 0 reqMod: autoReply:+ TRUE reqMod: entryCSN:= 20061102131503Z#000000#00#000000 reqMod: modifiersName:= uid=user,ou=people,dc=example reqMod: modifyTimestamp:= 20061102131503Z entryUUID: e55e6432-febf-102a-9f70-19ea2369af21 creatorsName: cn=log,dc=example createTimestamp: 20061102131503Z entryCSN: 20061102131503Z#000000#00#000000 modifiersName: cn=log,dc=example modifyTimestamp: 20061102131503Z dn: reqStart=20061102131511.000002Z,cn=log,dc=example objectClass: auditModify structuralObjectClass: auditModify reqStart: 20061102131511.000002Z reqEnd: 20061102131511.000003Z reqType: modify reqSession: 182 reqAuthzID: uid=user,ou=people,dc=example reqDN: uid=user,ou=people,dc=example reqResult: 0 reqMod: entryCSN:= 20061102131511Z#000000#00#000000 reqMod: modifiersName:= uid=user,ou=people,dc=example reqMod: modifyTimestamp:= 20061102131511Z entryUUID: ea4cd596-febf-102a-9f71-19ea2369af21 creatorsName: cn=log,dc=example createTimestamp: 20061102131511Z entryCSN: 20061102131511Z#000000#00#000000 modifiersName: cn=log,dc=example modifyTimestamp: 20061102131511Z and if using ldap admin (http://ldapadmin.sourceforge.net/) then accesslog is also correct.

1 0

Re: (ITS#4728) accesslog dont write attributes removing
by surnu＠alkohol.ee 01 Nov '06

01 Nov '06

> It works fine here. Does test043 in the test suite succeed or fail for you? It succeed, i send my configuration. slapd.conf: # Schema and objectClass definitions include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/samba-tng.schema include /etc/openldap/schema/myown.schema # Where the pid file is put. The init.d script # will not stop the server if you change this. pidfile /var/run/openldap/slapd.pid # List of arguments that were passed to the server argsfile /var/run/openldap/slapd.args # Read slapd.conf(5) for possible values loglevel 256 # Allow LDAPv2 for legacy clients allow bind_v2 security update_ssf=128 # Allow nof entries with single search sizelimit -1 timelimit 30 #threads threads 256 # TLS TLSCertificateFile /etc/openldap/ssl/example.crt TLSCertificateKeyFile /etc/openldap/ssl/example.key TLSCACertificateFile /etc/openldap/ssl/ca.crt # REFERRAL referral ldap://example.org # ACL include /etc/openldap/example.acl # Database conf include /etc/openldap/slapd.bdb.log.example include /etc/openldap/slapd.bdb.example slapd.bdb.log.example: database bdb suffix "cn=example_log,dc=logs" directory /var/lib/openldap-data/example/example_log rootdn "cn=example_log,dc=logs" rootpw "secret" cachesize 5000 idlcachesize 1000 checkpoint 128 30 lastmod on overlay syncprov syncprov-nopresent TRUE syncprov-reloadhint TRUE # Indexid include /etc/openldap/slapd.log.index slapd.bdb.example: database bdb suffix "dc=example" rootdn "cn=admin,dc=example" rootpw "secret" directory "/var/lib/openldap-data/example/" cachesize 100000 idlcachesize 100000 schemacheck on checkpoint 8 15 lastmod on include /etc/openldap/slapd.index overlay accesslog logdb cn=pop_log,dc=logs logops writes logpurge 7+00:00 1+00:00 limits dn.exact="uid=sync,ou=sync,dc=example" time.soft=unlimited time.hard=unlimited size.soft=unlimited size.hard=unlimited overlay syncprov syncprov-checkpoint 1000 60 syncprov-sessionlog 1000 modulepath /usr/lib/openldap/openldap/ moduleload back_monitor database monitor rootdn "cn=monitor"

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs November 2006