I'm using openldap-stable-20100219.tgz build.  When I look at cn=Monitor with browsing tools (like Softerra LDAP browser) I do see entries for monitorOpInitiated and monitorOpCompleted in DN cn=Operations,cn=Monitor.

 

When I look at cn=SubSchema, I do not see any definitions of these two attributes.

 

Using (unfortunately) Microsoft's VBScript, ADODB, and ADsDSOOBJECT to access to access cn=Monitor, I can access everything that is defined in the subschema (entryDN, modifyTimestamp, etc); however, I cannot access MonitorOpInitiated and such.  Looking at the logs, It looks like the query never gets to the ldap server because MS checks it against the cn=subschema.

 

I saw ITS#4947 and ITS#5576 which sounds like what my problem is (attributes not published).  Is there a fix for this and what would that fix be?

 

My OS for the ldap server is Redhat Enterprise 5.4.

 

At the end of this email is my redacted slapd.conf file.

 

---Thanks

 

Mike Cannady

Information Services

Horry Telephone Cooperative (HTC)

Phone: (843)369-8212

Email: Mike.Cannady@htcinc.net

 

 

[root@vmLDAPdev2 openldap]# cat slapd.conf

#

# See slapd.conf(5) for details on configuration options.

# This file should NOT be world readable.

#

include         /usr/local/etc/openldap/schema/core.schema

include         /usr/local/etc/openldap/schema/cosine.schema

include         /usr/local/etc/openldap/schema/inetorgperson.schema

include         /usr/local/etc/openldap/schema/nis.schema

 

include         /usr/local/etc/openldap/HTC/iaaa-radius.schema

include         /usr/local/etc/openldap/HTC/radius.schema

 

include         /usr/local/etc/openldap/HTC/users.schema

 

# Allow LDAPv2 client connections.  This is NOT the default.

allow bind_v2

loglevel  0x100

#loglevel any

sizelimit unlimited

# Do not enable referrals until AFTER you have a working directory

# service AND an understanding of referrals.

#referral       ldap://root.openldap.org

ServerID 002

pidfile         /usr/local/var/run/slapd.pid

argsfile        /usr/local/var/run/slapd.args

 

access to *

        by dn.one="ou=replicants,ou=admin,dc=htc,dc=com" read

        by * break

 

access to dn.subtree="dc=htc,dc=com"

        by dn.one="ou=admin,dc=htc,dc=com" manage

        by self write

        by anonymous auth

 

access to *

        by self write

        by users read

        by anonymous auth

 

 

#######################################################################

# database definitions

#######################################################################

 

database        bdb

suffix          "dc=htc,dc=com"

rootdn          "cn=Manager,dc=htc,dc=com"

# Cleartext passwords, especially for the rootdn, should

# be avoided.  See slappasswd(8) and slapd.conf(5) for details.

# Use of strong authentication encouraged.

# rootpw                secret

# rootpw                {crypt}ijFYNcSNctBYg

rootpw                  {xxxxxxx}xxxxxxxxxxxxxxxxxxxxxxxxxx

 

 

# The database directory MUST exist prior to running slapd AND

# should only be accessible by the slapd and slap tools.

# Mode 700 recommended.

directory       /usr/local/var/openldap-data

cachesize 50000

dncachesize 50000

idlcachesize 150000

checkpoint 1024 5

 

# Indices to maintain for this database

index objectClass                       eq,pres

index ou,cn,mail,surname,givenname      eq,pres,sub

index uidNumber,gidNumber,loginShell    eq,pres

index uid,memberUid                     eq,pres,sub

index nisMapName,nisMapEntry            eq,pres,sub

index entryCSN                          eq

index entryUUID                         eq

 

 

# Replicas of this database

syncrepl rid=001

        provider=ldap://vmldapdev1.htc.external:389

        type=refreshAndPersist

        retry="5 5 300 +"

        searchbase="dc=htc,dc=com"

        attrs="*,+"

        bindmethod=simple

        binddn="uid=vmldapdev2,ou=replicants,ou=admin,dc=htc,dc=com"

        credentials=atest2

 

mirrormode TRUE

 

overlay syncprov

syncprov-checkpoint 1000 1

 

database monitor

 

[root@vmLDAPdev2 openldap]

 

 

**********************************************************************

HTC Disclaimer: The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you.

**********************************************************************