openldap-software October 2007

openldap-software@openldap.org

84 participants
107 discussions

setting up admin password on openldap
by Naufal Sheikh 28 Oct '07

28 Oct '07

Hi, Can any one please give me a pointer on how to setup an admin password on ldap. my sladp.config file does not hold any password and the line is hashed. It gives an error about something needing to be in suffix. I am not sure what it is, but it is working fine on the production system from which I am trying to migrate. I have successfully installed openldap on my linux system and it never asked me for any password in the installation. Also I have imported the ldiff from the production system. It has an entry of admin but has no password, while on production system somehow the password is set. Any pointers will be appreciated Thanks Naufal

2 1

[Unofficial] OpenLDAP Weekly News Issue 1
by Gavin Henry 28 Oct '07

28 Oct '07

Dear All, The first issue is out: http://blog.suretecsystems.com I'll be doing this every sunday covering the latest user issues/solutions (not in the first issue) and general goings on in our community. Thanks, Gavin. /me goes back to our own project docs ;-) -- Kind Regards, Gavin Henry. OpenLDAP Engineering Team. E ghenry(a)OpenLDAP.org Community developed LDAP software. http://www.openldap.org/project/

1 0

Re: extended characterset/binary/base64 support
by Dieter Kluenter 27 Oct '07

27 Oct '07

"Naufal Sheikh" <naufalzamir(a)gmail.com> writes: > Nah, > > when i import my ldif, it cannot parse all the entryies which have > extended chatacter set in their clientOrg attribute Do you get any error messages? Could you give an example? -Dieter > On 10/19/07, Dieter Kluenter <dieter(a)dkluenter.de> wrote: >> "Naufal Sheikh" <naufalzamir(a)gmail.com> writes: >> >> > Hello, >> > >> > I used slapcat command to create an ldiff file. Now ehen I am using >> > slapadd to import that ldiff file into my new server. it cannot parse >> > entries wchih have an attribute (clientOrg) value in extended >> > characterset/base64/binary... I am not sure what it is called. In >> > ldiff file those attribute and attribute values are seperated by >> > double colons, which I think is also pointing to the fact that the >> > value is a extended character set. >> >> This is base64 which you can easily read with a tool like mmencode. >> > >> > The original ldap server is running fine. Do i need to compile my new >> > ldap server with some additional support module, or is their any >> > option with slapaddd which I can use to convert the enrties in ldiff >> > or some thing..... If some can pleae point me to the right >> > direction. I have been reading many emails and articles, but I am >> > still not sure what to do. >> >> Just import the ldif file with slapadd, base64 coded attribute values >> are properly recognized. -- Dieter Klünter | Systemberatung http://www.dkluenter.de GPG Key ID:8EF7B6C6

3 6

Access Control by group
by Jason Dearborn 27 Oct '07

27 Oct '07

I'd like to grant members of an Administrator group full access to everything in LDAP. According to the ldap FAQ, the default objectclass is "groupOfNames" and the default attribute checked is "member". To match my config I'd need to change the values to "posixGroup" and "memberUid" respectively. It looks like you can do that with the following syntax: <who> ::= group[/<objectclass>[/<attrname>][.<style>]]=<pattern>] I can't find any examples on the web and I've been unsuccessful experimenting with various syntatical permutations. slapd won't start with any of the following: access to * by group/posixGroup="Admins,ou=Group,dc=example,dc=com" write access to * by group/posixGroup/memberUid="Admins,ou=Group,dc=example,dc=com" write I'm running OpenLDAP 2.2.13-2 Has anyone been able to make this work? TIA, Jason

4 4

Regarding slapd.conf
by Anjali Arora 26 Oct '07

26 Oct '07

Hi, I am not able to understand how to create hierarchy in openldap... We can mention multiple suffix but what is the use and how it will relate to the rootdn b'coz we can mention suffix in slapd.conf which is under rootdn...then how mutilple suffix contain different values.. Please help me out With Regards, Anjali

2 1

case sensitive dn
by jorge sanchez 26 Oct '07

26 Oct '07

Hi all, just a short question: Is that possible to have case sensitive DN's for example dn: ou=something,o=something and dn: ou=SOMETHING,o=SOMETHING I am getting error when trying to add dn "ou=SOMETHING,o=SOMETHING" to LDAP when there is already an dn "ou=something,o=something" present. Thanks, Jorge

3 2

Re: Paged results and multiple bdb backends.
by Brandon Hume 26 Oct '07

26 Oct '07

Okay, before I file a bug report, I just want to make sure that what I'm seeing is not the way it's meant to be. When running: $ ldapsearch -x -b dc=bofh,dc=ca -h ldap-test -E pr=2 '(objectclass=*)' dn I see: [....] # search result search: 2 result: 0 Success control: 1.2.840.113556.1.4.319 false MAkCAQAEBAIAAAA= control: 1.2.840.113556.1.4.319 false MAUCAQAEAA== control: 1.2.840.113556.1.4.319 false MAkCAQAEBP////8= Press [size] Enter for the next {2|size} entries. ... in other words, one control: reponse for each backend in the tree. And assuming that the last field is the Base64-encoded value of the cursor/lastid, some of those values look to be garbage (0xffffffff and so on). If the client software is taking the wrong value and repeating it back when asking for the next page, that would explain why I'm being told the page value is invalid. Can anyone else confirm this behaviour with 2.3.38?

2 1

Re: Most stable loglevel
by matthew sporleder 26 Oct '07

26 Oct '07

> On 10/25/07, matthew sporleder <msporleder(a)gmail.com> wrote: > > On 10/25/07, Sumith Narayanan <sumith.narayanan(a)gmail.com> wrote: > > > Hi All, > > > > > > I am running $OpenLDAP: slapd 2.3.27 and Berkeley DB (Version: > > > 4.4.20) on MacOSX 10.4. > > > > > > The process crashes with memory leak often. The maximum it can go with > > > 32 bit processor is 2 GB of memory and then it crashes. However , I > > > have found that the it starts leaking more and crashing often (1-2 hr > > > ) when the loglevel is 256 or 512. When it is at 32 it crashes once in > > > 2 days or so. > > > > > > Did anyone experience this before ? If so , what should be the > > > loglevel when my intention is to make the process more stable. > > > > > > Please note that the server which crashes is getting updated 5-6 % of > > > total transaction. > > > > > > Any help , suggestions will be appreciated. > > > > > > > I have found that many people misinterpret an oversized cache with a > > memory leak. Tune down your system so it doesn't use so much memory. > > > On 10/26/07, Sumith Narayanan <sumith.narayanan(a)gmail.com> wrote: > Hi Mattew, > > We have 3 DBs and alltogether we are using less than 250 MB memory. > > When the process starts , it stabilzes with 250 MB and then it starts > increasing. > > After putting the log level to 32 , it is slowly increasing , over a > period of 2 days or so to 2 GB and then it crashes. > > If I increase the log level it goes to 2 GB in 1 hour or so. It sounds like your syslog config is somehow messed up, or osx's syslog is not very good and you should try installing something like syslog-ng.

1 0

Regarding Multimaster slapd communication
by Anjali Arora 26 Oct '07

26 Oct '07

Hi, How multimaster communication is done in openLDAP.... How to specify master in the slapd.conf file replica attribute is for replication but how to specify another master in slpad.conf file Waiting for Reply Thanks and Regards, Anjali

1 0

Most stable loglevel
by Sumith Narayanan 25 Oct '07

25 Oct '07

Hi All, I am running $OpenLDAP: slapd 2.3.27 and Berkeley DB (Version: 4.4.20) on MacOSX 10.4. The process crashes with memory leak often. The maximum it can go with 32 bit processor is 2 GB of memory and then it crashes. However , I have found that the it starts leaking more and crashing often (1-2 hr ) when the loglevel is 256 or 512. When it is at 32 it crashes once in 2 days or so. Did anyone experience this before ? If so , what should be the loglevel when my intention is to make the process more stable. Please note that the server which crashes is getting updated 5-6 % of total transaction. Any help , suggestions will be appreciated. Thanks, Sumith.

2 1

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-software October 2007