On 10/25/07, Quanah Gibson-Mount <quanah(a)zimbra.com> wrote:
> --On Thursday, October 25, 2007 10:08 AM -0400 Naufal Sheikh
> <naufalzamir(a)gmail.com> wrote:
> > ok, so what are my options here. I am very new at ldap, and am doing this
> > migration by installing the software and copying the config files. Is
> > there any module or library which needs to be installed to get this
> > resolved, because this thing is working on the current production system.
> > If you can just point me to the right direction..
> You need to fix the data.
> Quanah Gibson-Mount
> Principal Software Engineer
> Zimbra, Inc
> Zimbra :: the leader in open source messaging and collaboration
Okay, I've isolated what appears to be part of the problem, and
something I overlooked in our upgrade from 2.2 to 2.3: We also split the
existing tree into multiple BDB backends. Several isolated branches of
the tree were quite large, and this was an attempt to split the database
in multiple, more-managable chunks. We were also looking at partial
replication of just one portion of the tree.
Now, as I muck about on a test server, I see that if I edit slapd.conf
so that only one backend is enabled, I have functional paged results.
If I enable a subordinate database, paged results fail with the
previously mentioned "old or invalid" error.
So, at least I have a fallback plan to get this working: merge it all
back into the single BDB database. I'd like to avoid that if I can,
Are there tricks to using the paged results control when searching
across multiple backends?
Is it possible (or already some openldap extension to) do
Example is: "The Ritz-Carlton" should be listed before "TAVRIDA ELECTRIC
AG" but actually the current sorted search result gives "TAVRIDA
ELECTRIC AG" first. Usually "The" should be removed in ordering.
Had to ask the list, it's difficult to google it because "a" and "the"
are forbidden keywords for google, and "article" is ambiguous which
leads to a lot of "article" that explains search in LDAP.
Huateng Tower, Unit 1788
Jia 302 3rd area of Jinsong, Chao Yang
Tel: +86 (10) 8773 0650 ext 603
Mobile: 135 9950 2413
First of all, sorry for my english.
I will try to be clear.
I have a LDAP server running perfectly. I have this in it:
Now, I would like to autheticate users who belong to "profesores" , from
On the other hand, I would like to autheticate users who belongs to
"alumnos", from IP=126.96.36.199.
And at last, the same, but with both groups, and from IP=333.333.333.333.
And in all the cases, the autheticated users could change their password.
I have looked the manual, but I only obtain that all the users( o nodoby)
bind from a specific IP, but I don't know with groups of users.
Does anybody can help me??
Thanks you very much!
MSN Amor: busca tu ½ naranja http://latam.msn.com/amor/
I've got a number of auditing/update/query programs that make use of the
paged results extension for large queries
Since upgrading the server to 2.3.38 from 2.2.26, all these programs
have broken; they can retrieve the first page of results, but any
attempt top fetch the next page results in a "paged results cookie is
invalid or old" error. The client programs and the server platform
(Redhat AS3) are both unaltered between server versions.
I can't find any references to changes with respect to paged results in
CHANGES, except for the deadlock in bdb problem being fixed.
Would anyone be able to provide some advice for debugging this, perhaps
being able to see the cookie being assigned by the server and what the
client is offering back?
I have the following configuration, in OpenLDAP 2.3.32 (i know i have to
upgrade to 2.3.38):
Master -> Pivot -> Slave on 3 different servers. SyncRepl replicates in
RefreshOnly mode, a sub-tree.
When i dump the TLS traffic during a replication of a add or delete
operation, i have around 6000 TCP packets between Master and Pivot, and
only 40 packets between Pivot and Slave. My sub-tree contains 5500
entries. So, i concluded that Pivot SyncRepl ask the entire sub-tree.
Is it a known problem ? Does it come from the configuration ?
Another topic about syncrepl : When the Pivot is stopped longer than the
interval setting, and restarted, i need to restart the Slave because it
doesn't retry connection on the Pivot ? And also, it doesn't use the
slapd logs the following error:
Oct 16 11:14:26 oldap-sol10 sym: [ID 187570 local4.debug]
do_syncrep1: rid 002 ldap_sasl_bind_s failed (-1)
Is it a known problem ?