I have been reading the docs, looking for a way to acheive referential
integrity as it is done in RDBMS.
For instance, if I want to constraint the value of atribute title to a
set of value, so that any modification to a value not in the list would
be denied. Let's say the set of legal values could be stored in the
directory, ad objects of a dedicated class;
How can it be done? slapo-refint is not about denying changes,
slapo-constraint can only enforce regex matching.. Is there anything
else I missed?
I used to do:
ldap add ..... -f file.ldif
where file.ldif has:
but this barfs in openldap 2.2 saying:
ldap_initialize( <DEFAULT> )
adding new entry "ou=domains,dc=calico-consulting.com,dc=com"
ldap_add: Server is unwilling to perform (53)
additional info: no global superior knowledge
What have I done wrong?
I have a problem using back-sql and entries with multiple object classes:
If I add the entry:
I get in the logs of slapd complains that attr uidNumber in objectClass person
is undefined. That's right, but the object has the additional class
posixAccount, which has the attribute.
When I look in the logs, I see that the table ldap_entry_objectclasses gets
inserted the auxiliary class posixAccount AFTER it tries to set the attribute
uidNumber. So ist clear that it doen't find the attribute.
The tables in the database are constructed similar to the objectclasses.
I have built OpenLDAP2.3.33 using Visual C++ 6.0. Now I would like to test
my build. How can i test OpenLDAP clients?
Any kind of suggestions are hugely appreciated as i desperately need my
build to be tested.
Thanks in advance!!!
I upgrade to Slackware 12 this weekend and now openldap won't start. A
google search didn't help me. I'm running 2.3.27.
I can restore from backup, just want to make sure that's necessary and
maybe I can learn something in the process.
Errors from the tail end of ldap.log:
bdb(dc=gmartin,dc=org): unable to allocate memory for mutex; resize
bdb_db_open: Database cannot be opened, err 12. Restore from backup!
bdb(dc=gmartin,dc=org): DB_ENV->lock_id_free interface requires an
environment configured for the locking subsystem
bdb(dc=gmartin,dc=org): txn_checkpoint interface requires an environment
configured for the transaction subsystem
bdb_db_close: txn_checkpoint failed: Invalid argument (22)
I am really fade up and need your kind guidance to solve the problem.
I have OpenLDAP based addressbook. Users are located under
basedn of personal adresbook
I need such an ACL so that only owner can read his addressbook.
The ACL for this is
by dn.regex="uid=([^,]+),ou=users,virtualDomain=$2,dc=suse,dc=ldap" read
by users none
but all the users can see others personal addresbook. Kindly suggest
where I have done
mistake. thanks for your kind support
I'm trying to avoid mistakes and configure a server and/or client to
force the use of start tls. So, if someone binds to the server and
accidentally forgets to configure start_tls on the client, the
connection is rejected.
The problem is that the rejection happens too late: the client password
was already sent to the server in clear test.
So far I have tested using acls (ssf=56) and the global "security"
setting with ssf, simple_bind and transport. In all cases, the
unencrypted access is rejected, but too late: the password was sent.
I guess what I need is a setting in /etc/openldap/ldap.conf similar to
the sasl minssf property, but for non-sasl binds. Is there such a thing?
Something that would behave as if -ZZ was always added to the openldap
I am in need of building the OpenLDAP client tools (ldapsearch, etc.,) in
WinTel platform. Could anybody help me in briefing the procedure to build
the files. That is the files need to be in the workspace and impact of
dependent libraries., etc.,
Any kind of help is hugely appreciated.
On 05/07/07, Quanah Gibson-Mount <quanah(a)zimbra.com> wrote:
> --On Wednesday, July 04, 2007 8:40 PM +0100 Gavin Henry
> <ghenry(a)suretecsystems.com> wrote:
> >> We're running openldap 2.3.35 with ITS#4924 and ITS#4925 patches with
> >> a bdb backend running 4.2.52 with all 6 recommended patches.
> > I hope you mean 5, as there are only 5 listed on the Oracle site.
> There are 6 recommended patches to BDB 4.2.52, 5 of which come from the
> Oracle site.
Ah. One from us?
> Quanah Gibson-Mount
> Principal Software Engineer
> Zimbra, Inc
> Zimbra :: the leader in open source messaging and collaboration