12:46 p.m.
Dear gentleman,
i have installed and configured a fully environment containg debian,
openldap, cyrus-sasl and bdb. I am facing a curious problem in my
environment:
With a ldif file i had inserted a set of user (replacing nis with
openldap). When i perform a ldapsearch on the tree whe field
userPassword is not shown (or it was not added when importing with
ldapadd).
Did anybody already face such scenario? I am losing my hairs ....
Thanks a lot for your time and cooperation.
Best regards.
2:15 p.m.
John Nietzsche wrote:
Dear gentleman,
i have installed and configured a fully environment containg debian,
openldap, cyrus-sasl and bdb. I am facing a curious problem in my
environment:
With a ldif file i had inserted a set of user (replacing nis with
openldap). When i perform a ldapsearch on the tree whe field
userPassword is not shown (or it was not added when importing with
ldapadd).
Did anybody already face such scenario? I am losing my hairs ....
Chances are that a rather standard ACL blocks anyone from reading the
userPassword attribute. Try doing an ldapsearch while authenticated as
your admin user instead.
Also, the command "slapcat" (run as root or as the openldap user
account) will give you a complete dump of the database, with no access
lists filtering out certain information.
Please take the time to read the slapd.conf configuration file, pretty
much is documented there (including the ACLs).
--
Bjørn
7:02 p.m.
Thank you, you were to the point.
Best regards.
On Sat, Nov 1, 2008 at 7:15 PM, Bjørn Ruberg <bjorn(a)ruberg.no> wrote:
John Nietzsche wrote:
>
> Dear gentleman,
>
> i have installed and configured a fully environment containg debian,
> openldap, cyrus-sasl and bdb. I am facing a curious problem in my
> environment:
>
> With a ldif file i had inserted a set of user (replacing nis with
> openldap). When i perform a ldapsearch on the tree whe field
> userPassword is not shown (or it was not added when importing with
> ldapadd).
>
> Did anybody already face such scenario? I am losing my hairs ....
>
Chances are that a rather standard ACL blocks anyone from reading the
userPassword attribute. Try doing an ldapsearch while authenticated as your
admin user instead.
Also, the command "slapcat" (run as root or as the openldap user account)
will give you a complete dump of the database, with no access lists
filtering out certain information.
Please take the time to read the slapd.conf configuration file, pretty much
is documented there (including the ACLs).
--
Bjørn
4404
days inactive
4405
days old
openldap-software@openldap.org
2 comments
2 participants
participants (2)
-
Bjørn Ruberg -
John Nietzsche