I am using jldap to communicate with ldap, adn I get a exception when I am parsing a dsml file.
In more details, the following line of code
LDAPReader in = new DSMLReader(dsmlFile);
gives the following error
The following error occured handling a DSML file:LDAPLocalException: The following error occured while parsing DSML: org.xml.sax.SAXException: Invalid beginning tag :attr (84) Decoding Error
org.xml.sax.SAXException: Invalid beginning tag :attr
when dsmlFile is
<dsml:attr name="cn"><dsml:value>Peter Rabbit</dsml:value></dsml:attr>
Be a better friend, newshound, and
know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
I am new to openldap, I have just installed it on my linux machine (CentOS).
I would like to write an experimental code for ldap client that can
connect with Active directory. ( I know using authconfig on linux I
can do it)
I would like to know, Is one can write his/her own ldap client using
openldap. if yes any sample code or guidelines?
Thanks to read this mail, Looking forward for your reply.
Hi Claus and Roy,
Thanks for the reply.
In fact nothing to do with sendmail, I pasted the wrong lines from /var/adm/messages, sorry for that
LDAP Server: OpenLdap Linux
LDAP Clients: Linux, Solaris 10, Solaris 9 and Solaris 8
Following command works fine for Solaris 10 but it doesn't work for 8 and 9. Please help me I really need to sort out this.
ldapclient -v manual -a defaultServerList=10.10.10.10 -a defaultSearchBase=dc=test,dc=com -a authenticationMethod=tls:simple -a serviceAuthenticationMethod=pam_ldap:tls:simple -a credentialLevel=proxy -a serviceAuthenticationMethod=passwd-cmd:tls:simple -a proxyDN=cn=proxyagent,ou=Profile,dc=test,dc=com -a proxyPassword=test
When I ran ldaplist I get following in /var/adm/messages on Solaris 9
Mar 21 23:35:38 web04 ldaplist: [ID 293258 user.warning] libsldap: Status: 81 Mesg: openConnection: simple bind failed - Can't contact LDAP serverMar 21 23:35:38 web04 ldaplist: [ID 292100 user.warning] libsldap: could not remove 188.8.131.52 from servers listMar 21 23:35:38 web04 ldaplist: [ID 293258 user.warning] libsldap: Status: 7 Mesg: Session error no available conn.
While on server I get following in debugs
Mar 21 23:29:50 rhapp04-t1 slapd: connection_read(10): checking for input on id=0Mar 21 23:29:50 rhapp04-t1 slapd: connection_read(10): TLS accept error error=-1 id=0, closingMar 21 23:29:51 rhapp04-t1 slapd: connection_closing: readying conn=0 sd=10 for close
Really appreciate if someone shows me the right way to solve this issue.
From: farhhanahmed(a)hotmail.comTo: openldap-technical(a)openldap.orgSubject: RE: Solaris 10 Native LDAP Client TLSDate: Mon, 17 Mar 2008 13:01:56 +0000
Hi Guys, I have done it for Solaris 10 but now I am facing problem in Solaris 9. Please help me Still no luck with LDAP native client on Solaris 9. I am getting following messageMar 16 02:02:59 web04 sendmail: [ID 293258 mail.warning] libsldap: Status: 81 Mesg: openConnection: simple bind failed - Can't contact LDAP serverBut when I run /usr/lib/ldap/ldap_cachemgr -g, I get following which shows there is no problemcachemgr configuration:server debug level 0server log file "/var/ldap/cachemgr.log"number of calls to ldapcachemgr 19cachemgr cache data statistics:Configuration refresh information: Previous refresh time: 2008/03/17 23:55:23Next refresh time: 2008/03/18 00:55:23Server information: Previous refresh time: 2008/03/17 23:55:23Next refresh time: 2008/03/18 00:05:23server: 184.108.40.206, status: UPCache data information: Maximum cache entries: 256Number of cache entries: 0 ldapclient -vvv manual -a defaultServerList=10.10.10.10 -a defaultSearchBase=dc=test,dc=com -a authenticationMethod=tls:simple -a credentialLevel=proxy -a proxyDN=cn=proxyagent,ou=profile,dc=test,dc=com -a proxyPassword=test Note: Same command works for Solaris 10I really want to use LDAP native client rather than openldap client which is hassle to install gcc padle pam_ldap etc on 50 servers.Please help me guys.Thanks,Farhan
From: farhhanahmed(a)hotmail.comTo: openldap-technical(a)openldap.orgSubject: Solaris 10 Native LDAP Client TLSDate: Fri, 14 Mar 2008 11:55:59 +0000
Hello Guys, I am having some issues to configure LDAP Native client with TLS. Please help me to sort out this issueLDAP Server: Linux (OpenLdap), LDAP Client: Solaris 10 (Native Client)When I run following command to test, it works fine, ldapsearch -v -h test -p 636 -Z -P /var/ldap/cert8.db -b "dc=test,dc=com" -s base "objectclass=*"ldapsearch: started Fri Mar 14 18:11:57 2008ldap_init( test, 636 )filter pattern: objectclass=*returning: ALLfilter is: (objectclass=*)version: 1dn: dc=test,dc=comobjectClass: dcObjectobjectClass: organizationo: test.com web sitedc: test1 matchesBut When I run ldapclient command to initialize ldapclient, it doesn't work, please guide me where I am doing wrongldapclient -v manual -a defaultServerList=10.10.10.10-a defaultSearchBase=dc=test,dc=com -a authenticationMethod=tls:simple -a serviceAuthenticationMethod=pam_ldap:tls:simple -a serviceAuthenticationMethod=keyserv:tls:simple -a serviceAuthenticationMethod=passwd-cmd:tls:simple-a credentialLevel=proxy -a proxyDN=cn=Manager,ou=People,dc=test,dc=com -a proxyPassword=passwdAfter that when I run ldaplist command, I get following in /var/adm/messagesMar 14 18:15:16 subx05-t1 nfs4cbd: [ID 293258 daemon.warning] libsldap: Status: 91 Mesg: openConnection: failed to initializeTLS security (security library: bad database.)Please help me guys :) I know I am very near to get it workingThanks,Farhan
at CarPoint.com.au It's simple! Sell your car for just $30
at CarPoint.com.au It's simple! Sell your car for just $30
Fashion, beauty, health, relationship advice and horoscopes.
I have 3 NIS domains I wish to convert to ldap. I would like to keep 3
separate areas in ldap since the NIS domains have different accounts. I
created a base dn and loaded data under 3 higher levels, such as base is
dc=xyz,dc=com and dc=a,dc=xyz,dc=com dc=b,dc=xyz,dc=com
dc=c,dc=xyz,dc=com. Then if I want client one to be in domain a, I set
its base to dc=a,dc=xyz,dc=com. This works for host name lookups but
when another host tries to login to the box via telnet or rsh, the login
hangs after the password is entered, ssh works though. If I specify a
binddn on the client with dc=a,dc=xyz,dc=com, I can login via telnet and
rsh but name lookups fail on the host. Any idea what is causing this? Is
this the best way to have separate DBs for clients?
Interactive Brokers LLC
I've configured ldap translucent overlay with slapd-ldap as backend. Then I
changed userPassword of a user. When I try to auth to the translucent
server, the new password is not valid, and I have to introduce the password
that be in ldap server which is being proxied.
I would like new password would be the password used for auth.
Do you know how could I configure such approach ?
Thank you in advanced
I am doin a project where in i hav to use Ldap to provide a single login 4 various services used..
I hav successfully installed the openladp-2.4.7 server...by configuring the slapd.conf file...
i wanted more info of LDAP client utilities..n how to query the server...n also wat should b my next step to achieve the objective...
Thanks and Regards
Now you can chat without downloading messenger. Click here to know how.
Hello every body;
I'm going to install Postfix mail server with MySQL as mailbox container and LDAP for authentication purpose.
I want good documentation to do it.
Never miss a thing. Make Yahoo your homepage.
There is probably an easy answer to this, however, I am stuck trying to compile openldap:
getpeereid.c: In function 'lutil_getpeereid':
getpeereid.c:64: error: storage size of 'peercred' isn't known
make: *** [getpeereid.o] Error 1
make: Leaving directory `/var/tmp/openldap-2.4.8/libraries/liblutil'
make: *** [all-common] Error 1
make: Leaving directory `/var/tmp/openldap-2.4.8/libraries'
make: *** [all-common] Error 1
The struct type has its prototype in file sys/ucred.h but on linux (or at least all the variants I looked at), this is not a typical system file and google leads me to believe this is a BSD/BSD-variant system header.
I am building with gcc4.3 and a linux w/2.4.25 kernel.
Any clue what I am doing wrong here? Thanks!
But the entry exists in the openLDAP database and that's where it
should check for it (since i configured pam to do do that). This is
the whole point i am trying to get from centralized user
authentication after all !! The openLDAP sever should be contacted to
authenticate the users from different clients without the need for
these clients to use their /etc/passwd files !
On Fri, Mar 21, 2008 at 5:25 PM, Matt Parker <parkerman(a)gmail.com> wrote:
> > However, when
> > i use the command su to switch to user1 ( which i commented out from
> > /etc/passwd/) i get a message telling me that the user does not exist.
> /etc/passwd is the list of users in a *nix operating system.
> commenting out user1 makes that account no longer exist. you cannot
> 'su' to a user which doesn't exist.
I am setting up a centralized authentication server using openLDAP
without TLS/SSL. I added the /etc/passwd and /etc/shadow entries, an
looked them up using:
$ldapsearch -x -D "uid=user1,ou=People,dc=example,dc=com" -w user1
where user1 is the password of the user user1, and i got all the
entries. I also configured pam so that it uses pam_ldap. However, when
i use the command su to switch to user1 ( which i commented out from
/etc/passwd/) i get a message telling me that the user does not exist.
Running slapd in the debugging mode i notice an errno=34 "Numerical
result out of range". I googled it and found that this can be solved
by adding the directives sockbuf_max_incoming and
sockbuf_max_incoming_auth. I added the directives and tried with many
values like 1234567, 999999, 9999999 for each of the them, still, i
am getting the same error message. What else can i do to get rid of
this error ?!