that's my first post here. I realize that this is not exactly the kind
of message that I should post here but I'm really going mad trying to
find an accounting software which uses natively ldap as a backend. I'm
not looking for something that can synchronize, import or export into ldap.
Are you aware of some good software? It doesn't matter if it's for free
or not. It would be cool if it's open.
Are there any good documentation sites or books out there for adding LDAP support to a program? The ldap(3) man page is pretty sparse. I've been told that basically studying the OpenLDAP source itself is the best way to figure it out, but I'm hoping there's something better.
I have only very rudimentary knowledge of LDAP in general. Almost all of my exposure to OpenLDAP was through a helper library that did a lot of work for me, but that was at a previous job. This is for an open source project.
The application to be updated already has support to get key-value pairs from SQL/ODBC and Sleepycat DB sources, and I have a request to include support for LDAP. Essentially in the application I am given an email recipient and I need to get from the database a piece of detail I need to append to that outgoing mail. There's no standard schema for this (yet; it's been suggested we create one through the IETF), so I will need to allow administrators to specify which attributes to request.
Any helpful pointers would be appreciated.
I was asked to expand some C++ software to do ldap queries with TLS on a server with SSL certificate.
We want the server to authenticate by its certificate so our software is protected from fake servers.
Before I dig too deep into the API, I would like to know:
- Is it possible with LDAP API to extract the servers certificate data to verify its integrity?
- or should I program it directly with openSSL API?
Thank you for sharing your wisdom,
I'm using openldap 2.4.17 on debian, command line for testing purposes is
root@host:~# slapd -d16384 -f slapd-1.conf -u openldap -g openldap \
@(#) $OpenLDAP: slapd 2.4.17 (Nov 10 2009 18:29:26) $
root@host:~# lsof -U |grep slapd
slapd 2971 openldap 3u unix 0xf65cab80 0t0 967834 socket
slapd 2971 openldap 7u unix 0xf65ca380 0t0 967836 /var/run/slapd/ldapi
Filesystem directory permissions are fine, well, no matter about x-mod,
the problem is I cannot force different file name (location) for socket
file, default location seems to be build-dependent, shall I guess it's
debian related issue? I expect the socket file to be created where I
specify within "ldapi" URI. I tried a few variants of this uri, assuming I
misunderstood the triple slash construction, anyway I still have socket
file created in the same place. Isn't it supposed to create socket file
where specified? What I want, actually, is to start two or more
independent slapd servers (completely searated databases), listening on
IPC only, on two different IPC sockets on the same machine.
http://dtpw.pl/buell [ 25th anniversary of Buell - American Motorcycles ]
Linux aleft 22.214.171.124-0.1_lustre.126.96.36.199-default #1 SMP
I'm currently working on migrating a directory that is currently running on
OpenLDAP 1.x to OpenLDAP 2.x. Is there any online documents which detail how
to convert the old schemas (which are on ldif format) to the format used by
2.x? I tried to google for that but I could not find much info on the
subject. Currently the settings, acls and schemas are all present on ldif
format. Any help would be greatly appreciated.
Thanks a lot,
I am working (with RH via Dell support) to solve an issue (that I believe to be a pam_ldap issue). The problem is that the password policy control messaging does not occur when I set 'pam_password md5', thus the Linux client never knows that the password expires.
They have informed me that the password policy overlay in LDAP requires clear-text passwords, and will not handle the password policy stuff if the password is hashed. This makes no sense to me, since ppolicy is only handling expiry times, etc. and pam is handling the rest (length, strength, etc., prior to hash).
Does the ppolicy overlay require clear-text?
Hotmail: Trusted email with powerful SPAM protection.
It require BDB 4.4 and i have 4.3.29 on my system. So what next i should do,
should i upgrade existing BDB 4.3 to 4.4 or i should install BDB4.4 in
On Wed, Dec 9, 2009 at 8:34 PM, Gattegno, Victor (EMEA BSS CC) <
> You may know which bdb version is required by current openldap package by
> reading the 2.4.20 Release README:
> BDB and HDB backends require Oracle Berkeley DB 4.4, 4.5,
> 4.6, 4.7, or 4.8. It is highly recommended to apply the
> patches from Oracle for a given release.
> -----Original Message-----
> On Monday, 7 December 2009 11:26:18 vishesh kumar wrote:
> > Dear friends
> > Today i tried to install openldap2.4.20 on RHEL 5.2. After firing
> > ./configure script, i got following error
> > *Configure:error: Berkeley DB version incomptible with BDB/HDB
> > backend.
> > *But after investigation i found that db4 with version 4.3.29 is
> > on my system. So what i should do now,
> > Should i replace my Berkeley DB package? I want to be sure that other
> > running programs not get any issue after bdb upgradation.
> > How one know which bdb version is required by current openldap package
> > thanks
Although I've figured out the basics of synchronization between
providers and consumers, I'm not yet clear about one aspect from the
In particular, if you've set up an LDAP consumer server with a
synchronized, read-only copy of the DIT to service a particular group
of clients, and you've configured those clients* to use that consumer
server for all of their directory queries, how do those clients know
where to find the correct provider in case it becomes necessary for
them to write to the DIT (e.g. to change a password)?
*) With the URI option in /etc/ldap/ldap.conf
I had a problem with my system and decided to backup my /var/ /etc, etc. files and reinstall everything (Mandriva 2009).
But now, my openldap installation complains about my openldap database being corrupted or something (here is the log):
Dec 21 21:23:09 p4server slapd: @(#) $OpenLDAP: slapd 2.4.11 (Sep 15 2008 10:30:35) $ email@example.com:/home/mandrake/rpm/BUILD/openldap-2.4.11/servers/slapd
Dec 21 21:23:09 p4server slapd: daemon_init: listen on ldap://ldap.louismc.org/
Dec 21 21:23:09 p4server slapd: daemon_init: listen on ldaps://ldap.louismc.org/
Dec 21 21:23:09 p4server slapd: daemon_init: 2 listeners to open...
Dec 21 21:23:09 p4server slapd: daemon: listener initialized ldap://ldap.louismc.org/
Dec 21 21:23:09 p4server slapd: daemon: listener initialized ldaps://ldap.louismc.org/
Dec 21 21:23:09 p4server slapd: daemon_init: 2 listeners opened
Dec 21 21:23:09 p4server slapd: slapd init: initiated server.
Dec 21 21:23:09 p4server slapd: slap_sasl_init: initialized!
Dec 21 21:23:09 p4server slapd: bdb_back_initialize: initialize BDB backend
Dec 21 21:23:09 p4server slapd: bdb_back_initialize: Berkeley DB 4.6.21: (February 11, 2009)
Dec 21 21:23:09 p4server slapd: hdb_back_initialize: initialize HDB backend
Dec 21 21:23:09 p4server slapd: hdb_back_initialize: Berkeley DB 4.6.21: (February 11, 2009)
Dec 21 21:23:09 p4server slapd: backend_startup_one: starting "cn=config"
Dec 21 21:23:09 p4server slapd: => ldif_enum_tree: failed to open /etc/openldap/slapd.d/cn=config.ldif: No such file or directory
Dec 21 21:23:09 p4server slapd: send_ldap_result: conn=-1 op=0 p=0
Dec 21 21:23:09 p4server slapd: bdb(dc=louismc,dc=org): file id2entry.bdb has LSN 2/4451165, past end of log at 1/140
Dec 21 21:23:09 p4server slapd: bdb(dc=louismc,dc=org): Commonly caused by moving a database from one database environment
Dec 21 21:23:09 p4server slapd: bdb(dc=louismc,dc=org): to another without clearing the database LSNs, or by removing all of
Dec 21 21:23:09 p4server slapd: bdb(dc=louismc,dc=org): the log files from a database environment
Dec 21 21:23:09 p4server slapd: bdb(dc=louismc,dc=org): /var/lib/ldap/id2entry.bdb: unexpected file type or format
Dec 21 21:23:09 p4server slapd: bdb_db_open: database "dc=louismc,dc=org": db_open(/var/lib/ldap/id2entry.bdb) failed: Invalid argument (22).
Dec 21 21:23:09 p4server slapd: backend_startup_one: bi_db_open failed! (22)
Dec 21 21:23:09 p4server slapd: bdb_db_close: database "dc=louismc,dc=org": alock_close failed
Dec 21 21:23:09 p4server slapd: slapd stopped.
Is there anything I can do to restore it like it was???
Also, but far less important, I have another error but less important since it never prevent me from using openldap before...
What can I do about it??? Why does it complain? I never confiruged slapd.conf to use cn=config there... it should look in ldap itself for the config entry.... ?!?!? I'm puzzled and never had chance with google solving this one.
Tirez parti d’une offre Windows 7 exceptionnelle et voyez comment il vous simplifie la vie.
> I see your problem, it's when you restart the server using the
> in-directory configuration. I couldn't investigate things further right
> now; please file an ITS <http://www.openldap.org/its/>
I've fixed the problem. I need you to file an ITS to track the issue.