Re: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
by Mingyur Koblensky
Hi,
>
> Please, update to the latest OpenLDAP 2.4.21 release. The one you're
> playing with is 6 years old.
>
yes, it is very old but from the repository of redhat enterprise 4. I have
installed the same package on another RH 4 and not problems...
>
> You can try to start % slapd; from command line and see what the problem
> is/might be.
>
> As a root or whoever is supposed to run OpenLDAP:
> # slapd -h 'ldap://127.0.0.1' -d 256;
[root@myserver openldap]# /usr/sbin/slapd -d 4095 -u ldap -h ldap:///
@(#) $OpenLDAP: slapd 2.2.13 (Jul 8 2009 10:40:09) $
mockbuild@x86-002.build.bos.redhat.com:/builddir/build/BUILD/openldap
-2.2.13/openldap-2.2.13/build-servers/servers/slapd
daemon_init: ldap:///
daemon_init: listen on ldap:///
daemon_init: 1 listeners to open...
ldap_url_parse_ext(ldap:///)
daemon: initialized ldap:///
daemon_init: 2 listeners opened
slapd init: initiated server.
slap_sasl_init: initialized!
bdb_initialize: initialize BDB backend
bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December 3, 2003)
bdb_initialize: initialize BDB backend
bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December 3, 2003)
reading config file /etc/openldap/slapd.conf
line 5 (include /etc/openldap/schema/core.schema)
reading config file /etc/openldap/schema/core.schema
line 77 (attributetype ( 2.5.4.2 NAME 'knowledgeInformation' DESC 'RFC2256:
knowledge information' EQUALITY caseIgnoreMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.15{32768} ))
line 86 (attributetype ( 2.5.4.4 NAME ( 'sn' 'surname' ) DESC 'RFC2256: last
(family) name(s) for which the entity is known by' SUP name ))
line 92 (attributetype ( 2.5.4.5 NAME 'serialNumber' DESC 'RFC2256: serial
number of the entity' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} ))
line 96 (attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) DESC 'RFC2256:
ISO-3166 country 2-letter code' SUP name SINGLE-VALUE ))
line 100 (attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' ) DESC 'RFC2256:
locality which this object resides in' SUP name ))
line 104 (attributetype ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) DESC
'RFC2256: state or province which this object resides in' SUP name ))
line 110 (attributetype ( 2.5.4.9 NAME ( 'street' 'streetAddress' ) DESC
'RFC2256: street address of this object' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ))
line 114 (attributetype ( 2.5.4.10 NAME ( 'o' 'organizationName' ) DESC
'RFC2256: organization this object belongs to' SUP name ))
line 118 (attributetype ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' )
DESC 'RFC2256: organizational unit this object belongs to' SUP name ))
line 122 (attributetype ( 2.5.4.12 NAME 'title' DESC 'RFC2256: title
associated with the entity' SUP name ))
line 128 (attributetype ( 2.5.4.13 NAME 'description' DESC 'RFC2256:
descriptive information' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} ))
line 133 (attributetype ( 2.5.4.14 NAME 'searchGuide' DESC 'RFC2256: search
guide, obsoleted by enhancedSearchGuide' SYNTAX
1.3.6.1.4.1.1466.115.121.1.25 ))
line 139 (attributetype ( 2.5.4.15 NAME 'businessCategory' DESC 'RFC2256:
business category' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ))
line 145 (attributetype ( 2.5.4.16 NAME 'postalAddress' DESC 'RFC2256:
postal address' EQUALITY caseIgnoreListMatch SUBSTR
caseIgnoreListSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ))
line 151 (attributetype ( 2.5.4.17 NAME 'postalCode' DESC 'RFC2256: postal
code' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.15{40} ))
line 157 (attributetype ( 2.5.4.18 NAME 'postOfficeBox' DESC 'RFC2256: Post
Office Box' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.15{40} ))
line 163 (attributetype ( 2.5.4.19 NAME 'physicalDeliveryOfficeName' DESC
'RFC2256: Physical Delivery Office Name' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ))
line 169 (attributetype ( 2.5.4.20 NAME 'telephoneNumber' DESC 'RFC2256:
Telephone Number' EQUALITY telephoneNumberMatch SUBSTR
telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} ))
line 173 (attributetype ( 2.5.4.21 NAME 'telexNumber' DESC 'RFC2256:
TelexNumber' SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 ))
line 177 (attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier' DESC
'RFC2256: Teletex Terminal Identifier' SYNTAX 1.3.6.1.4.1.1466.115.121.1.51
))
line 181 (attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' )
DESC 'RFC2256: Facsimile (Fax) Telephone Number' SYNTAX
1.3.6.1.4.1.1466.115.121.1.22 ))
line 187 (attributetype ( 2.5.4.24 NAME 'x121Address' DESC 'RFC2256: X.121
Address' EQUALITY numericStringMatch SUBSTR numericStringSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} ))
line 193 (attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber' DESC
'RFC2256: international ISDN number' EQUALITY numericStringMatch SUBSTR
numericStringSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} ))
line 198 (attributetype ( 2.5.4.26 NAME 'registeredAddress' DESC 'RFC2256:
registered postal address' SUP postalAddress SYNTAX
1.3.6.1.4.1.1466.115.121.1.41 ))
line 204 (attributetype ( 2.5.4.27 NAME 'destinationIndicator' DESC
'RFC2256: destination indicator' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} ))
line 209 (attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod' DESC
'RFC2256: preferred delivery method' SYNTAX 1.3.6.1.4.1.1466.115.121.1.14
SINGLE-VALUE ))
line 215 (attributetype ( 2.5.4.29 NAME 'presentationAddress' DESC 'RFC2256:
presentation address' EQUALITY presentationAddressMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.43 SINGLE-VALUE ))
line 220 (attributetype ( 2.5.4.30 NAME 'supportedApplicationContext' DESC
'RFC2256: supported application context' EQUALITY objectIdentifierMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ))
line 224 (attributetype ( 2.5.4.31 NAME 'member' DESC 'RFC2256: member of a
group' SUP distinguishedName ))
line 228 (attributetype ( 2.5.4.32 NAME 'owner' DESC 'RFC2256: owner (of the
object)' SUP distinguishedName ))
line 232 (attributetype ( 2.5.4.33 NAME 'roleOccupant' DESC 'RFC2256:
occupant of role' SUP distinguishedName ))
line 236 (attributetype ( 2.5.4.34 NAME 'seeAlso' DESC 'RFC2256: DN of
related object' SUP distinguishedName ))
line 249 (attributetype ( 2.5.4.36 NAME 'userCertificate' DESC 'RFC2256:
X.509 user certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.8 ))
line 256 (attributetype ( 2.5.4.37 NAME 'cACertificate' DESC 'RFC2256: X.509
CA certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.8 ))
line 261 (attributetype ( 2.5.4.38 NAME 'authorityRevocationList' DESC
'RFC2256: X.509 authority revocation list, use ;binary' SYNTAX
1.3.6.1.4.1.1466.115.121.1.9 ))
line 266 (attributetype ( 2.5.4.39 NAME 'certificateRevocationList' DESC
'RFC2256: X.509 certificate revocation list, use ;binary' SYNTAX
1.3.6.1.4.1.1466.115.121.1.9 ))
line 271 (attributetype ( 2.5.4.40 NAME 'crossCertificatePair' DESC
'RFC2256: X.509 cross certificate pair, use ;binary' SYNTAX
1.3.6.1.4.1.1466.115.121.1.10 ))
line 281 (attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' ) DESC 'RFC2256:
first name(s) for which the entity is known by' SUP name ))
line 285 (attributetype ( 2.5.4.43 NAME 'initials' DESC 'RFC2256: initials
of some or all of names, but not the surname(s).' SUP name ))
line 289 (attributetype ( 2.5.4.44 NAME 'generationQualifier' DESC 'RFC2256:
name qualifier indicating a generation' SUP name ))
line 294 (attributetype ( 2.5.4.45 NAME 'x500UniqueIdentifier' DESC
'RFC2256: X.500 unique identifier' EQUALITY bitStringMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.6 ))
line 301 (attributetype ( 2.5.4.46 NAME 'dnQualifier' DESC 'RFC2256: DN
qualifier' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR
caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ))
line 305 (attributetype ( 2.5.4.47 NAME 'enhancedSearchGuide' DESC 'RFC2256:
enhanced search guide' SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 ))
line 310 (attributetype ( 2.5.4.48 NAME 'protocolInformation' DESC 'RFC2256:
protocol information' EQUALITY protocolInformationMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.42 ))
line 320 (attributetype ( 2.5.4.50 NAME 'uniqueMember' DESC 'RFC2256: unique
member of a group' EQUALITY uniqueMemberMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.34 ))
line 326 (attributetype ( 2.5.4.51 NAME 'houseIdentifier' DESC 'RFC2256:
house identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ))
line 331 (attributetype ( 2.5.4.52 NAME 'supportedAlgorithms' DESC 'RFC2256:
supported algorithms' SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 ))
line 336 (attributetype ( 2.5.4.53 NAME 'deltaRevocationList' DESC 'RFC2256:
delta revocation list; use ;binary' SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ))
line 340 (attributetype ( 2.5.4.54 NAME 'dmdName' DESC 'RFC2256: name of
DMD' SUP name ))
line 355 (objectclass ( 2.5.6.2 NAME 'country' DESC 'RFC2256: a country' SUP
top STRUCTURAL MUST c MAY ( searchGuide $ description ) ))
line 360 (objectclass ( 2.5.6.3 NAME 'locality' DESC 'RFC2256: a locality'
SUP top STRUCTURAL MAY ( street $ seeAlso $ searchGuide $ st $ l $
description ) ))
line 371 (objectclass ( 2.5.6.4 NAME 'organization' DESC 'RFC2256: an
organization' SUP top STRUCTURAL MUST o MAY ( userPassword $ searchGuide $
seeAlso $ businessCategory $ x121Address $ registeredAddress $
destinationIndicator $ preferredDeliveryMethod $ telexNumber $
teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber
$ facsimileTelephoneNumber
$ street $ postOfficeBox $ postalCode $ postalAddress $
physicalDeliveryOfficeName $ st $ l $ description ) ))
line 382 (objectclass ( 2.5.6.5 NAME 'organizationalUnit' DESC 'RFC2256: an
organizational unit' SUP top STRUCTURAL MUST ou MAY ( userPassword $
searchGuide $ seeAlso $ businessCategory $ x121Address $ registeredAddress $
destinationIndicator $ preferredDeliveryMethod $ telexNumber $
teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber
$ facsimileTelephoneNumber
$ street $ postOfficeBox $ postalCode $ postalAddress $
physicalDeliveryOfficeName $ st $ l $ description ) ))
line 388 (objectclass ( 2.5.6.6 NAME 'person' DESC 'RFC2256: a person' SUP
top STRUCTURAL MUST ( sn $ cn ) MAY ( userPassword $ telephoneNumber $
seeAlso $ description ) ))
line 397 (objectclass ( 2.5.6.7 NAME 'organizationalPerson' DESC 'RFC2256:
an organizational person' SUP person STRUCTURAL MAY ( title $ x121Address $
registeredAddress $ destinationIndicator $ preferredDeliveryMethod $
telexNumber $ teletexTerminalIdentifier $ telephoneNumber $
internationaliSDNNumber $ facsimileTelephoneNumber $ street $ postOfficeBox
$ postalCode $postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) ))
line 408 (objectclass ( 2.5.6.8 NAME 'organizationalRole' DESC 'RFC2256: an
organizational role' SUP top STRUCTURAL MUST cn MAY ( x121Address $
registeredAddress $ destinationIndicator $ preferredDeliveryMethod $
telexNumber $ teletexTerminalIdentifier $ telephoneNumber $
internationaliSDNNumber $ facsimileTelephoneNumber $ seeAlso $ roleOccupant
$ preferredDeliveryMethod $ street $ postOfficeBox $ postalCode $
postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l $ description ) ))
line 414 (objectclass ( 2.5.6.9 NAME 'groupOfNames' DESC 'RFC2256: a group
of names (DNs)' SUP top STRUCTURAL MUST ( member $ cn ) MAY (
businessCategory $ seeAlso $ owner $ ou $ o $ description ) ))
line 425 (objectclass ( 2.5.6.10 NAME 'residentialPerson' DESC 'RFC2256: an
residential person' SUP person STRUCTURAL MUST l MAY ( businessCategory $
x121Address $ registeredAddress $ destinationIndicator $
preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
preferredDeliveryMethod $ street $ postOfficeBox $ postalCode $
postalAddress $ physicalDeliveryOfficeName $ st $ l ) ))
line 431 (objectclass ( 2.5.6.11 NAME 'applicationProcess' DESC 'RFC2256: an
application process' SUP top STRUCTURAL MUST cn MAY ( seeAlso $ ou $ l $
description ) ))
line 438 (objectclass ( 2.5.6.12 NAME 'applicationEntity' DESC 'RFC2256: an
application entity' SUP top STRUCTURAL MUST ( presentationAddress $ cn ) MAY
( supportedApplicationContext $ seeAlso $ ou $ o $ l $ description ) ))
line 443 (objectclass ( 2.5.6.13 NAME 'dSA' DESC 'RFC2256: a directory
system agent (a server)' SUP applicationEntity STRUCTURAL MAY
knowledgeInformation ))
line 449 (objectclass ( 2.5.6.14 NAME 'device' DESC 'RFC2256: a device' SUP
top STRUCTURAL MUST cn MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $
description ) ))
line 454 (objectclass ( 2.5.6.15 NAME 'strongAuthenticationUser' DESC
'RFC2256: a strong authentication user' SUP top AUXILIARY MUST
userCertificate ))
line 460 (objectclass ( 2.5.6.16 NAME 'certificationAuthority' DESC
'RFC2256: a certificate authority' SUP top AUXILIARY MUST (
authorityRevocationList $ certificateRevocationList $ cACertificate ) MAY
crossCertificatePair ))
line 466 (objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames' DESC 'RFC2256: a
group of unique names (DN and Unique Identifier)' SUP top STRUCTURAL MUST (
uniqueMember $ cn ) MAY ( businessCategory $ seeAlso $ owner $ ou $ o $
description ) ))
line 471 (objectclass ( 2.5.6.18 NAME 'userSecurityInformation' DESC
'RFC2256: a user security information' SUP top AUXILIARY MAY (
supportedAlgorithms ) ))
line 475 (objectclass ( 2.5.6.16.2 NAME 'certificationAuthority-V2' SUP
certificationAuthority AUXILIARY MAY ( deltaRevocationList ) ))
line 481 (objectclass ( 2.5.6.19 NAME 'cRLDistributionPoint' SUP top
STRUCTURAL MUST ( cn ) MAY ( certificateRevocationList $
authorityRevocationList $ deltaRevocationList ) ))
line 491 (objectclass ( 2.5.6.20 NAME 'dmd' SUP top STRUCTURAL MUST (
dmdName ) MAY ( userPassword $ searchGuide $ seeAlso $
businessCategory $ x121Address
$ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $
telexNumber $ teletexTerminalIdentifier $ telephoneNumber $
internationaliSDNNumber $ facsimileTelephoneNumber $ street $ postOfficeBox
$ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st $ l $
description ) ))
line 499 (objectclass ( 2.5.6.21 NAME 'pkiUser' DESC 'RFC2587: a PKI user'
SUP top AUXILIARY MAY userCertificate ))
line 505 (objectclass ( 2.5.6.22 NAME 'pkiCA' DESC 'RFC2587: PKI certificate
authority' SUP top AUXILIARY MAY ( authorityRevocationList $
certificateRevocationList $ cACertificate $ crossCertificatePair ) ))
line 510 (objectclass ( 2.5.6.23 NAME 'deltaCRL' DESC 'RFC2587: PKI user'
SUP top AUXILIARY MAY deltaRevocationList ))
line 523 (objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject' DESC
'RFC2079: object that contains the URI attribute type' MAY ( labeledURI )
SUP top AUXILIARY ))
line 533 (attributetype ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' )
DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
line 540 (attributetype ( 0.9.2342.19200300.100.1.3 NAME ( 'mail'
'rfc822Mailbox' ) DESC 'RFC1274: RFC822 Mailbox' EQUALITY
caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.26{256} ))
line 545 (objectclass ( 0.9.2342.19200300.100.4.19 NAME
'simpleSecurityObject' DESC 'RFC1274: simple security object' SUP top
AUXILIARY MUST userPassword ))
line 553 (attributetype ( 0.9.2342.19200300.100.1.25 NAME ( 'dc'
'domainComponent' ) DESC 'RFC1274/2247: domain component' EQUALITY
caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ))
line 558 (objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject' DESC 'RFC2247:
domain component object' SUP top AUXILIARY MUST dc ))
line 563 (objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject' DESC 'RFC2377: uid
object' SUP top AUXILIARY MUST uid ))
line 571 (attributetype ( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain'
DESC 'RFC1274: domain associated with object' EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ))
line 579 (attributetype ( 1.2.840.113549.1.9.1 NAME ( 'email' 'emailAddress'
'pkcs9email' ) DESC 'RFC2459: legacy attribute for email addresses in DNs'
EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.26{128} ))
>>> dnNormalize: <cn=Subschema>
=> ldap_bv2dn(cn=Subschema,0)
<= ldap_bv2dn(cn=Subschema,0)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=subschema,272)=0
<<< dnNormalize: <cn=subschema>
line 6 (include /etc/openldap/schema/cosine.schema)
reading config file /etc/openldap/schema/cosine.schema
line 130 (attributetype ( 0.9.2342.19200300.100.1.2 NAME
'textEncodedORAddress' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
line 168 (attributetype ( 0.9.2342.19200300.100.1.4 NAME 'info' DESC
'RFC1274: general information' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} ))
line 187 (attributetype ( 0.9.2342.19200300.100.1.5 NAME ( 'drink'
'favouriteDrink' ) DESC 'RFC1274: favorite drink' EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256}
))
line 205 (attributetype ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' DESC
'RFC1274: room number' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
line 227 (attributetype ( 0.9.2342.19200300.100.1.7 NAME 'photo' DESC
'RFC1274: photo (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} ))
line 248 (attributetype ( 0.9.2342.19200300.100.1.8 NAME 'userClass' DESC
'RFC1274: categorory of user' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
line 264 (attributetype ( 0.9.2342.19200300.100.1.9 NAME 'host' DESC
'RFC1274: host computer' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
line 279 (attributetype ( 0.9.2342.19200300.100.1.10 NAME 'manager' DESC
'RFC1274: DN of manager' EQUALITY distinguishedNameMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.12 ))
line 296 (attributetype ( 0.9.2342.19200300.100.1.11 NAME
'documentIdentifier' DESC 'RFC1274: unique identifier of document' EQUALITY
caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.15{256} ))
line 312 (attributetype ( 0.9.2342.19200300.100.1.12 NAME 'documentTitle'
DESC 'RFC1274: title of document' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
line 329 (attributetype ( 0.9.2342.19200300.100.1.13 NAME 'documentVersion'
DESC 'RFC1274: version of document' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
line 344 (attributetype ( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor'
DESC 'RFC1274: DN of author of document' EQUALITY distinguishedNameMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ))
line 361 (attributetype ( 0.9.2342.19200300.100.1.15 NAME 'documentLocation'
DESC 'RFC1274: location of document original' EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256}
))
line 380 (attributetype ( 0.9.2342.19200300.100.1.20 DESC 'RFC1274: home
telephone number' NAME ( 'homePhone' 'homeTelephoneNumber' ) EQUALITY
telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.50 ))
line 395 (attributetype ( 0.9.2342.19200300.100.1.21 NAME 'secretary' DESC
'RFC1274: DN of secretary' EQUALITY distinguishedNameMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.12 ))
line 411 (attributetype ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 ))
line 480 (attributetype ( 0.9.2342.19200300.100.1.26 NAME 'aRecord' EQUALITY
caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ))
line 486 (attributetype ( 0.9.2342.19200300.100.1.27 NAME 'mDRecord'
EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ))
line 501 (attributetype ( 0.9.2342.19200300.100.1.28 NAME 'mXRecord'
EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ))
line 516 (attributetype ( 0.9.2342.19200300.100.1.29 NAME 'nSRecord'
EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ))
line 531 (attributetype ( 0.9.2342.19200300.100.1.30 NAME 'sOARecord'
EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ))
line 546 (attributetype ( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord'
EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ))
line 581 (attributetype ( 0.9.2342.19200300.100.1.38 NAME 'associatedName'
DESC 'RFC1274: DN of entry associated with domain' EQUALITY
distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ))
line 599 (attributetype ( 0.9.2342.19200300.100.1.39 NAME
'homePostalAddress' DESC 'RFC1274: home postal address' EQUALITY
caseIgnoreListMatch SUBSTR caseIgnoreListSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.41 ))
line 616 (attributetype ( 0.9.2342.19200300.100.1.40 NAME 'personalTitle'
DESC 'RFC1274: personal title' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
line 635 (attributetype ( 0.9.2342.19200300.100.1.41 NAME ( 'mobile'
'mobileTelephoneNumber' ) DESC 'RFC1274: mobile telephone number' EQUALITY
telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.50 ))
line 653 (attributetype ( 0.9.2342.19200300.100.1.42 NAME ( 'pager'
'pagerTelephoneNumber' ) DESC 'RFC1274: pager telephone number' EQUALITY
telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.50 ))
line 671 (attributetype ( 0.9.2342.19200300.100.1.43 NAME ( 'co'
'friendlyCountryName' ) DESC 'RFC1274: friendly country name' EQUALITY
caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.15 ))
line 691 (attributetype ( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier'
DESC 'RFC1274: unique identifer' EQUALITY caseIgnoreMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.15{256} ))
line 713 (attributetype ( 0.9.2342.19200300.100.1.45 NAME
'organizationalStatus' DESC 'RFC1274: organizational status' EQUALITY
caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.15{256} ))
line 734 (attributetype ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox'
DESC 'RFC1274: Janet mailbox' EQUALITY caseIgnoreIA5Match SUBSTR
caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ))
line 764 (attributetype ( 0.9.2342.19200300.100.1.47 NAME
'mailPreferenceOption' DESC 'RFC1274: mail preference option' SYNTAX
1.3.6.1.4.1.1466.115.121.1.27 ))
line 781 (attributetype ( 0.9.2342.19200300.100.1.48 NAME 'buildingName'
DESC 'RFC1274: name of building' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
line 796 (attributetype ( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality' DESC
'RFC1274: DSA Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 SINGLE-VALUE ))
line 811 (attributetype ( 0.9.2342.19200300.100.1.50 NAME
'singleLevelQuality' DESC 'RFC1274: Single Level Quality' SYNTAX
1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ))
line 827 (attributetype ( 0.9.2342.19200300.100.1.51 NAME
'subtreeMinimumQuality' DESC 'RFC1274: Subtree Mininum Quality' SYNTAX
1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ))
line 843 (attributetype ( 0.9.2342.19200300.100.1.52 NAME
'subtreeMaximumQuality' DESC 'RFC1274: Subtree Maximun Quality' SYNTAX
1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ))
line 865 (attributetype ( 0.9.2342.19200300.100.1.53 NAME
'personalSignature' DESC 'RFC1274: Personal Signature (G3 fax)' SYNTAX
1.3.6.1.4.1.1466.115.121.1.23 ))
line 884 (attributetype ( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect' DESC
'RFC1274: DIT Redirect' EQUALITY distinguishedNameMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.12 ))
line 900 (attributetype ( 0.9.2342.19200300.100.1.55 NAME 'audio' DESC
'RFC1274: audio (u-law)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} ))
line 916 (attributetype ( 0.9.2342.19200300.100.1.56 NAME
'documentPublisher' DESC 'RFC1274: publisher of document' EQUALITY
caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.15 ))
line 1084 (objectclass ( 0.9.2342.19200300.100.4.4 NAME ( 'pilotPerson'
'newPilotPerson' ) SUP person STRUCTURAL MAY ( userid $ textEncodedORAddress
$ rfc822Mailbox $ favouriteDrink $ roomNumber $ userClass $ homeTelephoneNumber
$ homePostalAddress $ secretary $ personalTitle $ preferredDeliveryMethod $
businessCategory $ janetMailbox $ otherMailbox $ mobileTelephoneNumber
$ pagerTelephoneNumber
$ organizationalStatus $ mailPreferenceOption $ personalSignature ) ))
line 1110 (objectclass ( 0.9.2342.19200300.100.4.5 NAME 'account' SUP top
STRUCTURAL MUST userid MAY ( description $ seeAlso $ localityName $
organizationName
$ organizationalUnitName $ host ) ))
line 1142 (objectclass ( 0.9.2342.19200300.100.4.6 NAME 'document' SUP top
STRUCTURAL MUST documentIdentifier MAY ( commonName $ description $ seeAlso
$ localityName $ organizationName $ organizationalUnitName $ documentTitle $
documentVersion $ documentAuthor $ documentLocation $ documentPublisher ) ))
line 1165 (objectclass ( 0.9.2342.19200300.100.4.7 NAME 'room' SUP top
STRUCTURAL MUST commonName MAY ( roomNumber $ description $ seeAlso $
telephoneNumber ) ))
line 1191 (objectclass ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries' SUP
top STRUCTURAL MUST commonName MAY ( description $ seeAlso $ telephonenumber
$ localityName $ organizationName $ organizationalUnitName ) ))
line 1222 (objectclass ( 0.9.2342.19200300.100.4.13 NAME 'domain' SUP top
STRUCTURAL MUST domainComponent MAY ( associatedName $ organizationName $
description $ businessCategory $ seeAlso $ searchGuide $ userPassword
$ localityName
$ stateOrProvinceName $ streetAddress $ physicalDeliveryOfficeName $
postalAddress $ postalCode $ postOfficeBox $ streetAddress $
facsimileTelephoneNumber $ internationalISDNNumber $ telephoneNumber $
teletexTerminalIdentifier $ telexNumber $ preferredDeliveryMethod $
destinationIndicator $ registeredAddress $ x121Address ) ))
line 1252 (objectclass ( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart'
SUP domain STRUCTURAL MAY ( commonName $ surname $ description $ seeAlso $
telephoneNumber $ physicalDeliveryOfficeName $ postalAddress $
postalCode $ postOfficeBox
$ streetAddress $ facsimileTelephoneNumber $ internationalISDNNumber $
telephoneNumber
$ teletexTerminalIdentifier $ telexNumber $ preferredDeliveryMethod $
destinationIndicator $ registeredAddress $ x121Address ) ))
line 1275 (objectclass ( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' SUP
'domain' STRUCTURAL MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $ SOARecord
$ CNAMERecord ) ))
line 1293 (objectclass ( 0.9.2342.19200300.100.4.17 NAME
'domainRelatedObject' DESC 'RFC1274: an object related to an domain' SUP top
AUXILIARY MUST associatedDomain ))
line 1311 (objectclass ( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry'
SUP country STRUCTURAL MUST friendlyCountryName ))
line 1345 (objectclass ( 0.9.2342.19200300.100.4.20 NAME 'pilotOrganization'
SUP ( organization $ organizationalUnit ) STRUCTURAL MAY buildingName ))
line 1361 (objectclass ( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA' SUP dsa
STRUCTURAL MAY dSAQuality ))
line 1382 (objectclass ( 0.9.2342.19200300.100.4.22 NAME
'qualityLabelledData' SUP top AUXILIARY MUST dsaQuality MAY (
subtreeMinimumQuality $ subtreeMaximumQuality ) ))
line 7 (include /etc/openldap/schema/inetorgperson.schema)
reading config file /etc/openldap/schema/inetorgperson.schema
line 36 (attributetype ( 2.16.840.1.113730.3.1.1 NAME 'carLicense' DESC
'RFC2798: vehicle license or registration plate' EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ))
line 46 (attributetype ( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber'
DESC 'RFC2798: identifies a department within an organization' EQUALITY
caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.15 ))
line 59 (attributetype ( 2.16.840.1.113730.3.1.241 NAME 'displayName' DESC
'RFC2798: preferred name to be used when displaying entries' EQUALITY
caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ))
line 70 (attributetype ( 2.16.840.1.113730.3.1.3 NAME 'employeeNumber' DESC
'RFC2798: numerically identifies an employee within an organization'
EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ))
line 81 (attributetype ( 2.16.840.1.113730.3.1.4 NAME 'employeeType' DESC
'RFC2798: type of employment for a person' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ))
line 92 (attributetype ( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto' DESC
'RFC2798: a JPEG image' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 ))
line 107 (attributetype ( 2.16.840.1.113730.3.1.39 NAME 'preferredLanguage'
DESC 'RFC2798: preferred written or spoken language for a person' EQUALITY
caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ))
line 123 (attributetype ( 2.16.840.1.113730.3.1.40 NAME
'userSMIMECertificate' DESC 'RFC2798: PKCS#7 SignedData used to support
S/MIME' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ))
line 135 (attributetype ( 2.16.840.1.113730.3.1.216 NAME 'userPKCS12' DESC
'RFC2798: personal identity information, a PKCS #12 PFX' SYNTAX
1.3.6.1.4.1.1466.115.121.1.5 ))
line 155 (objectclass ( 2.16.840.1.113730.3.2.2 NAME 'inetOrgPerson' DESC
'RFC2798: Internet Organizational Person' SUP organizationalPerson
STRUCTURAL MAY ( audio $ businessCategory $ carLicense $
departmentNumber $ displayName
$ employeeNumber $ employeeType $ givenName $ homePhone $ homePostalAddress
$ initials $ jpegPhoto $ labeledURI $ mail $ manager $ mobile $ o $
pager $ photo
$ roomNumber $ secretary $ uid $ userCertificate $ x500uniqueIdentifier $
preferredLanguage $ userSMIMECertificate $ userPKCS12 ) ))
line 8 (include /etc/openldap/schema/nis.schema)
reading config file /etc/openldap/schema/nis.schema
line 40 (attributetype ( 1.3.6.1.1.1.1.0 NAME 'uidNumber' DESC 'An integer
uniquely identifying a user in an administrative domain' EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
line 45 (attributetype ( 1.3.6.1.1.1.1.1 NAME 'gidNumber' DESC 'An integer
uniquely identifying a group in an administrative domain' EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
line 51 (attributetype ( 1.3.6.1.1.1.1.2 NAME 'gecos' DESC 'The GECOS field;
the common name' EQUALITY caseIgnoreIA5Match SUBSTR
caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE ))
line 56 (attributetype ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' DESC 'The
absolute path to the home directory' EQUALITY caseExactIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ))
line 61 (attributetype ( 1.3.6.1.1.1.1.4 NAME 'loginShell' DESC 'The path to
the login shell' EQUALITY caseExactIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ))
line 65 (attributetype ( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange' EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
line 69 (attributetype ( 1.3.6.1.1.1.1.6 NAME 'shadowMin' EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
line 73 (attributetype ( 1.3.6.1.1.1.1.7 NAME 'shadowMax' EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
line 77 (attributetype ( 1.3.6.1.1.1.1.8 NAME 'shadowWarning' EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
line 81 (attributetype ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive' EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
line 85 (attributetype ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire' EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
line 89 (attributetype ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
line 94 (attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY
caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.26 ))
line 99 (attributetype ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup' EQUALITY
caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.26 ))
line 103 (attributetype ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' DESC
'Netgroup triple' SYNTAX 1.3.6.1.1.1.0.0 ))
line 107 (attributetype ( 1.3.6.1.1.1.1.15 NAME 'ipServicePort' EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
line 110 (attributetype ( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol' SUP name
))
line 114 (attributetype ( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber' EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
line 118 (attributetype ( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber' EQUALITY
integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
line 123 (attributetype ( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber' DESC 'IP
address' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121.1.26{128} ))
line 128 (attributetype ( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber' DESC 'IP
network' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE ))
line 133 (attributetype ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber' DESC 'IP
netmask' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE ))
line 138 (attributetype ( 1.3.6.1.1.1.1.22 NAME 'macAddress' DESC 'MAC
address' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121.1.26{128} ))
line 142 (attributetype ( 1.3.6.1.1.1.1.23 NAME 'bootParameter' DESC
'rpc.bootparamd parameter' SYNTAX 1.3.6.1.1.1.0.1 ))
line 147 (attributetype ( 1.3.6.1.1.1.1.24 NAME 'bootFile' DESC 'Boot image
name' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ))
line 150 (attributetype ( 1.3.6.1.1.1.1.26 NAME 'nisMapName' SUP name ))
line 155 (attributetype ( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry' EQUALITY
caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.26{1024} SINGLE-VALUE ))
line 162 (objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' SUP top
AUXILIARY DESC 'Abstraction of an account with POSIX attributes' MUST ( cn $
uid $ uidNumber $ gidNumber $ homeDirectory ) MAY ( userPassword $
loginShell $ gecos $ description ) ))
line 169 (objectclass ( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' SUP top
AUXILIARY DESC 'Additional attributes for shadow passwords' MUST uid MAY (
userPassword $ shadowLastChange $ shadowMin $ shadowMax $
shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $
description ) ))
line 174 (objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' SUP top STRUCTURAL
DESC 'Abstraction of a group of accounts' MUST ( cn $ gidNumber ) MAY (
userPassword $ memberUid $ description ) ))
line 179 (objectclass ( 1.3.6.1.1.1.2.3 NAME 'ipService' SUP top STRUCTURAL
DESC 'Abstraction an Internet Protocol service' MUST ( cn $ ipServicePort $
ipServiceProtocol ) MAY ( description ) ))
line 184 (objectclass ( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' SUP top STRUCTURAL
DESC 'Abstraction of an IP protocol' MUST ( cn $ ipProtocolNumber $
description ) MAY description ))
line 189 (objectclass ( 1.3.6.1.1.1.2.5 NAME 'oncRpc' SUP top STRUCTURAL
DESC 'Abstraction of an ONC/RPC binding' MUST ( cn $ oncRpcNumber $
description ) MAY description ))
line 194 (objectclass ( 1.3.6.1.1.1.2.6 NAME 'ipHost' SUP top AUXILIARY DESC
'Abstraction of a host, an IP device' MUST ( cn $ ipHostNumber ) MAY ( l $
description $ manager ) ))
line 199 (objectclass ( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' SUP top STRUCTURAL
DESC 'Abstraction of an IP network' MUST ( cn $ ipNetworkNumber ) MAY (
ipNetmaskNumber $ l $ description $ manager ) ))
line 204 (objectclass ( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' SUP top
STRUCTURAL DESC 'Abstraction of a netgroup' MUST cn MAY ( nisNetgroupTriple
$ memberNisNetgroup $ description ) ))
line 209 (objectclass ( 1.3.6.1.1.1.2.9 NAME 'nisMap' SUP top STRUCTURAL
DESC 'A generic abstraction of a NIS map' MUST nisMapName MAY description ))
line 214 (objectclass ( 1.3.6.1.1.1.2.10 NAME 'nisObject' SUP top STRUCTURAL
DESC 'An entry in a NIS map' MUST ( cn $ nisMapEntry $ nisMapName ) MAY
description ))
line 218 (objectclass ( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' SUP top
AUXILIARY DESC 'A device with a MAC address' MAY macAddress ))
line 222 (objectclass ( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' SUP top
AUXILIARY DESC 'A device with boot parameters' MAY ( bootFile $
bootParameter ) ))
line 11 (allow bind_v2)
line 17 (pidfile /var/run/openldap/slapd.pid)
line 18 (argsfile /var/run/openldap/slapd.args)
line 68 (database bdb)
bdb_db_init: Initializing BDB database
line 69 (suffix "dc=tfis, dc=myserver, dc=org")
>>> dnPrettyNormal: <dc=tfis, dc=myserver, dc=org>
=> ldap_bv2dn(dc=tfis, dc=myserver, dc=org,0)
<= ldap_bv2dn(dc=tfis, dc=myserver, dc=org,0)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(dc=tfis,dc=myserver,dc=org,272)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(dc=tfis,dc=myserver,dc=org,272)=0
<<< dnPrettyNormal: <dc=tfis,dc=myserver,dc=org>,
<dc=tfis,dc=myserver,dc=org>
line 70 (rootdn "cn=Manager,dc=tfis,dc=myserver,dc=org")
>>> dnPrettyNormal: <cn=Manager,dc=tfis,dc=myserver,dc=org>
=> ldap_bv2dn(cn=Manager,dc=tfis,dc=myserver,dc=org,0)
<= ldap_bv2dn(cn=Manager,dc=tfis,dc=myserver,dc=org,0)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=Manager,dc=tfis,dc=myserver,dc=org,272)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=manager,dc=tfis,dc=myserver,dc=org,272)=0
<<< dnPrettyNormal: <cn=Manager,dc=tfis,dc=myserver,dc=org>,
<cn=manager,dc=tfis,dc=myserver,dc=org>
line 80 (directory /var/lib/ldap)
line 83 (index objectClass eq,pres)
index objectClass 0x0006
line 84 (index ou,cn,mail,surname,givenname eq,pres,sub)
index ou 0x0716
index cn 0x0716
index mail 0x0716
index sn 0x0716
index givenName 0x0716
line 85 (index uidNumber,gidNumber,loginShell eq,pres)
index uidNumber 0x0006
index gidNumber 0x0006
index loginShell 0x0006
line 86 (index uid,memberUid eq,pres,sub)
index uid 0x0716
index memberUid 0x0716
line 87 (index nisMapName,nisMapEntry eq,pres,sub)
index nisMapName 0x0716
index nisMapEntry 0x0716
line 96 (loglevel 4095)
matching_rule_use_init
1.2.840.113556.1.4.804 (integerBitOrMatch): matchingRuleUse: (
1.2.840.113556.1.4.804 NAME 'integerBitOrMatch' APPLIES ( oncRpcNumber $
ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire $
shadowInactive $ shadowWarning $ shadowMax $ shadowMin $ shadowLastChange $
gidNumber $ uidNumber $ mailPreferenceOption $ supportedLDAPVersion ) )
1.2.840.113556.1.4.803 (integerBitAndMatch): matchingRuleUse: (
1.2.840.113556.1.4.803 NAME 'integerBitAndMatch' APPLIES ( oncRpcNumber $
ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire $
shadowInactive $ shadowWarning $ shadowMax $ shadowMin $ shadowLastChange $
gidNumber $ uidNumber $ mailPreferenceOption $ supportedLDAPVersion ) )
1.3.6.1.4.1.1466.109.114.2 (caseIgnoreIA5Match): matchingRuleUse: (
1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' APPLIES ( nisMapEntry $
bootFile $ macAddress $ ipNetmaskNumber $ ipNetworkNumber $ ipHostNumber $
memberNisNetgroup $ memberUid $ loginShell $ homeDirectory $ gecos $
janetMailbox $ cNAMERecord $ sOARecord $ nSRecord $ mXRecord $ mDRecord $
aRecord $ email $ associatedDomain $ dc $ mail $ altServer ) )
1.3.6.1.4.1.1466.109.114.1 (caseExactIA5Match): matchingRuleUse: (
1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' APPLIES ( nisMapEntry $
bootFile $ macAddress $ ipNetmaskNumber $ ipNetworkNumber $ ipHostNumber $
memberNisNetgroup $ memberUid $ loginShell $ homeDirectory $ gecos $
janetMailbox $ cNAMERecord $ sOARecord $ nSRecord $ mXRecord $ mDRecord $
aRecord $ email $ associatedDomain $ dc $ mail $ altServer ) )
2.5.13.35 (certificateMatch): matchingRuleUse: ( 2.5.13.35 NAME
'certificateMatch' APPLIES ( cACertificate $ userCertificate ) )
2.5.13.34 (certificateExactMatch): matchingRuleUse: ( 2.5.13.34 NAME
'certificateExactMatch' APPLIES ( cACertificate $ userCertificate ) )
2.5.13.30 (objectIdentifierFirstComponentMatch): matchingRuleUse: (
2.5.13.30 NAME 'objectIdentifierFirstComponentMatch' APPLIES (
supportedApplicationContext $ ldapSyntaxes $ supportedFeatures $
supportedExtension $ supportedControl ) )
2.5.13.29 (integerFirstComponentMatch): matchingRuleUse: ( 2.5.13.29
NAME 'integerFirstComponentMatch' APPLIES ( oncRpcNumber $ ipProtocolNumber
$ ipServicePort $ shadowFlag $ shadowExpire $ shadowInactive $ shadowWarning
$ shadowMax $ shadowMin $ shadowLastChange $ gidNumber $ uidNumber $
mailPreferenceOption $ supportedLDAPVersion ) )
2.5.13.27 (generalizedTimeMatch): matchingRuleUse: ( 2.5.13.27 NAME
'generalizedTimeMatch' APPLIES ( modifyTimestamp $ createTimestamp ) )
2.5.13.24 (protocolInformationMatch): matchingRuleUse: ( 2.5.13.24 NAME
'protocolInformationMatch' APPLIES protocolInformation )
2.5.13.23 (uniqueMemberMatch): matchingRuleUse: ( 2.5.13.23 NAME
'uniqueMemberMatch' APPLIES uniqueMember )
2.5.13.22 (presentationAddressMatch): matchingRuleUse: ( 2.5.13.22 NAME
'presentationAddressMatch' APPLIES presentationAddress )
2.5.13.20 (telephoneNumberMatch): matchingRuleUse: ( 2.5.13.20 NAME
'telephoneNumberMatch' APPLIES ( pager $ mobile $ homePhone $
telephoneNumber ) )
2.5.13.17 (octetStringMatch): matchingRuleUse: ( 2.5.13.17 NAME
'octetStringMatch' APPLIES userPassword )
2.5.13.16 (bitStringMatch): matchingRuleUse: ( 2.5.13.16 NAME
'bitStringMatch' APPLIES x500UniqueIdentifier )
2.5.13.14 (integerMatch): matchingRuleUse: ( 2.5.13.14 NAME
'integerMatch' APPLIES ( oncRpcNumber $ ipProtocolNumber $ ipServicePort $
shadowFlag $ shadowExpire $ shadowInactive $ shadowWarning $ shadowMax $
shadowMin $ shadowLastChange $ gidNumber $ uidNumber $ mailPreferenceOption
$ supportedLDAPVersion ) )
2.5.13.13 (booleanMatch): matchingRuleUse: ( 2.5.13.13 NAME
'booleanMatch' APPLIES hasSubordinates )
2.5.13.11 (caseIgnoreListMatch): matchingRuleUse: ( 2.5.13.11 NAME
'caseIgnoreListMatch' APPLIES ( homePostalAddress $ registeredAddress $
postalAddress ) )
2.5.13.8 (numericStringMatch): matchingRuleUse: ( 2.5.13.8 NAME
'numericStringMatch' APPLIES ( internationaliSDNNumber $ x121Address ) )
2.5.13.7 (caseExactSubstringsMatch): matchingRuleUse: ( 2.5.13.7 NAME
'caseExactSubstringsMatch' APPLIES ( dnQualifier $ destinationIndicator $
serialNumber ) )
2.5.13.6 (caseExactOrderingMatch): matchingRuleUse: ( 2.5.13.6 NAME
'caseExactOrderingMatch' APPLIES ( dnQualifier $ destinationIndicator $
serialNumber ) )
2.5.13.5 (caseExactMatch): matchingRuleUse: ( 2.5.13.5 NAME
'caseExactMatch' APPLIES ( nisMapName $ ipServiceProtocol $
preferredLanguage $ employeeType $ employeeNumber $ displayName $
departmentNumber $ carLicense $ documentPublisher $ buildingName $
organizationalStatus $ uniqueIdentifier $ co $ personalTitle $
documentLocation $ documentVersion $ documentTitle $ documentIdentifier $
host $ userClass $ roomNumber $ drink $ info $ textEncodedORAddress $ uid $
dmdName $ houseIdentifier $ dnQualifier $ generationQualifier $ initials $
givenName $ destinationIndicator $ physicalDeliveryOfficeName $
postOfficeBox $ postalCode $ businessCategory $ description $ title $ ou $ o
$ street $ st $ l $ c $ serialNumber $ sn $ knowledgeInformation $
labeledURI $ cn $ name $ ref $ vendorVersion $ vendorName $
supportedSASLMechanisms ) )
2.5.13.4 (caseIgnoreSubstringsMatch): matchingRuleUse: ( 2.5.13.4 NAME
'caseIgnoreSubstringsMatch' APPLIES ( dnQualifier $ destinationIndicator $
serialNumber ) )
2.5.13.3 (caseIgnoreOrderingMatch): matchingRuleUse: ( 2.5.13.3 NAME
'caseIgnoreOrderingMatch' APPLIES ( dnQualifier $ destinationIndicator $
serialNumber ) )
2.5.13.2 (caseIgnoreMatch): matchingRuleUse: ( 2.5.13.2 NAME
'caseIgnoreMatch' APPLIES ( nisMapName $ ipServiceProtocol $
preferredLanguage $ employeeType $ employeeNumber $ displayName $
departmentNumber $ carLicense $ documentPublisher $ buildingName $
organizationalStatus $ uniqueIdentifier $ co $ personalTitle $
documentLocation $ documentVersion $ documentTitle $ documentIdentifier $
host $ userClass $ roomNumber $ drink $ info $ textEncodedORAddress $ uid $
dmdName $ houseIdentifier $ dnQualifier $ generationQualifier $ initials $
givenName $ destinationIndicator $ physicalDeliveryOfficeName $
postOfficeBox $ postalCode $ businessCategory $ description $ title $ ou $ o
$ street $ st $ l $ c $ serialNumber $ sn $ knowledgeInformation $
labeledURI $ cn $ name $ ref $ vendorVersion $ vendorName $
supportedSASLMechanisms ) )
2.5.13.1 (distinguishedNameMatch): matchingRuleUse: ( 2.5.13.1 NAME
'distinguishedNameMatch' APPLIES ( dITRedirect $ associatedName $ secretary
$ documentAuthor $ manager $ seeAlso $ roleOccupant $ owner $ member $
distinguishedName $ aliasedObjectName $ namingContexts $ subschemaSubentry $
modifiersName $ creatorsName ) )
2.5.13.0 (objectIdentifierMatch): matchingRuleUse: ( 2.5.13.0 NAME
'objectIdentifierMatch' APPLIES ( supportedApplicationContext $
supportedFeatures $ supportedExtension $ supportedControl ) )
slapd startup: initiated.
bdb_db_open: dc=tfis,dc=myserver,dc=org
bdb_db_open: dbenv_open(/var/lib/ldap)
as you can see the daemon_init opens some listener, but not much to see!
i hope this is helpful !! thank you anyway
12 years, 2 months
Re: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
by Zdenek Styblik
Mingyur Koblensky wrote:
> Hi,
>
>
> Please, update to the latest OpenLDAP 2.4.21 release. The one you're
> playing with is 6 years old.
>
>
> yes, it is very old but from the repository of redhat enterprise 4. I
> have installed the same package on another RH 4 and not problems...
>
Well ... ok.
>
>
> You can try to start % slapd; from command line and see what the problem
> is/might be.
>
> As a root or whoever is supposed to run OpenLDAP:
> # slapd -h 'ldap://127.0.0.1 <http://127.0.0.1>' -d 256;
>
>
> [root@myserver openldap]# /usr/sbin/slapd -d 4095 -u ldap -h ldap:///
>
I see no errors and it seems that server gets up without problems, but
I'm no expert.
btw Your -h parameter looks quite strange to me. What's the purpose of
it; Bind to all interfaces? My advise is to put it into '..' as I did ->
-h 'ldap:///'; simply because of bad experience. And second, put IP
adresses there eg. -h 'ldap://127.0.0.1 ldap://192.168.1.1' rather than
such ambiguous thing. But well, it [your way] might work as well - I
just do it differently. I'd also used only 'ldap://' instead of three
slashes, if...
Originally, I was about to say you're opening Linux socket, but that
would be 'ldapi://'.
And please, keep it on the list :)
Hope that helps,
Zdenek
> @(#) $OpenLDAP: slapd 2.2.13 (Jul 8 2009 10:40:09) $
>
> mockbuild@x86-002.build.bos.redhat.com:/builddir/build/BUILD/openldap-2.2.13/openldap-2.2.13/build-servers/servers/slapd
>
> daemon_init: ldap:///
>
> daemon_init: listen on ldap:///
>
> daemon_init: 1 listeners to open...
>
> ldap_url_parse_ext(ldap:///)
>
> daemon: initialized ldap:///
>
> daemon_init: 2 listeners opened
>
> slapd init: initiated server.
>
> slap_sasl_init: initialized!
>
> bdb_initialize: initialize BDB backend
>
> bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December 3, 2003)
>
> bdb_initialize: initialize BDB backend
>
> bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December 3, 2003)
>
> reading config file /etc/openldap/slapd.conf
>
> line 5 (include /etc/openldap/schema/core.schema)
>
> reading config file /etc/openldap/schema/core.schema
>
> line 77 (attributetype ( 2.5.4.2 NAME 'knowledgeInformation' DESC
> 'RFC2256: knowledge information' EQUALITY caseIgnoreMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15{32768} ))
>
> line 86 (attributetype ( 2.5.4.4 NAME ( 'sn' 'surname' ) DESC 'RFC2256:
> last (family) name(s) for which the entity is known by' SUP name ))
>
> line 92 (attributetype ( 2.5.4.5 NAME 'serialNumber' DESC 'RFC2256:
> serial number of the entity' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} ))
>
> line 96 (attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) DESC
> 'RFC2256: ISO-3166 country 2-letter code' SUP name SINGLE-VALUE ))
>
> line 100 (attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' ) DESC
> 'RFC2256: locality which this object resides in' SUP name ))
>
> line 104 (attributetype ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' )
> DESC 'RFC2256: state or province which this object resides in' SUP name ))
>
> line 110 (attributetype ( 2.5.4.9 NAME ( 'street' 'streetAddress' ) DESC
> 'RFC2256: street address of this object' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ))
>
> line 114 (attributetype ( 2.5.4.10 NAME ( 'o' 'organizationName' ) DESC
> 'RFC2256: organization this object belongs to' SUP name ))
>
> line 118 (attributetype ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName'
> ) DESC 'RFC2256: organizational unit this object belongs to' SUP name ))
>
> line 122 (attributetype ( 2.5.4.12 NAME 'title' DESC 'RFC2256: title
> associated with the entity' SUP name ))
>
> line 128 (attributetype ( 2.5.4.13 NAME 'description' DESC 'RFC2256:
> descriptive information' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} ))
>
> line 133 (attributetype ( 2.5.4.14 NAME 'searchGuide' DESC 'RFC2256:
> search guide, obsoleted by enhancedSearchGuide' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.25 ))
>
> line 139 (attributetype ( 2.5.4.15 NAME 'businessCategory' DESC
> 'RFC2256: business category' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ))
>
> line 145 (attributetype ( 2.5.4.16 NAME 'postalAddress' DESC 'RFC2256:
> postal address' EQUALITY caseIgnoreListMatch SUBSTR
> caseIgnoreListSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ))
>
> line 151 (attributetype ( 2.5.4.17 NAME 'postalCode' DESC 'RFC2256:
> postal code' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ))
>
> line 157 (attributetype ( 2.5.4.18 NAME 'postOfficeBox' DESC 'RFC2256:
> Post Office Box' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ))
>
> line 163 (attributetype ( 2.5.4.19 NAME 'physicalDeliveryOfficeName'
> DESC 'RFC2256: Physical Delivery Office Name' EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15{128} ))
>
> line 169 (attributetype ( 2.5.4.20 NAME 'telephoneNumber' DESC 'RFC2256:
> Telephone Number' EQUALITY telephoneNumberMatch SUBSTR
> telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} ))
>
> line 173 (attributetype ( 2.5.4.21 NAME 'telexNumber' DESC 'RFC2256:
> Telex Number' SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 ))
>
> line 177 (attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier' DESC
> 'RFC2256: Teletex Terminal Identifier' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.51 ))
>
> line 181 (attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber'
> 'fax' ) DESC 'RFC2256: Facsimile (Fax) Telephone Number' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.22 ))
>
> line 187 (attributetype ( 2.5.4.24 NAME 'x121Address' DESC 'RFC2256:
> X.121 Address' EQUALITY numericStringMatch SUBSTR
> numericStringSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} ))
>
> line 193 (attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber' DESC
> 'RFC2256: international ISDN number' EQUALITY numericStringMatch SUBSTR
> numericStringSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} ))
>
> line 198 (attributetype ( 2.5.4.26 NAME 'registeredAddress' DESC
> 'RFC2256: registered postal address' SUP postalAddress SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.41 ))
>
> line 204 (attributetype ( 2.5.4.27 NAME 'destinationIndicator' DESC
> 'RFC2256: destination indicator' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} ))
>
> line 209 (attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod' DESC
> 'RFC2256: preferred delivery method' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.14 SINGLE-VALUE ))
>
> line 215 (attributetype ( 2.5.4.29 NAME 'presentationAddress' DESC
> 'RFC2256: presentation address' EQUALITY presentationAddressMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.43 SINGLE-VALUE ))
>
> line 220 (attributetype ( 2.5.4.30 NAME 'supportedApplicationContext'
> DESC 'RFC2256: supported application context' EQUALITY
> objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ))
>
> line 224 (attributetype ( 2.5.4.31 NAME 'member' DESC 'RFC2256: member
> of a group' SUP distinguishedName ))
>
> line 228 (attributetype ( 2.5.4.32 NAME 'owner' DESC 'RFC2256: owner (of
> the object)' SUP distinguishedName ))
>
> line 232 (attributetype ( 2.5.4.33 NAME 'roleOccupant' DESC 'RFC2256:
> occupant of role' SUP distinguishedName ))
>
> line 236 (attributetype ( 2.5.4.34 NAME 'seeAlso' DESC 'RFC2256: DN of
> related object' SUP distinguishedName ))
>
> line 249 (attributetype ( 2.5.4.36 NAME 'userCertificate' DESC 'RFC2256:
> X.509 user certificate, use ;binary' EQUALITY certificateExactMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 ))
>
> line 256 (attributetype ( 2.5.4.37 NAME 'cACertificate' DESC 'RFC2256:
> X.509 CA certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.8 ))
>
> line 261 (attributetype ( 2.5.4.38 NAME 'authorityRevocationList' DESC
> 'RFC2256: X.509 authority revocation list, use ;binary' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.9 ))
>
> line 266 (attributetype ( 2.5.4.39 NAME 'certificateRevocationList' DESC
> 'RFC2256: X.509 certificate revocation list, use ;binary' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.9 ))
>
> line 271 (attributetype ( 2.5.4.40 NAME 'crossCertificatePair' DESC
> 'RFC2256: X.509 cross certificate pair, use ;binary' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.10 ))
>
> line 281 (attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' ) DESC
> 'RFC2256: first name(s) for which the entity is known by' SUP name ))
>
> line 285 (attributetype ( 2.5.4.43 NAME 'initials' DESC 'RFC2256:
> initials of some or all of names, but not the surname(s).' SUP name ))
>
> line 289 (attributetype ( 2.5.4.44 NAME 'generationQualifier' DESC
> 'RFC2256: name qualifier indicating a generation' SUP name ))
>
> line 294 (attributetype ( 2.5.4.45 NAME 'x500UniqueIdentifier' DESC
> 'RFC2256: X.500 unique identifier' EQUALITY bitStringMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.6 ))
>
> line 301 (attributetype ( 2.5.4.46 NAME 'dnQualifier' DESC 'RFC2256: DN
> qualifier' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch
> SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ))
>
> line 305 (attributetype ( 2.5.4.47 NAME 'enhancedSearchGuide' DESC
> 'RFC2256: enhanced search guide' SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 ))
>
> line 310 (attributetype ( 2.5.4.48 NAME 'protocolInformation' DESC
> 'RFC2256: protocol information' EQUALITY protocolInformationMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.42 ))
>
> line 320 (attributetype ( 2.5.4.50 NAME 'uniqueMember' DESC 'RFC2256:
> unique member of a group' EQUALITY uniqueMemberMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.34 ))
>
> line 326 (attributetype ( 2.5.4.51 NAME 'houseIdentifier' DESC 'RFC2256:
> house identifier' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ))
>
> line 331 (attributetype ( 2.5.4.52 NAME 'supportedAlgorithms' DESC
> 'RFC2256: supported algorithms' SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 ))
>
> line 336 (attributetype ( 2.5.4.53 NAME 'deltaRevocationList' DESC
> 'RFC2256: delta revocation list; use ;binary' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.9 ))
>
> line 340 (attributetype ( 2.5.4.54 NAME 'dmdName' DESC 'RFC2256: name of
> DMD' SUP name ))
>
> line 355 (objectclass ( 2.5.6.2 NAME 'country' DESC 'RFC2256: a country'
> SUP top STRUCTURAL MUST c MAY ( searchGuide $ description ) ))
>
> line 360 (objectclass ( 2.5.6.3 NAME 'locality' DESC 'RFC2256: a
> locality' SUP top STRUCTURAL MAY ( street $ seeAlso $ searchGuide $ st $
> l $ description ) ))
>
> line 371 (objectclass ( 2.5.6.4 NAME 'organization' DESC 'RFC2256: an
> organization' SUP top STRUCTURAL MUST o MAY ( userPassword $ searchGuide
> $ seeAlso $ businessCategory $ x121Address $ registeredAddress $
> destinationIndicator $ preferredDeliveryMethod $ telexNumber $
> teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $
> facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
> postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) ))
>
> line 382 (objectclass ( 2.5.6.5 NAME 'organizationalUnit' DESC 'RFC2256:
> an organizational unit' SUP top STRUCTURAL MUST ou MAY ( userPassword $
> searchGuide $ seeAlso $ businessCategory $ x121Address $
> registeredAddress $ destinationIndicator $ preferredDeliveryMethod $
> telexNumber $ teletexTerminalIdentifier $ telephoneNumber $
> internationaliSDNNumber $ facsimileTelephoneNumber $ street $
> postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName
> $ st $ l $ description ) ))
>
> line 388 (objectclass ( 2.5.6.6 NAME 'person' DESC 'RFC2256: a person'
> SUP top STRUCTURAL MUST ( sn $ cn ) MAY ( userPassword $ telephoneNumber
> $ seeAlso $ description ) ))
>
> line 397 (objectclass ( 2.5.6.7 NAME 'organizationalPerson' DESC
> 'RFC2256: an organizational person' SUP person STRUCTURAL MAY ( title $
> x121Address $ registeredAddress $ destinationIndicator $
> preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
> telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
> street $ postOfficeBox $ postalCode $postalAddress $
> physicalDeliveryOfficeName $ ou $ st $ l ) ))
>
> line 408 (objectclass ( 2.5.6.8 NAME 'organizationalRole' DESC 'RFC2256:
> an organizational role' SUP top STRUCTURAL MUST cn MAY ( x121Address $
> registeredAddress $ destinationIndicator $ preferredDeliveryMethod $
> telexNumber $ teletexTerminalIdentifier $ telephoneNumber $
> internationaliSDNNumber $ facsimileTelephoneNumber $ seeAlso $
> roleOccupant $ preferredDeliveryMethod $ street $ postOfficeBox $
> postalCode $ postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l $
> description ) ))
>
> line 414 (objectclass ( 2.5.6.9 NAME 'groupOfNames' DESC 'RFC2256: a
> group of names (DNs)' SUP top STRUCTURAL MUST ( member $ cn ) MAY (
> businessCategory $ seeAlso $ owner $ ou $ o $ description ) ))
>
> line 425 (objectclass ( 2.5.6.10 NAME 'residentialPerson' DESC 'RFC2256:
> an residential person' SUP person STRUCTURAL MUST l MAY (
> businessCategory $ x121Address $ registeredAddress $
> destinationIndicator $ preferredDeliveryMethod $ telexNumber $
> teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $
> facsimileTelephoneNumber $ preferredDeliveryMethod $ street $
> postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName
> $ st $ l ) ))
>
> line 431 (objectclass ( 2.5.6.11 NAME 'applicationProcess' DESC
> 'RFC2256: an application process' SUP top STRUCTURAL MUST cn MAY (
> seeAlso $ ou $ l $ description ) ))
>
> line 438 (objectclass ( 2.5.6.12 NAME 'applicationEntity' DESC 'RFC2256:
> an application entity' SUP top STRUCTURAL MUST ( presentationAddress $
> cn ) MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $
> description ) ))
>
> line 443 (objectclass ( 2.5.6.13 NAME 'dSA' DESC 'RFC2256: a directory
> system agent (a server)' SUP applicationEntity STRUCTURAL MAY
> knowledgeInformation ))
>
> line 449 (objectclass ( 2.5.6.14 NAME 'device' DESC 'RFC2256: a device'
> SUP top STRUCTURAL MUST cn MAY ( serialNumber $ seeAlso $ owner $ ou $ o
> $ l $ description ) ))
>
> line 454 (objectclass ( 2.5.6.15 NAME 'strongAuthenticationUser' DESC
> 'RFC2256: a strong authentication user' SUP top AUXILIARY MUST
> userCertificate ))
>
> line 460 (objectclass ( 2.5.6.16 NAME 'certificationAuthority' DESC
> 'RFC2256: a certificate authority' SUP top AUXILIARY MUST (
> authorityRevocationList $ certificateRevocationList $ cACertificate )
> MAY crossCertificatePair ))
>
> line 466 (objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames' DESC
> 'RFC2256: a group of unique names (DN and Unique Identifier)' SUP top
> STRUCTURAL MUST ( uniqueMember $ cn ) MAY ( businessCategory $ seeAlso $
> owner $ ou $ o $ description ) ))
>
> line 471 (objectclass ( 2.5.6.18 NAME 'userSecurityInformation' DESC
> 'RFC2256: a user security information' SUP top AUXILIARY MAY (
> supportedAlgorithms ) ))
>
> line 475 (objectclass ( 2.5.6.16.2 NAME 'certificationAuthority-V2' SUP
> certificationAuthority AUXILIARY MAY ( deltaRevocationList ) ))
>
> line 481 (objectclass ( 2.5.6.19 NAME 'cRLDistributionPoint' SUP top
> STRUCTURAL MUST ( cn ) MAY ( certificateRevocationList $
> authorityRevocationList $ deltaRevocationList ) ))
>
> line 491 (objectclass ( 2.5.6.20 NAME 'dmd' SUP top STRUCTURAL MUST (
> dmdName ) MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory
> $ x121Address $ registeredAddress $ destinationIndicator $
> preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
> telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
> street $ postOfficeBox $ postalCode $ postalAddress $
> physicalDeliveryOfficeName $ st $ l $ description ) ))
>
> line 499 (objectclass ( 2.5.6.21 NAME 'pkiUser' DESC 'RFC2587: a PKI
> user' SUP top AUXILIARY MAY userCertificate ))
>
> line 505 (objectclass ( 2.5.6.22 NAME 'pkiCA' DESC 'RFC2587: PKI
> certificate authority' SUP top AUXILIARY MAY ( authorityRevocationList $
> certificateRevocationList $ cACertificate $ crossCertificatePair ) ))
>
> line 510 (objectclass ( 2.5.6.23 NAME 'deltaCRL' DESC 'RFC2587: PKI
> user' SUP top AUXILIARY MAY deltaRevocationList ))
>
> line 523 (objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject'
> DESC 'RFC2079: object that contains the URI attribute type' MAY (
> labeledURI ) SUP top AUXILIARY ))
>
> line 533 (attributetype ( 0.9.2342.19200300.100.1.1 NAME ( 'uid'
> 'userid' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 540 (attributetype ( 0.9.2342.19200300.100.1.3 NAME ( 'mail'
> 'rfc822Mailbox' ) DESC 'RFC1274: RFC822 Mailbox' EQUALITY
> caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26{256} ))
>
> line 545 (objectclass ( 0.9.2342.19200300.100.4.19 NAME
> 'simpleSecurityObject' DESC 'RFC1274: simple security object' SUP top
> AUXILIARY MUST userPassword ))
>
> line 553 (attributetype ( 0.9.2342.19200300.100.1.25 NAME ( 'dc'
> 'domainComponent' ) DESC 'RFC1274/2247: domain component' EQUALITY
> caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ))
>
> line 558 (objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject' DESC
> 'RFC2247: domain component object' SUP top AUXILIARY MUST dc ))
>
> line 563 (objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject' DESC 'RFC2377:
> uid object' SUP top AUXILIARY MUST uid ))
>
> line 571 (attributetype ( 0.9.2342.19200300.100.1.37 NAME
> 'associatedDomain' DESC 'RFC1274: domain associated with object'
> EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26 ))
>
> line 579 (attributetype ( 1.2.840.113549.1.9.1 NAME ( 'email'
> 'emailAddress' 'pkcs9email' ) DESC 'RFC2459: legacy attribute for email
> addresses in DNs' EQUALITY caseIgnoreIA5Match SUBSTR
> caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ))
>
>>>> dnNormalize: <cn=Subschema>
>
> => ldap_bv2dn(cn=Subschema,0)
>
> <= ldap_bv2dn(cn=Subschema,0)=0
>
> => ldap_dn2bv(272)
>
> <= ldap_dn2bv(cn=subschema,272)=0
>
> <<< dnNormalize: <cn=subschema>
>
> line 6 (include /etc/openldap/schema/cosine.schema)
>
> reading config file /etc/openldap/schema/cosine.schema
>
> line 130 (attributetype ( 0.9.2342.19200300.100.1.2 NAME
> 'textEncodedORAddress' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 168 (attributetype ( 0.9.2342.19200300.100.1.4 NAME 'info' DESC
> 'RFC1274: general information' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} ))
>
> line 187 (attributetype ( 0.9.2342.19200300.100.1.5 NAME ( 'drink'
> 'favouriteDrink' ) DESC 'RFC1274: favorite drink' EQUALITY
> caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 205 (attributetype ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber'
> DESC 'RFC1274: room number' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 227 (attributetype ( 0.9.2342.19200300.100.1.7 NAME 'photo' DESC
> 'RFC1274: photo (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} ))
>
> line 248 (attributetype ( 0.9.2342.19200300.100.1.8 NAME 'userClass'
> DESC 'RFC1274: categorory of user' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 264 (attributetype ( 0.9.2342.19200300.100.1.9 NAME 'host' DESC
> 'RFC1274: host computer' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 279 (attributetype ( 0.9.2342.19200300.100.1.10 NAME 'manager' DESC
> 'RFC1274: DN of manager' EQUALITY distinguishedNameMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.12 ))
>
> line 296 (attributetype ( 0.9.2342.19200300.100.1.11 NAME
> 'documentIdentifier' DESC 'RFC1274: unique identifier of document'
> EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 312 (attributetype ( 0.9.2342.19200300.100.1.12 NAME
> 'documentTitle' DESC 'RFC1274: title of document' EQUALITY
> caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 329 (attributetype ( 0.9.2342.19200300.100.1.13 NAME
> 'documentVersion' DESC 'RFC1274: version of document' EQUALITY
> caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 344 (attributetype ( 0.9.2342.19200300.100.1.14 NAME
> 'documentAuthor' DESC 'RFC1274: DN of author of document' EQUALITY
> distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ))
>
> line 361 (attributetype ( 0.9.2342.19200300.100.1.15 NAME
> 'documentLocation' DESC 'RFC1274: location of document original'
> EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 380 (attributetype ( 0.9.2342.19200300.100.1.20 DESC 'RFC1274: home
> telephone number' NAME ( 'homePhone' 'homeTelephoneNumber' ) EQUALITY
> telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.50 ))
>
> line 395 (attributetype ( 0.9.2342.19200300.100.1.21 NAME 'secretary'
> DESC 'RFC1274: DN of secretary' EQUALITY distinguishedNameMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.12 ))
>
> line 411 (attributetype ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox'
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 ))
>
> line 480 (attributetype ( 0.9.2342.19200300.100.1.26 NAME 'aRecord'
> EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ))
>
> line 486 (attributetype ( 0.9.2342.19200300.100.1.27 NAME 'mDRecord'
> EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ))
>
> line 501 (attributetype ( 0.9.2342.19200300.100.1.28 NAME 'mXRecord'
> EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ))
>
> line 516 (attributetype ( 0.9.2342.19200300.100.1.29 NAME 'nSRecord'
> EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ))
>
> line 531 (attributetype ( 0.9.2342.19200300.100.1.30 NAME 'sOARecord'
> EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ))
>
> line 546 (attributetype ( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord'
> EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ))
>
> line 581 (attributetype ( 0.9.2342.19200300.100.1.38 NAME
> 'associatedName' DESC 'RFC1274: DN of entry associated with domain'
> EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ))
>
> line 599 (attributetype ( 0.9.2342.19200300.100.1.39 NAME
> 'homePostalAddress' DESC 'RFC1274: home postal address' EQUALITY
> caseIgnoreListMatch SUBSTR caseIgnoreListSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.41 ))
>
> line 616 (attributetype ( 0.9.2342.19200300.100.1.40 NAME
> 'personalTitle' DESC 'RFC1274: personal title' EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 635 (attributetype ( 0.9.2342.19200300.100.1.41 NAME ( 'mobile'
> 'mobileTelephoneNumber' ) DESC 'RFC1274: mobile telephone number'
> EQUALITY telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ))
>
> line 653 (attributetype ( 0.9.2342.19200300.100.1.42 NAME ( 'pager'
> 'pagerTelephoneNumber' ) DESC 'RFC1274: pager telephone number' EQUALITY
> telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.50 ))
>
> line 671 (attributetype ( 0.9.2342.19200300.100.1.43 NAME ( 'co'
> 'friendlyCountryName' ) DESC 'RFC1274: friendly country name' EQUALITY
> caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 ))
>
> line 691 (attributetype ( 0.9.2342.19200300.100.1.44 NAME
> 'uniqueIdentifier' DESC 'RFC1274: unique identifer' EQUALITY
> caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 713 (attributetype ( 0.9.2342.19200300.100.1.45 NAME
> 'organizationalStatus' DESC 'RFC1274: organizational status' EQUALITY
> caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 734 (attributetype ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox'
> DESC 'RFC1274: Janet mailbox' EQUALITY caseIgnoreIA5Match SUBSTR
> caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ))
>
> line 764 (attributetype ( 0.9.2342.19200300.100.1.47 NAME
> 'mailPreferenceOption' DESC 'RFC1274: mail preference option' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.27 ))
>
> line 781 (attributetype ( 0.9.2342.19200300.100.1.48 NAME 'buildingName'
> DESC 'RFC1274: name of building' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 796 (attributetype ( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality'
> DESC 'RFC1274: DSA Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.19
> SINGLE-VALUE ))
>
> line 811 (attributetype ( 0.9.2342.19200300.100.1.50 NAME
> 'singleLevelQuality' DESC 'RFC1274: Single Level Quality' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ))
>
> line 827 (attributetype ( 0.9.2342.19200300.100.1.51 NAME
> 'subtreeMinimumQuality' DESC 'RFC1274: Subtree Mininum Quality' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ))
>
> line 843 (attributetype ( 0.9.2342.19200300.100.1.52 NAME
> 'subtreeMaximumQuality' DESC 'RFC1274: Subtree Maximun Quality' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ))
>
> line 865 (attributetype ( 0.9.2342.19200300.100.1.53 NAME
> 'personalSignature' DESC 'RFC1274: Personal Signature (G3 fax)' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.23 ))
>
> line 884 (attributetype ( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect'
> DESC 'RFC1274: DIT Redirect' EQUALITY distinguishedNameMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.12 ))
>
> line 900 (attributetype ( 0.9.2342.19200300.100.1.55 NAME 'audio' DESC
> 'RFC1274: audio (u-law)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} ))
>
> line 916 (attributetype ( 0.9.2342.19200300.100.1.56 NAME
> 'documentPublisher' DESC 'RFC1274: publisher of document' EQUALITY
> caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 ))
>
> line 1084 (objectclass ( 0.9.2342.19200300.100.4.4 NAME ( 'pilotPerson'
> 'newPilotPerson' ) SUP person STRUCTURAL MAY ( userid $
> textEncodedORAddress $ rfc822Mailbox $ favouriteDrink $ roomNumber $
> userClass $ homeTelephoneNumber $ homePostalAddress $ secretary $
> personalTitle $ preferredDeliveryMethod $ businessCategory $
> janetMailbox $ otherMailbox $ mobileTelephoneNumber $
> pagerTelephoneNumber $ organizationalStatus $ mailPreferenceOption $
> personalSignature ) ))
>
> line 1110 (objectclass ( 0.9.2342.19200300.100.4.5 NAME 'account' SUP
> top STRUCTURAL MUST userid MAY ( description $ seeAlso $ localityName $
> organizationName $ organizationalUnitName $ host ) ))
>
> line 1142 (objectclass ( 0.9.2342.19200300.100.4.6 NAME 'document' SUP
> top STRUCTURAL MUST documentIdentifier MAY ( commonName $ description $
> seeAlso $ localityName $ organizationName $ organizationalUnitName $
> documentTitle $ documentVersion $ documentAuthor $ documentLocation $
> documentPublisher ) ))
>
> line 1165 (objectclass ( 0.9.2342.19200300.100.4.7 NAME 'room' SUP top
> STRUCTURAL MUST commonName MAY ( roomNumber $ description $ seeAlso $
> telephoneNumber ) ))
>
> line 1191 (objectclass ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries'
> SUP top STRUCTURAL MUST commonName MAY ( description $ seeAlso $
> telephonenumber $ localityName $ organizationName $
> organizationalUnitName ) ))
>
> line 1222 (objectclass ( 0.9.2342.19200300.100.4.13 NAME 'domain' SUP
> top STRUCTURAL MUST domainComponent MAY ( associatedName $
> organizationName $ description $ businessCategory $ seeAlso $
> searchGuide $ userPassword $ localityName $ stateOrProvinceName $
> streetAddress $ physicalDeliveryOfficeName $ postalAddress $ postalCode
> $ postOfficeBox $ streetAddress $ facsimileTelephoneNumber $
> internationalISDNNumber $ telephoneNumber $ teletexTerminalIdentifier $
> telexNumber $ preferredDeliveryMethod $ destinationIndicator $
> registeredAddress $ x121Address ) ))
>
> line 1252 (objectclass ( 0.9.2342.19200300.100.4.14 NAME
> 'RFC822localPart' SUP domain STRUCTURAL MAY ( commonName $ surname $
> description $ seeAlso $ telephoneNumber $ physicalDeliveryOfficeName $
> postalAddress $ postalCode $ postOfficeBox $ streetAddress $
> facsimileTelephoneNumber $ internationalISDNNumber $ telephoneNumber $
> teletexTerminalIdentifier $ telexNumber $ preferredDeliveryMethod $
> destinationIndicator $ registeredAddress $ x121Address ) ))
>
> line 1275 (objectclass ( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' SUP
> 'domain' STRUCTURAL MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $
> SOARecord $ CNAMERecord ) ))
>
> line 1293 (objectclass ( 0.9.2342.19200300.100.4.17 NAME
> 'domainRelatedObject' DESC 'RFC1274: an object related to an domain' SUP
> top AUXILIARY MUST associatedDomain ))
>
> line 1311 (objectclass ( 0.9.2342.19200300.100.4.18 NAME
> 'friendlyCountry' SUP country STRUCTURAL MUST friendlyCountryName ))
>
> line 1345 (objectclass ( 0.9.2342.19200300.100.4.20 NAME
> 'pilotOrganization' SUP ( organization $ organizationalUnit ) STRUCTURAL
> MAY buildingName ))
>
> line 1361 (objectclass ( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA' SUP
> dsa STRUCTURAL MAY dSAQuality ))
>
> line 1382 (objectclass ( 0.9.2342.19200300.100.4.22 NAME
> 'qualityLabelledData' SUP top AUXILIARY MUST dsaQuality MAY (
> subtreeMinimumQuality $ subtreeMaximumQuality ) ))
>
> line 7 (include /etc/openldap/schema/inetorgperson.schema)
>
> reading config file /etc/openldap/schema/inetorgperson.schema
>
> line 36 (attributetype ( 2.16.840.1.113730.3.1.1 NAME 'carLicense' DESC
> 'RFC2798: vehicle license or registration plate' EQUALITY
> caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 ))
>
> line 46 (attributetype ( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber'
> DESC 'RFC2798: identifies a department within an organization' EQUALITY
> caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 ))
>
> line 59 (attributetype ( 2.16.840.1.113730.3.1.241 NAME 'displayName'
> DESC 'RFC2798: preferred name to be used when displaying entries'
> EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ))
>
> line 70 (attributetype ( 2.16.840.1.113730.3.1.3 NAME 'employeeNumber'
> DESC 'RFC2798: numerically identifies an employee within an
> organization' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ))
>
> line 81 (attributetype ( 2.16.840.1.113730.3.1.4 NAME 'employeeType'
> DESC 'RFC2798: type of employment for a person' EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ))
>
> line 92 (attributetype ( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto'
> DESC 'RFC2798: a JPEG image' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 ))
>
> line 107 (attributetype ( 2.16.840.1.113730.3.1.39 NAME
> 'preferredLanguage' DESC 'RFC2798: preferred written or spoken language
> for a person' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ))
>
> line 123 (attributetype ( 2.16.840.1.113730.3.1.40 NAME
> 'userSMIMECertificate' DESC 'RFC2798: PKCS#7 SignedData used to support
> S/MIME' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ))
>
> line 135 (attributetype ( 2.16.840.1.113730.3.1.216 NAME 'userPKCS12'
> DESC 'RFC2798: personal identity information, a PKCS #12 PFX' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.5 ))
>
> line 155 (objectclass ( 2.16.840.1.113730.3.2.2 NAME 'inetOrgPerson'
> DESC 'RFC2798: Internet Organizational Person' SUP
> organizationalPerson STRUCTURAL MAY ( audio $ businessCategory $
> carLicense $ departmentNumber $ displayName $ employeeNumber $
> employeeType $ givenName $ homePhone $ homePostalAddress $ initials $
> jpegPhoto $ labeledURI $ mail $ manager $ mobile $ o $ pager $ photo $
> roomNumber $ secretary $ uid $ userCertificate $ x500uniqueIdentifier $
> preferredLanguage $ userSMIMECertificate $ userPKCS12 ) ))
>
> line 8 (include /etc/openldap/schema/nis.schema)
>
> reading config file /etc/openldap/schema/nis.schema
>
> line 40 (attributetype ( 1.3.6.1.1.1.1.0 NAME 'uidNumber' DESC 'An
> integer uniquely identifying a user in an administrative domain'
> EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 45 (attributetype ( 1.3.6.1.1.1.1.1 NAME 'gidNumber' DESC 'An
> integer uniquely identifying a group in an administrative domain'
> EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 51 (attributetype ( 1.3.6.1.1.1.1.2 NAME 'gecos' DESC 'The GECOS
> field; the common name' EQUALITY caseIgnoreIA5Match SUBSTR
> caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
> SINGLE-VALUE ))
>
> line 56 (attributetype ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' DESC 'The
> absolute path to the home directory' EQUALITY caseExactIA5Match SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ))
>
> line 61 (attributetype ( 1.3.6.1.1.1.1.4 NAME 'loginShell' DESC 'The
> path to the login shell' EQUALITY caseExactIA5Match SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ))
>
> line 65 (attributetype ( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange'
> EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 69 (attributetype ( 1.3.6.1.1.1.1.6 NAME 'shadowMin' EQUALITY
> integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 73 (attributetype ( 1.3.6.1.1.1.1.7 NAME 'shadowMax' EQUALITY
> integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 77 (attributetype ( 1.3.6.1.1.1.1.8 NAME 'shadowWarning' EQUALITY
> integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 81 (attributetype ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive' EQUALITY
> integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 85 (attributetype ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire' EQUALITY
> integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 89 (attributetype ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' EQUALITY
> integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 94 (attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY
> caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26 ))
>
> line 99 (attributetype ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup'
> EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26 ))
>
> line 103 (attributetype ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' DESC
> 'Netgroup triple' SYNTAX 1.3.6.1.1.1.0.0 ))
>
> line 107 (attributetype ( 1.3.6.1.1.1.1.15 NAME 'ipServicePort' EQUALITY
> integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 110 (attributetype ( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol' SUP
> name ))
>
> line 114 (attributetype ( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber'
> EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 118 (attributetype ( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber' EQUALITY
> integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 123 (attributetype ( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber' DESC 'IP
> address' EQUALITY caseIgnoreIA5Match SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26{128} ))
>
> line 128 (attributetype ( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber' DESC
> 'IP network' EQUALITY caseIgnoreIA5Match SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE ))
>
> line 133 (attributetype ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber' DESC
> 'IP netmask' EQUALITY caseIgnoreIA5Match SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE ))
>
> line 138 (attributetype ( 1.3.6.1.1.1.1.22 NAME 'macAddress' DESC 'MAC
> address' EQUALITY caseIgnoreIA5Match SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26{128} ))
>
> line 142 (attributetype ( 1.3.6.1.1.1.1.23 NAME 'bootParameter' DESC
> 'rpc.bootparamd parameter' SYNTAX 1.3.6.1.1.1.0.1 ))
>
> line 147 (attributetype ( 1.3.6.1.1.1.1.24 NAME 'bootFile' DESC 'Boot
> image name' EQUALITY caseExactIA5Match SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26 ))
>
> line 150 (attributetype ( 1.3.6.1.1.1.1.26 NAME 'nisMapName' SUP name ))
>
> line 155 (attributetype ( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry' EQUALITY
> caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26{1024} SINGLE-VALUE ))
>
> line 162 (objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' SUP top
> AUXILIARY DESC 'Abstraction of an account with POSIX attributes' MUST (
> cn $ uid $ uidNumber $ gidNumber $ homeDirectory ) MAY ( userPassword $
> loginShell $ gecos $ description ) ))
>
> line 169 (objectclass ( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' SUP top
> AUXILIARY DESC 'Additional attributes for shadow passwords' MUST uid MAY
> ( userPassword $ shadowLastChange $ shadowMin $ shadowMax $
> shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $
> description ) ))
>
> line 174 (objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' SUP top
> STRUCTURAL DESC 'Abstraction of a group of accounts' MUST ( cn $
> gidNumber ) MAY ( userPassword $ memberUid $ description ) ))
>
> line 179 (objectclass ( 1.3.6.1.1.1.2.3 NAME 'ipService' SUP top
> STRUCTURAL DESC 'Abstraction an Internet Protocol service' MUST ( cn $
> ipServicePort $ ipServiceProtocol ) MAY ( description ) ))
>
> line 184 (objectclass ( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' SUP top
> STRUCTURAL DESC 'Abstraction of an IP protocol' MUST ( cn $
> ipProtocolNumber $ description ) MAY description ))
>
> line 189 (objectclass ( 1.3.6.1.1.1.2.5 NAME 'oncRpc' SUP top STRUCTURAL
> DESC 'Abstraction of an ONC/RPC binding' MUST ( cn $ oncRpcNumber $
> description ) MAY description ))
>
> line 194 (objectclass ( 1.3.6.1.1.1.2.6 NAME 'ipHost' SUP top AUXILIARY
> DESC 'Abstraction of a host, an IP device' MUST ( cn $ ipHostNumber )
> MAY ( l $ description $ manager ) ))
>
> line 199 (objectclass ( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' SUP top
> STRUCTURAL DESC 'Abstraction of an IP network' MUST ( cn $
> ipNetworkNumber ) MAY ( ipNetmaskNumber $ l $ description $ manager ) ))
>
> line 204 (objectclass ( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' SUP top
> STRUCTURAL DESC 'Abstraction of a netgroup' MUST cn MAY (
> nisNetgroupTriple $ memberNisNetgroup $ description ) ))
>
> line 209 (objectclass ( 1.3.6.1.1.1.2.9 NAME 'nisMap' SUP top STRUCTURAL
> DESC 'A generic abstraction of a NIS map' MUST nisMapName MAY description ))
>
> line 214 (objectclass ( 1.3.6.1.1.1.2.10 NAME 'nisObject' SUP top
> STRUCTURAL DESC 'An entry in a NIS map' MUST ( cn $ nisMapEntry $
> nisMapName ) MAY description ))
>
> line 218 (objectclass ( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' SUP top
> AUXILIARY DESC 'A device with a MAC address' MAY macAddress ))
>
> line 222 (objectclass ( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' SUP top
> AUXILIARY DESC 'A device with boot parameters' MAY ( bootFile $
> bootParameter ) ))
>
> line 11 (allow bind_v2)
>
> line 17 (pidfile /var/run/openldap/slapd.pid)
>
> line 18 (argsfile /var/run/openldap/slapd.args)
>
> line 68 (database bdb)
>
> bdb_db_init: Initializing BDB database
>
> line 69 (suffix "dc=tfis, dc=myserver, dc=org")
>
>>>> dnPrettyNormal: <dc=tfis, dc=myserver, dc=org>
>
> => ldap_bv2dn(dc=tfis, dc=myserver, dc=org,0)
>
> <= ldap_bv2dn(dc=tfis, dc=myserver, dc=org,0)=0
>
> => ldap_dn2bv(272)
>
> <= ldap_dn2bv(dc=tfis,dc=myserver,dc=org,272)=0
>
> => ldap_dn2bv(272)
>
> <= ldap_dn2bv(dc=tfis,dc=myserver,dc=org,272)=0
>
> <<< dnPrettyNormal: <dc=tfis,dc=myserver,dc=org>,
> <dc=tfis,dc=myserver,dc=org>
>
> line 70 (rootdn "cn=Manager,dc=tfis,dc=myserver,dc=org")
>
>>>> dnPrettyNormal: <cn=Manager,dc=tfis,dc=myserver,dc=org>
>
> => ldap_bv2dn(cn=Manager,dc=tfis,dc=myserver,dc=org,0)
>
> <= ldap_bv2dn(cn=Manager,dc=tfis,dc=myserver,dc=org,0)=0
>
> => ldap_dn2bv(272)
>
> <= ldap_dn2bv(cn=Manager,dc=tfis,dc=myserver,dc=org,272)=0
>
> => ldap_dn2bv(272)
>
> <= ldap_dn2bv(cn=manager,dc=tfis,dc=myserver,dc=org,272)=0
>
> <<< dnPrettyNormal: <cn=Manager,dc=tfis,dc=myserver,dc=org>,
> <cn=manager,dc=tfis,dc=myserver,dc=org>
>
> line 80 (directory /var/lib/ldap)
>
> line 83 (index objectClass eq,pres)
>
> index objectClass 0x0006
>
> line 84 (index ou,cn,mail,surname,givenname eq,pres,sub)
>
> index ou 0x0716
>
> index cn 0x0716
>
> index mail 0x0716
>
> index sn 0x0716
>
> index givenName 0x0716
>
> line 85 (index uidNumber,gidNumber,loginShell eq,pres)
>
> index uidNumber 0x0006
>
> index gidNumber 0x0006
>
> index loginShell 0x0006
>
> line 86 (index uid,memberUid eq,pres,sub)
>
> index uid 0x0716
>
> index memberUid 0x0716
>
> line 87 (index nisMapName,nisMapEntry eq,pres,sub)
>
> index nisMapName 0x0716
>
> index nisMapEntry 0x0716
>
> line 96 (loglevel 4095)
>
> matching_rule_use_init
>
> 1.2.840.113556.1.4.804 (integerBitOrMatch): matchingRuleUse: (
> 1.2.840.113556.1.4.804 NAME 'integerBitOrMatch' APPLIES ( oncRpcNumber $
> ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire $
> shadowInactive $ shadowWarning $ shadowMax $ shadowMin $
> shadowLastChange $ gidNumber $ uidNumber $ mailPreferenceOption $
> supportedLDAPVersion ) )
>
> 1.2.840.113556.1.4.803 (integerBitAndMatch): matchingRuleUse: (
> 1.2.840.113556.1.4.803 NAME 'integerBitAndMatch' APPLIES ( oncRpcNumber
> $ ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire $
> shadowInactive $ shadowWarning $ shadowMax $ shadowMin $
> shadowLastChange $ gidNumber $ uidNumber $ mailPreferenceOption $
> supportedLDAPVersion ) )
>
> 1.3.6.1.4.1.1466.109.114.2 (caseIgnoreIA5Match): matchingRuleUse: (
> 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' APPLIES (
> nisMapEntry $ bootFile $ macAddress $ ipNetmaskNumber $ ipNetworkNumber
> $ ipHostNumber $ memberNisNetgroup $ memberUid $ loginShell $
> homeDirectory $ gecos $ janetMailbox $ cNAMERecord $ sOARecord $
> nSRecord $ mXRecord $ mDRecord $ aRecord $ email $ associatedDomain $ dc
> $ mail $ altServer ) )
>
> 1.3.6.1.4.1.1466.109.114.1 (caseExactIA5Match): matchingRuleUse: (
> 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' APPLIES (
> nisMapEntry $ bootFile $ macAddress $ ipNetmaskNumber $ ipNetworkNumber
> $ ipHostNumber $ memberNisNetgroup $ memberUid $ loginShell $
> homeDirectory $ gecos $ janetMailbox $ cNAMERecord $ sOARecord $
> nSRecord $ mXRecord $ mDRecord $ aRecord $ email $ associatedDomain $ dc
> $ mail $ altServer ) )
>
> 2.5.13.35 (certificateMatch): matchingRuleUse: ( 2.5.13.35 NAME
> 'certificateMatch' APPLIES ( cACertificate $ userCertificate ) )
>
> 2.5.13.34 (certificateExactMatch): matchingRuleUse: ( 2.5.13.34 NAME
> 'certificateExactMatch' APPLIES ( cACertificate $ userCertificate ) )
>
> 2.5.13.30 (objectIdentifierFirstComponentMatch): matchingRuleUse: (
> 2.5.13.30 NAME 'objectIdentifierFirstComponentMatch' APPLIES (
> supportedApplicationContext $ ldapSyntaxes $ supportedFeatures $
> supportedExtension $ supportedControl ) )
>
> 2.5.13.29 (integerFirstComponentMatch): matchingRuleUse: ( 2.5.13.29
> NAME 'integerFirstComponentMatch' APPLIES ( oncRpcNumber $
> ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire $
> shadowInactive $ shadowWarning $ shadowMax $ shadowMin $
> shadowLastChange $ gidNumber $ uidNumber $ mailPreferenceOption $
> supportedLDAPVersion ) )
>
> 2.5.13.27 (generalizedTimeMatch): matchingRuleUse: ( 2.5.13.27 NAME
> 'generalizedTimeMatch' APPLIES ( modifyTimestamp $ createTimestamp ) )
>
> 2.5.13.24 (protocolInformationMatch): matchingRuleUse: ( 2.5.13.24
> NAME 'protocolInformationMatch' APPLIES protocolInformation )
>
> 2.5.13.23 (uniqueMemberMatch): matchingRuleUse: ( 2.5.13.23 NAME
> 'uniqueMemberMatch' APPLIES uniqueMember )
>
> 2.5.13.22 (presentationAddressMatch): matchingRuleUse: ( 2.5.13.22
> NAME 'presentationAddressMatch' APPLIES presentationAddress )
>
> 2.5.13.20 (telephoneNumberMatch): matchingRuleUse: ( 2.5.13.20 NAME
> 'telephoneNumberMatch' APPLIES ( pager $ mobile $ homePhone $
> telephoneNumber ) )
>
> 2.5.13.17 (octetStringMatch): matchingRuleUse: ( 2.5.13.17 NAME
> 'octetStringMatch' APPLIES userPassword )
>
> 2.5.13.16 (bitStringMatch): matchingRuleUse: ( 2.5.13.16 NAME
> 'bitStringMatch' APPLIES x500UniqueIdentifier )
>
> 2.5.13.14 (integerMatch): matchingRuleUse: ( 2.5.13.14 NAME
> 'integerMatch' APPLIES ( oncRpcNumber $ ipProtocolNumber $ ipServicePort
> $ shadowFlag $ shadowExpire $ shadowInactive $ shadowWarning $ shadowMax
> $ shadowMin $ shadowLastChange $ gidNumber $ uidNumber $
> mailPreferenceOption $ supportedLDAPVersion ) )
>
> 2.5.13.13 (booleanMatch): matchingRuleUse: ( 2.5.13.13 NAME
> 'booleanMatch' APPLIES hasSubordinates )
>
> 2.5.13.11 (caseIgnoreListMatch): matchingRuleUse: ( 2.5.13.11 NAME
> 'caseIgnoreListMatch' APPLIES ( homePostalAddress $ registeredAddress $
> postalAddress ) )
>
> 2.5.13.8 (numericStringMatch): matchingRuleUse: ( 2.5.13.8 NAME
> 'numericStringMatch' APPLIES ( internationaliSDNNumber $ x121Address ) )
>
> 2.5.13.7 (caseExactSubstringsMatch): matchingRuleUse: ( 2.5.13.7
> NAME 'caseExactSubstringsMatch' APPLIES ( dnQualifier $
> destinationIndicator $ serialNumber ) )
>
> 2.5.13.6 (caseExactOrderingMatch): matchingRuleUse: ( 2.5.13.6 NAME
> 'caseExactOrderingMatch' APPLIES ( dnQualifier $ destinationIndicator $
> serialNumber ) )
>
> 2.5.13.5 (caseExactMatch): matchingRuleUse: ( 2.5.13.5 NAME
> 'caseExactMatch' APPLIES ( nisMapName $ ipServiceProtocol $
> preferredLanguage $ employeeType $ employeeNumber $ displayName $
> departmentNumber $ carLicense $ documentPublisher $ buildingName $
> organizationalStatus $ uniqueIdentifier $ co $ personalTitle $
> documentLocation $ documentVersion $ documentTitle $ documentIdentifier
> $ host $ userClass $ roomNumber $ drink $ info $ textEncodedORAddress $
> uid $ dmdName $ houseIdentifier $ dnQualifier $ generationQualifier $
> initials $ givenName $ destinationIndicator $ physicalDeliveryOfficeName
> $ postOfficeBox $ postalCode $ businessCategory $ description $ title $
> ou $ o $ street $ st $ l $ c $ serialNumber $ sn $ knowledgeInformation
> $ labeledURI $ cn $ name $ ref $ vendorVersion $ vendorName $
> supportedSASLMechanisms ) )
>
> 2.5.13.4 (caseIgnoreSubstringsMatch): matchingRuleUse: ( 2.5.13.4
> NAME 'caseIgnoreSubstringsMatch' APPLIES ( dnQualifier $
> destinationIndicator $ serialNumber ) )
>
> 2.5.13.3 (caseIgnoreOrderingMatch): matchingRuleUse: ( 2.5.13.3 NAME
> 'caseIgnoreOrderingMatch' APPLIES ( dnQualifier $ destinationIndicator $
> serialNumber ) )
>
> 2.5.13.2 (caseIgnoreMatch): matchingRuleUse: ( 2.5.13.2 NAME
> 'caseIgnoreMatch' APPLIES ( nisMapName $ ipServiceProtocol $
> preferredLanguage $ employeeType $ employeeNumber $ displayName $
> departmentNumber $ carLicense $ documentPublisher $ buildingName $
> organizationalStatus $ uniqueIdentifier $ co $ personalTitle $
> documentLocation $ documentVersion $ documentTitle $ documentIdentifier
> $ host $ userClass $ roomNumber $ drink $ info $ textEncodedORAddress $
> uid $ dmdName $ houseIdentifier $ dnQualifier $ generationQualifier $
> initials $ givenName $ destinationIndicator $ physicalDeliveryOfficeName
> $ postOfficeBox $ postalCode $ businessCategory $ description $ title $
> ou $ o $ street $ st $ l $ c $ serialNumber $ sn $ knowledgeInformation
> $ labeledURI $ cn $ name $ ref $ vendorVersion $ vendorName $
> supportedSASLMechanisms ) )
>
> 2.5.13.1 (distinguishedNameMatch): matchingRuleUse: ( 2.5.13.1 NAME
> 'distinguishedNameMatch' APPLIES ( dITRedirect $ associatedName $
> secretary $ documentAuthor $ manager $ seeAlso $ roleOccupant $ owner $
> member $ distinguishedName $ aliasedObjectName $ namingContexts $
> subschemaSubentry $ modifiersName $ creatorsName ) )
>
> 2.5.13.0 (objectIdentifierMatch): matchingRuleUse: ( 2.5.13.0 NAME
> 'objectIdentifierMatch' APPLIES ( supportedApplicationContext $
> supportedFeatures $ supportedExtension $ supportedControl ) )
>
> slapd startup: initiated.
>
> bdb_db_open: dc=tfis,dc=myserver,dc=org
>
> bdb_db_open: dbenv_open(/var/lib/ldap)
>
>
> as you can see the daemon_init opens some listener, but not much to see!
> i hope this is helpful !! thank you anyway
--
Zdenek Styblik
Net/Linux admin
OS TurnovFree.net
email: stybla(a)turnovfree.net
jabber: stybla(a)jabber.turnovfree.net
12 years, 2 months
Re: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
by Mingyur Koblensky
additional info:
[root@myserver openldap]# fuser -n tcp 389
here: 389
[root@myserver openldap]#
no process is using that port, i suppose the easy way to resolved
temporarily is to:
1) cp /usr/lib/ldap
2) cp configuration files
3) configure the web application to use the new slapd server
do you see any drawback ? i suppose also that i cant use the slapadd and
slapcat utility since ldap is not reachable
On 1 March 2010 10:10, Mingyur Koblensky <mingyur(a)gmail.com> wrote:
> Hi,
>
>>
>> Please, update to the latest OpenLDAP 2.4.21 release. The one you're
>> playing with is 6 years old.
>>
>
> yes, it is very old but from the repository of redhat enterprise 4. I have
> installed the same package on another RH 4 and not problems...
>
>
>>
>> You can try to start % slapd; from command line and see what the problem
>> is/might be.
>>
>> As a root or whoever is supposed to run OpenLDAP:
>> # slapd -h 'ldap://127.0.0.1' -d 256;
>
>
> [root@myserver openldap]# /usr/sbin/slapd -d 4095 -u ldap -h ldap:///
>
> @(#) $OpenLDAP: slapd 2.2.13 (Jul 8 2009 10:40:09) $
>
> mockbuild@x86-002.build.bos.redhat.com:/builddir/build/BUILD/openldap
> -2.2.13/openldap-2.2.13/build-servers/servers/slapd
>
> daemon_init: ldap:///
>
> daemon_init: listen on ldap:///
>
> daemon_init: 1 listeners to open...
>
> ldap_url_parse_ext(ldap:///)
>
> daemon: initialized ldap:///
>
> daemon_init: 2 listeners opened
>
> slapd init: initiated server.
>
> slap_sasl_init: initialized!
>
> bdb_initialize: initialize BDB backend
>
> bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December 3,
> 2003)
>
> bdb_initialize: initialize BDB backend
>
> bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December 3,
> 2003)
>
> reading config file /etc/openldap/slapd.conf
>
> line 5 (include /etc/openldap/schema/core.schema)
>
> reading config file /etc/openldap/schema/core.schema
>
> line 77 (attributetype ( 2.5.4.2 NAME 'knowledgeInformation' DESC
> 'RFC2256: knowledge information' EQUALITY caseIgnoreMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15{32768} ))
>
> line 86 (attributetype ( 2.5.4.4 NAME ( 'sn' 'surname' ) DESC 'RFC2256:
> last (family) name(s) for which the entity is known by' SUP name ))
>
> line 92 (attributetype ( 2.5.4.5 NAME 'serialNumber' DESC 'RFC2256: serial
> number of the entity' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} ))
>
> line 96 (attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) DESC 'RFC2256:
> ISO-3166 country 2-letter code' SUP name SINGLE-VALUE ))
>
> line 100 (attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' ) DESC
> 'RFC2256: locality which this object resides in' SUP name ))
>
> line 104 (attributetype ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) DESC
> 'RFC2256: state or province which this object resides in' SUP name ))
>
> line 110 (attributetype ( 2.5.4.9 NAME ( 'street' 'streetAddress' ) DESC
> 'RFC2256: street address of this object' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ))
>
> line 114 (attributetype ( 2.5.4.10 NAME ( 'o' 'organizationName' ) DESC
> 'RFC2256: organization this object belongs to' SUP name ))
>
> line 118 (attributetype ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' )
> DESC 'RFC2256: organizational unit this object belongs to' SUP name ))
>
> line 122 (attributetype ( 2.5.4.12 NAME 'title' DESC 'RFC2256: title
> associated with the entity' SUP name ))
>
> line 128 (attributetype ( 2.5.4.13 NAME 'description' DESC 'RFC2256:
> descriptive information' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} ))
>
> line 133 (attributetype ( 2.5.4.14 NAME 'searchGuide' DESC 'RFC2256:
> search guide, obsoleted by enhancedSearchGuide' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.25 ))
>
> line 139 (attributetype ( 2.5.4.15 NAME 'businessCategory' DESC 'RFC2256:
> business category' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ))
>
> line 145 (attributetype ( 2.5.4.16 NAME 'postalAddress' DESC 'RFC2256:
> postal address' EQUALITY caseIgnoreListMatch SUBSTR
> caseIgnoreListSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ))
>
> line 151 (attributetype ( 2.5.4.17 NAME 'postalCode' DESC 'RFC2256: postal
> code' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15{40} ))
>
> line 157 (attributetype ( 2.5.4.18 NAME 'postOfficeBox' DESC 'RFC2256:
> Post Office Box' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ))
>
> line 163 (attributetype ( 2.5.4.19 NAME 'physicalDeliveryOfficeName' DESC
> 'RFC2256: Physical Delivery Office Name' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ))
>
> line 169 (attributetype ( 2.5.4.20 NAME 'telephoneNumber' DESC 'RFC2256:
> Telephone Number' EQUALITY telephoneNumberMatch SUBSTR
> telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} ))
>
> line 173 (attributetype ( 2.5.4.21 NAME 'telexNumber' DESC 'RFC2256: TelexNumber' SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 ))
>
> line 177 (attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier' DESC
> 'RFC2256: Teletex Terminal Identifier' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.51 ))
>
> line 181 (attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax'
> ) DESC 'RFC2256: Facsimile (Fax) Telephone Number' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.22 ))
>
> line 187 (attributetype ( 2.5.4.24 NAME 'x121Address' DESC 'RFC2256: X.121
> Address' EQUALITY numericStringMatch SUBSTR numericStringSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} ))
>
> line 193 (attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber' DESC
> 'RFC2256: international ISDN number' EQUALITY numericStringMatch SUBSTR
> numericStringSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} ))
>
> line 198 (attributetype ( 2.5.4.26 NAME 'registeredAddress' DESC 'RFC2256:
> registered postal address' SUP postalAddress SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.41 ))
>
> line 204 (attributetype ( 2.5.4.27 NAME 'destinationIndicator' DESC
> 'RFC2256: destination indicator' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} ))
>
> line 209 (attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod' DESC
> 'RFC2256: preferred delivery method' SYNTAX 1.3.6.1.4.1.1466.115.121.1.14
> SINGLE-VALUE ))
>
> line 215 (attributetype ( 2.5.4.29 NAME 'presentationAddress' DESC
> 'RFC2256: presentation address' EQUALITY presentationAddressMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.43 SINGLE-VALUE ))
>
> line 220 (attributetype ( 2.5.4.30 NAME 'supportedApplicationContext' DESC
> 'RFC2256: supported application context' EQUALITY objectIdentifierMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ))
>
> line 224 (attributetype ( 2.5.4.31 NAME 'member' DESC 'RFC2256: member of
> a group' SUP distinguishedName ))
>
> line 228 (attributetype ( 2.5.4.32 NAME 'owner' DESC 'RFC2256: owner (of
> the object)' SUP distinguishedName ))
>
> line 232 (attributetype ( 2.5.4.33 NAME 'roleOccupant' DESC 'RFC2256:
> occupant of role' SUP distinguishedName ))
>
> line 236 (attributetype ( 2.5.4.34 NAME 'seeAlso' DESC 'RFC2256: DN of
> related object' SUP distinguishedName ))
>
> line 249 (attributetype ( 2.5.4.36 NAME 'userCertificate' DESC 'RFC2256:
> X.509 user certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.8 ))
>
> line 256 (attributetype ( 2.5.4.37 NAME 'cACertificate' DESC 'RFC2256:
> X.509 CA certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.8 ))
>
> line 261 (attributetype ( 2.5.4.38 NAME 'authorityRevocationList' DESC
> 'RFC2256: X.509 authority revocation list, use ;binary' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.9 ))
>
> line 266 (attributetype ( 2.5.4.39 NAME 'certificateRevocationList' DESC
> 'RFC2256: X.509 certificate revocation list, use ;binary' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.9 ))
>
> line 271 (attributetype ( 2.5.4.40 NAME 'crossCertificatePair' DESC
> 'RFC2256: X.509 cross certificate pair, use ;binary' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.10 ))
>
> line 281 (attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' ) DESC
> 'RFC2256: first name(s) for which the entity is known by' SUP name ))
>
> line 285 (attributetype ( 2.5.4.43 NAME 'initials' DESC 'RFC2256: initials
> of some or all of names, but not the surname(s).' SUP name ))
>
> line 289 (attributetype ( 2.5.4.44 NAME 'generationQualifier' DESC
> 'RFC2256: name qualifier indicating a generation' SUP name ))
>
> line 294 (attributetype ( 2.5.4.45 NAME 'x500UniqueIdentifier' DESC
> 'RFC2256: X.500 unique identifier' EQUALITY bitStringMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.6 ))
>
> line 301 (attributetype ( 2.5.4.46 NAME 'dnQualifier' DESC 'RFC2256: DN
> qualifier' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ))
>
> line 305 (attributetype ( 2.5.4.47 NAME 'enhancedSearchGuide' DESC
> 'RFC2256: enhanced search guide' SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 ))
>
> line 310 (attributetype ( 2.5.4.48 NAME 'protocolInformation' DESC
> 'RFC2256: protocol information' EQUALITY protocolInformationMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.42 ))
>
> line 320 (attributetype ( 2.5.4.50 NAME 'uniqueMember' DESC 'RFC2256:
> unique member of a group' EQUALITY uniqueMemberMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.34 ))
>
> line 326 (attributetype ( 2.5.4.51 NAME 'houseIdentifier' DESC 'RFC2256:
> house identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ))
>
> line 331 (attributetype ( 2.5.4.52 NAME 'supportedAlgorithms' DESC
> 'RFC2256: supported algorithms' SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 ))
>
> line 336 (attributetype ( 2.5.4.53 NAME 'deltaRevocationList' DESC
> 'RFC2256: delta revocation list; use ;binary' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.9 ))
>
> line 340 (attributetype ( 2.5.4.54 NAME 'dmdName' DESC 'RFC2256: name of
> DMD' SUP name ))
>
> line 355 (objectclass ( 2.5.6.2 NAME 'country' DESC 'RFC2256: a country'
> SUP top STRUCTURAL MUST c MAY ( searchGuide $ description ) ))
>
> line 360 (objectclass ( 2.5.6.3 NAME 'locality' DESC 'RFC2256: a locality'
> SUP top STRUCTURAL MAY ( street $ seeAlso $ searchGuide $ st $ l $
> description ) ))
>
> line 371 (objectclass ( 2.5.6.4 NAME 'organization' DESC 'RFC2256: an
> organization' SUP top STRUCTURAL MUST o MAY ( userPassword $ searchGuide $
> seeAlso $ businessCategory $ x121Address $ registeredAddress $
> destinationIndicator $ preferredDeliveryMethod $ telexNumber $
> teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber
> $ street $ postOfficeBox $ postalCode $ postalAddress $
> physicalDeliveryOfficeName $ st $ l $ description ) ))
>
> line 382 (objectclass ( 2.5.6.5 NAME 'organizationalUnit' DESC 'RFC2256:
> an organizational unit' SUP top STRUCTURAL MUST ou MAY ( userPassword $
> searchGuide $ seeAlso $ businessCategory $ x121Address $ registeredAddress
> $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $
> teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber
> $ street $ postOfficeBox $ postalCode $ postalAddress $
> physicalDeliveryOfficeName $ st $ l $ description ) ))
>
> line 388 (objectclass ( 2.5.6.6 NAME 'person' DESC 'RFC2256: a person' SUP
> top STRUCTURAL MUST ( sn $ cn ) MAY ( userPassword $ telephoneNumber $
> seeAlso $ description ) ))
>
> line 397 (objectclass ( 2.5.6.7 NAME 'organizationalPerson' DESC 'RFC2256:
> an organizational person' SUP person STRUCTURAL MAY ( title $ x121Address $
> registeredAddress $ destinationIndicator $ preferredDeliveryMethod $
> telexNumber $ teletexTerminalIdentifier $ telephoneNumber $
> internationaliSDNNumber $ facsimileTelephoneNumber $ street $
> postOfficeBox $ postalCode $postalAddress $ physicalDeliveryOfficeName $
> ou $ st $ l ) ))
>
> line 408 (objectclass ( 2.5.6.8 NAME 'organizationalRole' DESC 'RFC2256: an
> organizational role' SUP top STRUCTURAL MUST cn MAY ( x121Address $
> registeredAddress $ destinationIndicator $ preferredDeliveryMethod $
> telexNumber $ teletexTerminalIdentifier $ telephoneNumber $
> internationaliSDNNumber $ facsimileTelephoneNumber $ seeAlso $
> roleOccupant $ preferredDeliveryMethod $ street $ postOfficeBox $
> postalCode $ postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l $
> description ) ))
>
> line 414 (objectclass ( 2.5.6.9 NAME 'groupOfNames' DESC 'RFC2256: a group
> of names (DNs)' SUP top STRUCTURAL MUST ( member $ cn ) MAY (
> businessCategory $ seeAlso $ owner $ ou $ o $ description ) ))
>
> line 425 (objectclass ( 2.5.6.10 NAME 'residentialPerson' DESC 'RFC2256: an
> residential person' SUP person STRUCTURAL MUST l MAY ( businessCategory $
> x121Address $ registeredAddress $ destinationIndicator $
> preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
> telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
> preferredDeliveryMethod $ street $ postOfficeBox $ postalCode $
> postalAddress $ physicalDeliveryOfficeName $ st $ l ) ))
>
> line 431 (objectclass ( 2.5.6.11 NAME 'applicationProcess' DESC 'RFC2256:
> an application process' SUP top STRUCTURAL MUST cn MAY ( seeAlso $ ou $ l $
> description ) ))
>
> line 438 (objectclass ( 2.5.6.12 NAME 'applicationEntity' DESC 'RFC2256: an
> application entity' SUP top STRUCTURAL MUST ( presentationAddress $ cn ) MAY
> ( supportedApplicationContext $ seeAlso $ ou $ o $ l $ description ) ))
>
> line 443 (objectclass ( 2.5.6.13 NAME 'dSA' DESC 'RFC2256: a directory
> system agent (a server)' SUP applicationEntity STRUCTURAL MAY
> knowledgeInformation ))
>
> line 449 (objectclass ( 2.5.6.14 NAME 'device' DESC 'RFC2256: a device' SUP
> top STRUCTURAL MUST cn MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $
> description ) ))
>
> line 454 (objectclass ( 2.5.6.15 NAME 'strongAuthenticationUser' DESC
> 'RFC2256: a strong authentication user' SUP top AUXILIARY MUST
> userCertificate ))
>
> line 460 (objectclass ( 2.5.6.16 NAME 'certificationAuthority' DESC
> 'RFC2256: a certificate authority' SUP top AUXILIARY MUST (
> authorityRevocationList $ certificateRevocationList $ cACertificate ) MAY
> crossCertificatePair ))
>
> line 466 (objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames' DESC 'RFC2256: a
> group of unique names (DN and Unique Identifier)' SUP top STRUCTURAL MUST (
> uniqueMember $ cn ) MAY ( businessCategory $ seeAlso $ owner $ ou $ o $
> description ) ))
>
> line 471 (objectclass ( 2.5.6.18 NAME 'userSecurityInformation' DESC
> 'RFC2256: a user security information' SUP top AUXILIARY MAY (
> supportedAlgorithms ) ))
>
> line 475 (objectclass ( 2.5.6.16.2 NAME 'certificationAuthority-V2' SUP
> certificationAuthority AUXILIARY MAY ( deltaRevocationList ) ))
>
> line 481 (objectclass ( 2.5.6.19 NAME 'cRLDistributionPoint' SUP top
> STRUCTURAL MUST ( cn ) MAY ( certificateRevocationList $
> authorityRevocationList $ deltaRevocationList ) ))
>
> line 491 (objectclass ( 2.5.6.20 NAME 'dmd' SUP top STRUCTURAL MUST (
> dmdName ) MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ x121Address
> $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $
> telexNumber $ teletexTerminalIdentifier $ telephoneNumber $
> internationaliSDNNumber $ facsimileTelephoneNumber $ street $
> postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $
> st $ l $ description ) ))
>
> line 499 (objectclass ( 2.5.6.21 NAME 'pkiUser' DESC 'RFC2587: a PKI user'
> SUP top AUXILIARY MAY userCertificate ))
>
> line 505 (objectclass ( 2.5.6.22 NAME 'pkiCA' DESC 'RFC2587: PKI
> certificate authority' SUP top AUXILIARY MAY ( authorityRevocationList $
> certificateRevocationList $ cACertificate $ crossCertificatePair ) ))
>
> line 510 (objectclass ( 2.5.6.23 NAME 'deltaCRL' DESC 'RFC2587: PKI user'
> SUP top AUXILIARY MAY deltaRevocationList ))
>
> line 523 (objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject' DESC
> 'RFC2079: object that contains the URI attribute type' MAY ( labeledURI )
> SUP top AUXILIARY ))
>
> line 533 (attributetype ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' )
> DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 540 (attributetype ( 0.9.2342.19200300.100.1.3 NAME ( 'mail'
> 'rfc822Mailbox' ) DESC 'RFC1274: RFC822 Mailbox' EQUALITY
> caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26{256} ))
>
> line 545 (objectclass ( 0.9.2342.19200300.100.4.19 NAME
> 'simpleSecurityObject' DESC 'RFC1274: simple security object' SUP top
> AUXILIARY MUST userPassword ))
>
> line 553 (attributetype ( 0.9.2342.19200300.100.1.25 NAME ( 'dc'
> 'domainComponent' ) DESC 'RFC1274/2247: domain component' EQUALITY
> caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ))
>
> line 558 (objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject' DESC 'RFC2247:
> domain component object' SUP top AUXILIARY MUST dc ))
>
> line 563 (objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject' DESC 'RFC2377: uid
> object' SUP top AUXILIARY MUST uid ))
>
> line 571 (attributetype ( 0.9.2342.19200300.100.1.37 NAME
> 'associatedDomain' DESC 'RFC1274: domain associated with object' EQUALITY
> caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26 ))
>
> line 579 (attributetype ( 1.2.840.113549.1.9.1 NAME ( 'email'
> 'emailAddress' 'pkcs9email' ) DESC 'RFC2459: legacy attribute for email
> addresses in DNs' EQUALITY caseIgnoreIA5Match SUBSTR
> caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ))
>
> >>> dnNormalize: <cn=Subschema>
>
> => ldap_bv2dn(cn=Subschema,0)
>
> <= ldap_bv2dn(cn=Subschema,0)=0
>
> => ldap_dn2bv(272)
>
> <= ldap_dn2bv(cn=subschema,272)=0
>
> <<< dnNormalize: <cn=subschema>
>
> line 6 (include /etc/openldap/schema/cosine.schema)
>
> reading config file /etc/openldap/schema/cosine.schema
>
> line 130 (attributetype ( 0.9.2342.19200300.100.1.2 NAME
> 'textEncodedORAddress' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 168 (attributetype ( 0.9.2342.19200300.100.1.4 NAME 'info' DESC
> 'RFC1274: general information' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} ))
>
> line 187 (attributetype ( 0.9.2342.19200300.100.1.5 NAME ( 'drink'
> 'favouriteDrink' ) DESC 'RFC1274: favorite drink' EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256}
> ))
>
> line 205 (attributetype ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' DESC
> 'RFC1274: room number' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 227 (attributetype ( 0.9.2342.19200300.100.1.7 NAME 'photo' DESC
> 'RFC1274: photo (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} ))
>
> line 248 (attributetype ( 0.9.2342.19200300.100.1.8 NAME 'userClass' DESC
> 'RFC1274: categorory of user' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 264 (attributetype ( 0.9.2342.19200300.100.1.9 NAME 'host' DESC
> 'RFC1274: host computer' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 279 (attributetype ( 0.9.2342.19200300.100.1.10 NAME 'manager' DESC
> 'RFC1274: DN of manager' EQUALITY distinguishedNameMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.12 ))
>
> line 296 (attributetype ( 0.9.2342.19200300.100.1.11 NAME
> 'documentIdentifier' DESC 'RFC1274: unique identifier of document' EQUALITY
> caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 312 (attributetype ( 0.9.2342.19200300.100.1.12 NAME 'documentTitle'
> DESC 'RFC1274: title of document' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 329 (attributetype ( 0.9.2342.19200300.100.1.13 NAME 'documentVersion'
> DESC 'RFC1274: version of document' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 344 (attributetype ( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor'
> DESC 'RFC1274: DN of author of document' EQUALITY distinguishedNameMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ))
>
> line 361 (attributetype ( 0.9.2342.19200300.100.1.15 NAME
> 'documentLocation' DESC 'RFC1274: location of document original' EQUALITY
> caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 380 (attributetype ( 0.9.2342.19200300.100.1.20 DESC 'RFC1274: home
> telephone number' NAME ( 'homePhone' 'homeTelephoneNumber' ) EQUALITY
> telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.50 ))
>
> line 395 (attributetype ( 0.9.2342.19200300.100.1.21 NAME 'secretary' DESC
> 'RFC1274: DN of secretary' EQUALITY distinguishedNameMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.12 ))
>
> line 411 (attributetype ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox'
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 ))
>
> line 480 (attributetype ( 0.9.2342.19200300.100.1.26 NAME 'aRecord'
> EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ))
>
> line 486 (attributetype ( 0.9.2342.19200300.100.1.27 NAME 'mDRecord'
> EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ))
>
> line 501 (attributetype ( 0.9.2342.19200300.100.1.28 NAME 'mXRecord'
> EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ))
>
> line 516 (attributetype ( 0.9.2342.19200300.100.1.29 NAME 'nSRecord'
> EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ))
>
> line 531 (attributetype ( 0.9.2342.19200300.100.1.30 NAME 'sOARecord'
> EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ))
>
> line 546 (attributetype ( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord'
> EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ))
>
> line 581 (attributetype ( 0.9.2342.19200300.100.1.38 NAME 'associatedName'
> DESC 'RFC1274: DN of entry associated with domain' EQUALITY
> distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ))
>
> line 599 (attributetype ( 0.9.2342.19200300.100.1.39 NAME
> 'homePostalAddress' DESC 'RFC1274: home postal address' EQUALITY
> caseIgnoreListMatch SUBSTR caseIgnoreListSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.41 ))
>
> line 616 (attributetype ( 0.9.2342.19200300.100.1.40 NAME 'personalTitle'
> DESC 'RFC1274: personal title' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 635 (attributetype ( 0.9.2342.19200300.100.1.41 NAME ( 'mobile'
> 'mobileTelephoneNumber' ) DESC 'RFC1274: mobile telephone number' EQUALITY
> telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.50 ))
>
> line 653 (attributetype ( 0.9.2342.19200300.100.1.42 NAME ( 'pager'
> 'pagerTelephoneNumber' ) DESC 'RFC1274: pager telephone number' EQUALITY
> telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.50 ))
>
> line 671 (attributetype ( 0.9.2342.19200300.100.1.43 NAME ( 'co'
> 'friendlyCountryName' ) DESC 'RFC1274: friendly country name' EQUALITY
> caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 ))
>
> line 691 (attributetype ( 0.9.2342.19200300.100.1.44 NAME
> 'uniqueIdentifier' DESC 'RFC1274: unique identifer' EQUALITY caseIgnoreMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 713 (attributetype ( 0.9.2342.19200300.100.1.45 NAME
> 'organizationalStatus' DESC 'RFC1274: organizational status' EQUALITY
> caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 734 (attributetype ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox'
> DESC 'RFC1274: Janet mailbox' EQUALITY caseIgnoreIA5Match SUBSTR
> caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ))
>
> line 764 (attributetype ( 0.9.2342.19200300.100.1.47 NAME
> 'mailPreferenceOption' DESC 'RFC1274: mail preference option' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.27 ))
>
> line 781 (attributetype ( 0.9.2342.19200300.100.1.48 NAME 'buildingName'
> DESC 'RFC1274: name of building' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ))
>
> line 796 (attributetype ( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality' DESC
> 'RFC1274: DSA Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 SINGLE-VALUE ))
>
> line 811 (attributetype ( 0.9.2342.19200300.100.1.50 NAME
> 'singleLevelQuality' DESC 'RFC1274: Single Level Quality' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ))
>
> line 827 (attributetype ( 0.9.2342.19200300.100.1.51 NAME
> 'subtreeMinimumQuality' DESC 'RFC1274: Subtree Mininum Quality' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ))
>
> line 843 (attributetype ( 0.9.2342.19200300.100.1.52 NAME
> 'subtreeMaximumQuality' DESC 'RFC1274: Subtree Maximun Quality' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ))
>
> line 865 (attributetype ( 0.9.2342.19200300.100.1.53 NAME
> 'personalSignature' DESC 'RFC1274: Personal Signature (G3 fax)' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.23 ))
>
> line 884 (attributetype ( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect'
> DESC 'RFC1274: DIT Redirect' EQUALITY distinguishedNameMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.12 ))
>
> line 900 (attributetype ( 0.9.2342.19200300.100.1.55 NAME 'audio' DESC
> 'RFC1274: audio (u-law)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} ))
>
> line 916 (attributetype ( 0.9.2342.19200300.100.1.56 NAME
> 'documentPublisher' DESC 'RFC1274: publisher of document' EQUALITY
> caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 ))
>
> line 1084 (objectclass ( 0.9.2342.19200300.100.4.4 NAME ( 'pilotPerson'
> 'newPilotPerson' ) SUP person STRUCTURAL MAY ( userid $ textEncodedORAddress
> $ rfc822Mailbox $ favouriteDrink $ roomNumber $ userClass $ homeTelephoneNumber
> $ homePostalAddress $ secretary $ personalTitle $ preferredDeliveryMethod
> $ businessCategory $ janetMailbox $ otherMailbox $ mobileTelephoneNumber $
> pagerTelephoneNumber $ organizationalStatus $ mailPreferenceOption $
> personalSignature ) ))
>
> line 1110 (objectclass ( 0.9.2342.19200300.100.4.5 NAME 'account' SUP top
> STRUCTURAL MUST userid MAY ( description $ seeAlso $ localityName $ organizationName
> $ organizationalUnitName $ host ) ))
>
> line 1142 (objectclass ( 0.9.2342.19200300.100.4.6 NAME 'document' SUP top
> STRUCTURAL MUST documentIdentifier MAY ( commonName $ description $ seeAlso
> $ localityName $ organizationName $ organizationalUnitName $ documentTitle
> $ documentVersion $ documentAuthor $ documentLocation $ documentPublisher
> ) ))
>
> line 1165 (objectclass ( 0.9.2342.19200300.100.4.7 NAME 'room' SUP top
> STRUCTURAL MUST commonName MAY ( roomNumber $ description $ seeAlso $
> telephoneNumber ) ))
>
> line 1191 (objectclass ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries'
> SUP top STRUCTURAL MUST commonName MAY ( description $ seeAlso $
> telephonenumber $ localityName $ organizationName $ organizationalUnitName
> ) ))
>
> line 1222 (objectclass ( 0.9.2342.19200300.100.4.13 NAME 'domain' SUP top
> STRUCTURAL MUST domainComponent MAY ( associatedName $ organizationName $
> description $ businessCategory $ seeAlso $ searchGuide $ userPassword $ localityName
> $ stateOrProvinceName $ streetAddress $ physicalDeliveryOfficeName $
> postalAddress $ postalCode $ postOfficeBox $ streetAddress $
> facsimileTelephoneNumber $ internationalISDNNumber $ telephoneNumber $
> teletexTerminalIdentifier $ telexNumber $ preferredDeliveryMethod $
> destinationIndicator $ registeredAddress $ x121Address ) ))
>
> line 1252 (objectclass ( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart'
> SUP domain STRUCTURAL MAY ( commonName $ surname $ description $ seeAlso $
> telephoneNumber $ physicalDeliveryOfficeName $ postalAddress $ postalCode
> $ postOfficeBox $ streetAddress $ facsimileTelephoneNumber $
> internationalISDNNumber $ telephoneNumber $ teletexTerminalIdentifier $ telexNumber
> $ preferredDeliveryMethod $ destinationIndicator $ registeredAddress $
> x121Address ) ))
>
> line 1275 (objectclass ( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' SUP
> 'domain' STRUCTURAL MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $ SOARecord
> $ CNAMERecord ) ))
>
> line 1293 (objectclass ( 0.9.2342.19200300.100.4.17 NAME
> 'domainRelatedObject' DESC 'RFC1274: an object related to an domain' SUP top
> AUXILIARY MUST associatedDomain ))
>
> line 1311 (objectclass ( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry'
> SUP country STRUCTURAL MUST friendlyCountryName ))
>
> line 1345 (objectclass ( 0.9.2342.19200300.100.4.20 NAME
> 'pilotOrganization' SUP ( organization $ organizationalUnit ) STRUCTURAL MAY
> buildingName ))
>
> line 1361 (objectclass ( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA' SUP dsa
> STRUCTURAL MAY dSAQuality ))
>
> line 1382 (objectclass ( 0.9.2342.19200300.100.4.22 NAME
> 'qualityLabelledData' SUP top AUXILIARY MUST dsaQuality MAY (
> subtreeMinimumQuality $ subtreeMaximumQuality ) ))
>
> line 7 (include /etc/openldap/schema/inetorgperson.schema)
>
> reading config file /etc/openldap/schema/inetorgperson.schema
>
> line 36 (attributetype ( 2.16.840.1.113730.3.1.1 NAME 'carLicense' DESC
> 'RFC2798: vehicle license or registration plate' EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ))
>
> line 46 (attributetype ( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber'
> DESC 'RFC2798: identifies a department within an organization' EQUALITY
> caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 ))
>
> line 59 (attributetype ( 2.16.840.1.113730.3.1.241 NAME 'displayName' DESC
> 'RFC2798: preferred name to be used when displaying entries' EQUALITY
> caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ))
>
> line 70 (attributetype ( 2.16.840.1.113730.3.1.3 NAME 'employeeNumber' DESC
> 'RFC2798: numerically identifies an employee within an organization'
> EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ))
>
> line 81 (attributetype ( 2.16.840.1.113730.3.1.4 NAME 'employeeType' DESC
> 'RFC2798: type of employment for a person' EQUALITY caseIgnoreMatch SUBSTR
> caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ))
>
> line 92 (attributetype ( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto' DESC
> 'RFC2798: a JPEG image' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 ))
>
> line 107 (attributetype ( 2.16.840.1.113730.3.1.39 NAME 'preferredLanguage'
> DESC 'RFC2798: preferred written or spoken language for a person' EQUALITY
> caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ))
>
> line 123 (attributetype ( 2.16.840.1.113730.3.1.40 NAME
> 'userSMIMECertificate' DESC 'RFC2798: PKCS#7 SignedData used to support
> S/MIME' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ))
>
> line 135 (attributetype ( 2.16.840.1.113730.3.1.216 NAME 'userPKCS12' DESC
> 'RFC2798: personal identity information, a PKCS #12 PFX' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.5 ))
>
> line 155 (objectclass ( 2.16.840.1.113730.3.2.2 NAME 'inetOrgPerson'
> DESC 'RFC2798: Internet Organizational Person' SUP organizationalPerson
> STRUCTURAL MAY ( audio $ businessCategory $ carLicense $
> departmentNumber $ displayName $ employeeNumber $ employeeType $ givenName
> $ homePhone $ homePostalAddress $ initials $ jpegPhoto $ labeledURI $ mail
> $ manager $ mobile $ o $ pager $ photo $ roomNumber $ secretary $ uid $
> userCertificate $ x500uniqueIdentifier $ preferredLanguage $ userSMIMECertificate
> $ userPKCS12 ) ))
>
> line 8 (include /etc/openldap/schema/nis.schema)
>
> reading config file /etc/openldap/schema/nis.schema
>
> line 40 (attributetype ( 1.3.6.1.1.1.1.0 NAME 'uidNumber' DESC 'An integer
> uniquely identifying a user in an administrative domain' EQUALITY
> integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 45 (attributetype ( 1.3.6.1.1.1.1.1 NAME 'gidNumber' DESC 'An integer
> uniquely identifying a group in an administrative domain' EQUALITY
> integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 51 (attributetype ( 1.3.6.1.1.1.1.2 NAME 'gecos' DESC 'The GECOS
> field; the common name' EQUALITY caseIgnoreIA5Match SUBSTR
> caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
> SINGLE-VALUE ))
>
> line 56 (attributetype ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' DESC 'The
> absolute path to the home directory' EQUALITY caseExactIA5Match SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ))
>
> line 61 (attributetype ( 1.3.6.1.1.1.1.4 NAME 'loginShell' DESC 'The path
> to the login shell' EQUALITY caseExactIA5Match SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ))
>
> line 65 (attributetype ( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange' EQUALITY
> integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 69 (attributetype ( 1.3.6.1.1.1.1.6 NAME 'shadowMin' EQUALITY
> integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 73 (attributetype ( 1.3.6.1.1.1.1.7 NAME 'shadowMax' EQUALITY
> integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 77 (attributetype ( 1.3.6.1.1.1.1.8 NAME 'shadowWarning' EQUALITY
> integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 81 (attributetype ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive' EQUALITY
> integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 85 (attributetype ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire' EQUALITY
> integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 89 (attributetype ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' EQUALITY
> integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 94 (attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY
> caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26 ))
>
> line 99 (attributetype ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup' EQUALITY
> caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26 ))
>
> line 103 (attributetype ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' DESC
> 'Netgroup triple' SYNTAX 1.3.6.1.1.1.0.0 ))
>
> line 107 (attributetype ( 1.3.6.1.1.1.1.15 NAME 'ipServicePort' EQUALITY
> integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 110 (attributetype ( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol' SUP
> name ))
>
> line 114 (attributetype ( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber' EQUALITY
> integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 118 (attributetype ( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber' EQUALITY
> integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ))
>
> line 123 (attributetype ( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber' DESC 'IP
> address' EQUALITY caseIgnoreIA5Match SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26{128} ))
>
> line 128 (attributetype ( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber' DESC 'IP
> network' EQUALITY caseIgnoreIA5Match SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE ))
>
> line 133 (attributetype ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber' DESC 'IP
> netmask' EQUALITY caseIgnoreIA5Match SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE ))
>
> line 138 (attributetype ( 1.3.6.1.1.1.1.22 NAME 'macAddress' DESC 'MAC
> address' EQUALITY caseIgnoreIA5Match SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26{128} ))
>
> line 142 (attributetype ( 1.3.6.1.1.1.1.23 NAME 'bootParameter' DESC
> 'rpc.bootparamd parameter' SYNTAX 1.3.6.1.1.1.0.1 ))
>
> line 147 (attributetype ( 1.3.6.1.1.1.1.24 NAME 'bootFile' DESC 'Boot image
> name' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ))
>
> line 150 (attributetype ( 1.3.6.1.1.1.1.26 NAME 'nisMapName' SUP name ))
>
> line 155 (attributetype ( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry' EQUALITY
> caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.26{1024} SINGLE-VALUE ))
>
> line 162 (objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' SUP top
> AUXILIARY DESC 'Abstraction of an account with POSIX attributes' MUST ( cn $
> uid $ uidNumber $ gidNumber $ homeDirectory ) MAY ( userPassword $
> loginShell $ gecos $ description ) ))
>
> line 169 (objectclass ( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' SUP top
> AUXILIARY DESC 'Additional attributes for shadow passwords' MUST uid MAY (
> userPassword $ shadowLastChange $ shadowMin $ shadowMax $
> shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $
> description ) ))
>
> line 174 (objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' SUP top
> STRUCTURAL DESC 'Abstraction of a group of accounts' MUST ( cn $ gidNumber )
> MAY ( userPassword $ memberUid $ description ) ))
>
> line 179 (objectclass ( 1.3.6.1.1.1.2.3 NAME 'ipService' SUP top STRUCTURAL
> DESC 'Abstraction an Internet Protocol service' MUST ( cn $ ipServicePort $
> ipServiceProtocol ) MAY ( description ) ))
>
> line 184 (objectclass ( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' SUP top
> STRUCTURAL DESC 'Abstraction of an IP protocol' MUST ( cn $ ipProtocolNumber
> $ description ) MAY description ))
>
> line 189 (objectclass ( 1.3.6.1.1.1.2.5 NAME 'oncRpc' SUP top STRUCTURAL
> DESC 'Abstraction of an ONC/RPC binding' MUST ( cn $ oncRpcNumber $
> description ) MAY description ))
>
> line 194 (objectclass ( 1.3.6.1.1.1.2.6 NAME 'ipHost' SUP top AUXILIARY
> DESC 'Abstraction of a host, an IP device' MUST ( cn $ ipHostNumber ) MAY (
> l $ description $ manager ) ))
>
> line 199 (objectclass ( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' SUP top STRUCTURAL
> DESC 'Abstraction of an IP network' MUST ( cn $ ipNetworkNumber ) MAY (
> ipNetmaskNumber $ l $ description $ manager ) ))
>
> line 204 (objectclass ( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' SUP top
> STRUCTURAL DESC 'Abstraction of a netgroup' MUST cn MAY ( nisNetgroupTriple
> $ memberNisNetgroup $ description ) ))
>
> line 209 (objectclass ( 1.3.6.1.1.1.2.9 NAME 'nisMap' SUP top STRUCTURAL
> DESC 'A generic abstraction of a NIS map' MUST nisMapName MAY description ))
>
> line 214 (objectclass ( 1.3.6.1.1.1.2.10 NAME 'nisObject' SUP top
> STRUCTURAL DESC 'An entry in a NIS map' MUST ( cn $ nisMapEntry $ nisMapName
> ) MAY description ))
>
> line 218 (objectclass ( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' SUP top
> AUXILIARY DESC 'A device with a MAC address' MAY macAddress ))
>
> line 222 (objectclass ( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' SUP top
> AUXILIARY DESC 'A device with boot parameters' MAY ( bootFile $
> bootParameter ) ))
>
> line 11 (allow bind_v2)
>
> line 17 (pidfile /var/run/openldap/slapd.pid)
>
> line 18 (argsfile /var/run/openldap/slapd.args)
>
> line 68 (database bdb)
>
> bdb_db_init: Initializing BDB database
>
> line 69 (suffix "dc=tfis, dc=myserver, dc=org")
>
> >>> dnPrettyNormal: <dc=tfis, dc=myserver, dc=org>
>
> => ldap_bv2dn(dc=tfis, dc=myserver, dc=org,0)
>
> <= ldap_bv2dn(dc=tfis, dc=myserver, dc=org,0)=0
>
> => ldap_dn2bv(272)
>
> <= ldap_dn2bv(dc=tfis,dc=myserver,dc=org,272)=0
>
> => ldap_dn2bv(272)
>
> <= ldap_dn2bv(dc=tfis,dc=myserver,dc=org,272)=0
>
> <<< dnPrettyNormal: <dc=tfis,dc=myserver,dc=org>,
> <dc=tfis,dc=myserver,dc=org>
>
> line 70 (rootdn "cn=Manager,dc=tfis,dc=myserver,dc=org")
>
> >>> dnPrettyNormal: <cn=Manager,dc=tfis,dc=myserver,dc=org>
>
> => ldap_bv2dn(cn=Manager,dc=tfis,dc=myserver,dc=org,0)
>
> <= ldap_bv2dn(cn=Manager,dc=tfis,dc=myserver,dc=org,0)=0
>
> => ldap_dn2bv(272)
>
> <= ldap_dn2bv(cn=Manager,dc=tfis,dc=myserver,dc=org,272)=0
>
> => ldap_dn2bv(272)
>
> <= ldap_dn2bv(cn=manager,dc=tfis,dc=myserver,dc=org,272)=0
>
> <<< dnPrettyNormal: <cn=Manager,dc=tfis,dc=myserver,dc=org>,
> <cn=manager,dc=tfis,dc=myserver,dc=org>
>
> line 80 (directory /var/lib/ldap)
>
> line 83 (index objectClass eq,pres)
>
> index objectClass 0x0006
>
> line 84 (index ou,cn,mail,surname,givenname eq,pres,sub)
>
> index ou 0x0716
>
> index cn 0x0716
>
> index mail 0x0716
>
> index sn 0x0716
>
> index givenName 0x0716
>
> line 85 (index uidNumber,gidNumber,loginShell eq,pres)
>
> index uidNumber 0x0006
>
> index gidNumber 0x0006
>
> index loginShell 0x0006
>
> line 86 (index uid,memberUid eq,pres,sub)
>
> index uid 0x0716
>
> index memberUid 0x0716
>
> line 87 (index nisMapName,nisMapEntry eq,pres,sub)
>
> index nisMapName 0x0716
>
> index nisMapEntry 0x0716
>
> line 96 (loglevel 4095)
>
> matching_rule_use_init
>
> 1.2.840.113556.1.4.804 (integerBitOrMatch): matchingRuleUse: (
> 1.2.840.113556.1.4.804 NAME 'integerBitOrMatch' APPLIES ( oncRpcNumber $
> ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire $
> shadowInactive $ shadowWarning $ shadowMax $ shadowMin $ shadowLastChange $
> gidNumber $ uidNumber $ mailPreferenceOption $ supportedLDAPVersion ) )
>
> 1.2.840.113556.1.4.803 (integerBitAndMatch): matchingRuleUse: (
> 1.2.840.113556.1.4.803 NAME 'integerBitAndMatch' APPLIES ( oncRpcNumber $
> ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire $
> shadowInactive $ shadowWarning $ shadowMax $ shadowMin $ shadowLastChange $
> gidNumber $ uidNumber $ mailPreferenceOption $ supportedLDAPVersion ) )
>
> 1.3.6.1.4.1.1466.109.114.2 (caseIgnoreIA5Match): matchingRuleUse: (
> 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' APPLIES ( nisMapEntry $
> bootFile $ macAddress $ ipNetmaskNumber $ ipNetworkNumber $ ipHostNumber $
> memberNisNetgroup $ memberUid $ loginShell $ homeDirectory $ gecos $
> janetMailbox $ cNAMERecord $ sOARecord $ nSRecord $ mXRecord $ mDRecord $
> aRecord $ email $ associatedDomain $ dc $ mail $ altServer ) )
>
> 1.3.6.1.4.1.1466.109.114.1 (caseExactIA5Match): matchingRuleUse: (
> 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' APPLIES ( nisMapEntry $
> bootFile $ macAddress $ ipNetmaskNumber $ ipNetworkNumber $ ipHostNumber $
> memberNisNetgroup $ memberUid $ loginShell $ homeDirectory $ gecos $
> janetMailbox $ cNAMERecord $ sOARecord $ nSRecord $ mXRecord $ mDRecord $
> aRecord $ email $ associatedDomain $ dc $ mail $ altServer ) )
>
> 2.5.13.35 (certificateMatch): matchingRuleUse: ( 2.5.13.35 NAME
> 'certificateMatch' APPLIES ( cACertificate $ userCertificate ) )
>
> 2.5.13.34 (certificateExactMatch): matchingRuleUse: ( 2.5.13.34 NAME
> 'certificateExactMatch' APPLIES ( cACertificate $ userCertificate ) )
>
> 2.5.13.30 (objectIdentifierFirstComponentMatch): matchingRuleUse: (
> 2.5.13.30 NAME 'objectIdentifierFirstComponentMatch' APPLIES (
> supportedApplicationContext $ ldapSyntaxes $ supportedFeatures $
> supportedExtension $ supportedControl ) )
>
> 2.5.13.29 (integerFirstComponentMatch): matchingRuleUse: ( 2.5.13.29
> NAME 'integerFirstComponentMatch' APPLIES ( oncRpcNumber $ ipProtocolNumber
> $ ipServicePort $ shadowFlag $ shadowExpire $ shadowInactive $ shadowWarning
> $ shadowMax $ shadowMin $ shadowLastChange $ gidNumber $ uidNumber $
> mailPreferenceOption $ supportedLDAPVersion ) )
>
> 2.5.13.27 (generalizedTimeMatch): matchingRuleUse: ( 2.5.13.27 NAME
> 'generalizedTimeMatch' APPLIES ( modifyTimestamp $ createTimestamp ) )
>
> 2.5.13.24 (protocolInformationMatch): matchingRuleUse: ( 2.5.13.24 NAME
> 'protocolInformationMatch' APPLIES protocolInformation )
>
> 2.5.13.23 (uniqueMemberMatch): matchingRuleUse: ( 2.5.13.23 NAME
> 'uniqueMemberMatch' APPLIES uniqueMember )
>
> 2.5.13.22 (presentationAddressMatch): matchingRuleUse: ( 2.5.13.22 NAME
> 'presentationAddressMatch' APPLIES presentationAddress )
>
> 2.5.13.20 (telephoneNumberMatch): matchingRuleUse: ( 2.5.13.20 NAME
> 'telephoneNumberMatch' APPLIES ( pager $ mobile $ homePhone $
> telephoneNumber ) )
>
> 2.5.13.17 (octetStringMatch): matchingRuleUse: ( 2.5.13.17 NAME
> 'octetStringMatch' APPLIES userPassword )
>
> 2.5.13.16 (bitStringMatch): matchingRuleUse: ( 2.5.13.16 NAME
> 'bitStringMatch' APPLIES x500UniqueIdentifier )
>
> 2.5.13.14 (integerMatch): matchingRuleUse: ( 2.5.13.14 NAME
> 'integerMatch' APPLIES ( oncRpcNumber $ ipProtocolNumber $ ipServicePort $
> shadowFlag $ shadowExpire $ shadowInactive $ shadowWarning $ shadowMax $
> shadowMin $ shadowLastChange $ gidNumber $ uidNumber $ mailPreferenceOption
> $ supportedLDAPVersion ) )
>
> 2.5.13.13 (booleanMatch): matchingRuleUse: ( 2.5.13.13 NAME
> 'booleanMatch' APPLIES hasSubordinates )
>
> 2.5.13.11 (caseIgnoreListMatch): matchingRuleUse: ( 2.5.13.11 NAME
> 'caseIgnoreListMatch' APPLIES ( homePostalAddress $ registeredAddress $
> postalAddress ) )
>
> 2.5.13.8 (numericStringMatch): matchingRuleUse: ( 2.5.13.8 NAME
> 'numericStringMatch' APPLIES ( internationaliSDNNumber $ x121Address ) )
>
> 2.5.13.7 (caseExactSubstringsMatch): matchingRuleUse: ( 2.5.13.7 NAME
> 'caseExactSubstringsMatch' APPLIES ( dnQualifier $ destinationIndicator $
> serialNumber ) )
>
> 2.5.13.6 (caseExactOrderingMatch): matchingRuleUse: ( 2.5.13.6 NAME
> 'caseExactOrderingMatch' APPLIES ( dnQualifier $ destinationIndicator $
> serialNumber ) )
>
> 2.5.13.5 (caseExactMatch): matchingRuleUse: ( 2.5.13.5 NAME
> 'caseExactMatch' APPLIES ( nisMapName $ ipServiceProtocol $
> preferredLanguage $ employeeType $ employeeNumber $ displayName $
> departmentNumber $ carLicense $ documentPublisher $ buildingName $
> organizationalStatus $ uniqueIdentifier $ co $ personalTitle $
> documentLocation $ documentVersion $ documentTitle $ documentIdentifier $
> host $ userClass $ roomNumber $ drink $ info $ textEncodedORAddress $ uid $
> dmdName $ houseIdentifier $ dnQualifier $ generationQualifier $ initials $
> givenName $ destinationIndicator $ physicalDeliveryOfficeName $
> postOfficeBox $ postalCode $ businessCategory $ description $ title $ ou $ o
> $ street $ st $ l $ c $ serialNumber $ sn $ knowledgeInformation $
> labeledURI $ cn $ name $ ref $ vendorVersion $ vendorName $
> supportedSASLMechanisms ) )
>
> 2.5.13.4 (caseIgnoreSubstringsMatch): matchingRuleUse: ( 2.5.13.4 NAME
> 'caseIgnoreSubstringsMatch' APPLIES ( dnQualifier $ destinationIndicator $
> serialNumber ) )
>
> 2.5.13.3 (caseIgnoreOrderingMatch): matchingRuleUse: ( 2.5.13.3 NAME
> 'caseIgnoreOrderingMatch' APPLIES ( dnQualifier $ destinationIndicator $
> serialNumber ) )
>
> 2.5.13.2 (caseIgnoreMatch): matchingRuleUse: ( 2.5.13.2 NAME
> 'caseIgnoreMatch' APPLIES ( nisMapName $ ipServiceProtocol $
> preferredLanguage $ employeeType $ employeeNumber $ displayName $
> departmentNumber $ carLicense $ documentPublisher $ buildingName $
> organizationalStatus $ uniqueIdentifier $ co $ personalTitle $
> documentLocation $ documentVersion $ documentTitle $ documentIdentifier $
> host $ userClass $ roomNumber $ drink $ info $ textEncodedORAddress $ uid $
> dmdName $ houseIdentifier $ dnQualifier $ generationQualifier $ initials $
> givenName $ destinationIndicator $ physicalDeliveryOfficeName $
> postOfficeBox $ postalCode $ businessCategory $ description $ title $ ou $ o
> $ street $ st $ l $ c $ serialNumber $ sn $ knowledgeInformation $
> labeledURI $ cn $ name $ ref $ vendorVersion $ vendorName $
> supportedSASLMechanisms ) )
>
> 2.5.13.1 (distinguishedNameMatch): matchingRuleUse: ( 2.5.13.1 NAME
> 'distinguishedNameMatch' APPLIES ( dITRedirect $ associatedName $ secretary
> $ documentAuthor $ manager $ seeAlso $ roleOccupant $ owner $ member $
> distinguishedName $ aliasedObjectName $ namingContexts $ subschemaSubentry $
> modifiersName $ creatorsName ) )
>
> 2.5.13.0 (objectIdentifierMatch): matchingRuleUse: ( 2.5.13.0 NAME
> 'objectIdentifierMatch' APPLIES ( supportedApplicationContext $
> supportedFeatures $ supportedExtension $ supportedControl ) )
>
> slapd startup: initiated.
>
> bdb_db_open: dc=tfis,dc=myserver,dc=org
>
> bdb_db_open: dbenv_open(/var/lib/ldap)
>
> as you can see the daemon_init opens some listener, but not much to see!
> i hope this is helpful !! thank you anyway
>
12 years, 2 months
nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
by Mingyur Koblensky
Hi all,
I'm playing with a redhat enterprise 4 that uses ldap, since a few days
i've notice that the slapd daemon is not able to bind to the default port
389, i'm very new to this server so i could being doing something of very
stupid!
[root@ myserver etc]# netstat -tuan | grep 389
[root@ myserver etc]#
i was wondering if a run time file of the server hasn't been properly
removed due to a brutal restart, and now the process isn't able to bind to
any port, does that make sense? which files should i look for?
[root@ myserver etc]# ls /var/run/openldap/
[root@ myserver etc]# ls /var/lock/
dmraid lvm rpm subsys
[root@ myserver etc]#
i've tried to reinstall/downgrade various packages but nothing:
[root@ myserver etc]# rpm -q openldap
openldap-2.2.13-12.el4_8.2
[root@ myserver etc]# rpm -q openldap-servers
openldap-servers-2.2.13-12.el4_8.2
[root@ myserver etc]# rpm -q openldap-clients
openldap-clients-2.2.13-12.el4_8.2
[root@ myserver etc]# rpm -q nss_ldap
nss_ldap-253-7.el4
[root@ myserver etc]#
Mar 1 08:03:24 myserver su[5988]: nss_ldap: failed to bind to LDAP server
ldap://127.0.0.1: Can't contact LDAP server
Mar 1 08:03:24 myserver su[5988]: nss_ldap: could not search LDAP server -
Server is unavailable
Mar 1 08:03:24 myserver su[5988]: nss_ldap: failed to bind to LDAP server
ldap://127.0.0.1: Can't contact LDAP server
Mar 1 08:03:24 myserver su[5988]: nss_ldap: could not search LDAP server -
Server is unavailable
Mar 1 08:03:46 myserver netstat: nss_ldap: failed to bind to LDAP server
ldap://127.0.0.1: Can't contact LDAP server
Mar 1 08:03:46 myserver netstat: nss_ldap: could not search LDAP server -
Server is unavailable
Mar 1 08:03:46 myserver netstat: nss_ldap: failed to bind to LDAP server
ldap://127.0.0.1: Can't contact LDAP server
Mar 1 08:03:46 myserver netstat: nss_ldap: could not search LDAP server -
Server is unavailable
Mar 1 08:11:32 myserver runuser: nss_ldap: failed to bind to LDAP server
ldap://127.0.0.1: Can't contact LDAP server
Mar 1 08:11:32 myserver runuser: nss_ldap: could not search LDAP server -
Server is unavailable
Mar 1 08:11:32 myserver runuser: nss_ldap: failed to bind to LDAP server
ldap://127.0.0.1: Can't contact LDAP server
Mar 1 08:11:32 myserver runuser: nss_ldap: could not search LDAP server -
Server is unavailable
Mar 1 08:11:32 myserver runuser: config file testing succeeded
Mar 1 08:11:32 myserver slapd[6476]: nss_ldap: failed to bind to LDAP
server ldap://127.0.0.1: Can't contact LDAP server
Mar 1 08:11:32 myserver slapd[6476]: nss_ldap: could not search LDAP server
- Server is unavailable
Mar 1 08:11:32 myserver slapd[6476]: nss_ldap: failed to bind to LDAP
server ldap://127.0.0.1: Can't contact LDAP server
Mar 1 08:11:32 myserver slapd[6476]: nss_ldap: could not search LDAP server
- Server is unavailable
Mar 1 08:13:23 myserver saslauthd[5038]: nss_ldap: failed to bind to LDAP
server ldap://127.0.0.1: Can't contact LDAP server
Mar 1 08:13:23 myserver saslauthd[5038]: nss_ldap: could not search LDAP
server - Server is unavailable
Mar 1 08:13:23 myserver saslauthd[5038]: nss_ldap: failed to bind to LDAP
server ldap://127.0.0.1: Can't contact LDAP server
Mar 1 08:13:23 myserver saslauthd[5038]: nss_ldap: could not search LDAP
server - Server is unavailable
Mar 1 08:13:23 myserver smtp(pam_unix)[5038]: check pass; user unknown
Mar 1 08:13:23 myserver smtp(pam_unix)[5038]: authentication failure;
logname= uid=0 euid=0 tty= ruser= rhost=
Mar 1 08:13:23 myserver saslauthd[5038]: pam_ldap: ldap_simple_bind Can't
contact LDAP server
Mar 1 08:13:26 myserver saslauthd[5038]: do_auth : auth failure:
[user=user] [service=smtp] [realm=] [mech=pam] [reason=PAM auth error]
Mar 1 08:13:29 myserver netstat: nss_ldap: failed to bind to LDAP server
ldap://127.0.0.1: Can't contact LDAP server
Mar 1 08:13:29 myserver netstat: nss_ldap: could not search LDAP server -
Server is unavailable
Mar 1 08:13:29 myserver netstat: nss_ldap: failed to bind to LDAP server
ldap://127.0.0.1: Can't contact LDAP server
Mar 1 08:13:29 myserver netstat: nss_ldap: could not search LDAP server -
Server is unavailable
configuration files:
/etc/ldap.conf
# @(#)$Id: ldap.conf,v 1.34 2004/09/16 23:32:02 lukeh Exp $
#
# This is the configuration file for the LDAP nameservice
# switch library and the LDAP PAM module.
#
#
host 127.0.0.1
dc=tfis,dc=domain,dc=org
# The port.
# Optional: default is 389.
port 389
timelimit 20
bind_timelimit 20
bind_policy soft
idle_timelimit 3600
ssl no
tls_cacertdir /etc/openldap/cacerts
pam_password md5
base dc=tfis,dc=domain,dc=org
/etc/openldap/ldap.conf
#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
BASE dc=tfis,dc=domain,dc=org
HOST 127.0.0.1
TLS_CACERTDIR /etc/openldap/cacerts
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
/etc/openldap/slapd.conf
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
database bdb
suffix "dc=tfis, dc=domain, dc=org"
rootdn "cn=Manager,dc=tfis,dc=domain,dc=org"
directory /var/lib/ldap
# Indices to maintain for this database
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
thank you very much for some help!! i don't know where too look anymore,
i've installed the same package on another redhat enterprise 4 and it
correctly binds the default port, i'm thinking to move temporarily the ldap
database on the other server which should be:
1) cp /usr/lib/ldap
2) cp configuration files
3) configure web application to use the new slapd server
am i missing something ? thanks !
kocisky
p.s. i've been googling around and there is something but no results : (
12 years, 2 months
Re: overlay chain and TLS/SSL
by Ralf Zimmermann
Hi Dieter,
>> Hi all,
>>
>> I think I have a problem with the overlay chain and tls. We have one physical
>> master and two slaves in VMware Vsphere4. Our configuration runs normally fine,
>> but sometimes we can't modify entries like passwords to the master. Then we
>> must restart the slapd at the slaves. After restarting slapd all works fine.
>> Then slapd works fine the wholy day. We can change entries or set passwords on
>> the slaves. Next morning we must restart the slapd again, because we can't
>> modify entries from the slaves. But we can query the slapd and syncrepl works
>> fine. Only things over the overlay chains doesn't work. I have the problem not
>> only with Version 2.4.20. I tested more Versions and actually 2.4.21 from
>> pysically hardware.
>>
>> If I can't set entries on the slave I don't see any tcp packets from the slave
>> to the master. DNS, time and so on looks fine and everything else is working.
>> And if we restart slapd everything is working. Does anybody know what is going
>> wrong and if there exits a workaround. I read some things abount /dev/random,
>> /dev/urandom and kernel 2.6 in VMware. Can this be the problem?
>>
>> Here the overlay chain configuration.
>>
>> <snip slapd.conf>
>> overlay chain
>> chain-uri "ldap://eisenherz.camelot.de/";
>> chain-idassert-bind bindmethod=simple
>> binddn="cn=ldapadmin,dc=camelot,dc=de"
>> credentials="xxxxxx"
>> mode="self"
>> chain-rebind-as-user TRUE
>> chain-return-error TRUE
>> chain-tls start
>> </snip slapd.conf>
>>
>> Any help is appreciated.
>
>What version is this?
>I found that with 2.4.21 a tls_cacert option solved my problem.
I have the problem in 2.4.12, 2.4.18, 2.4.19, 2.4.20 and 2.4.21.
>chain-tls start
> tls_cacert="/opt/openldap/etc/openldap/certs/avciCA.pem
> tls_reqcert="demand"
>
>slapd-ldap(5) provides more TLS options.
>
I know and I have configured some of them. But the problem still exists. I
can't see any packets on the network device from the slave to the master. If I
restart the slave slapd then all works fine for a time.
But I will read the man page again.
Today have sent a mail to the list with two traces. One with a successfull
passmod and one with nonworking passmod. Here the link:
http://www.openldap.org/lists/openldap-technical/201003/msg00019.html
The differences in the traces are hdb_dn2id entries. When the passmod over the
slave is ok then I can see entries like:
bdb_dn2entry("cn=ldapadmin,dc=camelot,dc=de")
=> hdb_dn2id("cn=ldapadmin,dc=camelot,dc=de")
<= hdb_dn2id: got id=0x5
entry_decode: ""
<= entry_decode()
or
=> hdb_dn2id("ou=policies,dc=camelot,dc=de")
<= hdb_dn2id: got id=0x9
=> hdb_dn2id("cn=default,ou=policies,dc=camelot,dc=de")
<= hdb_dn2id: got id=0xa
entry_decode: ""
<= entry_decode()
When the passmod failed these entries are not in the trace. After restarting
the slapd I can change passwords over the slaves and I can see the hdb_dn2id
entries in the trace.
Regards
Ralf Zimmermann
--
.''`. Ralf Zimmermann
: :' : SIEGNETZ.IT GmbH
`. `' Schneppenkauten 1a
`- 57076 Siegen
Tel.: +49 271 68193 13
Fax.: +49 271 68193 29
Amtsgericht Siegen HRB4838
Geschaeftsfuehrer: Oliver Seitz
Sitz der Gesellschaft ist Siegen
12 years, 2 months
OpenLDAP client configuration with CentOS 5.3
by Cool The Breezer
Hi All,
We have a dedicated LDAP server and I would like to configure OpenLDAP client in our linux boxes running on centOS 5.3.
I have installed openldap client and changed /etc/openldap/ldap.conf with folllowing info
BASE dc=my, dc=net
URI ldap://10.122.12.13
But when I try to run ldapsearch, I get following error
SASL/EXTERNAL authentication started
ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
additional info: SASL(-4): no mechanism available:
The objective is anybody having ldap id can login to linux box. At present, I am manually creating individual ids which we want to integrate with LDAP authentication.
I would appreciate your help
- RB
12 years, 2 months
Nssov Problem Since 2.4.19
by Chris Breneman
Hi,
For the last few days, I've been trying to get nssov to work. I've
mainly been working with OpenLDAP 2.4.21, but this issue is present in
all releases since and including 2.4.19. It works fine in 2.4.18.
Everything compiles fine as expected, and the module loads (it seems),
but when I try to add configuration for the module with ldapadd, I get
this error:
ldap_add: Other (e.g., implementation specific) error (80)
additional info: <olcOverlay> handler exited with 1
Using the same build instructions, configuration, and everything, 2.4.18
works without this error. Some more details are below.
I'd try to fix it myself, but I don't really know where to start. I'd
appreciate it if someone could point me in the right direction.
Thanks,
Chris Breneman
More details:
Process for building OpenLDAP (done as root):
cd openldap-2.4.21
./configure --enable-modules --enable-overlays
make depend
make -j2
make install
cd contrib/slapd-modules/nssov/nss-ldapd
./configure # Make complains about missing something unless ./configure
is executed in nss-ldapd first
cd ..
make
make install
libtool --finish /usr/local/lib # As per instructions from the make
output
Relevant slapd configuration:
dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module{0}
olcModulePath: /usr/local/libexec/openldap
olcModuleLoad: /usr/local/libexec/openldap/nssov.la
Listing of modules:
$ ls /usr/local/libexec/openldap/
nssov.a nssov.la nssov.so nssov.so.0 nssov.so.0.0.0
Command to add nssov configuration:
ldapadd -H ldap://localhost -x -D 'cn=config' -w <password>
LDIF for nssov configuration:
dn: olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcNssOvConfig
olcOverlay: {0}nssov
olcNssSsd: passwd ldap:///ou=people,dc=cluenet,dc=org??one
ldapadd output:
adding new entry "olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config"
ldap_add: Other (e.g., implementation specific) error (80)
additional info: <olcOverlay> handler exited with 1
Relevant output from running slapd with -d -1 on startup:
loaded module /usr/local/libexec/openldap/nssov.la
module /usr/local/libexec/openldap/nssov.la: null module registered
Relevant output from running slapd with -d -1 on ldapadd command:
>>> dnPrettyNormal: <olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config>
=> ldap_bv2dn(olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config,0)
<= ldap_bv2dn(olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config)=0
<<< dnPrettyNormal: <olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config>,
<olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config>
conn=1000 op=1 ADD dn="olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config"
=> access_allowed: add access to
"olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config" "entry" requested
<= root access granted
=> access_allowed: add access granted by manage(=mwrscxd)
<= acl_access_allowed: granted to database root
oc_check_required entry
(olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config), objectClass
"olcNssOvConfig"
oc_check_allowed type "objectClass"
oc_check_allowed type "olcOverlay"
oc_check_allowed type "olcNssSsd"
oc_check_allowed type "structuralObjectClass"
slap_queue_csn: queing 0xb5d52ab2
20100228195617.582000Z#000000#000#000000
=> access_allowed: add access to "olcDatabase={1}bdb,cn=config"
"children" requested
<= root access granted
=> access_allowed: add access granted by manage(=mwrscxd)
olcOverlay: value #0: <olcOverlay> handler exited with 1!
send_ldap_result: conn=1000 op=1 p=3
send_ldap_result: err=80 matched="" text="<olcOverlay> handler exited
with 1"
send_ldap_response: msgid=2 tag=105 err=80
12 years, 2 months