openldap-technical March 2010

openldap-technical@openldap.org

73 participants
87 discussions

Re: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
by Mingyur Koblensky 01 Mar '10

01 Mar '10

Hi, > > Please, update to the latest OpenLDAP 2.4.21 release. The one you're > playing with is 6 years old. > yes, it is very old but from the repository of redhat enterprise 4. I have installed the same package on another RH 4 and not problems... > > You can try to start % slapd; from command line and see what the problem > is/might be. > > As a root or whoever is supposed to run OpenLDAP: > # slapd -h 'ldap://127.0.0.1' -d 256; [root@myserver openldap]# /usr/sbin/slapd -d 4095 -u ldap -h ldap:/// @(#) $OpenLDAP: slapd 2.2.13 (Jul 8 2009 10:40:09) $ mockbuild@x86-002.build.bos.redhat.com:/builddir/build/BUILD/openldap -2.2.13/openldap-2.2.13/build-servers/servers/slapd daemon_init: ldap:/// daemon_init: listen on ldap:/// daemon_init: 1 listeners to open... ldap_url_parse_ext(ldap:///) daemon: initialized ldap:/// daemon_init: 2 listeners opened slapd init: initiated server. slap_sasl_init: initialized! bdb_initialize: initialize BDB backend bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December 3, 2003) bdb_initialize: initialize BDB backend bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December 3, 2003) reading config file /etc/openldap/slapd.conf line 5 (include /etc/openldap/schema/core.schema) reading config file /etc/openldap/schema/core.schema line 77 (attributetype ( 2.5.4.2 NAME 'knowledgeInformation' DESC 'RFC2256: knowledge information' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )) line 86 (attributetype ( 2.5.4.4 NAME ( 'sn' 'surname' ) DESC 'RFC2256: last (family) name(s) for which the entity is known by' SUP name )) line 92 (attributetype ( 2.5.4.5 NAME 'serialNumber' DESC 'RFC2256: serial number of the entity' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} )) line 96 (attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) DESC 'RFC2256: ISO-3166 country 2-letter code' SUP name SINGLE-VALUE )) line 100 (attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' ) DESC 'RFC2256: locality which this object resides in' SUP name )) line 104 (attributetype ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) DESC 'RFC2256: state or province which this object resides in' SUP name )) line 110 (attributetype ( 2.5.4.9 NAME ( 'street' 'streetAddress' ) DESC 'RFC2256: street address of this object' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )) line 114 (attributetype ( 2.5.4.10 NAME ( 'o' 'organizationName' ) DESC 'RFC2256: organization this object belongs to' SUP name )) line 118 (attributetype ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) DESC 'RFC2256: organizational unit this object belongs to' SUP name )) line 122 (attributetype ( 2.5.4.12 NAME 'title' DESC 'RFC2256: title associated with the entity' SUP name )) line 128 (attributetype ( 2.5.4.13 NAME 'description' DESC 'RFC2256: descriptive information' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )) line 133 (attributetype ( 2.5.4.14 NAME 'searchGuide' DESC 'RFC2256: search guide, obsoleted by enhancedSearchGuide' SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 )) line 139 (attributetype ( 2.5.4.15 NAME 'businessCategory' DESC 'RFC2256: business category' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )) line 145 (attributetype ( 2.5.4.16 NAME 'postalAddress' DESC 'RFC2256: postal address' EQUALITY caseIgnoreListMatch SUBSTR caseIgnoreListSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )) line 151 (attributetype ( 2.5.4.17 NAME 'postalCode' DESC 'RFC2256: postal code' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )) line 157 (attributetype ( 2.5.4.18 NAME 'postOfficeBox' DESC 'RFC2256: Post Office Box' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )) line 163 (attributetype ( 2.5.4.19 NAME 'physicalDeliveryOfficeName' DESC 'RFC2256: Physical Delivery Office Name' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )) line 169 (attributetype ( 2.5.4.20 NAME 'telephoneNumber' DESC 'RFC2256: Telephone Number' EQUALITY telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )) line 173 (attributetype ( 2.5.4.21 NAME 'telexNumber' DESC 'RFC2256: TelexNumber' SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 )) line 177 (attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier' DESC 'RFC2256: Teletex Terminal Identifier' SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 )) line 181 (attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' ) DESC 'RFC2256: Facsimile (Fax) Telephone Number' SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 )) line 187 (attributetype ( 2.5.4.24 NAME 'x121Address' DESC 'RFC2256: X.121 Address' EQUALITY numericStringMatch SUBSTR numericStringSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} )) line 193 (attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber' DESC 'RFC2256: international ISDN number' EQUALITY numericStringMatch SUBSTR numericStringSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )) line 198 (attributetype ( 2.5.4.26 NAME 'registeredAddress' DESC 'RFC2256: registered postal address' SUP postalAddress SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )) line 204 (attributetype ( 2.5.4.27 NAME 'destinationIndicator' DESC 'RFC2256: destination indicator' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )) line 209 (attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod' DESC 'RFC2256: preferred delivery method' SYNTAX 1.3.6.1.4.1.1466.115.121.1.14 SINGLE-VALUE )) line 215 (attributetype ( 2.5.4.29 NAME 'presentationAddress' DESC 'RFC2256: presentation address' EQUALITY presentationAddressMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.43 SINGLE-VALUE )) line 220 (attributetype ( 2.5.4.30 NAME 'supportedApplicationContext' DESC 'RFC2256: supported application context' EQUALITY objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )) line 224 (attributetype ( 2.5.4.31 NAME 'member' DESC 'RFC2256: member of a group' SUP distinguishedName )) line 228 (attributetype ( 2.5.4.32 NAME 'owner' DESC 'RFC2256: owner (of the object)' SUP distinguishedName )) line 232 (attributetype ( 2.5.4.33 NAME 'roleOccupant' DESC 'RFC2256: occupant of role' SUP distinguishedName )) line 236 (attributetype ( 2.5.4.34 NAME 'seeAlso' DESC 'RFC2256: DN of related object' SUP distinguishedName )) line 249 (attributetype ( 2.5.4.36 NAME 'userCertificate' DESC 'RFC2256: X.509 user certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )) line 256 (attributetype ( 2.5.4.37 NAME 'cACertificate' DESC 'RFC2256: X.509 CA certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )) line 261 (attributetype ( 2.5.4.38 NAME 'authorityRevocationList' DESC 'RFC2256: X.509 authority revocation list, use ;binary' SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )) line 266 (attributetype ( 2.5.4.39 NAME 'certificateRevocationList' DESC 'RFC2256: X.509 certificate revocation list, use ;binary' SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )) line 271 (attributetype ( 2.5.4.40 NAME 'crossCertificatePair' DESC 'RFC2256: X.509 cross certificate pair, use ;binary' SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 )) line 281 (attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' ) DESC 'RFC2256: first name(s) for which the entity is known by' SUP name )) line 285 (attributetype ( 2.5.4.43 NAME 'initials' DESC 'RFC2256: initials of some or all of names, but not the surname(s).' SUP name )) line 289 (attributetype ( 2.5.4.44 NAME 'generationQualifier' DESC 'RFC2256: name qualifier indicating a generation' SUP name )) line 294 (attributetype ( 2.5.4.45 NAME 'x500UniqueIdentifier' DESC 'RFC2256: X.500 unique identifier' EQUALITY bitStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )) line 301 (attributetype ( 2.5.4.46 NAME 'dnQualifier' DESC 'RFC2256: DN qualifier' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )) line 305 (attributetype ( 2.5.4.47 NAME 'enhancedSearchGuide' DESC 'RFC2256: enhanced search guide' SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 )) line 310 (attributetype ( 2.5.4.48 NAME 'protocolInformation' DESC 'RFC2256: protocol information' EQUALITY protocolInformationMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 )) line 320 (attributetype ( 2.5.4.50 NAME 'uniqueMember' DESC 'RFC2256: unique member of a group' EQUALITY uniqueMemberMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 )) line 326 (attributetype ( 2.5.4.51 NAME 'houseIdentifier' DESC 'RFC2256: house identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )) line 331 (attributetype ( 2.5.4.52 NAME 'supportedAlgorithms' DESC 'RFC2256: supported algorithms' SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 )) line 336 (attributetype ( 2.5.4.53 NAME 'deltaRevocationList' DESC 'RFC2256: delta revocation list; use ;binary' SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )) line 340 (attributetype ( 2.5.4.54 NAME 'dmdName' DESC 'RFC2256: name of DMD' SUP name )) line 355 (objectclass ( 2.5.6.2 NAME 'country' DESC 'RFC2256: a country' SUP top STRUCTURAL MUST c MAY ( searchGuide $ description ) )) line 360 (objectclass ( 2.5.6.3 NAME 'locality' DESC 'RFC2256: a locality' SUP top STRUCTURAL MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) )) line 371 (objectclass ( 2.5.6.4 NAME 'organization' DESC 'RFC2256: an organization' SUP top STRUCTURAL MUST o MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ x121Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )) line 382 (objectclass ( 2.5.6.5 NAME 'organizationalUnit' DESC 'RFC2256: an organizational unit' SUP top STRUCTURAL MUST ou MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ x121Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )) line 388 (objectclass ( 2.5.6.6 NAME 'person' DESC 'RFC2256: a person' SUP top STRUCTURAL MUST ( sn $ cn ) MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) )) line 397 (objectclass ( 2.5.6.7 NAME 'organizationalPerson' DESC 'RFC2256: an organizational person' SUP person STRUCTURAL MAY ( title $ x121Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) )) line 408 (objectclass ( 2.5.6.8 NAME 'organizationalRole' DESC 'RFC2256: an organizational role' SUP top STRUCTURAL MUST cn MAY ( x121Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l $ description ) )) line 414 (objectclass ( 2.5.6.9 NAME 'groupOfNames' DESC 'RFC2256: a group of names (DNs)' SUP top STRUCTURAL MUST ( member $ cn ) MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )) line 425 (objectclass ( 2.5.6.10 NAME 'residentialPerson' DESC 'RFC2256: an residential person' SUP person STRUCTURAL MUST l MAY ( businessCategory $ x121Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ preferredDeliveryMethod $ street $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st $ l ) )) line 431 (objectclass ( 2.5.6.11 NAME 'applicationProcess' DESC 'RFC2256: an application process' SUP top STRUCTURAL MUST cn MAY ( seeAlso $ ou $ l $ description ) )) line 438 (objectclass ( 2.5.6.12 NAME 'applicationEntity' DESC 'RFC2256: an application entity' SUP top STRUCTURAL MUST ( presentationAddress $ cn ) MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $ description ) )) line 443 (objectclass ( 2.5.6.13 NAME 'dSA' DESC 'RFC2256: a directory system agent (a server)' SUP applicationEntity STRUCTURAL MAY knowledgeInformation )) line 449 (objectclass ( 2.5.6.14 NAME 'device' DESC 'RFC2256: a device' SUP top STRUCTURAL MUST cn MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) )) line 454 (objectclass ( 2.5.6.15 NAME 'strongAuthenticationUser' DESC 'RFC2256: a strong authentication user' SUP top AUXILIARY MUST userCertificate )) line 460 (objectclass ( 2.5.6.16 NAME 'certificationAuthority' DESC 'RFC2256: a certificate authority' SUP top AUXILIARY MUST ( authorityRevocationList $ certificateRevocationList $ cACertificate ) MAY crossCertificatePair )) line 466 (objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames' DESC 'RFC2256: a group of unique names (DN and Unique Identifier)' SUP top STRUCTURAL MUST ( uniqueMember $ cn ) MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )) line 471 (objectclass ( 2.5.6.18 NAME 'userSecurityInformation' DESC 'RFC2256: a user security information' SUP top AUXILIARY MAY ( supportedAlgorithms ) )) line 475 (objectclass ( 2.5.6.16.2 NAME 'certificationAuthority-V2' SUP certificationAuthority AUXILIARY MAY ( deltaRevocationList ) )) line 481 (objectclass ( 2.5.6.19 NAME 'cRLDistributionPoint' SUP top STRUCTURAL MUST ( cn ) MAY ( certificateRevocationList $ authorityRevocationList $ deltaRevocationList ) )) line 491 (objectclass ( 2.5.6.20 NAME 'dmd' SUP top STRUCTURAL MUST ( dmdName ) MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ x121Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )) line 499 (objectclass ( 2.5.6.21 NAME 'pkiUser' DESC 'RFC2587: a PKI user' SUP top AUXILIARY MAY userCertificate )) line 505 (objectclass ( 2.5.6.22 NAME 'pkiCA' DESC 'RFC2587: PKI certificate authority' SUP top AUXILIARY MAY ( authorityRevocationList $ certificateRevocationList $ cACertificate $ crossCertificatePair ) )) line 510 (objectclass ( 2.5.6.23 NAME 'deltaCRL' DESC 'RFC2587: PKI user' SUP top AUXILIARY MAY deltaRevocationList )) line 523 (objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject' DESC 'RFC2079: object that contains the URI attribute type' MAY ( labeledURI ) SUP top AUXILIARY )) line 533 (attributetype ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) line 540 (attributetype ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbox' ) DESC 'RFC1274: RFC822 Mailbox' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )) line 545 (objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject' DESC 'RFC1274: simple security object' SUP top AUXILIARY MUST userPassword )) line 553 (attributetype ( 0.9.2342.19200300.100.1.25 NAME ( 'dc' 'domainComponent' ) DESC 'RFC1274/2247: domain component' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )) line 558 (objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject' DESC 'RFC2247: domain component object' SUP top AUXILIARY MUST dc )) line 563 (objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject' DESC 'RFC2377: uid object' SUP top AUXILIARY MUST uid )) line 571 (attributetype ( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain' DESC 'RFC1274: domain associated with object' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) line 579 (attributetype ( 1.2.840.113549.1.9.1 NAME ( 'email' 'emailAddress' 'pkcs9email' ) DESC 'RFC2459: legacy attribute for email addresses in DNs' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )) >>> dnNormalize: <cn=Subschema> => ldap_bv2dn(cn=Subschema,0) <= ldap_bv2dn(cn=Subschema,0)=0 => ldap_dn2bv(272) <= ldap_dn2bv(cn=subschema,272)=0 <<< dnNormalize: <cn=subschema> line 6 (include /etc/openldap/schema/cosine.schema) reading config file /etc/openldap/schema/cosine.schema line 130 (attributetype ( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) line 168 (attributetype ( 0.9.2342.19200300.100.1.4 NAME 'info' DESC 'RFC1274: general information' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} )) line 187 (attributetype ( 0.9.2342.19200300.100.1.5 NAME ( 'drink' 'favouriteDrink' ) DESC 'RFC1274: favorite drink' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) line 205 (attributetype ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' DESC 'RFC1274: room number' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) line 227 (attributetype ( 0.9.2342.19200300.100.1.7 NAME 'photo' DESC 'RFC1274: photo (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} )) line 248 (attributetype ( 0.9.2342.19200300.100.1.8 NAME 'userClass' DESC 'RFC1274: categorory of user' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) line 264 (attributetype ( 0.9.2342.19200300.100.1.9 NAME 'host' DESC 'RFC1274: host computer' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) line 279 (attributetype ( 0.9.2342.19200300.100.1.10 NAME 'manager' DESC 'RFC1274: DN of manager' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )) line 296 (attributetype ( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier' DESC 'RFC1274: unique identifier of document' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) line 312 (attributetype ( 0.9.2342.19200300.100.1.12 NAME 'documentTitle' DESC 'RFC1274: title of document' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) line 329 (attributetype ( 0.9.2342.19200300.100.1.13 NAME 'documentVersion' DESC 'RFC1274: version of document' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) line 344 (attributetype ( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor' DESC 'RFC1274: DN of author of document' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )) line 361 (attributetype ( 0.9.2342.19200300.100.1.15 NAME 'documentLocation' DESC 'RFC1274: location of document original' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) line 380 (attributetype ( 0.9.2342.19200300.100.1.20 DESC 'RFC1274: home telephone number' NAME ( 'homePhone' 'homeTelephoneNumber' ) EQUALITY telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )) line 395 (attributetype ( 0.9.2342.19200300.100.1.21 NAME 'secretary' DESC 'RFC1274: DN of secretary' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )) line 411 (attributetype ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox' SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 )) line 480 (attributetype ( 0.9.2342.19200300.100.1.26 NAME 'aRecord' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) line 486 (attributetype ( 0.9.2342.19200300.100.1.27 NAME 'mDRecord' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) line 501 (attributetype ( 0.9.2342.19200300.100.1.28 NAME 'mXRecord' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) line 516 (attributetype ( 0.9.2342.19200300.100.1.29 NAME 'nSRecord' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) line 531 (attributetype ( 0.9.2342.19200300.100.1.30 NAME 'sOARecord' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) line 546 (attributetype ( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) line 581 (attributetype ( 0.9.2342.19200300.100.1.38 NAME 'associatedName' DESC 'RFC1274: DN of entry associated with domain' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )) line 599 (attributetype ( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress' DESC 'RFC1274: home postal address' EQUALITY caseIgnoreListMatch SUBSTR caseIgnoreListSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )) line 616 (attributetype ( 0.9.2342.19200300.100.1.40 NAME 'personalTitle' DESC 'RFC1274: personal title' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) line 635 (attributetype ( 0.9.2342.19200300.100.1.41 NAME ( 'mobile' 'mobileTelephoneNumber' ) DESC 'RFC1274: mobile telephone number' EQUALITY telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )) line 653 (attributetype ( 0.9.2342.19200300.100.1.42 NAME ( 'pager' 'pagerTelephoneNumber' ) DESC 'RFC1274: pager telephone number' EQUALITY telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )) line 671 (attributetype ( 0.9.2342.19200300.100.1.43 NAME ( 'co' 'friendlyCountryName' ) DESC 'RFC1274: friendly country name' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )) line 691 (attributetype ( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier' DESC 'RFC1274: unique identifer' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) line 713 (attributetype ( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus' DESC 'RFC1274: organizational status' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) line 734 (attributetype ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox' DESC 'RFC1274: Janet mailbox' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )) line 764 (attributetype ( 0.9.2342.19200300.100.1.47 NAME 'mailPreferenceOption' DESC 'RFC1274: mail preference option' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )) line 781 (attributetype ( 0.9.2342.19200300.100.1.48 NAME 'buildingName' DESC 'RFC1274: name of building' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) line 796 (attributetype ( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality' DESC 'RFC1274: DSA Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 SINGLE-VALUE )) line 811 (attributetype ( 0.9.2342.19200300.100.1.50 NAME 'singleLevelQuality' DESC 'RFC1274: Single Level Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )) line 827 (attributetype ( 0.9.2342.19200300.100.1.51 NAME 'subtreeMinimumQuality' DESC 'RFC1274: Subtree Mininum Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )) line 843 (attributetype ( 0.9.2342.19200300.100.1.52 NAME 'subtreeMaximumQuality' DESC 'RFC1274: Subtree Maximun Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )) line 865 (attributetype ( 0.9.2342.19200300.100.1.53 NAME 'personalSignature' DESC 'RFC1274: Personal Signature (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.23 )) line 884 (attributetype ( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect' DESC 'RFC1274: DIT Redirect' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )) line 900 (attributetype ( 0.9.2342.19200300.100.1.55 NAME 'audio' DESC 'RFC1274: audio (u-law)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} )) line 916 (attributetype ( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher' DESC 'RFC1274: publisher of document' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )) line 1084 (objectclass ( 0.9.2342.19200300.100.4.4 NAME ( 'pilotPerson' 'newPilotPerson' ) SUP person STRUCTURAL MAY ( userid $ textEncodedORAddress $ rfc822Mailbox $ favouriteDrink $ roomNumber $ userClass $ homeTelephoneNumber $ homePostalAddress $ secretary $ personalTitle $ preferredDeliveryMethod $ businessCategory $ janetMailbox $ otherMailbox $ mobileTelephoneNumber $ pagerTelephoneNumber $ organizationalStatus $ mailPreferenceOption $ personalSignature ) )) line 1110 (objectclass ( 0.9.2342.19200300.100.4.5 NAME 'account' SUP top STRUCTURAL MUST userid MAY ( description $ seeAlso $ localityName $ organizationName $ organizationalUnitName $ host ) )) line 1142 (objectclass ( 0.9.2342.19200300.100.4.6 NAME 'document' SUP top STRUCTURAL MUST documentIdentifier MAY ( commonName $ description $ seeAlso $ localityName $ organizationName $ organizationalUnitName $ documentTitle $ documentVersion $ documentAuthor $ documentLocation $ documentPublisher ) )) line 1165 (objectclass ( 0.9.2342.19200300.100.4.7 NAME 'room' SUP top STRUCTURAL MUST commonName MAY ( roomNumber $ description $ seeAlso $ telephoneNumber ) )) line 1191 (objectclass ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries' SUP top STRUCTURAL MUST commonName MAY ( description $ seeAlso $ telephonenumber $ localityName $ organizationName $ organizationalUnitName ) )) line 1222 (objectclass ( 0.9.2342.19200300.100.4.13 NAME 'domain' SUP top STRUCTURAL MUST domainComponent MAY ( associatedName $ organizationName $ description $ businessCategory $ seeAlso $ searchGuide $ userPassword $ localityName $ stateOrProvinceName $ streetAddress $ physicalDeliveryOfficeName $ postalAddress $ postalCode $ postOfficeBox $ streetAddress $ facsimileTelephoneNumber $ internationalISDNNumber $ telephoneNumber $ teletexTerminalIdentifier $ telexNumber $ preferredDeliveryMethod $ destinationIndicator $ registeredAddress $ x121Address ) )) line 1252 (objectclass ( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart' SUP domain STRUCTURAL MAY ( commonName $ surname $ description $ seeAlso $ telephoneNumber $ physicalDeliveryOfficeName $ postalAddress $ postalCode $ postOfficeBox $ streetAddress $ facsimileTelephoneNumber $ internationalISDNNumber $ telephoneNumber $ teletexTerminalIdentifier $ telexNumber $ preferredDeliveryMethod $ destinationIndicator $ registeredAddress $ x121Address ) )) line 1275 (objectclass ( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' SUP 'domain' STRUCTURAL MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $ SOARecord $ CNAMERecord ) )) line 1293 (objectclass ( 0.9.2342.19200300.100.4.17 NAME 'domainRelatedObject' DESC 'RFC1274: an object related to an domain' SUP top AUXILIARY MUST associatedDomain )) line 1311 (objectclass ( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry' SUP country STRUCTURAL MUST friendlyCountryName )) line 1345 (objectclass ( 0.9.2342.19200300.100.4.20 NAME 'pilotOrganization' SUP ( organization $ organizationalUnit ) STRUCTURAL MAY buildingName )) line 1361 (objectclass ( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA' SUP dsa STRUCTURAL MAY dSAQuality )) line 1382 (objectclass ( 0.9.2342.19200300.100.4.22 NAME 'qualityLabelledData' SUP top AUXILIARY MUST dsaQuality MAY ( subtreeMinimumQuality $ subtreeMaximumQuality ) )) line 7 (include /etc/openldap/schema/inetorgperson.schema) reading config file /etc/openldap/schema/inetorgperson.schema line 36 (attributetype ( 2.16.840.1.113730.3.1.1 NAME 'carLicense' DESC 'RFC2798: vehicle license or registration plate' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )) line 46 (attributetype ( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber' DESC 'RFC2798: identifies a department within an organization' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )) line 59 (attributetype ( 2.16.840.1.113730.3.1.241 NAME 'displayName' DESC 'RFC2798: preferred name to be used when displaying entries' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )) line 70 (attributetype ( 2.16.840.1.113730.3.1.3 NAME 'employeeNumber' DESC 'RFC2798: numerically identifies an employee within an organization' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )) line 81 (attributetype ( 2.16.840.1.113730.3.1.4 NAME 'employeeType' DESC 'RFC2798: type of employment for a person' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )) line 92 (attributetype ( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto' DESC 'RFC2798: a JPEG image' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 )) line 107 (attributetype ( 2.16.840.1.113730.3.1.39 NAME 'preferredLanguage' DESC 'RFC2798: preferred written or spoken language for a person' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )) line 123 (attributetype ( 2.16.840.1.113730.3.1.40 NAME 'userSMIMECertificate' DESC 'RFC2798: PKCS#7 SignedData used to support S/MIME' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )) line 135 (attributetype ( 2.16.840.1.113730.3.1.216 NAME 'userPKCS12' DESC 'RFC2798: personal identity information, a PKCS #12 PFX' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )) line 155 (objectclass ( 2.16.840.1.113730.3.2.2 NAME 'inetOrgPerson' DESC 'RFC2798: Internet Organizational Person' SUP organizationalPerson STRUCTURAL MAY ( audio $ businessCategory $ carLicense $ departmentNumber $ displayName $ employeeNumber $ employeeType $ givenName $ homePhone $ homePostalAddress $ initials $ jpegPhoto $ labeledURI $ mail $ manager $ mobile $ o $ pager $ photo $ roomNumber $ secretary $ uid $ userCertificate $ x500uniqueIdentifier $ preferredLanguage $ userSMIMECertificate $ userPKCS12 ) )) line 8 (include /etc/openldap/schema/nis.schema) reading config file /etc/openldap/schema/nis.schema line 40 (attributetype ( 1.3.6.1.1.1.1.0 NAME 'uidNumber' DESC 'An integer uniquely identifying a user in an administrative domain' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) line 45 (attributetype ( 1.3.6.1.1.1.1.1 NAME 'gidNumber' DESC 'An integer uniquely identifying a group in an administrative domain' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) line 51 (attributetype ( 1.3.6.1.1.1.1.2 NAME 'gecos' DESC 'The GECOS field; the common name' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )) line 56 (attributetype ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' DESC 'The absolute path to the home directory' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )) line 61 (attributetype ( 1.3.6.1.1.1.1.4 NAME 'loginShell' DESC 'The path to the login shell' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )) line 65 (attributetype ( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) line 69 (attributetype ( 1.3.6.1.1.1.1.6 NAME 'shadowMin' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) line 73 (attributetype ( 1.3.6.1.1.1.1.7 NAME 'shadowMax' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) line 77 (attributetype ( 1.3.6.1.1.1.1.8 NAME 'shadowWarning' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) line 81 (attributetype ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) line 85 (attributetype ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) line 89 (attributetype ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) line 94 (attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) line 99 (attributetype ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) line 103 (attributetype ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' DESC 'Netgroup triple' SYNTAX 1.3.6.1.1.1.0.0 )) line 107 (attributetype ( 1.3.6.1.1.1.1.15 NAME 'ipServicePort' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) line 110 (attributetype ( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol' SUP name )) line 114 (attributetype ( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) line 118 (attributetype ( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) line 123 (attributetype ( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber' DESC 'IP address' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )) line 128 (attributetype ( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber' DESC 'IP network' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )) line 133 (attributetype ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber' DESC 'IP netmask' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )) line 138 (attributetype ( 1.3.6.1.1.1.1.22 NAME 'macAddress' DESC 'MAC address' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )) line 142 (attributetype ( 1.3.6.1.1.1.1.23 NAME 'bootParameter' DESC 'rpc.bootparamd parameter' SYNTAX 1.3.6.1.1.1.0.1 )) line 147 (attributetype ( 1.3.6.1.1.1.1.24 NAME 'bootFile' DESC 'Boot image name' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) line 150 (attributetype ( 1.3.6.1.1.1.1.26 NAME 'nisMapName' SUP name )) line 155 (attributetype ( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1024} SINGLE-VALUE )) line 162 (objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' SUP top AUXILIARY DESC 'Abstraction of an account with POSIX attributes' MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory ) MAY ( userPassword $ loginShell $ gecos $ description ) )) line 169 (objectclass ( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' SUP top AUXILIARY DESC 'Additional attributes for shadow passwords' MUST uid MAY ( userPassword $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ description ) )) line 174 (objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' SUP top STRUCTURAL DESC 'Abstraction of a group of accounts' MUST ( cn $ gidNumber ) MAY ( userPassword $ memberUid $ description ) )) line 179 (objectclass ( 1.3.6.1.1.1.2.3 NAME 'ipService' SUP top STRUCTURAL DESC 'Abstraction an Internet Protocol service' MUST ( cn $ ipServicePort $ ipServiceProtocol ) MAY ( description ) )) line 184 (objectclass ( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' SUP top STRUCTURAL DESC 'Abstraction of an IP protocol' MUST ( cn $ ipProtocolNumber $ description ) MAY description )) line 189 (objectclass ( 1.3.6.1.1.1.2.5 NAME 'oncRpc' SUP top STRUCTURAL DESC 'Abstraction of an ONC/RPC binding' MUST ( cn $ oncRpcNumber $ description ) MAY description )) line 194 (objectclass ( 1.3.6.1.1.1.2.6 NAME 'ipHost' SUP top AUXILIARY DESC 'Abstraction of a host, an IP device' MUST ( cn $ ipHostNumber ) MAY ( l $ description $ manager ) )) line 199 (objectclass ( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' SUP top STRUCTURAL DESC 'Abstraction of an IP network' MUST ( cn $ ipNetworkNumber ) MAY ( ipNetmaskNumber $ l $ description $ manager ) )) line 204 (objectclass ( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' SUP top STRUCTURAL DESC 'Abstraction of a netgroup' MUST cn MAY ( nisNetgroupTriple $ memberNisNetgroup $ description ) )) line 209 (objectclass ( 1.3.6.1.1.1.2.9 NAME 'nisMap' SUP top STRUCTURAL DESC 'A generic abstraction of a NIS map' MUST nisMapName MAY description )) line 214 (objectclass ( 1.3.6.1.1.1.2.10 NAME 'nisObject' SUP top STRUCTURAL DESC 'An entry in a NIS map' MUST ( cn $ nisMapEntry $ nisMapName ) MAY description )) line 218 (objectclass ( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' SUP top AUXILIARY DESC 'A device with a MAC address' MAY macAddress )) line 222 (objectclass ( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' SUP top AUXILIARY DESC 'A device with boot parameters' MAY ( bootFile $ bootParameter ) )) line 11 (allow bind_v2) line 17 (pidfile /var/run/openldap/slapd.pid) line 18 (argsfile /var/run/openldap/slapd.args) line 68 (database bdb) bdb_db_init: Initializing BDB database line 69 (suffix "dc=tfis, dc=myserver, dc=org") >>> dnPrettyNormal: <dc=tfis, dc=myserver, dc=org> => ldap_bv2dn(dc=tfis, dc=myserver, dc=org,0) <= ldap_bv2dn(dc=tfis, dc=myserver, dc=org,0)=0 => ldap_dn2bv(272) <= ldap_dn2bv(dc=tfis,dc=myserver,dc=org,272)=0 => ldap_dn2bv(272) <= ldap_dn2bv(dc=tfis,dc=myserver,dc=org,272)=0 <<< dnPrettyNormal: <dc=tfis,dc=myserver,dc=org>, <dc=tfis,dc=myserver,dc=org> line 70 (rootdn "cn=Manager,dc=tfis,dc=myserver,dc=org") >>> dnPrettyNormal: <cn=Manager,dc=tfis,dc=myserver,dc=org> => ldap_bv2dn(cn=Manager,dc=tfis,dc=myserver,dc=org,0) <= ldap_bv2dn(cn=Manager,dc=tfis,dc=myserver,dc=org,0)=0 => ldap_dn2bv(272) <= ldap_dn2bv(cn=Manager,dc=tfis,dc=myserver,dc=org,272)=0 => ldap_dn2bv(272) <= ldap_dn2bv(cn=manager,dc=tfis,dc=myserver,dc=org,272)=0 <<< dnPrettyNormal: <cn=Manager,dc=tfis,dc=myserver,dc=org>, <cn=manager,dc=tfis,dc=myserver,dc=org> line 80 (directory /var/lib/ldap) line 83 (index objectClass eq,pres) index objectClass 0x0006 line 84 (index ou,cn,mail,surname,givenname eq,pres,sub) index ou 0x0716 index cn 0x0716 index mail 0x0716 index sn 0x0716 index givenName 0x0716 line 85 (index uidNumber,gidNumber,loginShell eq,pres) index uidNumber 0x0006 index gidNumber 0x0006 index loginShell 0x0006 line 86 (index uid,memberUid eq,pres,sub) index uid 0x0716 index memberUid 0x0716 line 87 (index nisMapName,nisMapEntry eq,pres,sub) index nisMapName 0x0716 index nisMapEntry 0x0716 line 96 (loglevel 4095) matching_rule_use_init 1.2.840.113556.1.4.804 (integerBitOrMatch): matchingRuleUse: ( 1.2.840.113556.1.4.804 NAME 'integerBitOrMatch' APPLIES ( oncRpcNumber $ ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire $ shadowInactive $ shadowWarning $ shadowMax $ shadowMin $ shadowLastChange $ gidNumber $ uidNumber $ mailPreferenceOption $ supportedLDAPVersion ) ) 1.2.840.113556.1.4.803 (integerBitAndMatch): matchingRuleUse: ( 1.2.840.113556.1.4.803 NAME 'integerBitAndMatch' APPLIES ( oncRpcNumber $ ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire $ shadowInactive $ shadowWarning $ shadowMax $ shadowMin $ shadowLastChange $ gidNumber $ uidNumber $ mailPreferenceOption $ supportedLDAPVersion ) ) 1.3.6.1.4.1.1466.109.114.2 (caseIgnoreIA5Match): matchingRuleUse: ( 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' APPLIES ( nisMapEntry $ bootFile $ macAddress $ ipNetmaskNumber $ ipNetworkNumber $ ipHostNumber $ memberNisNetgroup $ memberUid $ loginShell $ homeDirectory $ gecos $ janetMailbox $ cNAMERecord $ sOARecord $ nSRecord $ mXRecord $ mDRecord $ aRecord $ email $ associatedDomain $ dc $ mail $ altServer ) ) 1.3.6.1.4.1.1466.109.114.1 (caseExactIA5Match): matchingRuleUse: ( 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' APPLIES ( nisMapEntry $ bootFile $ macAddress $ ipNetmaskNumber $ ipNetworkNumber $ ipHostNumber $ memberNisNetgroup $ memberUid $ loginShell $ homeDirectory $ gecos $ janetMailbox $ cNAMERecord $ sOARecord $ nSRecord $ mXRecord $ mDRecord $ aRecord $ email $ associatedDomain $ dc $ mail $ altServer ) ) 2.5.13.35 (certificateMatch): matchingRuleUse: ( 2.5.13.35 NAME 'certificateMatch' APPLIES ( cACertificate $ userCertificate ) ) 2.5.13.34 (certificateExactMatch): matchingRuleUse: ( 2.5.13.34 NAME 'certificateExactMatch' APPLIES ( cACertificate $ userCertificate ) ) 2.5.13.30 (objectIdentifierFirstComponentMatch): matchingRuleUse: ( 2.5.13.30 NAME 'objectIdentifierFirstComponentMatch' APPLIES ( supportedApplicationContext $ ldapSyntaxes $ supportedFeatures $ supportedExtension $ supportedControl ) ) 2.5.13.29 (integerFirstComponentMatch): matchingRuleUse: ( 2.5.13.29 NAME 'integerFirstComponentMatch' APPLIES ( oncRpcNumber $ ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire $ shadowInactive $ shadowWarning $ shadowMax $ shadowMin $ shadowLastChange $ gidNumber $ uidNumber $ mailPreferenceOption $ supportedLDAPVersion ) ) 2.5.13.27 (generalizedTimeMatch): matchingRuleUse: ( 2.5.13.27 NAME 'generalizedTimeMatch' APPLIES ( modifyTimestamp $ createTimestamp ) ) 2.5.13.24 (protocolInformationMatch): matchingRuleUse: ( 2.5.13.24 NAME 'protocolInformationMatch' APPLIES protocolInformation ) 2.5.13.23 (uniqueMemberMatch): matchingRuleUse: ( 2.5.13.23 NAME 'uniqueMemberMatch' APPLIES uniqueMember ) 2.5.13.22 (presentationAddressMatch): matchingRuleUse: ( 2.5.13.22 NAME 'presentationAddressMatch' APPLIES presentationAddress ) 2.5.13.20 (telephoneNumberMatch): matchingRuleUse: ( 2.5.13.20 NAME 'telephoneNumberMatch' APPLIES ( pager $ mobile $ homePhone $ telephoneNumber ) ) 2.5.13.17 (octetStringMatch): matchingRuleUse: ( 2.5.13.17 NAME 'octetStringMatch' APPLIES userPassword ) 2.5.13.16 (bitStringMatch): matchingRuleUse: ( 2.5.13.16 NAME 'bitStringMatch' APPLIES x500UniqueIdentifier ) 2.5.13.14 (integerMatch): matchingRuleUse: ( 2.5.13.14 NAME 'integerMatch' APPLIES ( oncRpcNumber $ ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire $ shadowInactive $ shadowWarning $ shadowMax $ shadowMin $ shadowLastChange $ gidNumber $ uidNumber $ mailPreferenceOption $ supportedLDAPVersion ) ) 2.5.13.13 (booleanMatch): matchingRuleUse: ( 2.5.13.13 NAME 'booleanMatch' APPLIES hasSubordinates ) 2.5.13.11 (caseIgnoreListMatch): matchingRuleUse: ( 2.5.13.11 NAME 'caseIgnoreListMatch' APPLIES ( homePostalAddress $ registeredAddress $ postalAddress ) ) 2.5.13.8 (numericStringMatch): matchingRuleUse: ( 2.5.13.8 NAME 'numericStringMatch' APPLIES ( internationaliSDNNumber $ x121Address ) ) 2.5.13.7 (caseExactSubstringsMatch): matchingRuleUse: ( 2.5.13.7 NAME 'caseExactSubstringsMatch' APPLIES ( dnQualifier $ destinationIndicator $ serialNumber ) ) 2.5.13.6 (caseExactOrderingMatch): matchingRuleUse: ( 2.5.13.6 NAME 'caseExactOrderingMatch' APPLIES ( dnQualifier $ destinationIndicator $ serialNumber ) ) 2.5.13.5 (caseExactMatch): matchingRuleUse: ( 2.5.13.5 NAME 'caseExactMatch' APPLIES ( nisMapName $ ipServiceProtocol $ preferredLanguage $ employeeType $ employeeNumber $ displayName $ departmentNumber $ carLicense $ documentPublisher $ buildingName $ organizationalStatus $ uniqueIdentifier $ co $ personalTitle $ documentLocation $ documentVersion $ documentTitle $ documentIdentifier $ host $ userClass $ roomNumber $ drink $ info $ textEncodedORAddress $ uid $ dmdName $ houseIdentifier $ dnQualifier $ generationQualifier $ initials $ givenName $ destinationIndicator $ physicalDeliveryOfficeName $ postOfficeBox $ postalCode $ businessCategory $ description $ title $ ou $ o $ street $ st $ l $ c $ serialNumber $ sn $ knowledgeInformation $ labeledURI $ cn $ name $ ref $ vendorVersion $ vendorName $ supportedSASLMechanisms ) ) 2.5.13.4 (caseIgnoreSubstringsMatch): matchingRuleUse: ( 2.5.13.4 NAME 'caseIgnoreSubstringsMatch' APPLIES ( dnQualifier $ destinationIndicator $ serialNumber ) ) 2.5.13.3 (caseIgnoreOrderingMatch): matchingRuleUse: ( 2.5.13.3 NAME 'caseIgnoreOrderingMatch' APPLIES ( dnQualifier $ destinationIndicator $ serialNumber ) ) 2.5.13.2 (caseIgnoreMatch): matchingRuleUse: ( 2.5.13.2 NAME 'caseIgnoreMatch' APPLIES ( nisMapName $ ipServiceProtocol $ preferredLanguage $ employeeType $ employeeNumber $ displayName $ departmentNumber $ carLicense $ documentPublisher $ buildingName $ organizationalStatus $ uniqueIdentifier $ co $ personalTitle $ documentLocation $ documentVersion $ documentTitle $ documentIdentifier $ host $ userClass $ roomNumber $ drink $ info $ textEncodedORAddress $ uid $ dmdName $ houseIdentifier $ dnQualifier $ generationQualifier $ initials $ givenName $ destinationIndicator $ physicalDeliveryOfficeName $ postOfficeBox $ postalCode $ businessCategory $ description $ title $ ou $ o $ street $ st $ l $ c $ serialNumber $ sn $ knowledgeInformation $ labeledURI $ cn $ name $ ref $ vendorVersion $ vendorName $ supportedSASLMechanisms ) ) 2.5.13.1 (distinguishedNameMatch): matchingRuleUse: ( 2.5.13.1 NAME 'distinguishedNameMatch' APPLIES ( dITRedirect $ associatedName $ secretary $ documentAuthor $ manager $ seeAlso $ roleOccupant $ owner $ member $ distinguishedName $ aliasedObjectName $ namingContexts $ subschemaSubentry $ modifiersName $ creatorsName ) ) 2.5.13.0 (objectIdentifierMatch): matchingRuleUse: ( 2.5.13.0 NAME 'objectIdentifierMatch' APPLIES ( supportedApplicationContext $ supportedFeatures $ supportedExtension $ supportedControl ) ) slapd startup: initiated. bdb_db_open: dc=tfis,dc=myserver,dc=org bdb_db_open: dbenv_open(/var/lib/ldap) as you can see the daemon_init opens some listener, but not much to see! i hope this is helpful !! thank you anyway

1 1

Re: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
by Zdenek Styblik 01 Mar '10

01 Mar '10

Mingyur Koblensky wrote: > Hi, > > > Please, update to the latest OpenLDAP 2.4.21 release. The one you're > playing with is 6 years old. > > > yes, it is very old but from the repository of redhat enterprise 4. I > have installed the same package on another RH 4 and not problems... > Well ... ok. > > > You can try to start % slapd; from command line and see what the problem > is/might be. > > As a root or whoever is supposed to run OpenLDAP: > # slapd -h 'ldap://127.0.0.1 <http://127.0.0.1>' -d 256; > > > [root@myserver openldap]# /usr/sbin/slapd -d 4095 -u ldap -h ldap:/// > I see no errors and it seems that server gets up without problems, but I'm no expert. btw Your -h parameter looks quite strange to me. What's the purpose of it; Bind to all interfaces? My advise is to put it into '..' as I did -> -h 'ldap:///'; simply because of bad experience. And second, put IP adresses there eg. -h 'ldap://127.0.0.1 ldap://192.168.1.1' rather than such ambiguous thing. But well, it [your way] might work as well - I just do it differently. I'd also used only 'ldap://' instead of three slashes, if... Originally, I was about to say you're opening Linux socket, but that would be 'ldapi://'. And please, keep it on the list :) Hope that helps, Zdenek > @(#) $OpenLDAP: slapd 2.2.13 (Jul 8 2009 10:40:09) $ > > mockbuild@x86-002.build.bos.redhat.com:/builddir/build/BUILD/openldap-2.2.13/openldap-2.2.13/build-servers/servers/slapd > > daemon_init: ldap:/// > > daemon_init: listen on ldap:/// > > daemon_init: 1 listeners to open... > > ldap_url_parse_ext(ldap:///) > > daemon: initialized ldap:/// > > daemon_init: 2 listeners opened > > slapd init: initiated server. > > slap_sasl_init: initialized! > > bdb_initialize: initialize BDB backend > > bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December 3, 2003) > > bdb_initialize: initialize BDB backend > > bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December 3, 2003) > > reading config file /etc/openldap/slapd.conf > > line 5 (include /etc/openldap/schema/core.schema) > > reading config file /etc/openldap/schema/core.schema > > line 77 (attributetype ( 2.5.4.2 NAME 'knowledgeInformation' DESC > 'RFC2256: knowledge information' EQUALITY caseIgnoreMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15{32768} )) > > line 86 (attributetype ( 2.5.4.4 NAME ( 'sn' 'surname' ) DESC 'RFC2256: > last (family) name(s) for which the entity is known by' SUP name )) > > line 92 (attributetype ( 2.5.4.5 NAME 'serialNumber' DESC 'RFC2256: > serial number of the entity' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} )) > > line 96 (attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) DESC > 'RFC2256: ISO-3166 country 2-letter code' SUP name SINGLE-VALUE )) > > line 100 (attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' ) DESC > 'RFC2256: locality which this object resides in' SUP name )) > > line 104 (attributetype ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) > DESC 'RFC2256: state or province which this object resides in' SUP name )) > > line 110 (attributetype ( 2.5.4.9 NAME ( 'street' 'streetAddress' ) DESC > 'RFC2256: street address of this object' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )) > > line 114 (attributetype ( 2.5.4.10 NAME ( 'o' 'organizationName' ) DESC > 'RFC2256: organization this object belongs to' SUP name )) > > line 118 (attributetype ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' > ) DESC 'RFC2256: organizational unit this object belongs to' SUP name )) > > line 122 (attributetype ( 2.5.4.12 NAME 'title' DESC 'RFC2256: title > associated with the entity' SUP name )) > > line 128 (attributetype ( 2.5.4.13 NAME 'description' DESC 'RFC2256: > descriptive information' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )) > > line 133 (attributetype ( 2.5.4.14 NAME 'searchGuide' DESC 'RFC2256: > search guide, obsoleted by enhancedSearchGuide' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.25 )) > > line 139 (attributetype ( 2.5.4.15 NAME 'businessCategory' DESC > 'RFC2256: business category' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )) > > line 145 (attributetype ( 2.5.4.16 NAME 'postalAddress' DESC 'RFC2256: > postal address' EQUALITY caseIgnoreListMatch SUBSTR > caseIgnoreListSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )) > > line 151 (attributetype ( 2.5.4.17 NAME 'postalCode' DESC 'RFC2256: > postal code' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )) > > line 157 (attributetype ( 2.5.4.18 NAME 'postOfficeBox' DESC 'RFC2256: > Post Office Box' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )) > > line 163 (attributetype ( 2.5.4.19 NAME 'physicalDeliveryOfficeName' > DESC 'RFC2256: Physical Delivery Office Name' EQUALITY caseIgnoreMatch > SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15{128} )) > > line 169 (attributetype ( 2.5.4.20 NAME 'telephoneNumber' DESC 'RFC2256: > Telephone Number' EQUALITY telephoneNumberMatch SUBSTR > telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )) > > line 173 (attributetype ( 2.5.4.21 NAME 'telexNumber' DESC 'RFC2256: > Telex Number' SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 )) > > line 177 (attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier' DESC > 'RFC2256: Teletex Terminal Identifier' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.51 )) > > line 181 (attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' > 'fax' ) DESC 'RFC2256: Facsimile (Fax) Telephone Number' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.22 )) > > line 187 (attributetype ( 2.5.4.24 NAME 'x121Address' DESC 'RFC2256: > X.121 Address' EQUALITY numericStringMatch SUBSTR > numericStringSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} )) > > line 193 (attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber' DESC > 'RFC2256: international ISDN number' EQUALITY numericStringMatch SUBSTR > numericStringSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )) > > line 198 (attributetype ( 2.5.4.26 NAME 'registeredAddress' DESC > 'RFC2256: registered postal address' SUP postalAddress SYNTAX > 1.3.6.1.4.1.1466.115.121.1.41 )) > > line 204 (attributetype ( 2.5.4.27 NAME 'destinationIndicator' DESC > 'RFC2256: destination indicator' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )) > > line 209 (attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod' DESC > 'RFC2256: preferred delivery method' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.14 SINGLE-VALUE )) > > line 215 (attributetype ( 2.5.4.29 NAME 'presentationAddress' DESC > 'RFC2256: presentation address' EQUALITY presentationAddressMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.43 SINGLE-VALUE )) > > line 220 (attributetype ( 2.5.4.30 NAME 'supportedApplicationContext' > DESC 'RFC2256: supported application context' EQUALITY > objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )) > > line 224 (attributetype ( 2.5.4.31 NAME 'member' DESC 'RFC2256: member > of a group' SUP distinguishedName )) > > line 228 (attributetype ( 2.5.4.32 NAME 'owner' DESC 'RFC2256: owner (of > the object)' SUP distinguishedName )) > > line 232 (attributetype ( 2.5.4.33 NAME 'roleOccupant' DESC 'RFC2256: > occupant of role' SUP distinguishedName )) > > line 236 (attributetype ( 2.5.4.34 NAME 'seeAlso' DESC 'RFC2256: DN of > related object' SUP distinguishedName )) > > line 249 (attributetype ( 2.5.4.36 NAME 'userCertificate' DESC 'RFC2256: > X.509 user certificate, use ;binary' EQUALITY certificateExactMatch > SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )) > > line 256 (attributetype ( 2.5.4.37 NAME 'cACertificate' DESC 'RFC2256: > X.509 CA certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.8 )) > > line 261 (attributetype ( 2.5.4.38 NAME 'authorityRevocationList' DESC > 'RFC2256: X.509 authority revocation list, use ;binary' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.9 )) > > line 266 (attributetype ( 2.5.4.39 NAME 'certificateRevocationList' DESC > 'RFC2256: X.509 certificate revocation list, use ;binary' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.9 )) > > line 271 (attributetype ( 2.5.4.40 NAME 'crossCertificatePair' DESC > 'RFC2256: X.509 cross certificate pair, use ;binary' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.10 )) > > line 281 (attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' ) DESC > 'RFC2256: first name(s) for which the entity is known by' SUP name )) > > line 285 (attributetype ( 2.5.4.43 NAME 'initials' DESC 'RFC2256: > initials of some or all of names, but not the surname(s).' SUP name )) > > line 289 (attributetype ( 2.5.4.44 NAME 'generationQualifier' DESC > 'RFC2256: name qualifier indicating a generation' SUP name )) > > line 294 (attributetype ( 2.5.4.45 NAME 'x500UniqueIdentifier' DESC > 'RFC2256: X.500 unique identifier' EQUALITY bitStringMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.6 )) > > line 301 (attributetype ( 2.5.4.46 NAME 'dnQualifier' DESC 'RFC2256: DN > qualifier' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch > SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )) > > line 305 (attributetype ( 2.5.4.47 NAME 'enhancedSearchGuide' DESC > 'RFC2256: enhanced search guide' SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 )) > > line 310 (attributetype ( 2.5.4.48 NAME 'protocolInformation' DESC > 'RFC2256: protocol information' EQUALITY protocolInformationMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.42 )) > > line 320 (attributetype ( 2.5.4.50 NAME 'uniqueMember' DESC 'RFC2256: > unique member of a group' EQUALITY uniqueMemberMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.34 )) > > line 326 (attributetype ( 2.5.4.51 NAME 'houseIdentifier' DESC 'RFC2256: > house identifier' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )) > > line 331 (attributetype ( 2.5.4.52 NAME 'supportedAlgorithms' DESC > 'RFC2256: supported algorithms' SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 )) > > line 336 (attributetype ( 2.5.4.53 NAME 'deltaRevocationList' DESC > 'RFC2256: delta revocation list; use ;binary' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.9 )) > > line 340 (attributetype ( 2.5.4.54 NAME 'dmdName' DESC 'RFC2256: name of > DMD' SUP name )) > > line 355 (objectclass ( 2.5.6.2 NAME 'country' DESC 'RFC2256: a country' > SUP top STRUCTURAL MUST c MAY ( searchGuide $ description ) )) > > line 360 (objectclass ( 2.5.6.3 NAME 'locality' DESC 'RFC2256: a > locality' SUP top STRUCTURAL MAY ( street $ seeAlso $ searchGuide $ st $ > l $ description ) )) > > line 371 (objectclass ( 2.5.6.4 NAME 'organization' DESC 'RFC2256: an > organization' SUP top STRUCTURAL MUST o MAY ( userPassword $ searchGuide > $ seeAlso $ businessCategory $ x121Address $ registeredAddress $ > destinationIndicator $ preferredDeliveryMethod $ telexNumber $ > teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ > facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ > postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )) > > line 382 (objectclass ( 2.5.6.5 NAME 'organizationalUnit' DESC 'RFC2256: > an organizational unit' SUP top STRUCTURAL MUST ou MAY ( userPassword $ > searchGuide $ seeAlso $ businessCategory $ x121Address $ > registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ > telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ > internationaliSDNNumber $ facsimileTelephoneNumber $ street $ > postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName > $ st $ l $ description ) )) > > line 388 (objectclass ( 2.5.6.6 NAME 'person' DESC 'RFC2256: a person' > SUP top STRUCTURAL MUST ( sn $ cn ) MAY ( userPassword $ telephoneNumber > $ seeAlso $ description ) )) > > line 397 (objectclass ( 2.5.6.7 NAME 'organizationalPerson' DESC > 'RFC2256: an organizational person' SUP person STRUCTURAL MAY ( title $ > x121Address $ registeredAddress $ destinationIndicator $ > preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ > telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ > street $ postOfficeBox $ postalCode $postalAddress $ > physicalDeliveryOfficeName $ ou $ st $ l ) )) > > line 408 (objectclass ( 2.5.6.8 NAME 'organizationalRole' DESC 'RFC2256: > an organizational role' SUP top STRUCTURAL MUST cn MAY ( x121Address $ > registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ > telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ > internationaliSDNNumber $ facsimileTelephoneNumber $ seeAlso $ > roleOccupant $ preferredDeliveryMethod $ street $ postOfficeBox $ > postalCode $ postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l $ > description ) )) > > line 414 (objectclass ( 2.5.6.9 NAME 'groupOfNames' DESC 'RFC2256: a > group of names (DNs)' SUP top STRUCTURAL MUST ( member $ cn ) MAY ( > businessCategory $ seeAlso $ owner $ ou $ o $ description ) )) > > line 425 (objectclass ( 2.5.6.10 NAME 'residentialPerson' DESC 'RFC2256: > an residential person' SUP person STRUCTURAL MUST l MAY ( > businessCategory $ x121Address $ registeredAddress $ > destinationIndicator $ preferredDeliveryMethod $ telexNumber $ > teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ > facsimileTelephoneNumber $ preferredDeliveryMethod $ street $ > postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName > $ st $ l ) )) > > line 431 (objectclass ( 2.5.6.11 NAME 'applicationProcess' DESC > 'RFC2256: an application process' SUP top STRUCTURAL MUST cn MAY ( > seeAlso $ ou $ l $ description ) )) > > line 438 (objectclass ( 2.5.6.12 NAME 'applicationEntity' DESC 'RFC2256: > an application entity' SUP top STRUCTURAL MUST ( presentationAddress $ > cn ) MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $ > description ) )) > > line 443 (objectclass ( 2.5.6.13 NAME 'dSA' DESC 'RFC2256: a directory > system agent (a server)' SUP applicationEntity STRUCTURAL MAY > knowledgeInformation )) > > line 449 (objectclass ( 2.5.6.14 NAME 'device' DESC 'RFC2256: a device' > SUP top STRUCTURAL MUST cn MAY ( serialNumber $ seeAlso $ owner $ ou $ o > $ l $ description ) )) > > line 454 (objectclass ( 2.5.6.15 NAME 'strongAuthenticationUser' DESC > 'RFC2256: a strong authentication user' SUP top AUXILIARY MUST > userCertificate )) > > line 460 (objectclass ( 2.5.6.16 NAME 'certificationAuthority' DESC > 'RFC2256: a certificate authority' SUP top AUXILIARY MUST ( > authorityRevocationList $ certificateRevocationList $ cACertificate ) > MAY crossCertificatePair )) > > line 466 (objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames' DESC > 'RFC2256: a group of unique names (DN and Unique Identifier)' SUP top > STRUCTURAL MUST ( uniqueMember $ cn ) MAY ( businessCategory $ seeAlso $ > owner $ ou $ o $ description ) )) > > line 471 (objectclass ( 2.5.6.18 NAME 'userSecurityInformation' DESC > 'RFC2256: a user security information' SUP top AUXILIARY MAY ( > supportedAlgorithms ) )) > > line 475 (objectclass ( 2.5.6.16.2 NAME 'certificationAuthority-V2' SUP > certificationAuthority AUXILIARY MAY ( deltaRevocationList ) )) > > line 481 (objectclass ( 2.5.6.19 NAME 'cRLDistributionPoint' SUP top > STRUCTURAL MUST ( cn ) MAY ( certificateRevocationList $ > authorityRevocationList $ deltaRevocationList ) )) > > line 491 (objectclass ( 2.5.6.20 NAME 'dmd' SUP top STRUCTURAL MUST ( > dmdName ) MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory > $ x121Address $ registeredAddress $ destinationIndicator $ > preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ > telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ > street $ postOfficeBox $ postalCode $ postalAddress $ > physicalDeliveryOfficeName $ st $ l $ description ) )) > > line 499 (objectclass ( 2.5.6.21 NAME 'pkiUser' DESC 'RFC2587: a PKI > user' SUP top AUXILIARY MAY userCertificate )) > > line 505 (objectclass ( 2.5.6.22 NAME 'pkiCA' DESC 'RFC2587: PKI > certificate authority' SUP top AUXILIARY MAY ( authorityRevocationList $ > certificateRevocationList $ cACertificate $ crossCertificatePair ) )) > > line 510 (objectclass ( 2.5.6.23 NAME 'deltaCRL' DESC 'RFC2587: PKI > user' SUP top AUXILIARY MAY deltaRevocationList )) > > line 523 (objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject' > DESC 'RFC2079: object that contains the URI attribute type' MAY ( > labeledURI ) SUP top AUXILIARY )) > > line 533 (attributetype ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' > 'userid' ) DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch > SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 540 (attributetype ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' > 'rfc822Mailbox' ) DESC 'RFC1274: RFC822 Mailbox' EQUALITY > caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26{256} )) > > line 545 (objectclass ( 0.9.2342.19200300.100.4.19 NAME > 'simpleSecurityObject' DESC 'RFC1274: simple security object' SUP top > AUXILIARY MUST userPassword )) > > line 553 (attributetype ( 0.9.2342.19200300.100.1.25 NAME ( 'dc' > 'domainComponent' ) DESC 'RFC1274/2247: domain component' EQUALITY > caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )) > > line 558 (objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject' DESC > 'RFC2247: domain component object' SUP top AUXILIARY MUST dc )) > > line 563 (objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject' DESC 'RFC2377: > uid object' SUP top AUXILIARY MUST uid )) > > line 571 (attributetype ( 0.9.2342.19200300.100.1.37 NAME > 'associatedDomain' DESC 'RFC1274: domain associated with object' > EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26 )) > > line 579 (attributetype ( 1.2.840.113549.1.9.1 NAME ( 'email' > 'emailAddress' 'pkcs9email' ) DESC 'RFC2459: legacy attribute for email > addresses in DNs' EQUALITY caseIgnoreIA5Match SUBSTR > caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )) > >>>> dnNormalize: <cn=Subschema> > > => ldap_bv2dn(cn=Subschema,0) > > <= ldap_bv2dn(cn=Subschema,0)=0 > > => ldap_dn2bv(272) > > <= ldap_dn2bv(cn=subschema,272)=0 > > <<< dnNormalize: <cn=subschema> > > line 6 (include /etc/openldap/schema/cosine.schema) > > reading config file /etc/openldap/schema/cosine.schema > > line 130 (attributetype ( 0.9.2342.19200300.100.1.2 NAME > 'textEncodedORAddress' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 168 (attributetype ( 0.9.2342.19200300.100.1.4 NAME 'info' DESC > 'RFC1274: general information' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} )) > > line 187 (attributetype ( 0.9.2342.19200300.100.1.5 NAME ( 'drink' > 'favouriteDrink' ) DESC 'RFC1274: favorite drink' EQUALITY > caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 205 (attributetype ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' > DESC 'RFC1274: room number' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 227 (attributetype ( 0.9.2342.19200300.100.1.7 NAME 'photo' DESC > 'RFC1274: photo (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} )) > > line 248 (attributetype ( 0.9.2342.19200300.100.1.8 NAME 'userClass' > DESC 'RFC1274: categorory of user' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 264 (attributetype ( 0.9.2342.19200300.100.1.9 NAME 'host' DESC > 'RFC1274: host computer' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 279 (attributetype ( 0.9.2342.19200300.100.1.10 NAME 'manager' DESC > 'RFC1274: DN of manager' EQUALITY distinguishedNameMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.12 )) > > line 296 (attributetype ( 0.9.2342.19200300.100.1.11 NAME > 'documentIdentifier' DESC 'RFC1274: unique identifier of document' > EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 312 (attributetype ( 0.9.2342.19200300.100.1.12 NAME > 'documentTitle' DESC 'RFC1274: title of document' EQUALITY > caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 329 (attributetype ( 0.9.2342.19200300.100.1.13 NAME > 'documentVersion' DESC 'RFC1274: version of document' EQUALITY > caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 344 (attributetype ( 0.9.2342.19200300.100.1.14 NAME > 'documentAuthor' DESC 'RFC1274: DN of author of document' EQUALITY > distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )) > > line 361 (attributetype ( 0.9.2342.19200300.100.1.15 NAME > 'documentLocation' DESC 'RFC1274: location of document original' > EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 380 (attributetype ( 0.9.2342.19200300.100.1.20 DESC 'RFC1274: home > telephone number' NAME ( 'homePhone' 'homeTelephoneNumber' ) EQUALITY > telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.50 )) > > line 395 (attributetype ( 0.9.2342.19200300.100.1.21 NAME 'secretary' > DESC 'RFC1274: DN of secretary' EQUALITY distinguishedNameMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.12 )) > > line 411 (attributetype ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox' > SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 )) > > line 480 (attributetype ( 0.9.2342.19200300.100.1.26 NAME 'aRecord' > EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) > > line 486 (attributetype ( 0.9.2342.19200300.100.1.27 NAME 'mDRecord' > EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) > > line 501 (attributetype ( 0.9.2342.19200300.100.1.28 NAME 'mXRecord' > EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) > > line 516 (attributetype ( 0.9.2342.19200300.100.1.29 NAME 'nSRecord' > EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) > > line 531 (attributetype ( 0.9.2342.19200300.100.1.30 NAME 'sOARecord' > EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) > > line 546 (attributetype ( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord' > EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) > > line 581 (attributetype ( 0.9.2342.19200300.100.1.38 NAME > 'associatedName' DESC 'RFC1274: DN of entry associated with domain' > EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )) > > line 599 (attributetype ( 0.9.2342.19200300.100.1.39 NAME > 'homePostalAddress' DESC 'RFC1274: home postal address' EQUALITY > caseIgnoreListMatch SUBSTR caseIgnoreListSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.41 )) > > line 616 (attributetype ( 0.9.2342.19200300.100.1.40 NAME > 'personalTitle' DESC 'RFC1274: personal title' EQUALITY caseIgnoreMatch > SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 635 (attributetype ( 0.9.2342.19200300.100.1.41 NAME ( 'mobile' > 'mobileTelephoneNumber' ) DESC 'RFC1274: mobile telephone number' > EQUALITY telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch > SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )) > > line 653 (attributetype ( 0.9.2342.19200300.100.1.42 NAME ( 'pager' > 'pagerTelephoneNumber' ) DESC 'RFC1274: pager telephone number' EQUALITY > telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.50 )) > > line 671 (attributetype ( 0.9.2342.19200300.100.1.43 NAME ( 'co' > 'friendlyCountryName' ) DESC 'RFC1274: friendly country name' EQUALITY > caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15 )) > > line 691 (attributetype ( 0.9.2342.19200300.100.1.44 NAME > 'uniqueIdentifier' DESC 'RFC1274: unique identifer' EQUALITY > caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 713 (attributetype ( 0.9.2342.19200300.100.1.45 NAME > 'organizationalStatus' DESC 'RFC1274: organizational status' EQUALITY > caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 734 (attributetype ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox' > DESC 'RFC1274: Janet mailbox' EQUALITY caseIgnoreIA5Match SUBSTR > caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )) > > line 764 (attributetype ( 0.9.2342.19200300.100.1.47 NAME > 'mailPreferenceOption' DESC 'RFC1274: mail preference option' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.27 )) > > line 781 (attributetype ( 0.9.2342.19200300.100.1.48 NAME 'buildingName' > DESC 'RFC1274: name of building' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 796 (attributetype ( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality' > DESC 'RFC1274: DSA Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 > SINGLE-VALUE )) > > line 811 (attributetype ( 0.9.2342.19200300.100.1.50 NAME > 'singleLevelQuality' DESC 'RFC1274: Single Level Quality' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )) > > line 827 (attributetype ( 0.9.2342.19200300.100.1.51 NAME > 'subtreeMinimumQuality' DESC 'RFC1274: Subtree Mininum Quality' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )) > > line 843 (attributetype ( 0.9.2342.19200300.100.1.52 NAME > 'subtreeMaximumQuality' DESC 'RFC1274: Subtree Maximun Quality' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )) > > line 865 (attributetype ( 0.9.2342.19200300.100.1.53 NAME > 'personalSignature' DESC 'RFC1274: Personal Signature (G3 fax)' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.23 )) > > line 884 (attributetype ( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect' > DESC 'RFC1274: DIT Redirect' EQUALITY distinguishedNameMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.12 )) > > line 900 (attributetype ( 0.9.2342.19200300.100.1.55 NAME 'audio' DESC > 'RFC1274: audio (u-law)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} )) > > line 916 (attributetype ( 0.9.2342.19200300.100.1.56 NAME > 'documentPublisher' DESC 'RFC1274: publisher of document' EQUALITY > caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15 )) > > line 1084 (objectclass ( 0.9.2342.19200300.100.4.4 NAME ( 'pilotPerson' > 'newPilotPerson' ) SUP person STRUCTURAL MAY ( userid $ > textEncodedORAddress $ rfc822Mailbox $ favouriteDrink $ roomNumber $ > userClass $ homeTelephoneNumber $ homePostalAddress $ secretary $ > personalTitle $ preferredDeliveryMethod $ businessCategory $ > janetMailbox $ otherMailbox $ mobileTelephoneNumber $ > pagerTelephoneNumber $ organizationalStatus $ mailPreferenceOption $ > personalSignature ) )) > > line 1110 (objectclass ( 0.9.2342.19200300.100.4.5 NAME 'account' SUP > top STRUCTURAL MUST userid MAY ( description $ seeAlso $ localityName $ > organizationName $ organizationalUnitName $ host ) )) > > line 1142 (objectclass ( 0.9.2342.19200300.100.4.6 NAME 'document' SUP > top STRUCTURAL MUST documentIdentifier MAY ( commonName $ description $ > seeAlso $ localityName $ organizationName $ organizationalUnitName $ > documentTitle $ documentVersion $ documentAuthor $ documentLocation $ > documentPublisher ) )) > > line 1165 (objectclass ( 0.9.2342.19200300.100.4.7 NAME 'room' SUP top > STRUCTURAL MUST commonName MAY ( roomNumber $ description $ seeAlso $ > telephoneNumber ) )) > > line 1191 (objectclass ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries' > SUP top STRUCTURAL MUST commonName MAY ( description $ seeAlso $ > telephonenumber $ localityName $ organizationName $ > organizationalUnitName ) )) > > line 1222 (objectclass ( 0.9.2342.19200300.100.4.13 NAME 'domain' SUP > top STRUCTURAL MUST domainComponent MAY ( associatedName $ > organizationName $ description $ businessCategory $ seeAlso $ > searchGuide $ userPassword $ localityName $ stateOrProvinceName $ > streetAddress $ physicalDeliveryOfficeName $ postalAddress $ postalCode > $ postOfficeBox $ streetAddress $ facsimileTelephoneNumber $ > internationalISDNNumber $ telephoneNumber $ teletexTerminalIdentifier $ > telexNumber $ preferredDeliveryMethod $ destinationIndicator $ > registeredAddress $ x121Address ) )) > > line 1252 (objectclass ( 0.9.2342.19200300.100.4.14 NAME > 'RFC822localPart' SUP domain STRUCTURAL MAY ( commonName $ surname $ > description $ seeAlso $ telephoneNumber $ physicalDeliveryOfficeName $ > postalAddress $ postalCode $ postOfficeBox $ streetAddress $ > facsimileTelephoneNumber $ internationalISDNNumber $ telephoneNumber $ > teletexTerminalIdentifier $ telexNumber $ preferredDeliveryMethod $ > destinationIndicator $ registeredAddress $ x121Address ) )) > > line 1275 (objectclass ( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' SUP > 'domain' STRUCTURAL MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $ > SOARecord $ CNAMERecord ) )) > > line 1293 (objectclass ( 0.9.2342.19200300.100.4.17 NAME > 'domainRelatedObject' DESC 'RFC1274: an object related to an domain' SUP > top AUXILIARY MUST associatedDomain )) > > line 1311 (objectclass ( 0.9.2342.19200300.100.4.18 NAME > 'friendlyCountry' SUP country STRUCTURAL MUST friendlyCountryName )) > > line 1345 (objectclass ( 0.9.2342.19200300.100.4.20 NAME > 'pilotOrganization' SUP ( organization $ organizationalUnit ) STRUCTURAL > MAY buildingName )) > > line 1361 (objectclass ( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA' SUP > dsa STRUCTURAL MAY dSAQuality )) > > line 1382 (objectclass ( 0.9.2342.19200300.100.4.22 NAME > 'qualityLabelledData' SUP top AUXILIARY MUST dsaQuality MAY ( > subtreeMinimumQuality $ subtreeMaximumQuality ) )) > > line 7 (include /etc/openldap/schema/inetorgperson.schema) > > reading config file /etc/openldap/schema/inetorgperson.schema > > line 36 (attributetype ( 2.16.840.1.113730.3.1.1 NAME 'carLicense' DESC > 'RFC2798: vehicle license or registration plate' EQUALITY > caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15 )) > > line 46 (attributetype ( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber' > DESC 'RFC2798: identifies a department within an organization' EQUALITY > caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15 )) > > line 59 (attributetype ( 2.16.840.1.113730.3.1.241 NAME 'displayName' > DESC 'RFC2798: preferred name to be used when displaying entries' > EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )) > > line 70 (attributetype ( 2.16.840.1.113730.3.1.3 NAME 'employeeNumber' > DESC 'RFC2798: numerically identifies an employee within an > organization' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )) > > line 81 (attributetype ( 2.16.840.1.113730.3.1.4 NAME 'employeeType' > DESC 'RFC2798: type of employment for a person' EQUALITY caseIgnoreMatch > SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )) > > line 92 (attributetype ( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto' > DESC 'RFC2798: a JPEG image' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 )) > > line 107 (attributetype ( 2.16.840.1.113730.3.1.39 NAME > 'preferredLanguage' DESC 'RFC2798: preferred written or spoken language > for a person' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )) > > line 123 (attributetype ( 2.16.840.1.113730.3.1.40 NAME > 'userSMIMECertificate' DESC 'RFC2798: PKCS#7 SignedData used to support > S/MIME' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )) > > line 135 (attributetype ( 2.16.840.1.113730.3.1.216 NAME 'userPKCS12' > DESC 'RFC2798: personal identity information, a PKCS #12 PFX' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.5 )) > > line 155 (objectclass ( 2.16.840.1.113730.3.2.2 NAME 'inetOrgPerson' > DESC 'RFC2798: Internet Organizational Person' SUP > organizationalPerson STRUCTURAL MAY ( audio $ businessCategory $ > carLicense $ departmentNumber $ displayName $ employeeNumber $ > employeeType $ givenName $ homePhone $ homePostalAddress $ initials $ > jpegPhoto $ labeledURI $ mail $ manager $ mobile $ o $ pager $ photo $ > roomNumber $ secretary $ uid $ userCertificate $ x500uniqueIdentifier $ > preferredLanguage $ userSMIMECertificate $ userPKCS12 ) )) > > line 8 (include /etc/openldap/schema/nis.schema) > > reading config file /etc/openldap/schema/nis.schema > > line 40 (attributetype ( 1.3.6.1.1.1.1.0 NAME 'uidNumber' DESC 'An > integer uniquely identifying a user in an administrative domain' > EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 45 (attributetype ( 1.3.6.1.1.1.1.1 NAME 'gidNumber' DESC 'An > integer uniquely identifying a group in an administrative domain' > EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 51 (attributetype ( 1.3.6.1.1.1.1.2 NAME 'gecos' DESC 'The GECOS > field; the common name' EQUALITY caseIgnoreIA5Match SUBSTR > caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 > SINGLE-VALUE )) > > line 56 (attributetype ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' DESC 'The > absolute path to the home directory' EQUALITY caseExactIA5Match SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )) > > line 61 (attributetype ( 1.3.6.1.1.1.1.4 NAME 'loginShell' DESC 'The > path to the login shell' EQUALITY caseExactIA5Match SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )) > > line 65 (attributetype ( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange' > EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 69 (attributetype ( 1.3.6.1.1.1.1.6 NAME 'shadowMin' EQUALITY > integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 73 (attributetype ( 1.3.6.1.1.1.1.7 NAME 'shadowMax' EQUALITY > integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 77 (attributetype ( 1.3.6.1.1.1.1.8 NAME 'shadowWarning' EQUALITY > integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 81 (attributetype ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive' EQUALITY > integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 85 (attributetype ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire' EQUALITY > integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 89 (attributetype ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' EQUALITY > integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 94 (attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY > caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26 )) > > line 99 (attributetype ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup' > EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26 )) > > line 103 (attributetype ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' DESC > 'Netgroup triple' SYNTAX 1.3.6.1.1.1.0.0 )) > > line 107 (attributetype ( 1.3.6.1.1.1.1.15 NAME 'ipServicePort' EQUALITY > integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 110 (attributetype ( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol' SUP > name )) > > line 114 (attributetype ( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber' > EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 118 (attributetype ( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber' EQUALITY > integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 123 (attributetype ( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber' DESC 'IP > address' EQUALITY caseIgnoreIA5Match SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26{128} )) > > line 128 (attributetype ( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber' DESC > 'IP network' EQUALITY caseIgnoreIA5Match SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )) > > line 133 (attributetype ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber' DESC > 'IP netmask' EQUALITY caseIgnoreIA5Match SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )) > > line 138 (attributetype ( 1.3.6.1.1.1.1.22 NAME 'macAddress' DESC 'MAC > address' EQUALITY caseIgnoreIA5Match SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26{128} )) > > line 142 (attributetype ( 1.3.6.1.1.1.1.23 NAME 'bootParameter' DESC > 'rpc.bootparamd parameter' SYNTAX 1.3.6.1.1.1.0.1 )) > > line 147 (attributetype ( 1.3.6.1.1.1.1.24 NAME 'bootFile' DESC 'Boot > image name' EQUALITY caseExactIA5Match SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26 )) > > line 150 (attributetype ( 1.3.6.1.1.1.1.26 NAME 'nisMapName' SUP name )) > > line 155 (attributetype ( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry' EQUALITY > caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26{1024} SINGLE-VALUE )) > > line 162 (objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' SUP top > AUXILIARY DESC 'Abstraction of an account with POSIX attributes' MUST ( > cn $ uid $ uidNumber $ gidNumber $ homeDirectory ) MAY ( userPassword $ > loginShell $ gecos $ description ) )) > > line 169 (objectclass ( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' SUP top > AUXILIARY DESC 'Additional attributes for shadow passwords' MUST uid MAY > ( userPassword $ shadowLastChange $ shadowMin $ shadowMax $ > shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ > description ) )) > > line 174 (objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' SUP top > STRUCTURAL DESC 'Abstraction of a group of accounts' MUST ( cn $ > gidNumber ) MAY ( userPassword $ memberUid $ description ) )) > > line 179 (objectclass ( 1.3.6.1.1.1.2.3 NAME 'ipService' SUP top > STRUCTURAL DESC 'Abstraction an Internet Protocol service' MUST ( cn $ > ipServicePort $ ipServiceProtocol ) MAY ( description ) )) > > line 184 (objectclass ( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' SUP top > STRUCTURAL DESC 'Abstraction of an IP protocol' MUST ( cn $ > ipProtocolNumber $ description ) MAY description )) > > line 189 (objectclass ( 1.3.6.1.1.1.2.5 NAME 'oncRpc' SUP top STRUCTURAL > DESC 'Abstraction of an ONC/RPC binding' MUST ( cn $ oncRpcNumber $ > description ) MAY description )) > > line 194 (objectclass ( 1.3.6.1.1.1.2.6 NAME 'ipHost' SUP top AUXILIARY > DESC 'Abstraction of a host, an IP device' MUST ( cn $ ipHostNumber ) > MAY ( l $ description $ manager ) )) > > line 199 (objectclass ( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' SUP top > STRUCTURAL DESC 'Abstraction of an IP network' MUST ( cn $ > ipNetworkNumber ) MAY ( ipNetmaskNumber $ l $ description $ manager ) )) > > line 204 (objectclass ( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' SUP top > STRUCTURAL DESC 'Abstraction of a netgroup' MUST cn MAY ( > nisNetgroupTriple $ memberNisNetgroup $ description ) )) > > line 209 (objectclass ( 1.3.6.1.1.1.2.9 NAME 'nisMap' SUP top STRUCTURAL > DESC 'A generic abstraction of a NIS map' MUST nisMapName MAY description )) > > line 214 (objectclass ( 1.3.6.1.1.1.2.10 NAME 'nisObject' SUP top > STRUCTURAL DESC 'An entry in a NIS map' MUST ( cn $ nisMapEntry $ > nisMapName ) MAY description )) > > line 218 (objectclass ( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' SUP top > AUXILIARY DESC 'A device with a MAC address' MAY macAddress )) > > line 222 (objectclass ( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' SUP top > AUXILIARY DESC 'A device with boot parameters' MAY ( bootFile $ > bootParameter ) )) > > line 11 (allow bind_v2) > > line 17 (pidfile /var/run/openldap/slapd.pid) > > line 18 (argsfile /var/run/openldap/slapd.args) > > line 68 (database bdb) > > bdb_db_init: Initializing BDB database > > line 69 (suffix "dc=tfis, dc=myserver, dc=org") > >>>> dnPrettyNormal: <dc=tfis, dc=myserver, dc=org> > > => ldap_bv2dn(dc=tfis, dc=myserver, dc=org,0) > > <= ldap_bv2dn(dc=tfis, dc=myserver, dc=org,0)=0 > > => ldap_dn2bv(272) > > <= ldap_dn2bv(dc=tfis,dc=myserver,dc=org,272)=0 > > => ldap_dn2bv(272) > > <= ldap_dn2bv(dc=tfis,dc=myserver,dc=org,272)=0 > > <<< dnPrettyNormal: <dc=tfis,dc=myserver,dc=org>, > <dc=tfis,dc=myserver,dc=org> > > line 70 (rootdn "cn=Manager,dc=tfis,dc=myserver,dc=org") > >>>> dnPrettyNormal: <cn=Manager,dc=tfis,dc=myserver,dc=org> > > => ldap_bv2dn(cn=Manager,dc=tfis,dc=myserver,dc=org,0) > > <= ldap_bv2dn(cn=Manager,dc=tfis,dc=myserver,dc=org,0)=0 > > => ldap_dn2bv(272) > > <= ldap_dn2bv(cn=Manager,dc=tfis,dc=myserver,dc=org,272)=0 > > => ldap_dn2bv(272) > > <= ldap_dn2bv(cn=manager,dc=tfis,dc=myserver,dc=org,272)=0 > > <<< dnPrettyNormal: <cn=Manager,dc=tfis,dc=myserver,dc=org>, > <cn=manager,dc=tfis,dc=myserver,dc=org> > > line 80 (directory /var/lib/ldap) > > line 83 (index objectClass eq,pres) > > index objectClass 0x0006 > > line 84 (index ou,cn,mail,surname,givenname eq,pres,sub) > > index ou 0x0716 > > index cn 0x0716 > > index mail 0x0716 > > index sn 0x0716 > > index givenName 0x0716 > > line 85 (index uidNumber,gidNumber,loginShell eq,pres) > > index uidNumber 0x0006 > > index gidNumber 0x0006 > > index loginShell 0x0006 > > line 86 (index uid,memberUid eq,pres,sub) > > index uid 0x0716 > > index memberUid 0x0716 > > line 87 (index nisMapName,nisMapEntry eq,pres,sub) > > index nisMapName 0x0716 > > index nisMapEntry 0x0716 > > line 96 (loglevel 4095) > > matching_rule_use_init > > 1.2.840.113556.1.4.804 (integerBitOrMatch): matchingRuleUse: ( > 1.2.840.113556.1.4.804 NAME 'integerBitOrMatch' APPLIES ( oncRpcNumber $ > ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire $ > shadowInactive $ shadowWarning $ shadowMax $ shadowMin $ > shadowLastChange $ gidNumber $ uidNumber $ mailPreferenceOption $ > supportedLDAPVersion ) ) > > 1.2.840.113556.1.4.803 (integerBitAndMatch): matchingRuleUse: ( > 1.2.840.113556.1.4.803 NAME 'integerBitAndMatch' APPLIES ( oncRpcNumber > $ ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire $ > shadowInactive $ shadowWarning $ shadowMax $ shadowMin $ > shadowLastChange $ gidNumber $ uidNumber $ mailPreferenceOption $ > supportedLDAPVersion ) ) > > 1.3.6.1.4.1.1466.109.114.2 (caseIgnoreIA5Match): matchingRuleUse: ( > 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' APPLIES ( > nisMapEntry $ bootFile $ macAddress $ ipNetmaskNumber $ ipNetworkNumber > $ ipHostNumber $ memberNisNetgroup $ memberUid $ loginShell $ > homeDirectory $ gecos $ janetMailbox $ cNAMERecord $ sOARecord $ > nSRecord $ mXRecord $ mDRecord $ aRecord $ email $ associatedDomain $ dc > $ mail $ altServer ) ) > > 1.3.6.1.4.1.1466.109.114.1 (caseExactIA5Match): matchingRuleUse: ( > 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' APPLIES ( > nisMapEntry $ bootFile $ macAddress $ ipNetmaskNumber $ ipNetworkNumber > $ ipHostNumber $ memberNisNetgroup $ memberUid $ loginShell $ > homeDirectory $ gecos $ janetMailbox $ cNAMERecord $ sOARecord $ > nSRecord $ mXRecord $ mDRecord $ aRecord $ email $ associatedDomain $ dc > $ mail $ altServer ) ) > > 2.5.13.35 (certificateMatch): matchingRuleUse: ( 2.5.13.35 NAME > 'certificateMatch' APPLIES ( cACertificate $ userCertificate ) ) > > 2.5.13.34 (certificateExactMatch): matchingRuleUse: ( 2.5.13.34 NAME > 'certificateExactMatch' APPLIES ( cACertificate $ userCertificate ) ) > > 2.5.13.30 (objectIdentifierFirstComponentMatch): matchingRuleUse: ( > 2.5.13.30 NAME 'objectIdentifierFirstComponentMatch' APPLIES ( > supportedApplicationContext $ ldapSyntaxes $ supportedFeatures $ > supportedExtension $ supportedControl ) ) > > 2.5.13.29 (integerFirstComponentMatch): matchingRuleUse: ( 2.5.13.29 > NAME 'integerFirstComponentMatch' APPLIES ( oncRpcNumber $ > ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire $ > shadowInactive $ shadowWarning $ shadowMax $ shadowMin $ > shadowLastChange $ gidNumber $ uidNumber $ mailPreferenceOption $ > supportedLDAPVersion ) ) > > 2.5.13.27 (generalizedTimeMatch): matchingRuleUse: ( 2.5.13.27 NAME > 'generalizedTimeMatch' APPLIES ( modifyTimestamp $ createTimestamp ) ) > > 2.5.13.24 (protocolInformationMatch): matchingRuleUse: ( 2.5.13.24 > NAME 'protocolInformationMatch' APPLIES protocolInformation ) > > 2.5.13.23 (uniqueMemberMatch): matchingRuleUse: ( 2.5.13.23 NAME > 'uniqueMemberMatch' APPLIES uniqueMember ) > > 2.5.13.22 (presentationAddressMatch): matchingRuleUse: ( 2.5.13.22 > NAME 'presentationAddressMatch' APPLIES presentationAddress ) > > 2.5.13.20 (telephoneNumberMatch): matchingRuleUse: ( 2.5.13.20 NAME > 'telephoneNumberMatch' APPLIES ( pager $ mobile $ homePhone $ > telephoneNumber ) ) > > 2.5.13.17 (octetStringMatch): matchingRuleUse: ( 2.5.13.17 NAME > 'octetStringMatch' APPLIES userPassword ) > > 2.5.13.16 (bitStringMatch): matchingRuleUse: ( 2.5.13.16 NAME > 'bitStringMatch' APPLIES x500UniqueIdentifier ) > > 2.5.13.14 (integerMatch): matchingRuleUse: ( 2.5.13.14 NAME > 'integerMatch' APPLIES ( oncRpcNumber $ ipProtocolNumber $ ipServicePort > $ shadowFlag $ shadowExpire $ shadowInactive $ shadowWarning $ shadowMax > $ shadowMin $ shadowLastChange $ gidNumber $ uidNumber $ > mailPreferenceOption $ supportedLDAPVersion ) ) > > 2.5.13.13 (booleanMatch): matchingRuleUse: ( 2.5.13.13 NAME > 'booleanMatch' APPLIES hasSubordinates ) > > 2.5.13.11 (caseIgnoreListMatch): matchingRuleUse: ( 2.5.13.11 NAME > 'caseIgnoreListMatch' APPLIES ( homePostalAddress $ registeredAddress $ > postalAddress ) ) > > 2.5.13.8 (numericStringMatch): matchingRuleUse: ( 2.5.13.8 NAME > 'numericStringMatch' APPLIES ( internationaliSDNNumber $ x121Address ) ) > > 2.5.13.7 (caseExactSubstringsMatch): matchingRuleUse: ( 2.5.13.7 > NAME 'caseExactSubstringsMatch' APPLIES ( dnQualifier $ > destinationIndicator $ serialNumber ) ) > > 2.5.13.6 (caseExactOrderingMatch): matchingRuleUse: ( 2.5.13.6 NAME > 'caseExactOrderingMatch' APPLIES ( dnQualifier $ destinationIndicator $ > serialNumber ) ) > > 2.5.13.5 (caseExactMatch): matchingRuleUse: ( 2.5.13.5 NAME > 'caseExactMatch' APPLIES ( nisMapName $ ipServiceProtocol $ > preferredLanguage $ employeeType $ employeeNumber $ displayName $ > departmentNumber $ carLicense $ documentPublisher $ buildingName $ > organizationalStatus $ uniqueIdentifier $ co $ personalTitle $ > documentLocation $ documentVersion $ documentTitle $ documentIdentifier > $ host $ userClass $ roomNumber $ drink $ info $ textEncodedORAddress $ > uid $ dmdName $ houseIdentifier $ dnQualifier $ generationQualifier $ > initials $ givenName $ destinationIndicator $ physicalDeliveryOfficeName > $ postOfficeBox $ postalCode $ businessCategory $ description $ title $ > ou $ o $ street $ st $ l $ c $ serialNumber $ sn $ knowledgeInformation > $ labeledURI $ cn $ name $ ref $ vendorVersion $ vendorName $ > supportedSASLMechanisms ) ) > > 2.5.13.4 (caseIgnoreSubstringsMatch): matchingRuleUse: ( 2.5.13.4 > NAME 'caseIgnoreSubstringsMatch' APPLIES ( dnQualifier $ > destinationIndicator $ serialNumber ) ) > > 2.5.13.3 (caseIgnoreOrderingMatch): matchingRuleUse: ( 2.5.13.3 NAME > 'caseIgnoreOrderingMatch' APPLIES ( dnQualifier $ destinationIndicator $ > serialNumber ) ) > > 2.5.13.2 (caseIgnoreMatch): matchingRuleUse: ( 2.5.13.2 NAME > 'caseIgnoreMatch' APPLIES ( nisMapName $ ipServiceProtocol $ > preferredLanguage $ employeeType $ employeeNumber $ displayName $ > departmentNumber $ carLicense $ documentPublisher $ buildingName $ > organizationalStatus $ uniqueIdentifier $ co $ personalTitle $ > documentLocation $ documentVersion $ documentTitle $ documentIdentifier > $ host $ userClass $ roomNumber $ drink $ info $ textEncodedORAddress $ > uid $ dmdName $ houseIdentifier $ dnQualifier $ generationQualifier $ > initials $ givenName $ destinationIndicator $ physicalDeliveryOfficeName > $ postOfficeBox $ postalCode $ businessCategory $ description $ title $ > ou $ o $ street $ st $ l $ c $ serialNumber $ sn $ knowledgeInformation > $ labeledURI $ cn $ name $ ref $ vendorVersion $ vendorName $ > supportedSASLMechanisms ) ) > > 2.5.13.1 (distinguishedNameMatch): matchingRuleUse: ( 2.5.13.1 NAME > 'distinguishedNameMatch' APPLIES ( dITRedirect $ associatedName $ > secretary $ documentAuthor $ manager $ seeAlso $ roleOccupant $ owner $ > member $ distinguishedName $ aliasedObjectName $ namingContexts $ > subschemaSubentry $ modifiersName $ creatorsName ) ) > > 2.5.13.0 (objectIdentifierMatch): matchingRuleUse: ( 2.5.13.0 NAME > 'objectIdentifierMatch' APPLIES ( supportedApplicationContext $ > supportedFeatures $ supportedExtension $ supportedControl ) ) > > slapd startup: initiated. > > bdb_db_open: dc=tfis,dc=myserver,dc=org > > bdb_db_open: dbenv_open(/var/lib/ldap) > > > as you can see the daemon_init opens some listener, but not much to see! > i hope this is helpful !! thank you anyway -- Zdenek Styblik Net/Linux admin OS TurnovFree.net email: stybla(a)turnovfree.net jabber: stybla(a)jabber.turnovfree.net

1 0

Re: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
by Mingyur Koblensky 01 Mar '10

01 Mar '10

additional info: [root@myserver openldap]# fuser -n tcp 389 here: 389 [root@myserver openldap]# no process is using that port, i suppose the easy way to resolved temporarily is to: 1) cp /usr/lib/ldap 2) cp configuration files 3) configure the web application to use the new slapd server do you see any drawback ? i suppose also that i cant use the slapadd and slapcat utility since ldap is not reachable On 1 March 2010 10:10, Mingyur Koblensky <mingyur(a)gmail.com> wrote: > Hi, > >> >> Please, update to the latest OpenLDAP 2.4.21 release. The one you're >> playing with is 6 years old. >> > > yes, it is very old but from the repository of redhat enterprise 4. I have > installed the same package on another RH 4 and not problems... > > >> >> You can try to start % slapd; from command line and see what the problem >> is/might be. >> >> As a root or whoever is supposed to run OpenLDAP: >> # slapd -h 'ldap://127.0.0.1' -d 256; > > > [root@myserver openldap]# /usr/sbin/slapd -d 4095 -u ldap -h ldap:/// > > @(#) $OpenLDAP: slapd 2.2.13 (Jul 8 2009 10:40:09) $ > > mockbuild@x86-002.build.bos.redhat.com:/builddir/build/BUILD/openldap > -2.2.13/openldap-2.2.13/build-servers/servers/slapd > > daemon_init: ldap:/// > > daemon_init: listen on ldap:/// > > daemon_init: 1 listeners to open... > > ldap_url_parse_ext(ldap:///) > > daemon: initialized ldap:/// > > daemon_init: 2 listeners opened > > slapd init: initiated server. > > slap_sasl_init: initialized! > > bdb_initialize: initialize BDB backend > > bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December 3, > 2003) > > bdb_initialize: initialize BDB backend > > bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December 3, > 2003) > > reading config file /etc/openldap/slapd.conf > > line 5 (include /etc/openldap/schema/core.schema) > > reading config file /etc/openldap/schema/core.schema > > line 77 (attributetype ( 2.5.4.2 NAME 'knowledgeInformation' DESC > 'RFC2256: knowledge information' EQUALITY caseIgnoreMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15{32768} )) > > line 86 (attributetype ( 2.5.4.4 NAME ( 'sn' 'surname' ) DESC 'RFC2256: > last (family) name(s) for which the entity is known by' SUP name )) > > line 92 (attributetype ( 2.5.4.5 NAME 'serialNumber' DESC 'RFC2256: serial > number of the entity' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} )) > > line 96 (attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) DESC 'RFC2256: > ISO-3166 country 2-letter code' SUP name SINGLE-VALUE )) > > line 100 (attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' ) DESC > 'RFC2256: locality which this object resides in' SUP name )) > > line 104 (attributetype ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) DESC > 'RFC2256: state or province which this object resides in' SUP name )) > > line 110 (attributetype ( 2.5.4.9 NAME ( 'street' 'streetAddress' ) DESC > 'RFC2256: street address of this object' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )) > > line 114 (attributetype ( 2.5.4.10 NAME ( 'o' 'organizationName' ) DESC > 'RFC2256: organization this object belongs to' SUP name )) > > line 118 (attributetype ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) > DESC 'RFC2256: organizational unit this object belongs to' SUP name )) > > line 122 (attributetype ( 2.5.4.12 NAME 'title' DESC 'RFC2256: title > associated with the entity' SUP name )) > > line 128 (attributetype ( 2.5.4.13 NAME 'description' DESC 'RFC2256: > descriptive information' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )) > > line 133 (attributetype ( 2.5.4.14 NAME 'searchGuide' DESC 'RFC2256: > search guide, obsoleted by enhancedSearchGuide' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.25 )) > > line 139 (attributetype ( 2.5.4.15 NAME 'businessCategory' DESC 'RFC2256: > business category' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )) > > line 145 (attributetype ( 2.5.4.16 NAME 'postalAddress' DESC 'RFC2256: > postal address' EQUALITY caseIgnoreListMatch SUBSTR > caseIgnoreListSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )) > > line 151 (attributetype ( 2.5.4.17 NAME 'postalCode' DESC 'RFC2256: postal > code' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15{40} )) > > line 157 (attributetype ( 2.5.4.18 NAME 'postOfficeBox' DESC 'RFC2256: > Post Office Box' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )) > > line 163 (attributetype ( 2.5.4.19 NAME 'physicalDeliveryOfficeName' DESC > 'RFC2256: Physical Delivery Office Name' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )) > > line 169 (attributetype ( 2.5.4.20 NAME 'telephoneNumber' DESC 'RFC2256: > Telephone Number' EQUALITY telephoneNumberMatch SUBSTR > telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )) > > line 173 (attributetype ( 2.5.4.21 NAME 'telexNumber' DESC 'RFC2256: TelexNumber' SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 )) > > line 177 (attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier' DESC > 'RFC2256: Teletex Terminal Identifier' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.51 )) > > line 181 (attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' > ) DESC 'RFC2256: Facsimile (Fax) Telephone Number' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.22 )) > > line 187 (attributetype ( 2.5.4.24 NAME 'x121Address' DESC 'RFC2256: X.121 > Address' EQUALITY numericStringMatch SUBSTR numericStringSubstringsMatch > SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} )) > > line 193 (attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber' DESC > 'RFC2256: international ISDN number' EQUALITY numericStringMatch SUBSTR > numericStringSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )) > > line 198 (attributetype ( 2.5.4.26 NAME 'registeredAddress' DESC 'RFC2256: > registered postal address' SUP postalAddress SYNTAX > 1.3.6.1.4.1.1466.115.121.1.41 )) > > line 204 (attributetype ( 2.5.4.27 NAME 'destinationIndicator' DESC > 'RFC2256: destination indicator' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )) > > line 209 (attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod' DESC > 'RFC2256: preferred delivery method' SYNTAX 1.3.6.1.4.1.1466.115.121.1.14 > SINGLE-VALUE )) > > line 215 (attributetype ( 2.5.4.29 NAME 'presentationAddress' DESC > 'RFC2256: presentation address' EQUALITY presentationAddressMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.43 SINGLE-VALUE )) > > line 220 (attributetype ( 2.5.4.30 NAME 'supportedApplicationContext' DESC > 'RFC2256: supported application context' EQUALITY objectIdentifierMatch > SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )) > > line 224 (attributetype ( 2.5.4.31 NAME 'member' DESC 'RFC2256: member of > a group' SUP distinguishedName )) > > line 228 (attributetype ( 2.5.4.32 NAME 'owner' DESC 'RFC2256: owner (of > the object)' SUP distinguishedName )) > > line 232 (attributetype ( 2.5.4.33 NAME 'roleOccupant' DESC 'RFC2256: > occupant of role' SUP distinguishedName )) > > line 236 (attributetype ( 2.5.4.34 NAME 'seeAlso' DESC 'RFC2256: DN of > related object' SUP distinguishedName )) > > line 249 (attributetype ( 2.5.4.36 NAME 'userCertificate' DESC 'RFC2256: > X.509 user certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.8 )) > > line 256 (attributetype ( 2.5.4.37 NAME 'cACertificate' DESC 'RFC2256: > X.509 CA certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.8 )) > > line 261 (attributetype ( 2.5.4.38 NAME 'authorityRevocationList' DESC > 'RFC2256: X.509 authority revocation list, use ;binary' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.9 )) > > line 266 (attributetype ( 2.5.4.39 NAME 'certificateRevocationList' DESC > 'RFC2256: X.509 certificate revocation list, use ;binary' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.9 )) > > line 271 (attributetype ( 2.5.4.40 NAME 'crossCertificatePair' DESC > 'RFC2256: X.509 cross certificate pair, use ;binary' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.10 )) > > line 281 (attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' ) DESC > 'RFC2256: first name(s) for which the entity is known by' SUP name )) > > line 285 (attributetype ( 2.5.4.43 NAME 'initials' DESC 'RFC2256: initials > of some or all of names, but not the surname(s).' SUP name )) > > line 289 (attributetype ( 2.5.4.44 NAME 'generationQualifier' DESC > 'RFC2256: name qualifier indicating a generation' SUP name )) > > line 294 (attributetype ( 2.5.4.45 NAME 'x500UniqueIdentifier' DESC > 'RFC2256: X.500 unique identifier' EQUALITY bitStringMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.6 )) > > line 301 (attributetype ( 2.5.4.46 NAME 'dnQualifier' DESC 'RFC2256: DN > qualifier' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )) > > line 305 (attributetype ( 2.5.4.47 NAME 'enhancedSearchGuide' DESC > 'RFC2256: enhanced search guide' SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 )) > > line 310 (attributetype ( 2.5.4.48 NAME 'protocolInformation' DESC > 'RFC2256: protocol information' EQUALITY protocolInformationMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.42 )) > > line 320 (attributetype ( 2.5.4.50 NAME 'uniqueMember' DESC 'RFC2256: > unique member of a group' EQUALITY uniqueMemberMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.34 )) > > line 326 (attributetype ( 2.5.4.51 NAME 'houseIdentifier' DESC 'RFC2256: > house identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )) > > line 331 (attributetype ( 2.5.4.52 NAME 'supportedAlgorithms' DESC > 'RFC2256: supported algorithms' SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 )) > > line 336 (attributetype ( 2.5.4.53 NAME 'deltaRevocationList' DESC > 'RFC2256: delta revocation list; use ;binary' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.9 )) > > line 340 (attributetype ( 2.5.4.54 NAME 'dmdName' DESC 'RFC2256: name of > DMD' SUP name )) > > line 355 (objectclass ( 2.5.6.2 NAME 'country' DESC 'RFC2256: a country' > SUP top STRUCTURAL MUST c MAY ( searchGuide $ description ) )) > > line 360 (objectclass ( 2.5.6.3 NAME 'locality' DESC 'RFC2256: a locality' > SUP top STRUCTURAL MAY ( street $ seeAlso $ searchGuide $ st $ l $ > description ) )) > > line 371 (objectclass ( 2.5.6.4 NAME 'organization' DESC 'RFC2256: an > organization' SUP top STRUCTURAL MUST o MAY ( userPassword $ searchGuide $ > seeAlso $ businessCategory $ x121Address $ registeredAddress $ > destinationIndicator $ preferredDeliveryMethod $ telexNumber $ > teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber > $ street $ postOfficeBox $ postalCode $ postalAddress $ > physicalDeliveryOfficeName $ st $ l $ description ) )) > > line 382 (objectclass ( 2.5.6.5 NAME 'organizationalUnit' DESC 'RFC2256: > an organizational unit' SUP top STRUCTURAL MUST ou MAY ( userPassword $ > searchGuide $ seeAlso $ businessCategory $ x121Address $ registeredAddress > $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ > teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber > $ street $ postOfficeBox $ postalCode $ postalAddress $ > physicalDeliveryOfficeName $ st $ l $ description ) )) > > line 388 (objectclass ( 2.5.6.6 NAME 'person' DESC 'RFC2256: a person' SUP > top STRUCTURAL MUST ( sn $ cn ) MAY ( userPassword $ telephoneNumber $ > seeAlso $ description ) )) > > line 397 (objectclass ( 2.5.6.7 NAME 'organizationalPerson' DESC 'RFC2256: > an organizational person' SUP person STRUCTURAL MAY ( title $ x121Address $ > registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ > telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ > internationaliSDNNumber $ facsimileTelephoneNumber $ street $ > postOfficeBox $ postalCode $postalAddress $ physicalDeliveryOfficeName $ > ou $ st $ l ) )) > > line 408 (objectclass ( 2.5.6.8 NAME 'organizationalRole' DESC 'RFC2256: an > organizational role' SUP top STRUCTURAL MUST cn MAY ( x121Address $ > registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ > telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ > internationaliSDNNumber $ facsimileTelephoneNumber $ seeAlso $ > roleOccupant $ preferredDeliveryMethod $ street $ postOfficeBox $ > postalCode $ postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l $ > description ) )) > > line 414 (objectclass ( 2.5.6.9 NAME 'groupOfNames' DESC 'RFC2256: a group > of names (DNs)' SUP top STRUCTURAL MUST ( member $ cn ) MAY ( > businessCategory $ seeAlso $ owner $ ou $ o $ description ) )) > > line 425 (objectclass ( 2.5.6.10 NAME 'residentialPerson' DESC 'RFC2256: an > residential person' SUP person STRUCTURAL MUST l MAY ( businessCategory $ > x121Address $ registeredAddress $ destinationIndicator $ > preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ > telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ > preferredDeliveryMethod $ street $ postOfficeBox $ postalCode $ > postalAddress $ physicalDeliveryOfficeName $ st $ l ) )) > > line 431 (objectclass ( 2.5.6.11 NAME 'applicationProcess' DESC 'RFC2256: > an application process' SUP top STRUCTURAL MUST cn MAY ( seeAlso $ ou $ l $ > description ) )) > > line 438 (objectclass ( 2.5.6.12 NAME 'applicationEntity' DESC 'RFC2256: an > application entity' SUP top STRUCTURAL MUST ( presentationAddress $ cn ) MAY > ( supportedApplicationContext $ seeAlso $ ou $ o $ l $ description ) )) > > line 443 (objectclass ( 2.5.6.13 NAME 'dSA' DESC 'RFC2256: a directory > system agent (a server)' SUP applicationEntity STRUCTURAL MAY > knowledgeInformation )) > > line 449 (objectclass ( 2.5.6.14 NAME 'device' DESC 'RFC2256: a device' SUP > top STRUCTURAL MUST cn MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ > description ) )) > > line 454 (objectclass ( 2.5.6.15 NAME 'strongAuthenticationUser' DESC > 'RFC2256: a strong authentication user' SUP top AUXILIARY MUST > userCertificate )) > > line 460 (objectclass ( 2.5.6.16 NAME 'certificationAuthority' DESC > 'RFC2256: a certificate authority' SUP top AUXILIARY MUST ( > authorityRevocationList $ certificateRevocationList $ cACertificate ) MAY > crossCertificatePair )) > > line 466 (objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames' DESC 'RFC2256: a > group of unique names (DN and Unique Identifier)' SUP top STRUCTURAL MUST ( > uniqueMember $ cn ) MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ > description ) )) > > line 471 (objectclass ( 2.5.6.18 NAME 'userSecurityInformation' DESC > 'RFC2256: a user security information' SUP top AUXILIARY MAY ( > supportedAlgorithms ) )) > > line 475 (objectclass ( 2.5.6.16.2 NAME 'certificationAuthority-V2' SUP > certificationAuthority AUXILIARY MAY ( deltaRevocationList ) )) > > line 481 (objectclass ( 2.5.6.19 NAME 'cRLDistributionPoint' SUP top > STRUCTURAL MUST ( cn ) MAY ( certificateRevocationList $ > authorityRevocationList $ deltaRevocationList ) )) > > line 491 (objectclass ( 2.5.6.20 NAME 'dmd' SUP top STRUCTURAL MUST ( > dmdName ) MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ x121Address > $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ > telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ > internationaliSDNNumber $ facsimileTelephoneNumber $ street $ > postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ > st $ l $ description ) )) > > line 499 (objectclass ( 2.5.6.21 NAME 'pkiUser' DESC 'RFC2587: a PKI user' > SUP top AUXILIARY MAY userCertificate )) > > line 505 (objectclass ( 2.5.6.22 NAME 'pkiCA' DESC 'RFC2587: PKI > certificate authority' SUP top AUXILIARY MAY ( authorityRevocationList $ > certificateRevocationList $ cACertificate $ crossCertificatePair ) )) > > line 510 (objectclass ( 2.5.6.23 NAME 'deltaCRL' DESC 'RFC2587: PKI user' > SUP top AUXILIARY MAY deltaRevocationList )) > > line 523 (objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject' DESC > 'RFC2079: object that contains the URI attribute type' MAY ( labeledURI ) > SUP top AUXILIARY )) > > line 533 (attributetype ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' ) > DESC 'RFC1274: user identifier' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 540 (attributetype ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' > 'rfc822Mailbox' ) DESC 'RFC1274: RFC822 Mailbox' EQUALITY > caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26{256} )) > > line 545 (objectclass ( 0.9.2342.19200300.100.4.19 NAME > 'simpleSecurityObject' DESC 'RFC1274: simple security object' SUP top > AUXILIARY MUST userPassword )) > > line 553 (attributetype ( 0.9.2342.19200300.100.1.25 NAME ( 'dc' > 'domainComponent' ) DESC 'RFC1274/2247: domain component' EQUALITY > caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )) > > line 558 (objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject' DESC 'RFC2247: > domain component object' SUP top AUXILIARY MUST dc )) > > line 563 (objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject' DESC 'RFC2377: uid > object' SUP top AUXILIARY MUST uid )) > > line 571 (attributetype ( 0.9.2342.19200300.100.1.37 NAME > 'associatedDomain' DESC 'RFC1274: domain associated with object' EQUALITY > caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26 )) > > line 579 (attributetype ( 1.2.840.113549.1.9.1 NAME ( 'email' > 'emailAddress' 'pkcs9email' ) DESC 'RFC2459: legacy attribute for email > addresses in DNs' EQUALITY caseIgnoreIA5Match SUBSTR > caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )) > > >>> dnNormalize: <cn=Subschema> > > => ldap_bv2dn(cn=Subschema,0) > > <= ldap_bv2dn(cn=Subschema,0)=0 > > => ldap_dn2bv(272) > > <= ldap_dn2bv(cn=subschema,272)=0 > > <<< dnNormalize: <cn=subschema> > > line 6 (include /etc/openldap/schema/cosine.schema) > > reading config file /etc/openldap/schema/cosine.schema > > line 130 (attributetype ( 0.9.2342.19200300.100.1.2 NAME > 'textEncodedORAddress' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 168 (attributetype ( 0.9.2342.19200300.100.1.4 NAME 'info' DESC > 'RFC1274: general information' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} )) > > line 187 (attributetype ( 0.9.2342.19200300.100.1.5 NAME ( 'drink' > 'favouriteDrink' ) DESC 'RFC1274: favorite drink' EQUALITY caseIgnoreMatch > SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} > )) > > line 205 (attributetype ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' DESC > 'RFC1274: room number' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 227 (attributetype ( 0.9.2342.19200300.100.1.7 NAME 'photo' DESC > 'RFC1274: photo (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} )) > > line 248 (attributetype ( 0.9.2342.19200300.100.1.8 NAME 'userClass' DESC > 'RFC1274: categorory of user' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 264 (attributetype ( 0.9.2342.19200300.100.1.9 NAME 'host' DESC > 'RFC1274: host computer' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 279 (attributetype ( 0.9.2342.19200300.100.1.10 NAME 'manager' DESC > 'RFC1274: DN of manager' EQUALITY distinguishedNameMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.12 )) > > line 296 (attributetype ( 0.9.2342.19200300.100.1.11 NAME > 'documentIdentifier' DESC 'RFC1274: unique identifier of document' EQUALITY > caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 312 (attributetype ( 0.9.2342.19200300.100.1.12 NAME 'documentTitle' > DESC 'RFC1274: title of document' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 329 (attributetype ( 0.9.2342.19200300.100.1.13 NAME 'documentVersion' > DESC 'RFC1274: version of document' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 344 (attributetype ( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor' > DESC 'RFC1274: DN of author of document' EQUALITY distinguishedNameMatch > SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )) > > line 361 (attributetype ( 0.9.2342.19200300.100.1.15 NAME > 'documentLocation' DESC 'RFC1274: location of document original' EQUALITY > caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 380 (attributetype ( 0.9.2342.19200300.100.1.20 DESC 'RFC1274: home > telephone number' NAME ( 'homePhone' 'homeTelephoneNumber' ) EQUALITY > telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.50 )) > > line 395 (attributetype ( 0.9.2342.19200300.100.1.21 NAME 'secretary' DESC > 'RFC1274: DN of secretary' EQUALITY distinguishedNameMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.12 )) > > line 411 (attributetype ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox' > SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 )) > > line 480 (attributetype ( 0.9.2342.19200300.100.1.26 NAME 'aRecord' > EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) > > line 486 (attributetype ( 0.9.2342.19200300.100.1.27 NAME 'mDRecord' > EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) > > line 501 (attributetype ( 0.9.2342.19200300.100.1.28 NAME 'mXRecord' > EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) > > line 516 (attributetype ( 0.9.2342.19200300.100.1.29 NAME 'nSRecord' > EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) > > line 531 (attributetype ( 0.9.2342.19200300.100.1.30 NAME 'sOARecord' > EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) > > line 546 (attributetype ( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord' > EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) > > line 581 (attributetype ( 0.9.2342.19200300.100.1.38 NAME 'associatedName' > DESC 'RFC1274: DN of entry associated with domain' EQUALITY > distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )) > > line 599 (attributetype ( 0.9.2342.19200300.100.1.39 NAME > 'homePostalAddress' DESC 'RFC1274: home postal address' EQUALITY > caseIgnoreListMatch SUBSTR caseIgnoreListSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.41 )) > > line 616 (attributetype ( 0.9.2342.19200300.100.1.40 NAME 'personalTitle' > DESC 'RFC1274: personal title' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 635 (attributetype ( 0.9.2342.19200300.100.1.41 NAME ( 'mobile' > 'mobileTelephoneNumber' ) DESC 'RFC1274: mobile telephone number' EQUALITY > telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.50 )) > > line 653 (attributetype ( 0.9.2342.19200300.100.1.42 NAME ( 'pager' > 'pagerTelephoneNumber' ) DESC 'RFC1274: pager telephone number' EQUALITY > telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.50 )) > > line 671 (attributetype ( 0.9.2342.19200300.100.1.43 NAME ( 'co' > 'friendlyCountryName' ) DESC 'RFC1274: friendly country name' EQUALITY > caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15 )) > > line 691 (attributetype ( 0.9.2342.19200300.100.1.44 NAME > 'uniqueIdentifier' DESC 'RFC1274: unique identifer' EQUALITY caseIgnoreMatch > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 713 (attributetype ( 0.9.2342.19200300.100.1.45 NAME > 'organizationalStatus' DESC 'RFC1274: organizational status' EQUALITY > caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 734 (attributetype ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox' > DESC 'RFC1274: Janet mailbox' EQUALITY caseIgnoreIA5Match SUBSTR > caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )) > > line 764 (attributetype ( 0.9.2342.19200300.100.1.47 NAME > 'mailPreferenceOption' DESC 'RFC1274: mail preference option' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.27 )) > > line 781 (attributetype ( 0.9.2342.19200300.100.1.48 NAME 'buildingName' > DESC 'RFC1274: name of building' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )) > > line 796 (attributetype ( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality' DESC > 'RFC1274: DSA Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 SINGLE-VALUE )) > > line 811 (attributetype ( 0.9.2342.19200300.100.1.50 NAME > 'singleLevelQuality' DESC 'RFC1274: Single Level Quality' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )) > > line 827 (attributetype ( 0.9.2342.19200300.100.1.51 NAME > 'subtreeMinimumQuality' DESC 'RFC1274: Subtree Mininum Quality' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )) > > line 843 (attributetype ( 0.9.2342.19200300.100.1.52 NAME > 'subtreeMaximumQuality' DESC 'RFC1274: Subtree Maximun Quality' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )) > > line 865 (attributetype ( 0.9.2342.19200300.100.1.53 NAME > 'personalSignature' DESC 'RFC1274: Personal Signature (G3 fax)' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.23 )) > > line 884 (attributetype ( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect' > DESC 'RFC1274: DIT Redirect' EQUALITY distinguishedNameMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.12 )) > > line 900 (attributetype ( 0.9.2342.19200300.100.1.55 NAME 'audio' DESC > 'RFC1274: audio (u-law)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} )) > > line 916 (attributetype ( 0.9.2342.19200300.100.1.56 NAME > 'documentPublisher' DESC 'RFC1274: publisher of document' EQUALITY > caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15 )) > > line 1084 (objectclass ( 0.9.2342.19200300.100.4.4 NAME ( 'pilotPerson' > 'newPilotPerson' ) SUP person STRUCTURAL MAY ( userid $ textEncodedORAddress > $ rfc822Mailbox $ favouriteDrink $ roomNumber $ userClass $ homeTelephoneNumber > $ homePostalAddress $ secretary $ personalTitle $ preferredDeliveryMethod > $ businessCategory $ janetMailbox $ otherMailbox $ mobileTelephoneNumber $ > pagerTelephoneNumber $ organizationalStatus $ mailPreferenceOption $ > personalSignature ) )) > > line 1110 (objectclass ( 0.9.2342.19200300.100.4.5 NAME 'account' SUP top > STRUCTURAL MUST userid MAY ( description $ seeAlso $ localityName $ organizationName > $ organizationalUnitName $ host ) )) > > line 1142 (objectclass ( 0.9.2342.19200300.100.4.6 NAME 'document' SUP top > STRUCTURAL MUST documentIdentifier MAY ( commonName $ description $ seeAlso > $ localityName $ organizationName $ organizationalUnitName $ documentTitle > $ documentVersion $ documentAuthor $ documentLocation $ documentPublisher > ) )) > > line 1165 (objectclass ( 0.9.2342.19200300.100.4.7 NAME 'room' SUP top > STRUCTURAL MUST commonName MAY ( roomNumber $ description $ seeAlso $ > telephoneNumber ) )) > > line 1191 (objectclass ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries' > SUP top STRUCTURAL MUST commonName MAY ( description $ seeAlso $ > telephonenumber $ localityName $ organizationName $ organizationalUnitName > ) )) > > line 1222 (objectclass ( 0.9.2342.19200300.100.4.13 NAME 'domain' SUP top > STRUCTURAL MUST domainComponent MAY ( associatedName $ organizationName $ > description $ businessCategory $ seeAlso $ searchGuide $ userPassword $ localityName > $ stateOrProvinceName $ streetAddress $ physicalDeliveryOfficeName $ > postalAddress $ postalCode $ postOfficeBox $ streetAddress $ > facsimileTelephoneNumber $ internationalISDNNumber $ telephoneNumber $ > teletexTerminalIdentifier $ telexNumber $ preferredDeliveryMethod $ > destinationIndicator $ registeredAddress $ x121Address ) )) > > line 1252 (objectclass ( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart' > SUP domain STRUCTURAL MAY ( commonName $ surname $ description $ seeAlso $ > telephoneNumber $ physicalDeliveryOfficeName $ postalAddress $ postalCode > $ postOfficeBox $ streetAddress $ facsimileTelephoneNumber $ > internationalISDNNumber $ telephoneNumber $ teletexTerminalIdentifier $ telexNumber > $ preferredDeliveryMethod $ destinationIndicator $ registeredAddress $ > x121Address ) )) > > line 1275 (objectclass ( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' SUP > 'domain' STRUCTURAL MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $ SOARecord > $ CNAMERecord ) )) > > line 1293 (objectclass ( 0.9.2342.19200300.100.4.17 NAME > 'domainRelatedObject' DESC 'RFC1274: an object related to an domain' SUP top > AUXILIARY MUST associatedDomain )) > > line 1311 (objectclass ( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry' > SUP country STRUCTURAL MUST friendlyCountryName )) > > line 1345 (objectclass ( 0.9.2342.19200300.100.4.20 NAME > 'pilotOrganization' SUP ( organization $ organizationalUnit ) STRUCTURAL MAY > buildingName )) > > line 1361 (objectclass ( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA' SUP dsa > STRUCTURAL MAY dSAQuality )) > > line 1382 (objectclass ( 0.9.2342.19200300.100.4.22 NAME > 'qualityLabelledData' SUP top AUXILIARY MUST dsaQuality MAY ( > subtreeMinimumQuality $ subtreeMaximumQuality ) )) > > line 7 (include /etc/openldap/schema/inetorgperson.schema) > > reading config file /etc/openldap/schema/inetorgperson.schema > > line 36 (attributetype ( 2.16.840.1.113730.3.1.1 NAME 'carLicense' DESC > 'RFC2798: vehicle license or registration plate' EQUALITY caseIgnoreMatch > SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )) > > line 46 (attributetype ( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber' > DESC 'RFC2798: identifies a department within an organization' EQUALITY > caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15 )) > > line 59 (attributetype ( 2.16.840.1.113730.3.1.241 NAME 'displayName' DESC > 'RFC2798: preferred name to be used when displaying entries' EQUALITY > caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )) > > line 70 (attributetype ( 2.16.840.1.113730.3.1.3 NAME 'employeeNumber' DESC > 'RFC2798: numerically identifies an employee within an organization' > EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )) > > line 81 (attributetype ( 2.16.840.1.113730.3.1.4 NAME 'employeeType' DESC > 'RFC2798: type of employment for a person' EQUALITY caseIgnoreMatch SUBSTR > caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )) > > line 92 (attributetype ( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto' DESC > 'RFC2798: a JPEG image' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 )) > > line 107 (attributetype ( 2.16.840.1.113730.3.1.39 NAME 'preferredLanguage' > DESC 'RFC2798: preferred written or spoken language for a person' EQUALITY > caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )) > > line 123 (attributetype ( 2.16.840.1.113730.3.1.40 NAME > 'userSMIMECertificate' DESC 'RFC2798: PKCS#7 SignedData used to support > S/MIME' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )) > > line 135 (attributetype ( 2.16.840.1.113730.3.1.216 NAME 'userPKCS12' DESC > 'RFC2798: personal identity information, a PKCS #12 PFX' SYNTAX > 1.3.6.1.4.1.1466.115.121.1.5 )) > > line 155 (objectclass ( 2.16.840.1.113730.3.2.2 NAME 'inetOrgPerson' > DESC 'RFC2798: Internet Organizational Person' SUP organizationalPerson > STRUCTURAL MAY ( audio $ businessCategory $ carLicense $ > departmentNumber $ displayName $ employeeNumber $ employeeType $ givenName > $ homePhone $ homePostalAddress $ initials $ jpegPhoto $ labeledURI $ mail > $ manager $ mobile $ o $ pager $ photo $ roomNumber $ secretary $ uid $ > userCertificate $ x500uniqueIdentifier $ preferredLanguage $ userSMIMECertificate > $ userPKCS12 ) )) > > line 8 (include /etc/openldap/schema/nis.schema) > > reading config file /etc/openldap/schema/nis.schema > > line 40 (attributetype ( 1.3.6.1.1.1.1.0 NAME 'uidNumber' DESC 'An integer > uniquely identifying a user in an administrative domain' EQUALITY > integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 45 (attributetype ( 1.3.6.1.1.1.1.1 NAME 'gidNumber' DESC 'An integer > uniquely identifying a group in an administrative domain' EQUALITY > integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 51 (attributetype ( 1.3.6.1.1.1.1.2 NAME 'gecos' DESC 'The GECOS > field; the common name' EQUALITY caseIgnoreIA5Match SUBSTR > caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 > SINGLE-VALUE )) > > line 56 (attributetype ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' DESC 'The > absolute path to the home directory' EQUALITY caseExactIA5Match SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )) > > line 61 (attributetype ( 1.3.6.1.1.1.1.4 NAME 'loginShell' DESC 'The path > to the login shell' EQUALITY caseExactIA5Match SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )) > > line 65 (attributetype ( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange' EQUALITY > integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 69 (attributetype ( 1.3.6.1.1.1.1.6 NAME 'shadowMin' EQUALITY > integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 73 (attributetype ( 1.3.6.1.1.1.1.7 NAME 'shadowMax' EQUALITY > integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 77 (attributetype ( 1.3.6.1.1.1.1.8 NAME 'shadowWarning' EQUALITY > integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 81 (attributetype ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive' EQUALITY > integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 85 (attributetype ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire' EQUALITY > integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 89 (attributetype ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' EQUALITY > integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 94 (attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY > caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26 )) > > line 99 (attributetype ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup' EQUALITY > caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26 )) > > line 103 (attributetype ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' DESC > 'Netgroup triple' SYNTAX 1.3.6.1.1.1.0.0 )) > > line 107 (attributetype ( 1.3.6.1.1.1.1.15 NAME 'ipServicePort' EQUALITY > integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 110 (attributetype ( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol' SUP > name )) > > line 114 (attributetype ( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber' EQUALITY > integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 118 (attributetype ( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber' EQUALITY > integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )) > > line 123 (attributetype ( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber' DESC 'IP > address' EQUALITY caseIgnoreIA5Match SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26{128} )) > > line 128 (attributetype ( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber' DESC 'IP > network' EQUALITY caseIgnoreIA5Match SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )) > > line 133 (attributetype ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber' DESC 'IP > netmask' EQUALITY caseIgnoreIA5Match SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )) > > line 138 (attributetype ( 1.3.6.1.1.1.1.22 NAME 'macAddress' DESC 'MAC > address' EQUALITY caseIgnoreIA5Match SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26{128} )) > > line 142 (attributetype ( 1.3.6.1.1.1.1.23 NAME 'bootParameter' DESC > 'rpc.bootparamd parameter' SYNTAX 1.3.6.1.1.1.0.1 )) > > line 147 (attributetype ( 1.3.6.1.1.1.1.24 NAME 'bootFile' DESC 'Boot image > name' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )) > > line 150 (attributetype ( 1.3.6.1.1.1.1.26 NAME 'nisMapName' SUP name )) > > line 155 (attributetype ( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry' EQUALITY > caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX > 1.3.6.1.4.1.1466.115.121.1.26{1024} SINGLE-VALUE )) > > line 162 (objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' SUP top > AUXILIARY DESC 'Abstraction of an account with POSIX attributes' MUST ( cn $ > uid $ uidNumber $ gidNumber $ homeDirectory ) MAY ( userPassword $ > loginShell $ gecos $ description ) )) > > line 169 (objectclass ( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' SUP top > AUXILIARY DESC 'Additional attributes for shadow passwords' MUST uid MAY ( > userPassword $ shadowLastChange $ shadowMin $ shadowMax $ > shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ > description ) )) > > line 174 (objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' SUP top > STRUCTURAL DESC 'Abstraction of a group of accounts' MUST ( cn $ gidNumber ) > MAY ( userPassword $ memberUid $ description ) )) > > line 179 (objectclass ( 1.3.6.1.1.1.2.3 NAME 'ipService' SUP top STRUCTURAL > DESC 'Abstraction an Internet Protocol service' MUST ( cn $ ipServicePort $ > ipServiceProtocol ) MAY ( description ) )) > > line 184 (objectclass ( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' SUP top > STRUCTURAL DESC 'Abstraction of an IP protocol' MUST ( cn $ ipProtocolNumber > $ description ) MAY description )) > > line 189 (objectclass ( 1.3.6.1.1.1.2.5 NAME 'oncRpc' SUP top STRUCTURAL > DESC 'Abstraction of an ONC/RPC binding' MUST ( cn $ oncRpcNumber $ > description ) MAY description )) > > line 194 (objectclass ( 1.3.6.1.1.1.2.6 NAME 'ipHost' SUP top AUXILIARY > DESC 'Abstraction of a host, an IP device' MUST ( cn $ ipHostNumber ) MAY ( > l $ description $ manager ) )) > > line 199 (objectclass ( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' SUP top STRUCTURAL > DESC 'Abstraction of an IP network' MUST ( cn $ ipNetworkNumber ) MAY ( > ipNetmaskNumber $ l $ description $ manager ) )) > > line 204 (objectclass ( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' SUP top > STRUCTURAL DESC 'Abstraction of a netgroup' MUST cn MAY ( nisNetgroupTriple > $ memberNisNetgroup $ description ) )) > > line 209 (objectclass ( 1.3.6.1.1.1.2.9 NAME 'nisMap' SUP top STRUCTURAL > DESC 'A generic abstraction of a NIS map' MUST nisMapName MAY description )) > > line 214 (objectclass ( 1.3.6.1.1.1.2.10 NAME 'nisObject' SUP top > STRUCTURAL DESC 'An entry in a NIS map' MUST ( cn $ nisMapEntry $ nisMapName > ) MAY description )) > > line 218 (objectclass ( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' SUP top > AUXILIARY DESC 'A device with a MAC address' MAY macAddress )) > > line 222 (objectclass ( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' SUP top > AUXILIARY DESC 'A device with boot parameters' MAY ( bootFile $ > bootParameter ) )) > > line 11 (allow bind_v2) > > line 17 (pidfile /var/run/openldap/slapd.pid) > > line 18 (argsfile /var/run/openldap/slapd.args) > > line 68 (database bdb) > > bdb_db_init: Initializing BDB database > > line 69 (suffix "dc=tfis, dc=myserver, dc=org") > > >>> dnPrettyNormal: <dc=tfis, dc=myserver, dc=org> > > => ldap_bv2dn(dc=tfis, dc=myserver, dc=org,0) > > <= ldap_bv2dn(dc=tfis, dc=myserver, dc=org,0)=0 > > => ldap_dn2bv(272) > > <= ldap_dn2bv(dc=tfis,dc=myserver,dc=org,272)=0 > > => ldap_dn2bv(272) > > <= ldap_dn2bv(dc=tfis,dc=myserver,dc=org,272)=0 > > <<< dnPrettyNormal: <dc=tfis,dc=myserver,dc=org>, > <dc=tfis,dc=myserver,dc=org> > > line 70 (rootdn "cn=Manager,dc=tfis,dc=myserver,dc=org") > > >>> dnPrettyNormal: <cn=Manager,dc=tfis,dc=myserver,dc=org> > > => ldap_bv2dn(cn=Manager,dc=tfis,dc=myserver,dc=org,0) > > <= ldap_bv2dn(cn=Manager,dc=tfis,dc=myserver,dc=org,0)=0 > > => ldap_dn2bv(272) > > <= ldap_dn2bv(cn=Manager,dc=tfis,dc=myserver,dc=org,272)=0 > > => ldap_dn2bv(272) > > <= ldap_dn2bv(cn=manager,dc=tfis,dc=myserver,dc=org,272)=0 > > <<< dnPrettyNormal: <cn=Manager,dc=tfis,dc=myserver,dc=org>, > <cn=manager,dc=tfis,dc=myserver,dc=org> > > line 80 (directory /var/lib/ldap) > > line 83 (index objectClass eq,pres) > > index objectClass 0x0006 > > line 84 (index ou,cn,mail,surname,givenname eq,pres,sub) > > index ou 0x0716 > > index cn 0x0716 > > index mail 0x0716 > > index sn 0x0716 > > index givenName 0x0716 > > line 85 (index uidNumber,gidNumber,loginShell eq,pres) > > index uidNumber 0x0006 > > index gidNumber 0x0006 > > index loginShell 0x0006 > > line 86 (index uid,memberUid eq,pres,sub) > > index uid 0x0716 > > index memberUid 0x0716 > > line 87 (index nisMapName,nisMapEntry eq,pres,sub) > > index nisMapName 0x0716 > > index nisMapEntry 0x0716 > > line 96 (loglevel 4095) > > matching_rule_use_init > > 1.2.840.113556.1.4.804 (integerBitOrMatch): matchingRuleUse: ( > 1.2.840.113556.1.4.804 NAME 'integerBitOrMatch' APPLIES ( oncRpcNumber $ > ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire $ > shadowInactive $ shadowWarning $ shadowMax $ shadowMin $ shadowLastChange $ > gidNumber $ uidNumber $ mailPreferenceOption $ supportedLDAPVersion ) ) > > 1.2.840.113556.1.4.803 (integerBitAndMatch): matchingRuleUse: ( > 1.2.840.113556.1.4.803 NAME 'integerBitAndMatch' APPLIES ( oncRpcNumber $ > ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire $ > shadowInactive $ shadowWarning $ shadowMax $ shadowMin $ shadowLastChange $ > gidNumber $ uidNumber $ mailPreferenceOption $ supportedLDAPVersion ) ) > > 1.3.6.1.4.1.1466.109.114.2 (caseIgnoreIA5Match): matchingRuleUse: ( > 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' APPLIES ( nisMapEntry $ > bootFile $ macAddress $ ipNetmaskNumber $ ipNetworkNumber $ ipHostNumber $ > memberNisNetgroup $ memberUid $ loginShell $ homeDirectory $ gecos $ > janetMailbox $ cNAMERecord $ sOARecord $ nSRecord $ mXRecord $ mDRecord $ > aRecord $ email $ associatedDomain $ dc $ mail $ altServer ) ) > > 1.3.6.1.4.1.1466.109.114.1 (caseExactIA5Match): matchingRuleUse: ( > 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' APPLIES ( nisMapEntry $ > bootFile $ macAddress $ ipNetmaskNumber $ ipNetworkNumber $ ipHostNumber $ > memberNisNetgroup $ memberUid $ loginShell $ homeDirectory $ gecos $ > janetMailbox $ cNAMERecord $ sOARecord $ nSRecord $ mXRecord $ mDRecord $ > aRecord $ email $ associatedDomain $ dc $ mail $ altServer ) ) > > 2.5.13.35 (certificateMatch): matchingRuleUse: ( 2.5.13.35 NAME > 'certificateMatch' APPLIES ( cACertificate $ userCertificate ) ) > > 2.5.13.34 (certificateExactMatch): matchingRuleUse: ( 2.5.13.34 NAME > 'certificateExactMatch' APPLIES ( cACertificate $ userCertificate ) ) > > 2.5.13.30 (objectIdentifierFirstComponentMatch): matchingRuleUse: ( > 2.5.13.30 NAME 'objectIdentifierFirstComponentMatch' APPLIES ( > supportedApplicationContext $ ldapSyntaxes $ supportedFeatures $ > supportedExtension $ supportedControl ) ) > > 2.5.13.29 (integerFirstComponentMatch): matchingRuleUse: ( 2.5.13.29 > NAME 'integerFirstComponentMatch' APPLIES ( oncRpcNumber $ ipProtocolNumber > $ ipServicePort $ shadowFlag $ shadowExpire $ shadowInactive $ shadowWarning > $ shadowMax $ shadowMin $ shadowLastChange $ gidNumber $ uidNumber $ > mailPreferenceOption $ supportedLDAPVersion ) ) > > 2.5.13.27 (generalizedTimeMatch): matchingRuleUse: ( 2.5.13.27 NAME > 'generalizedTimeMatch' APPLIES ( modifyTimestamp $ createTimestamp ) ) > > 2.5.13.24 (protocolInformationMatch): matchingRuleUse: ( 2.5.13.24 NAME > 'protocolInformationMatch' APPLIES protocolInformation ) > > 2.5.13.23 (uniqueMemberMatch): matchingRuleUse: ( 2.5.13.23 NAME > 'uniqueMemberMatch' APPLIES uniqueMember ) > > 2.5.13.22 (presentationAddressMatch): matchingRuleUse: ( 2.5.13.22 NAME > 'presentationAddressMatch' APPLIES presentationAddress ) > > 2.5.13.20 (telephoneNumberMatch): matchingRuleUse: ( 2.5.13.20 NAME > 'telephoneNumberMatch' APPLIES ( pager $ mobile $ homePhone $ > telephoneNumber ) ) > > 2.5.13.17 (octetStringMatch): matchingRuleUse: ( 2.5.13.17 NAME > 'octetStringMatch' APPLIES userPassword ) > > 2.5.13.16 (bitStringMatch): matchingRuleUse: ( 2.5.13.16 NAME > 'bitStringMatch' APPLIES x500UniqueIdentifier ) > > 2.5.13.14 (integerMatch): matchingRuleUse: ( 2.5.13.14 NAME > 'integerMatch' APPLIES ( oncRpcNumber $ ipProtocolNumber $ ipServicePort $ > shadowFlag $ shadowExpire $ shadowInactive $ shadowWarning $ shadowMax $ > shadowMin $ shadowLastChange $ gidNumber $ uidNumber $ mailPreferenceOption > $ supportedLDAPVersion ) ) > > 2.5.13.13 (booleanMatch): matchingRuleUse: ( 2.5.13.13 NAME > 'booleanMatch' APPLIES hasSubordinates ) > > 2.5.13.11 (caseIgnoreListMatch): matchingRuleUse: ( 2.5.13.11 NAME > 'caseIgnoreListMatch' APPLIES ( homePostalAddress $ registeredAddress $ > postalAddress ) ) > > 2.5.13.8 (numericStringMatch): matchingRuleUse: ( 2.5.13.8 NAME > 'numericStringMatch' APPLIES ( internationaliSDNNumber $ x121Address ) ) > > 2.5.13.7 (caseExactSubstringsMatch): matchingRuleUse: ( 2.5.13.7 NAME > 'caseExactSubstringsMatch' APPLIES ( dnQualifier $ destinationIndicator $ > serialNumber ) ) > > 2.5.13.6 (caseExactOrderingMatch): matchingRuleUse: ( 2.5.13.6 NAME > 'caseExactOrderingMatch' APPLIES ( dnQualifier $ destinationIndicator $ > serialNumber ) ) > > 2.5.13.5 (caseExactMatch): matchingRuleUse: ( 2.5.13.5 NAME > 'caseExactMatch' APPLIES ( nisMapName $ ipServiceProtocol $ > preferredLanguage $ employeeType $ employeeNumber $ displayName $ > departmentNumber $ carLicense $ documentPublisher $ buildingName $ > organizationalStatus $ uniqueIdentifier $ co $ personalTitle $ > documentLocation $ documentVersion $ documentTitle $ documentIdentifier $ > host $ userClass $ roomNumber $ drink $ info $ textEncodedORAddress $ uid $ > dmdName $ houseIdentifier $ dnQualifier $ generationQualifier $ initials $ > givenName $ destinationIndicator $ physicalDeliveryOfficeName $ > postOfficeBox $ postalCode $ businessCategory $ description $ title $ ou $ o > $ street $ st $ l $ c $ serialNumber $ sn $ knowledgeInformation $ > labeledURI $ cn $ name $ ref $ vendorVersion $ vendorName $ > supportedSASLMechanisms ) ) > > 2.5.13.4 (caseIgnoreSubstringsMatch): matchingRuleUse: ( 2.5.13.4 NAME > 'caseIgnoreSubstringsMatch' APPLIES ( dnQualifier $ destinationIndicator $ > serialNumber ) ) > > 2.5.13.3 (caseIgnoreOrderingMatch): matchingRuleUse: ( 2.5.13.3 NAME > 'caseIgnoreOrderingMatch' APPLIES ( dnQualifier $ destinationIndicator $ > serialNumber ) ) > > 2.5.13.2 (caseIgnoreMatch): matchingRuleUse: ( 2.5.13.2 NAME > 'caseIgnoreMatch' APPLIES ( nisMapName $ ipServiceProtocol $ > preferredLanguage $ employeeType $ employeeNumber $ displayName $ > departmentNumber $ carLicense $ documentPublisher $ buildingName $ > organizationalStatus $ uniqueIdentifier $ co $ personalTitle $ > documentLocation $ documentVersion $ documentTitle $ documentIdentifier $ > host $ userClass $ roomNumber $ drink $ info $ textEncodedORAddress $ uid $ > dmdName $ houseIdentifier $ dnQualifier $ generationQualifier $ initials $ > givenName $ destinationIndicator $ physicalDeliveryOfficeName $ > postOfficeBox $ postalCode $ businessCategory $ description $ title $ ou $ o > $ street $ st $ l $ c $ serialNumber $ sn $ knowledgeInformation $ > labeledURI $ cn $ name $ ref $ vendorVersion $ vendorName $ > supportedSASLMechanisms ) ) > > 2.5.13.1 (distinguishedNameMatch): matchingRuleUse: ( 2.5.13.1 NAME > 'distinguishedNameMatch' APPLIES ( dITRedirect $ associatedName $ secretary > $ documentAuthor $ manager $ seeAlso $ roleOccupant $ owner $ member $ > distinguishedName $ aliasedObjectName $ namingContexts $ subschemaSubentry $ > modifiersName $ creatorsName ) ) > > 2.5.13.0 (objectIdentifierMatch): matchingRuleUse: ( 2.5.13.0 NAME > 'objectIdentifierMatch' APPLIES ( supportedApplicationContext $ > supportedFeatures $ supportedExtension $ supportedControl ) ) > > slapd startup: initiated. > > bdb_db_open: dc=tfis,dc=myserver,dc=org > > bdb_db_open: dbenv_open(/var/lib/ldap) > > as you can see the daemon_init opens some listener, but not much to see! > i hope this is helpful !! thank you anyway >

1 0

nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
by Mingyur Koblensky 01 Mar '10

01 Mar '10

Hi all, I'm playing with a redhat enterprise 4 that uses ldap, since a few days i've notice that the slapd daemon is not able to bind to the default port 389, i'm very new to this server so i could being doing something of very stupid! [root@ myserver etc]# netstat -tuan | grep 389 [root@ myserver etc]# i was wondering if a run time file of the server hasn't been properly removed due to a brutal restart, and now the process isn't able to bind to any port, does that make sense? which files should i look for? [root@ myserver etc]# ls /var/run/openldap/ [root@ myserver etc]# ls /var/lock/ dmraid lvm rpm subsys [root@ myserver etc]# i've tried to reinstall/downgrade various packages but nothing: [root@ myserver etc]# rpm -q openldap openldap-2.2.13-12.el4_8.2 [root@ myserver etc]# rpm -q openldap-servers openldap-servers-2.2.13-12.el4_8.2 [root@ myserver etc]# rpm -q openldap-clients openldap-clients-2.2.13-12.el4_8.2 [root@ myserver etc]# rpm -q nss_ldap nss_ldap-253-7.el4 [root@ myserver etc]# Mar 1 08:03:24 myserver su[5988]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:03:24 myserver su[5988]: nss_ldap: could not search LDAP server - Server is unavailable Mar 1 08:03:24 myserver su[5988]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:03:24 myserver su[5988]: nss_ldap: could not search LDAP server - Server is unavailable Mar 1 08:03:46 myserver netstat: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:03:46 myserver netstat: nss_ldap: could not search LDAP server - Server is unavailable Mar 1 08:03:46 myserver netstat: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:03:46 myserver netstat: nss_ldap: could not search LDAP server - Server is unavailable Mar 1 08:11:32 myserver runuser: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:11:32 myserver runuser: nss_ldap: could not search LDAP server - Server is unavailable Mar 1 08:11:32 myserver runuser: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:11:32 myserver runuser: nss_ldap: could not search LDAP server - Server is unavailable Mar 1 08:11:32 myserver runuser: config file testing succeeded Mar 1 08:11:32 myserver slapd[6476]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:11:32 myserver slapd[6476]: nss_ldap: could not search LDAP server - Server is unavailable Mar 1 08:11:32 myserver slapd[6476]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:11:32 myserver slapd[6476]: nss_ldap: could not search LDAP server - Server is unavailable Mar 1 08:13:23 myserver saslauthd[5038]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:13:23 myserver saslauthd[5038]: nss_ldap: could not search LDAP server - Server is unavailable Mar 1 08:13:23 myserver saslauthd[5038]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:13:23 myserver saslauthd[5038]: nss_ldap: could not search LDAP server - Server is unavailable Mar 1 08:13:23 myserver smtp(pam_unix)[5038]: check pass; user unknown Mar 1 08:13:23 myserver smtp(pam_unix)[5038]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= Mar 1 08:13:23 myserver saslauthd[5038]: pam_ldap: ldap_simple_bind Can't contact LDAP server Mar 1 08:13:26 myserver saslauthd[5038]: do_auth : auth failure: [user=user] [service=smtp] [realm=] [mech=pam] [reason=PAM auth error] Mar 1 08:13:29 myserver netstat: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:13:29 myserver netstat: nss_ldap: could not search LDAP server - Server is unavailable Mar 1 08:13:29 myserver netstat: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server Mar 1 08:13:29 myserver netstat: nss_ldap: could not search LDAP server - Server is unavailable configuration files: /etc/ldap.conf # @(#)$Id: ldap.conf,v 1.34 2004/09/16 23:32:02 lukeh Exp $ # # This is the configuration file for the LDAP nameservice # switch library and the LDAP PAM module. # # host 127.0.0.1 dc=tfis,dc=domain,dc=org # The port. # Optional: default is 389. port 389 timelimit 20 bind_timelimit 20 bind_policy soft idle_timelimit 3600 ssl no tls_cacertdir /etc/openldap/cacerts pam_password md5 base dc=tfis,dc=domain,dc=org /etc/openldap/ldap.conf # # LDAP Defaults # # See ldap.conf(5) for details # This file should be world readable but not world writable. BASE dc=tfis,dc=domain,dc=org HOST 127.0.0.1 TLS_CACERTDIR /etc/openldap/cacerts #URI ldap://ldap.example.com ldap://ldap-master.example.com:666 #SIZELIMIT 12 #TIMELIMIT 15 #DEREF never /etc/openldap/slapd.conf # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.args database bdb suffix "dc=tfis, dc=domain, dc=org" rootdn "cn=Manager,dc=tfis,dc=domain,dc=org" directory /var/lib/ldap # Indices to maintain for this database index objectClass eq,pres index ou,cn,mail,surname,givenname eq,pres,sub index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub index nisMapName,nisMapEntry eq,pres,sub thank you very much for some help!! i don't know where too look anymore, i've installed the same package on another redhat enterprise 4 and it correctly binds the default port, i'm thinking to move temporarily the ldap database on the other server which should be: 1) cp /usr/lib/ldap 2) cp configuration files 3) configure web application to use the new slapd server am i missing something ? thanks ! kocisky p.s. i've been googling around and there is something but no results : (

2 1

Re: overlay chain and TLS/SSL
by Ralf Zimmermann 01 Mar '10

01 Mar '10

Hi Dieter, >> Hi all, >> >> I think I have a problem with the overlay chain and tls. We have one physical >> master and two slaves in VMware Vsphere4. Our configuration runs normally fine, >> but sometimes we can't modify entries like passwords to the master. Then we >> must restart the slapd at the slaves. After restarting slapd all works fine. >> Then slapd works fine the wholy day. We can change entries or set passwords on >> the slaves. Next morning we must restart the slapd again, because we can't >> modify entries from the slaves. But we can query the slapd and syncrepl works >> fine. Only things over the overlay chains doesn't work. I have the problem not >> only with Version 2.4.20. I tested more Versions and actually 2.4.21 from >> pysically hardware. >> >> If I can't set entries on the slave I don't see any tcp packets from the slave >> to the master. DNS, time and so on looks fine and everything else is working. >> And if we restart slapd everything is working. Does anybody know what is going >> wrong and if there exits a workaround. I read some things abount /dev/random, >> /dev/urandom and kernel 2.6 in VMware. Can this be the problem? >> >> Here the overlay chain configuration. >> >> <snip slapd.conf> >> overlay chain >> chain-uri "ldap://eisenherz.camelot.de/"; >> chain-idassert-bind bindmethod=simple >> binddn="cn=ldapadmin,dc=camelot,dc=de" >> credentials="xxxxxx" >> mode="self" >> chain-rebind-as-user TRUE >> chain-return-error TRUE >> chain-tls start >> </snip slapd.conf> >> >> Any help is appreciated. > >What version is this? >I found that with 2.4.21 a tls_cacert option solved my problem. I have the problem in 2.4.12, 2.4.18, 2.4.19, 2.4.20 and 2.4.21. >chain-tls start > tls_cacert="/opt/openldap/etc/openldap/certs/avciCA.pem > tls_reqcert="demand" > >slapd-ldap(5) provides more TLS options. > I know and I have configured some of them. But the problem still exists. I can't see any packets on the network device from the slave to the master. If I restart the slave slapd then all works fine for a time. But I will read the man page again. Today have sent a mail to the list with two traces. One with a successfull passmod and one with nonworking passmod. Here the link: http://www.openldap.org/lists/openldap-technical/201003/msg00019.html The differences in the traces are hdb_dn2id entries. When the passmod over the slave is ok then I can see entries like: bdb_dn2entry("cn=ldapadmin,dc=camelot,dc=de") => hdb_dn2id("cn=ldapadmin,dc=camelot,dc=de") <= hdb_dn2id: got id=0x5 entry_decode: "" <= entry_decode() or => hdb_dn2id("ou=policies,dc=camelot,dc=de") <= hdb_dn2id: got id=0x9 => hdb_dn2id("cn=default,ou=policies,dc=camelot,dc=de") <= hdb_dn2id: got id=0xa entry_decode: "" <= entry_decode() When the passmod failed these entries are not in the trace. After restarting the slapd I can change passwords over the slaves and I can see the hdb_dn2id entries in the trace. Regards Ralf Zimmermann -- .''`. Ralf Zimmermann : :' : SIEGNETZ.IT GmbH `. `' Schneppenkauten 1a `- 57076 Siegen Tel.: +49 271 68193 13 Fax.: +49 271 68193 29 Amtsgericht Siegen HRB4838 Geschaeftsfuehrer: Oliver Seitz Sitz der Gesellschaft ist Siegen

1 0

OpenLDAP client configuration with CentOS 5.3
by Cool The Breezer 01 Mar '10

01 Mar '10

Hi All, We have a dedicated LDAP server and I would like to configure OpenLDAP client in our linux boxes running on centOS 5.3. I have installed openldap client and changed /etc/openldap/ldap.conf with folllowing info BASE dc=my, dc=net URI ldap://10.122.12.13 But when I try to run ldapsearch, I get following error SASL/EXTERNAL authentication started ldap_sasl_interactive_bind_s: Unknown authentication method (-6) additional info: SASL(-4): no mechanism available: The objective is anybody having ldap id can login to linux box. At present, I am manually creating individual ids which we want to integrate with LDAP authentication. I would appreciate your help - RB

6 19

Nssov Problem Since 2.4.19
by Chris Breneman 01 Mar '10

01 Mar '10

Hi, For the last few days, I've been trying to get nssov to work. I've mainly been working with OpenLDAP 2.4.21, but this issue is present in all releases since and including 2.4.19. It works fine in 2.4.18. Everything compiles fine as expected, and the module loads (it seems), but when I try to add configuration for the module with ldapadd, I get this error: ldap_add: Other (e.g., implementation specific) error (80) additional info: <olcOverlay> handler exited with 1 Using the same build instructions, configuration, and everything, 2.4.18 works without this error. Some more details are below. I'd try to fix it myself, but I don't really know where to start. I'd appreciate it if someone could point me in the right direction. Thanks, Chris Breneman More details: Process for building OpenLDAP (done as root): cd openldap-2.4.21 ./configure --enable-modules --enable-overlays make depend make -j2 make install cd contrib/slapd-modules/nssov/nss-ldapd ./configure # Make complains about missing something unless ./configure is executed in nss-ldapd first cd .. make make install libtool --finish /usr/local/lib # As per instructions from the make output Relevant slapd configuration: dn: cn=module{0},cn=config objectClass: olcModuleList cn: module{0} olcModulePath: /usr/local/libexec/openldap olcModuleLoad: /usr/local/libexec/openldap/nssov.la Listing of modules: $ ls /usr/local/libexec/openldap/ nssov.a nssov.la nssov.so nssov.so.0 nssov.so.0.0.0 Command to add nssov configuration: ldapadd -H ldap://localhost -x -D 'cn=config' -w <password> LDIF for nssov configuration: dn: olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config objectClass: olcOverlayConfig objectClass: olcNssOvConfig olcOverlay: {0}nssov olcNssSsd: passwd ldap:///ou=people,dc=cluenet,dc=org??one ldapadd output: adding new entry "olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config" ldap_add: Other (e.g., implementation specific) error (80) additional info: <olcOverlay> handler exited with 1 Relevant output from running slapd with -d -1 on startup: loaded module /usr/local/libexec/openldap/nssov.la module /usr/local/libexec/openldap/nssov.la: null module registered Relevant output from running slapd with -d -1 on ldapadd command: >>> dnPrettyNormal: <olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config> => ldap_bv2dn(olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config,0) <= ldap_bv2dn(olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config)=0 => ldap_dn2bv(272) <= ldap_dn2bv(olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config)=0 => ldap_dn2bv(272) <= ldap_dn2bv(olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config)=0 <<< dnPrettyNormal: <olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config>, <olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config> conn=1000 op=1 ADD dn="olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config" => access_allowed: add access to "olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config" "entry" requested <= root access granted => access_allowed: add access granted by manage(=mwrscxd) <= acl_access_allowed: granted to database root oc_check_required entry (olcOverlay={0}nssov,olcDatabase={1}bdb,cn=config), objectClass "olcNssOvConfig" oc_check_allowed type "objectClass" oc_check_allowed type "olcOverlay" oc_check_allowed type "olcNssSsd" oc_check_allowed type "structuralObjectClass" slap_queue_csn: queing 0xb5d52ab2 20100228195617.582000Z#000000#000#000000 => access_allowed: add access to "olcDatabase={1}bdb,cn=config" "children" requested <= root access granted => access_allowed: add access granted by manage(=mwrscxd) olcOverlay: value #0: <olcOverlay> handler exited with 1! send_ldap_result: conn=1000 op=1 p=3 send_ldap_result: err=80 matched="" text="<olcOverlay> handler exited with 1" send_ldap_response: msgid=2 tag=105 err=80

2 2

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

openldap-technical March 2010