openldap-technical August 2010

openldap-technical@openldap.org

83 participants
85 discussions

Re: Samba, Openldap and ppolicy
by smainklh＠free.fr 26 Aug '10

26 Aug '10

Hi Dieter, I did a "slaptest -f $configfile -F $path" command, here are the results : /etc/ldap/slapd.d/cn=config/cn\=module\{0\}.ldif ---- ... olcModuleLoad: {0}back_bdb olcModuleLoad: {1}ppolicy.la olcModuleLoad: {2}smbk5pwd.la ... /etc/ldap/slapd.d/cn=config/olcDatabase\=\{1\}bdb/olcOverlay\=\{2\}smbk5pwd.ldif --- dn: olcOverlay={2}smbk5pwd objectClass: olcOverlayConfig objectClass: olcSmbK5PwdConfig olcOverlay: {2}smbk5pwd olcSmbK5PwdEnable: samba olcSmbK5PwdMustChange: 0 olcSmbK5PwdCanChange: 0 structuralObjectClass: olcSmbK5PwdConfig entryUUID: 4fffa030-4543-102f-8b00-5f29b421ba43 creatorsName: cn=config createTimestamp: 20100826095158Z entryCSN: 20100826095158.762397Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20100826095158Z I still have the following errors : smbk5pwd: unable to find "krb5KDCEntry" objectClass. Aug 26 11:52:03 deathnote2 slapd[13165]: config error processing olcOverlay={2}smbk5pwd,olcDatabase={1}bdb,cn=config: <olcSmbK5PwdEnable> handler exited with 1 Aug 26 11:52:03 deathnote2 slapd[13165]: slapd stopped. I thought that if i specify "olcSmbK5PwdEnable" parameter, it doesn't look for the krb5KDCEntry attribute... Thanks for your help, Smaine ----- Mail Original ----- De: "Dieter Kluenter" <dieter(a)dkluenter.de> À: openldap-technical(a)openldap.org Envoyé: Jeudi 26 Août 2010 11h12:47 GMT +01:00 Amsterdam / Berlin / Berne / Rome / Stockholm / Vienne Objet: Re: Samba, Openldap and ppolicy smainklh(a)free.fr writes: > Now another error :( > > @(#) $OpenLDAP: slapd 2.4.23 (Aug 24 2010 14:56:29) $ root@myserver:/root/openldap-2.4.23/debian/build/servers/slapd > slapd[11666]: UNKNOWN attributeDescription "OLCSMBK5PWDENABLE" inserted. > slapd[11666]: config error processing olcOverlay={2}smbk5pwd,olcDatabase={1}bdb,cn=config,olcDatabase={1}bdb,cn=config: The module smbk5pwd has not been loaded > > Old fashion configuration file : > --- > include /etc/ldap/schema/samba.schema > ... > > moduleload smbk5pwd.la > ... > overlay smbk5pwd > smbk5pwd-enable samba > > > > Overlay configuration : > --- > dn: olcOverlay={2}smbk5pwd,olcDatabase={1}bdb,cn=config > objectClass: olcOverlayConfig > objectClass: olcSmbK5PwdConfig > olcOverlay: {2}smbk5pwd > olcSmbK5PwdEnable: samba You didn't provide a cn={x}module,cn=config entry, so most likely you have not added an entry to load the module. -Dieter -- Dieter Klünter | Systemberatung sip: 7770535(a)sipgate.de http://www.dpunkt.de/buecher/2104.html GPG Key ID:8EF7B6C6

3 5

LDAP backend: schema synchronization?
by Mark J. Reed 26 Aug '10

26 Aug '10

OK, so I've got the ldap backend set up to talk to a couple different servers, and it's working, but I can only see attributes that exist in slapd's local schema. any way to import the schemas of the backends? automatically would be great, manually would be ok... -- Mark J. Reed <markjreed(a)gmail.com>

3 3

Re: Samba, Openldap and ppolicy
by smainklh＠free.fr 26 Aug '10

26 Aug '10

Now another error :( @(#) $OpenLDAP: slapd 2.4.23 (Aug 24 2010 14:56:29) $ root@myserver:/root/openldap-2.4.23/debian/build/servers/slapd slapd[11666]: UNKNOWN attributeDescription "OLCSMBK5PWDENABLE" inserted. slapd[11666]: config error processing olcOverlay={2}smbk5pwd,olcDatabase={1}bdb,cn=config,olcDatabase={1}bdb,cn=config: Old fashion configuration file : --- include /etc/ldap/schema/samba.schema ... moduleload smbk5pwd.la ... overlay smbk5pwd smbk5pwd-enable samba Overlay configuration : --- dn: olcOverlay={2}smbk5pwd,olcDatabase={1}bdb,cn=config objectClass: olcOverlayConfig objectClass: olcSmbK5PwdConfig olcOverlay: {2}smbk5pwd olcSmbK5PwdEnable: samba ----- Mail Original ----- De: smainklh(a)free.fr À: smainklh(a)free.fr Cc: openldap-technical(a)openldap.org Envoyé: Jeudi 26 Août 2010 10h12:54 GMT +01:00 Amsterdam / Berlin / Berne / Rome / Stockholm / Vienne Objet: Re: Samba, Openldap and ppolicy Ok, now i followed the documentation and configured my slapd server like that : include /etc/ldap/schema/samba.schema ... moduleload smbk5pwd.la ... overlay smbk5pwd smbk5pwd-enable samba But i still have the following error : config error processing olcOverlay={2}smbk5pwd,olcDatabase={1}bdb,cn=config: Regards, Smaine Selon smainklh(a)free.fr: > > Hi, > > I already have an openldap server configured with a password policy. > Now, i need to implement a samba server in order to authenticate my alfresco > users. > > I would like to know how to keep my password policy working with these two > authentication services. > I've heard of the smbk5pwd but i don't know how to configure it. > > I upgraded to slapd 2.4.23. > > my slapd configuration : > include samba.schema > ... > moduleload smbk5pwd.la > ... > overlay smbk5pwd > > But when i start the slapd service, it complains that some ObjectClass are > missing. > Maybe Samba needs to be upraded too ? ... > > I need your advices please. > > Regards, > Smaine

2 1

Re: Samba, Openldap and ppolicy
by smainklh＠free.fr 26 Aug '10

26 Aug '10

Ok, now i followed the documentation and configured my slapd server like that : include /etc/ldap/schema/samba.schema ... moduleload smbk5pwd.la ... overlay smbk5pwd smbk5pwd-enable samba But i still have the following error : config error processing olcOverlay={2}smbk5pwd,olcDatabase={1}bdb,cn=config: Regards, Smaine Selon smainklh(a)free.fr: > > Hi, > > I already have an openldap server configured with a password policy. > Now, i need to implement a samba server in order to authenticate my alfresco > users. > > I would like to know how to keep my password policy working with these two > authentication services. > I've heard of the smbk5pwd but i don't know how to configure it. > > I upgraded to slapd 2.4.23. > > my slapd configuration : > include samba.schema > ... > moduleload smbk5pwd.la > ... > overlay smbk5pwd > > But when i start the slapd service, it complains that some ObjectClass are > missing. > Maybe Samba needs to be upraded too ? ... > > I need your advices please. > > Regards, > Smaine

1 0

Samba, Openldap and ppolicy
by smainklh＠free.fr 25 Aug '10

25 Aug '10

Hi, I already have an openldap server configured with a password policy. Now, i need to implement a samba server in order to authenticate my alfresco users. I would like to know how to keep my password policy working with these two authentication services. I've heard of the smbk5pwd but i don't know how to configure it. I upgraded to slapd 2.4.23. my slapd configuration : include samba.schema ... moduleload smbk5pwd.la ... overlay smbk5pwd But when i start the slapd service, it complains that some ObjectClass are missing. Maybe Samba needs to be upraded too ? ... I need your advices please. Regards, Smaine

3 2

filter to find attributes with multiple values
by Tim Gustafson 25 Aug '10

25 Aug '10

Hi, Is there any way to search for records that have multiple attributes? For example, I'd like to know how many users have multiple userPassword values. Is there some filter syntax that can find that out for me? Tim Gustafson Baskin School of Engineering UC Santa Cruz tjg(a)soe.ucsc.edu 831-459-5354

3 2

stats2 and stats level logging
by Derek Yarnell 25 Aug '10

25 Aug '10

Hi, So a while back we had to go away form stats (256) level debugging because it was spiking our Spunk traffic so much and go to stat2 (512). Even now 1 days worth of LDAP logs on one replica is 1.5G. Now the problem is that stat2 never gives a way to map the connection to a host. Is there anyway to do this? We seem to have one host that might be misbehaving in the amounts of ldap queries it is making but I can't exactly pin point it. Thanks, derek Derek Yarnell UNIX Systems Administrator University of Maryland Institute for Advanced Computer Studies

2 1

replicate two branches?
by Isaac Hailperin 25 Aug '10

25 Aug '10

Hi, I was wondering whether there is a way to replicate more then one branch. I tried to replicate two branches using two syncrepl sections in slapd.conf with different rid, but that got me an error "syncrepl: database already shadowed" So I suppose its at least not that easy. The alternative would be to move all the branches into the same subtree and just replicate that subtree. Which raises the question: Is there a simpler way to move branches other then dumping to ldif, do an intelligent search and replace for all the dns, and then add the ldif again? Isaac

1 0

overlay: How to not apply attribute modification to background ?
by Lucas Brasilino 25 Aug '10

25 Aug '10

Hi I'm writing an overlay which it's principal function is being called on 'modify' operation. This function basically see if a given attribute is being modified. If so, it pass it's value to an external daemon through an unix domain socket to store this value in an external database. Of course, when the 'modify' callback ends with SLAP_CB_CONTINUE, the operation continues and the new value is committed to background. This is my problem, I don't want to really modify the attribute value at background.... So, Is there a way to 'abort' modify operation in my overlay without stopping to pass control to other overlays? I saw there's others return values from callbacks, as SLAP_CB_BYPASS and SLAP_CB_FREEME but I'm not sure about it... I guess SLAP_CB_BYPASS do the trick, but I'm not sure. Thanks a lot in advance Lucas Brasilino

2 3

openldap-2.4.23 Segfault with Error number: 0xffffffffffffffff ()
by Yusuf Rajah 24 Aug '10

24 Aug '10

Hi All I am using openldap-2.4.23 which I compiled from source with back-ndb support. I am able to browse the directory and add some data. When I try to add the posixAccount to any entry, even a new one, I get an Error number: 0xffffffffffffffff () . I am using PhpLDAPadmin to manage the data. When I have a look at /var/log/syslog the last three lines are : Aug 24 15:45:24 sms slapd[1406]: conn=1001 op=5 MOD dn="uid=test,ou=UIDs,ou=School Management System" Aug 24 15:45:24 sms slapd[1406]: conn=1001 op=5 MOD attr=cn gidnumber homedirectory objectclass uidnumber Aug 24 15:45:24 sms kernel: [ 3368.265357] slapd[1437]: segfault at 28 ip 00000000004aa995 sp 00007f5b9b78ac10 error 4 in slapd[400000+169000] I am not sure how to tackle this, your pearls of wisdom will be tremendously appreciated. Thank you kindly. Yusuf Rajah

4 6

← Newer
1
2
3
4
5
6
7
8
9
Older →

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

openldap-technical August 2010