openldap-technical December 2011

openldap-technical@openldap.org

88 participants
101 discussions

Fresh install on debian with cn=config and slapd.conf conversion
by reyman 16 Dec '11

16 Dec '11

On Thu, Dec 15, 2011 at 10:24 AM, Raffael Sahli <public(a)raffaelsahli.com>wrote: > On 12/15/2011 09:46 AM, rey sebastien wrote: > >> Le jeu. 15 déc. 2011 08:51:29 CET, Raffael Sahli a écrit : >> >>> >>> >>>> OK, it's work, i have a fonctionnal slapd.d/cn=config folder, but i >>>> don't understand why i can't access to openldap with >>>> cn=admin,dc=parisgeo,dc=cnrs,**dc=fr and good password generated by >>>> >>>> >>>> My slapd.conf before conversion contain the SSHA password generated by >>>> slappasswd for rootDn : >>>> ----- >>>> >>>> database bdb >>>> suffix "dc=parisgeo,dc=cnrs,dc=fr" >>>> rootdn "cn=admin,dc=parisgeo,dc=cnrs,**dc=fr" >>>> rootpw {SSHA}xxxxxxxxxxxxxxxxxxxxx >>>> >>>> ---- >>>> I try this : root@xxxxx:/usr/local/etc/**openldap/slapd.d# ldapsearch >>>> -D cn=admin,dc=parisgeo,dc=cnrs,**dc=fr -W -x 'userName=*' >>>> Enter LDAP Password: ldap_bind: Invalid credentials (49) >>>> >>>> Bizarre ... >>>> Perhaps i can try to redefine the rootdn, because it disapear with >>>> conversion ? >>>> Do you have an idea about this ? >>>> >>>> Thanks, >>>> SR. >>>> >>>> >Use slapadd. Again, RTFM. Everything you've asked in the past week or >>> so has been documented in the manpages and the Admin Guide. Read and learn. >>> >>> Yes right, @rey rtfm, and ask your question again, if you're sure your >>> point is not in the OpenLDAP manual. >>> But i'm sure you will find your answer there. >>> >>> >>> >>> >Please trim irrelevant text from your emails. Please update your >>> Subject line to something relevant to the actual discussion topic. >>> @Howard, please say that to the guy who ask questions, and not me^^ >>> >>> >>> Raffael Sahli wrote: >>> >>>> On 14.12.2011 16:54, rey sebastien wrote: >>>> >>>>> Le 13/12/2011 16:48, Raffael Sahli a écrit : >>>>> >>>> >>> Hi! >>>>> It's not easy to start with zero configuration with cn=config new >>>>> openldap administration .. >>>>> I create my bd.ldif based on the slapd.ldif example in the >>>>> /usr/local/etc/openldap directory. >>>>> But how can i insert this ldif with >>>>> >>>>> ldapadd -Y EXTERNAL -H ldapi:/// -f myldiffile.ldif >>>>> >>>>> if i cannot run slapd without configuration ? >>>>> How do you start a fresh install of openldap in this case? there is an >>>>> option to run slapd without zero configuration? >>>>> Thanks a lot, >>>>> >>>> >>> Use slapadd. Again, RTFM. Everything you've asked in the past week or so >>> has been documented in the manpages and the Admin Guide. Read and learn. >>> >>> >>> >> Everything ? really ... Install from sources with specific init script >> installation on debian ? Also, i find nothing about a fresh install >> directly with cn=config (without conversion of slapd.conf) into the admin >> guide ... >> >> I'm not a junior system administrator, i make a phd in geography / >> geomatics, and i have only one week before christmas to create and populate >> a new ldap in my laboratory. I try to learn the maximum with google/debian >> tutorial and a lot of false tutorial, but actually, and i'm sorry about >> that, i have no time to read all the man page, and all the admin guide ... >> >> Thanks you again for the time you take to answer to my question Raffael, >> and others. >> > > First, change the subject, your problem has nothing to do with SSL. > > And to your root password problem, if you just convert your offline config > to online config, you root password will be the same as before. > Did it worked with the offline configuration? > Or change the olcRootPW manually in the config ldif of your database. > > Hum i check into my config ldif and olcRootPW doesn't appear. # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. # CRC32 7bbc1dd2 dn: cn=config objectClass: olcGlobal cn: config olcConfigFile: slapd.conf.seb olcConfigDir: /usr/local/etc/openldap/slapd.d/ olcArgsFile: /usr/local/var/run/slapd.args olcAttributeOptions: lang- olcAuthzPolicy: none olcConcurrency: 0 olcConnMaxPending: 100 olcConnMaxPendingAuth: 1000 olcGentleHUP: FALSE olcIdleTimeout: 0 olcIndexSubstrIfMaxLen: 4 olcIndexSubstrIfMinLen: 2 olcIndexSubstrAnyLen: 4 olcIndexSubstrAnyStep: 2 olcIndexIntLen: 4 olcLocalSSF: 71 olcLogLevel: Stats olcPidFile: /usr/local/var/run/slapd.pid olcReadOnly: FALSE olcReverseLookup: FALSE olcSaslHost: claroline.parisgeo.cnrs.fr olcSaslSecProps: noplain,noanonymous olcSockbufMaxIncoming: 262143 olcSockbufMaxIncomingAuth: 16777215 olcThreads: 16 olcTLSCRLCheck: none olcTLSVerifyClient: never olcToolThreads: 1 olcWriteTimeout: 0 structuralObjectClass: olcGlobal entryUUID: 065b0668-632b-4573-a915-bbe2caf96586 creatorsName: cn=config createTimestamp: 20111214212046Z entryCSN: 20111214212046.446261Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20111214212046Z I try to re-add the pasword with slapmodify : dn:cn=config changetype: modify add: olcRootDN olcRootDN: cn=admin,dc=parisgeo,dc=cnrs,dc=fr dn: cn=config changetype: modify add: olcRootPW olcRootPW: {SSHA}1dWxkkRtyUJt5fDga0Pn4EAyKQ5RPI4+ root@xxxxx:/usr/local/etc/openldap# ldapadd -Y EXTERNAL -H ldapi:/// -f initSlapd.ldif SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 modifying entry "cn=config" ldap_modify: Insufficient access (50) Hum, i don't really understand why i have not access, i change only password, rootsuffix, and rootdn into the slapd.conf before conversion .. I try to add manually the attribute olcRootPw, olcSuffix,olcRootDN olcSuffix: dc=parisgeo,dc=cnrs,dc=fr olcRootDN: cn=admin,dc=parisgeo,dc=cnrs,dc=fr olcRootPW: {SSHA}1dWxkkRtyUJt5fDga0Pn4EAyKQ5RPI4+ I have this error at restart : Dec 15 10:52:04 claroline slapd[11462]: olcSuffix: value #0: suffix <DC=parisgeo,DC=cnrs,DC=fr> not allowed in frontend database. Hum i think it's a good idea to remove all config/data file, restart with a fresh slapd.conf and retry the conversion .. > > -- > Raffael Sahli > public(a)raffaelsahli.com > Switzerland > > -- <http://stackoverflow.com/users/385881/reyman64>

3 4

ACL question - minimum rights for Apache HTTP Server Bind User
by Axel Birndt 15 Dec '11

15 Dec '11

Hi @All, currently i'am using a special user "cn=bind,ou=technical,ou=user,dc=2axels-company,dc=de" as bind user in my apache.conf file. ----apache.conf------- ..... AuthType basic AuthBasicProvider ldap AuthName "LDAP-geschuetztes Verzeichnis" AuthLDAPUrl "ldap://localhost:389/ou=user,dc=2axels-company,dc=de?cn?sub" AuthLDAPBindDN "cn=bind,ou=technical,ou=user,dc=2axels-company,dc=de" # it doesn't work, if the bind password is encrypted... isn't it ?? #AuthLDAPBindPassword {SHA}pfiSFDDFSAAE$$%j8BTtCUqs9IZWsQ= # Because this, the password is currently used as an unencrypted one: AuthLDAPBindPassword xxxxxxxxxxx Require ldap-group cn=awstats,ou=groups,dc=2axels-company,dc=de .... ---------------------------------- Now my question: which minimum acl rights are needed for the Bind User: "cn=bind,ou=technical,ou=user,dc=2axels-company,dc=de" to connect to the ldap server and check the group from the user who try to login. I hope my description is understandable... Thanks and regards Axel -- Gruß Axel ------------------------------

4 4

Account question
by NetNinja 15 Dec '11

15 Dec '11

Hello, I have a two different user accounts and one works the other not so much. The account user03 works on both Solaris 10 and RHEL clients. While test01 can do everything but login to the Solaris 10 client, I can use this account to login to the RHEL client though. Can someone look at my accounts below and tell me why user03 works and test01 doesn't? # user03, People, test.net dn: uid=user03,ou=People,dc=test,dc=net uid: user03 cn: user03 objectClass: account objectClass: posixAccount objectClass: top objectClass: shadowAccount shadowMax: 99999 shadowWarning: 7 loginShell: /bin/bash uidNumber: 603 gidNumber: 500 homeDirectory: /home/user03 gecos: user03 # test01, People, test.net dn: uid:test01,ou=People,dc=test,dc=net uid: test01 cn: test01 objectClass: account objectClass: posixAccount objectClass: top objectClass: shadowAccount shadowMax: 0 shadowMax: 99999 shadowWarning: 7 loginShell: /bin/bash uidNumber: 701 gidNumber: 500 homeDirectory: /home/test01 # ldapclient list NS_LDAP_FILE_VERSION= 2.0 NS_LDAP_BINDDN= uid=proxyagent,ou=People,dc=test,dc=net NS_LDAP_BINDPASSWD= password NS_LDAP_SERVERS= X.X.X.X:389 NS_LDAP_SEARCH_BASEDN= dc=test,dc=net NS_LDAP_SERVER_PREF= X.X.X.X NS_LDAP_CACHETTL= 0 NS_LDAP_CREDENTIAL_LEVEL= proxy NS_LDAP_SERVICE_SEARCH_DESC= passwd:ou=People,dc=test,dc=net NS_LDAP_SERVICE_SEARCH_DESC= group:ou=People,dc=test,dc=net NS_LDAP_SERVICE_SEARCH_DESC= shadow:ou=People,dc=test,dc=net NS_LDAP_SERVICE_AUTH_METHOD= pam_ldap:simple I'm still testing so I ran ldapclient manual. When I feel that I have the the right setting, I will load the profile into LDAP. Any suggestions will be great.

3 4

Re: N-Way Multimaster. No base DN returned from server.
by Arturo Borrero Gonzalez 15 Dec '11

15 Dec '11

2011/12/15 Quanah Gibson-Mount <quanah(a)zimbra.com>: > --On Thursday, December 15, 2011 12:59 AM +0100 Arturo Borrero Gonzalez > <cer.inet(a)linuxmail.org> wrote: > >> Hi there. >> >> I followed the documentation in openldap website for setting up a >> N-Way multimaster LDAP cluster. I have two nodes, but I will be >> expanding to 3 or 4 in a near future. >> When doing an ldapsearch, I get all the server data, but when accesing >> with ApacheDirectoryStudio (with same credentials) I get nothing. >> Nothing is wrong in logfiles. I guess a problem in ACLs, but it >> doesn't work even when binding as RootDN (and as seen in oficial >> documentation, rootdn is over the scope of any ACL) > > > If it works with ldapsearch, and it doesn't work with Apache Directory > Studio, then it sounds to me like there is a bug with Apache Directory > Studio. I would advise you take the issue up with that project. > > --Quanah > > -- > > Quanah Gibson-Mount > Sr. Member of Technical Staff > Zimbra, Inc > A Division of VMware, Inc. > -------------------- > Zimbra :: the leader in open source messaging and collaboration I've installed phpLDAPadmin and it's tells me: dc=example,dc=es -- The object doesn't exist. Create it now? And this seem to be the same problem I have with Apache Directory Studio. Doing slapcat i get the database, and doing ldapsearch I get the database only if I set the base dn with -b "dc=example,dc=es". But something is misconfigured in my server ¿Any idea? -- /* Arturo Borrero Gonzalez || cer.inet(a)linuxmail.org */ /* Use debian gnu/linux! Best OS ever! */

1 1

SSL/TLS testing
by Jayavant Patil 15 Dec '11

15 Dec '11

Hi, I am using openldap-2.4.19-4.x86_64 on fedora 12 machine. I have enabled openldap SSL/TLS. How do I know (test) that I am using SSL/TLS connections instead of normal ldap:///? -- Thanks & Regards, Jayavant Ningoji Patil Engineer: System Software Computational Research Laboratories Ltd. Pune-411 004. Maharashtra, India. +91 9923536030.

8 26

"controls require LDAPv3" on cn=config syncrepl
by Brandon Hume 14 Dec '11

14 Dec '11

I had a medium-size post describing some problems I'm having with an N-Way setup with 2.4.28, but I saw a post from Quanah that sent me in a new direction so I'm doing some more testing before whining about *that* problem... But meanwhile... can anyone tell me if seeing errors like the following is normal when replicating cn=config? On the provider: Nov 30 14:41:22 kil-ds-3 slapd[7540]: conn=1027 fd=26 ACCEPT from IP=172.30.96.203:55371 (IP=172.30.96.202:389) Nov 30 14:41:22 kil-ds-3 slapd[7540]: conn=1026 op=0 BIND dn="cn=config" mech=SIMPLE ssf=0 Nov 30 14:41:22 kil-ds-3 slapd[7540]: conn=1026 op=0 RESULT tag=97 err=0 text= Nov 30 14:41:22 kil-ds-3 slapd[7540]: conn=1026 op=1 DISCONNECT tag=101 err=2 text=controls require LDAPv3 Nov 30 14:41:22 kil-ds-3 slapd[7540]: conn=1026 op=1 do_search: get_ctrls failed Nov 30 14:41:22 kil-ds-3 slapd[7540]: conn=1026 fd=27 closed (operations error) ... and on the consumer: Nov 30 14:41:22 kil-ds-4 slapd[8178]: do_syncrep2: rid=001 LDAP_RES_SEARCH_RESULT (2) Protocol error Nov 30 14:41:22 kil-ds-4 slapd[8178]: do_syncrep2: rid=001 (2) Protocol error Nov 30 14:41:22 kil-ds-4 slapd[8178]: do_syncrepl: rid=001 rc -2 retrying (3 retries left)

4 5

N-Way Multimaster. No base DN returned from server.
by Arturo Borrero Gonzalez 14 Dec '11

14 Dec '11

Hi there. I followed the documentation in openldap website for setting up a N-Way multimaster LDAP cluster. I have two nodes, but I will be expanding to 3 or 4 in a near future. When doing an ldapsearch, I get all the server data, but when accesing with ApacheDirectoryStudio (with same credentials) I get nothing. Nothing is wrong in logfiles. I guess a problem in ACLs, but it doesn't work even when binding as RootDN (and as seen in oficial documentation, rootdn is over the scope of any ACL) The replication system is working well, afaik. I've readed folk with same problems, but not exactly; here: http://www.openldap.org/lists/openldap-technical/201004/msg00195.html Anyone could take a look on this? Version: 2.4.23-7.2 My cfg (slapd.d over Debian Stable ): dn: olcDatabase={1}hdb objectClass: olcDatabaseConfig objectClass: olcHdbConfig olcDatabase: {1}hdb olcDbDirectory: /var/lib/ldap olcSuffix: dc=example,dc=es olcLastMod: TRUE olcRootDN: cn=admin,dc=example,dc=es olcDbCheckpoint: 512 30 olcDbConfig: {0}set_cachesize 0 2097152 0 olcDbConfig: {1}set_lk_max_objects 1500 olcDbConfig: {2}set_lk_max_locks 1500 olcDbConfig: {3}set_lk_max_lockers 1500 structuralObjectClass: olcHdbConfig olcRootPW: asdasd olcLimits: dn.exact="cn=admin,dc=example,dc=es" time.soft=unlimited time.hard=unl imited size.soft=unlimited size.hard=unlimited olcSyncrepl: {0}rid=003 provider="ldaps://ldap1.example.es/" binddn="cn=admin,dc= example,dc=es" bindmethod=simple credentials=asdasd se archbase="dc=example,dc=es" type=refreshOnly interval=00:00:00:10 retry="5 5 300 5" timeout=1 olcSyncrepl: {1}rid=004 provider="ldaps://ldap2.example.es/" binddn="cn=admin,dc= example,dc=es" bindmethod=simple credentials=asdasd se archbase="dc=example,dc=es" type=refreshOnly interval=00:00:00:10 retry="5 5 300 5" timeout=1 olcMirrorMode: TRUE olcDbIndex: objectClass,eduPersonEntitlement,memberUID,uid,mail eq olcAccess: {0}to dn.base="dc=example,dc=es" by dn="cn=admin,dc=example,dc=es" manage olcAccess: {1}to dn.base="cn=Subschema" by * read -- /* Arturo Borrero Gonzalez || cer.inet(a)linuxmail.org */ /* Use debian gnu/linux! Best OS ever! */

2 1

slapd-ldap as proxy to active directory
by Juan Miscaro 14 Dec '11

14 Dec '11

Good day. I would like to use the slapd-ldap backend as a proxy to Active Directory (Windows Server 2008 R2). Firstly, AD can be queried directly: $ ldapsearch -LLL -D "cn=John Doe,cn=users,dc=support,dc=com" -w okay -H ldap://ad.support.com -b cn=users,dc=support,dc=com '(sAMAccountName=jdoe)' cn sAMAccountName dn: CN=John Doe,CN=Users,DC=support,DC=com cn: John Doe sAMAccountName: jdoe Now, I have the following in slapd: ========== dn: cn=module{1},cn=config objectClass: olcModuleList cn: module{1} olcModulePath: /usr/lib/ldap olcModuleLoad: {0}back_ldap dn: olcDatabase={2}ldap,cn=config objectClass: olcDatabaseConfig objectClass: olcLDAPConfig olcDatabase: {2}ldap olcDbURI: ldap://ad.support.com olcDbRebindAsUser: TRUE olcDbChaseReferrals: TRUE olcSuffix: cn=users,dc=support,dc=com ========== But when querying via the slapd instance I don't get anything back: $ ldapsearch -D "cn=John Doe,cn=users,dc=support,dc=com" -w okay -H ldap://slapd.example.com -b cn=users,dc=support,dc=com '(sAMAccountName=jdoe)' cn sAMAccountName # extended LDIF # # LDAPv3 # base <cn=users,dc=support,dc=com> with scope subtree # filter: (sAMAccountName=jdoe) # requesting: cn sAMAccountName # # search result search: 2 result: 32 No such object # numResponses: 1 I can query my normal/local DIT fine (even while authenticating as the remote AD user, which looks weird): $ ldapsearch -D "cn=John Doe,cn=users,dc=support,dc=com" -w okay -H ldap://slapd.example.com -b dc=example,dc=com '(ou=People)' cn # extended LDIF # # LDAPv3 # base <dc=example,dc=com> with scope subtree # filter: (ou=People) # requesting: cn # # People, example.com dn: ou=People,dc=example,dc=com # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 What am I missing? TIA. -- /jm

2 1

Bind as an authenticated user for fetching directory information
by Jayavant Patil 14 Dec '11

14 Dec '11

Hi, I am using openldap-2.4.19-4.x86_64 on fedora 12 machine. On client node, in /etc/ldap.conf file, we specify binddn and bindpw. If not specified, the request will be anonymous. I have on each client machine more than 500 users. I want to send the request to server as an authenticated user but users are 500+. Then, how do I specify this in binddn and bindpw. I don't want to specify 'root' (admin) in binddn and bindpw. I have rootbinddn as root's dn and his password in /etc/ldap.secret (mode 600). As earlier said, anonymous request is creating 'I have no name!' problem while doing $ssh <user>@client, since I have given anonymous user auth access. If I specify anonymous read access, 'I have no name!' problem disappears but security is getting compromised. I think there is no problem with nscd daemon, since it is stopped or even I uninstalled that, the problem still persists. -- Thanks & Regards, Jayavant Ningoji Patil Engineer: System Software Computational Research Laboratories Ltd. Pune-411 004. Maharashtra, India. +91 9923536030.

2 2

Ldap is up, trying to get tls working.
by John Tobin 13 Dec '11

13 Dec '11

Folks, I have openldap up, it supports vsftpd, sshd, and 5 client linux machines for remote login. I would like to get tls working. I would support either ldaps [port 636], or the tls available on port 389, I am aware of the differences in implementation, and the fact that an administrator effectively has to make a decision to support one or the other in most cases. Currently: I have slapd running configured for tls under ldap [std port 389]. I am testing it on the slapd machine, with a client on the same machine. I am pointing to the same cacertificate in slapd.d [cn=config.ldif] and ldap.conf. With that in place, and the ldap.conf below: nightmare:/etc # cat ldap.conf base dc=dark,dc=net uri ldap://nightmare.dark.net # scope sub # binddn "cn=admin,dc=dark,dc=net" # bindpw jackie bind_policy soft # The user ID attribute (defaults to uid) pam_login_attribute uid pam_lookup_policy yes pam_password exop nss_schema rfc2307bis tls_reqcert never pam_filter objectClass=posixAccount ldap_version 3 nss_map_attribute uniqueMember uniqueMember ssl start_tls tls_cacert /var/lib/ldap/cacert.pem tls_cert /var/lib/server.crt tls_key /var/lib/ldap/server.key I have run ldapsearch: nightmare:/media # ldapsearch -v -x -H ldap://nightmare.dark.net:389/ -b "dc=dark,dc=net" -Z ldap_initialize( ldap://nightmare.dark.net:389/??base ) filter: (objectclass=*) requesting: All userApplication attributes # extended LDIF # # LDAPv3 # base <dc=dark,dc=net> with scope subtree # filter: (objectclass=*) # requesting: ALL # # dark.net dn: dc=dark,dc=net dc: dark o: dark objectClass: organization objectClass: dcObject # admin, dark.net dn: cn=admin,dc=dark,dc=net objectClass: organizationalRole cn: admin # Default Policy, dark.net dn: cn=Default Policy,dc=dark,dc=net objectClass: namedObject objectClass: pwdPolicy cn: Default Policy # People, dark.net dn: ou=People,dc=dark,dc=net objectClass: organizationalUnit ou: People description: People is used in mapping the /etc/passwd entries # jtobin, People, dark.net dn: uid=jtobin,ou=People,dc=dark,dc=net uid: jtobin cn: John C. Tobin objectClass: account objectClass: posixAccount objectClass: top objectClass: shadowAccount loginShell: /bin/ksh uidNumber: 5000 gidNumber: 100 homeDirectory: /home/jtobin gecos: John C. Tobin # defaultDNS, dark.net dn: cn=defaultDNS,dc=dark,dc=net cn: defaultDNS objectClass: top objectClass: suseDnsConfiguration suseDefaultBase: ou=DNS,dc=dark,dc=net # DNS, dark.net dn: ou=DNS,dc=dark,dc=net objectClass: top objectClass: organizationalUnit ou: DNS # search result search: 3 result: 0 Success # numResponses: 8 # numEntries: 7 nightmare:~ # ##### So I am assuming the ldapserver on ldap://nightmare.dark.net:389/ with tls works. [I looked through the message output in /var/log/message and see the ³STARTTLS² and ³TLS established tls_ssf=256²] I have done a number of similar ldapsearches. This appears to work correctly. On the client machine I now do : nightmare:/media # su - jtobin su: user jtobin does not exist nightmare:/media # /var/log/message - output...... nightmare:/var/log # tail f |grep I tls Oct 28 11:29:01 nightmare slapd[11118]: conn=1217 op=0 STARTTLS Oct 28 11:29:01 nightmare worker_nscd: nss-ldap: do_open: do_start_tls failed:stat=-1 Oct 28 11:29:01 nightmare slapd[11118]: connection_read(14): TLS accept failure error=-1 id=1217, closing Oct 28 11:29:01 nightmare slapd[11118]: conn=1217 fd=14 closed (TLS negotiation failure) Oct 28 11:29:01 nightmare slapd[11118]: conn=1218 op=0 STARTTLS Oct 28 11:29:01 nightmare worker_nscd: nss-ldap: do_open: do_start_tls failed:stat=-1 Oct 28 11:29:01 nightmare slapd[11118]: connection_read(14): TLS accept failure error=-1 id=1218, closing Oct 28 11:29:01 nightmare slapd[11118]: conn=1218 fd=14 closed (TLS negotiation failure) [if you want more of the log, I can obviously get it, but these appear to be the important parts.] This is probably a configuration error, or a logical / architecture misunderstanding, ok, I m a newbie. Do I have certificates incorrectly generated? [certificates were generated via http://www.openldap.org/faq/data/cache/185.html]. What did I do wrong? This is running openldap 2.4.26 off of Suse 12.1 milestone 5. Thanks in advance. tob

4 6

← Newer
1
2
3
4
5
6
7
8
...
11
Older →

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

openldap-technical December 2011