Modify schema add atributtes
by Jorge Armijo
Hi my friends im new with ldap and samba i need to add some attributes i need a tool or some thing similar i need replicate this in a 20 more servers
Enviado desde mi iPhone
10 years, 11 months
Re: Problem in sync-repling multiple databases
by Marco Pizzoli
On Wed, Oct 31, 2012 at 8:32 PM, Quanah Gibson-Mount <quanah(a)zimbra.com>wrote:
> --On Wednesday, October 31, 2012 10:03 AM +0100 Marco Pizzoli <
> marco.pizzoli(a)gmail.com> wrote:
>
> Hi Quanah,
>>
>>
>> On Mon, Oct 29, 2012 at 6:16 PM, Quanah Gibson-Mount <quanah(a)zimbra.com>
>> wrote:
>>
>>
>> --On Monday, October 29, 2012 8:52 AM +0100 Marco Pizzoli
>> <marco.pizzoli(a)gmail.com> wrote:
>>
>>
>> If I try to configure a second replica configration targeted directly to
>> (in example) to ou=ou3, then that ou get replicated.
>>
>> Any help/advice is welcome.
>>
>>
>> Hi Marco,
>>
>> You have not provided any useful information with which to help you, so
>> there is not really any advice one can offer you. I.e., you have not
>> provided the configuration you are using on your master and replicas in
>> the scenario where you have multiple DBs.
>>
>>
>> You are absolutely right and I'm aware of it...
>> The problem is in this case I can't provide any (even similar
>> to)real configuration. Both from technical limitation (remote server
>> with no possibility of copy/paste) and corporate policy*.
>>
>> * Continuing experimenting I found also 2 or 3 cases in which I'm able to
>> crash OL 2.4.33 (in one case by simply slapadding using back-mdb) but I
>> CAN'T provide any material to file a "valid" ITS. I'm sorry about that.
>>
>
> Hi Marco,
>
> Your corporate policy sounds so severe, I'm surprised you can even send
> email indicating you have faced any issues. Without an ability to provide
> useful information, I don't believe there is any way anyone can help you.
>
> I would suggest you find a way to comply with your corporate policy while
> providing useful information. Since I don't know what that policy is, it
> is hard to know what you might do, but I'd hope you could supply your
> configs minus any passwords and specific schema/attrs or something (i.e.,
> make generic configs that illustrate the issues you are facing). That's
> what I generally do.
>
> If you require confidentiality, I would suggest a support agreement with
> Symas that includes an NDA.
>
>
Quanah,
I appreciate you always answering my requests, but in this case my only
question was if the problem I was facing is a known issue (at least in
OL2.3 we know it was). If not, it could be my fault in the configuration.
Maybe someone had a similar problem and could share his experience.
By not being able to provide useful configuration snippets, I *have not*
asked for a specific help.
With your answers, do I have to assume that with OL2.4.x you never faced a
problem syncrepl-ing a tree composed by multiple db's, testing both
scenarios (more or less) similar to the two I presented from a (very)
high-level-view perspective?
Thanks again
Marco
10 years, 11 months
Memory usage with bdb
by Friedrich Locke
Is anyone aware of any buggy in openldap+bdb related to memory usage?
Have anyone here using this type of backend ? Any problem to report?
Thanks for your time and cooperation.
Best regards.
10 years, 11 months
memberOf data in new replica servers 2.4.31
by Todd Stein
Hi,
I have a provider server and five consumer servers, all of which have the
memberOf overlay configured:
overlay memberof
memberof-group-oc groupOfUniqueNames
memberof-member-ad uniqueMember
memberof-refint true
memberof-dangling ignore
syncrepl rid=005
provider=ldap://<server>:389
type=refreshAndPersist
interval=00:00:05:00
retry="60 10 600 +"
searchbase="dc=<removed>,dc=<removed>"
filter="(objectClass=*)"
scope=sub
attrs="*"
schemachecking=off
starttls=no
bindmethod=simple
binddn="cn=replica,dc=<removed>,dc=<removed>"
credentials=<removed>
When I bring a new replica online, it appears that entries are replicated
in the order that they were created on the provider server which produces
many "memberof_value_modify failed err=32" messages in the log, and
incomplete memberOf data. To get around this, I wrote a script which
empties all groups prior to replication, and then recreates the memberships
after the initial replication. This seems to work, but is hardly ideal. Is
there a "more correct" way of replicating memberOf values without
manipulating my provider each time I bring up a new consumer?
Thank you very much,
Todd
10 years, 11 months
AW: openldap 2.2.x
by Pörschke, Gunnar
With my ldap client, JXplore, I import a subtree and get this error message:
[LDAP: error code 21 - postalAddress: value #0 invalid per syntax];
remaining name
'uid=reskes(a)circa,ou=Users,ou=DATA,ou=fis-vl.bund.de,o=IRCusers,l=CIRCA'
The import job fails (same result with slapadd).
This are the data:
postalAddress:: TmllZGVyc+RjaHNpc2NoZXMgTGFuZGVzYW10IGb8ciBWZXJicmF1Y2hlcnNj
aHV0eiB1bmQgTGViZW5zbWl0dGVsc2ljaGVyaGVpdCwgRGV6ZXJuYXQgMjMsIFBvc3RmYWNoIDM
5NDksIDI2MDI5IE9sZGVuYnVyZw==
-----Ursprüngliche Nachricht-----
Von: Pörschke, Gunnar
Gesendet: Donnerstag, 1. November 2012 13:51
An: 'openldap-technical(a)openldap.org'
Betreff: openldap 2.2.x
Hi all,
we have an very old openldap running and we need to migrate data to latest
openldap version. I create an ldif but the data in that file are encoded
"base64". Is there a trick to disable that? My plan is to export everything
from openldap 2.2 database (lbdb) without base64 encoding so I can easily
use slapadd to add this data to a database on my new openldap 2.4.2x system
Thank you for any idea.
Gunnar
10 years, 11 months
Re: Index Add Failures
by Kyle Smith
Thanks for the input, Quanah. I really appreciate it.
On Thu, Nov 1, 2012 at 1:10 PM, Quanah Gibson-Mount <quanah(a)zimbra.com>wrote:
>
> --On Thursday, November 01, 2012 1:04 PM -0400 Kyle Smith <
> alacer.cogitatus(a)gmail.com> wrote:
>
> Is it possbile to use MMR to my advantage to switch over? For example,
>> take down 1 of the servers, switch the db config from bdb to mdb, and
>> then restart with a blank database (with appropriate structure) and
>> have the MMR take care of backfilling the mdb entries? Then I wouldn't
>> have to export to ldif, convert the db, and reimport while possibly
>> loosing data from the other systems.
>>
>
> Hi Kyle,
>
> I'm not sure what you are trying to avoid here... Slapcat/slapadd are
> always faster than sync replication. Why would you lose data from the
> other server while doing this? contextCSNs should be preserved w/
> slapcat/slapadd, so the server being converted will just catch up using
> sync replication as before. You may wish to look at ITS#7427 though. The
> fix for that is in current RE24.
>
>
> --Quanah
>
> --
>
> Quanah Gibson-Mount
> Sr. Member of Technical Staff
> Zimbra, Inc
> A Division of VMware, Inc.
> --------------------
> Zimbra :: the leader in open source messaging and collaboration
>
10 years, 11 months
Re: Index Add Failures
by Kyle Smith
Is it possbile to use MMR to my advantage to switch over? For example, take
down 1 of the servers, switch the db config from bdb to mdb, and then
restart with a blank database (with appropriate structure) and have the MMR
take care of backfilling the mdb entries? Then I wouldn't have to export to
ldif, convert the db, and reimport while possibly loosing data from the
other systems.
On Thu, Nov 1, 2012 at 12:57 PM, Quanah Gibson-Mount <quanah(a)zimbra.com>wrote:
>
> --On Thursday, November 01, 2012 12:36 PM -0400 Kyle Smith <
> alacer.cogitatus(a)gmail.com> wrote:
>
> Ok, I have been running 2.4.32 for some time with no issues. Yesterday, 2
>> different servers (both part of a 4-way MMR) produced an "index add
>> failure" and an "index delete failure". I went back over the bdb
>> DB_CONFIG Settings (listed below) and everything looks nominal to me.
>> Would it just make more sense to switch from bdb to mdb instead of
>> troubleshooting these "random" errors too much? I also noticed that the
>> number of "deadlocks" corresponds to the number of errors that were
>> produced. Is there correlation there?
>>
>
> I would suggest back-mdb in OpenLDAP 2.4.33 over back-hdb, yes. It will
> remove these deadlock issues entirely. When you configure the back-mdb
> backend in cn=config, be sure to have:
>
> olcDbEnvFlags: writemap
> olcDbEnvFlags: nometasync
>
> set as well. This makes back-mdb writes significantly faster than writes
> to back-bdb/hdb. (Some 2x faster in my testing so far).
>
>
> --Quanah
>
>
> --
>
> Quanah Gibson-Mount
> Sr. Member of Technical Staff
> Zimbra, Inc
> A Division of VMware, Inc.
> --------------------
> Zimbra :: the leader in open source messaging and collaboration
>
10 years, 11 months
openldap 2.2.x
by Pörschke, Gunnar
Hi all,
we have an very old openldap running and we need to migrate data to latest
openldap version. I create an ldif but the data in that file are encoded
"base64". Is there a trick to disable that? My plan is to export everything
from openldap 2.2 database (lbdb) without base64 encoding so I can easily
use slapadd to add this data to a database on my new openldap 2.4.2x system
Thank you for any idea.
Gunnar
10 years, 11 months
