On 5 July 2012 16:44, Gavin Henry <gavin.henry(a)gmail.com> wrote:
> On 5 July 2012 08:23, Michael Ströder <michael(a)stroeder.com> wrote:
>> xsun wrote:
>>> I don't remember if we talked about a wiki in the past but it's definitely a
>>> good idea. I mean, if available, we could start to migrate/review the content
>>> of openldap documentation page (AdminGuid, FAQ, etc) to the wiki.
>> While Wikis seem to be attractive at first glance the biggest caveat is that
>> you can't cut a doc release of all the pages for a certain software release.
>> In other open source projects which have all the docs in a Wiki this turned
>> out to be a major issue.
Good point. We would just need to decide what docs go in the Wiki and
what format we export them as for the guide.
migrating from slurpd I try to setup syncrepl.
I read the slapd.conf man page and
to get it up and running but I can't even get the consumer to send
search requests to the provider.
tcpdump shows that the consumer doesn't even start to talk with the
provider after startup and openldap -d 16384 doesn't give me a hint also.
Can someone here point me to the right direction how to proceed please?
My configs can be viewed here:
provider config: http://58c.om.sl.pt
consumer config: http://58c.oy.sl.pt
I also gathered the logging output from slapd -d -1 but this are two
~1.5MB files and too big to paste them in pastebin. I'll happily email
the files per request.
I found this from last year I misplaced.
---------- Forwarded message ----------
From: lars.eik(a)gmail.com <lars.eik(a)gmail.com>
Date: 3 May 2011 23:43
Subject: Re: [Foswiki-discuss] Mass import advice from OpenLDAP
project Faq-O-Matic to foswiki?
I have only done some minor text hacking but here's some feedback anyways.
THIS will help you. If you make out the structure between file names
then you can script creation and set the relevant parameters, like
'topicparent' and get the breadcrumb right. That could be a start.
Another way could be by using JQuery and doing import from 'GUI' in
Foswiki. Prepare much the same structure as you would if using CLI and
use your browser to do the 'save' script. This would let you preview
etc (by INCLUDE url) and give som other options, like let other users
do some import and quality checking.
Your old pages have a structure where the meaningful info is in the
first two tables. Maybe even only the first if you don't really need
the Previous/Next bit. So the structure seem simple enough but I have
not examined all of the FAQ's.
Perhaps create a mapping table between the old '226.html' and new
'WhichVersionShouldIUse'. The new names can be created by removing the
spaces and ' signs in the title so it would be a valid wikiname.
You can override so it doesnt have to be tough. Another name scenario
is LdapFaqAUTOINC0 where the AUTOINC0 will get next available nr, like
row1, skip first td,
row1, second td has a tags that are top, second, third, fourth level/category.
row1, last b tag is the current document "name" or caption. Could be
your page name (topic name)
other tablerows are data/info
..and that's about all I had time for :)
Jquery is really nice when doing stuff like html tags, children, find
the 'b' tag etc. About text files, you can copy them all into a new
'test web' and rename them to .txt but and it will work butt will need
heavy refactoring. If you take out the first table of each and saved
at txt file it would be much easier.
Best of luck
2011/5/2 Olivier 'Babar' Raginel <wiki(a)babar.us>
> On Mon, May 02, 2011 at 09:46:07PM +0100, Gavin Henry wrote:
> > I'm the doc dev for the OpenLDAP project (ghenry(a)OpenLDAP.org) and I'm
> > moving our Faq content from Faq-O-Matic to our new wiki:
> That's great news!
> > Any tips for moving over? I can scrape the HTML into wiki syntax but
> > I'm sure others have done this before.
> Hum, I'm afraid most if not all of us have no idea how a Faq-O-Matic
> text looks like. From what I could grasp with 3 minutes web-browsing,
> it seems a very old and simple syntax, with not that many rules or fancy
> stuff, so writing a converter should be pretty much trivial.
> > Please save me from copy and paste!
> I'm not sure we can save you from copy and paste, but I'm pretty sure
> you can save yourself easily with one not so complex perl script, which
> should be able to migrate your content pretty easily.
> But the hard part is not migrating, it's defining the structure you want
> your new content to use. In Foswiki, things like FAQs are usually best
> used through pre-defined structures, either strict topic format, or
> forms, or both. So before migrating I suggest you think of what you want
> to achieve, and then you start hacking some perl script to convert your
> Faq-O-Matic to what you want.
> And if you need help in the process, you know where to find us :)
> Good luck,
> WhatsUp Gold - Download Free Network Management Software
> The most intuitive, comprehensive, and cost-effective network
> management toolset available today. Delivers lowest initial
> acquisition cost and overall TCO of any competing solution.
> Foswiki-discuss mailing list
WhatsUp Gold - Download Free Network Management Software
The most intuitive, comprehensive, and cost-effective network
management toolset available today. Delivers lowest initial
acquisition cost and overall TCO of any competing solution.
Foswiki-discuss mailing list
Hello LDAP Brains,
I have setup a Samba PDC (192.168.1.2) and a Samba BDC (192.168.4.2) both
are on different subnets, there are two issues for me as below
*PDC - SUSE Linux Enterprise Server 11 (x86_64), VERSION = 11, PATCHLEVEL =
2, samba-3.6.3-0.18.3, openldap2-2.4.26-0.12.1
BDC - SUSE Linux Enterprise Server 10 (i586) , VERSION = 10,
1. On the BDC if I give the command below I get Unable to find a suitable
BDC2:~ # net rpc info
Unable to find a suitable server
2. I am not able to sync ldap database, BDC with the PDC
I have enclosed my slapd.conf of PDC and BDC, can anybody let me know where
I have gone wrong.
Your help is highly appreciated, thanks in advance.
I have a working configuration with pass-through auth to an AD domain
However now there is a requirement to be able to handle another domain
too, and I cannot work out how to do this. It seems that saslauthd
cannot deal with multiple Kerberos realms, no matter what hoops one
jumps through it eventually boils down to only using whatever
'default_realm' is set to in the krb5.conf file.
Using multiple saslauthd daemons isn't possible either as there's no way
(that I can work out) of getting OpenLDAP to use anything other than the
single socket specified in /etc/sasl2/slapd.conf.
My final idea was to run an LDAP instance per realm, each talking to the
separate saslauthd daemons, and have another outward facing LDAP service
with these as the backends but that's a non starter too because there's
no way of specifying the sasl slapd.conf file, it seems sasl always
looks in /etc/sasl2 for a file derived from the process name (a chroot
environment for each LDAP server is therefore the next thing to look at).
But this seems like a lot of work just to be able to authenticate users
against multiple domains. I appreciate this is a SASL issue rather than
a problem with OpenLDAP, but I'm hoping that someone here has cracked
this already. Googling hasn't thrown up an solution that I can find.
Liam Gretton liam.gretton(a)le.ac.uk
HPC Architect http://www.le.ac.uk/its
IT Services Tel: +44 (0)116 2522254
University of Leicester, University Road
Leicestershire LE1 7RH, United Kingdom
On 4 July 2012 22:34, xsun <matheus.morais(a)gmail.com> wrote:
> Hello guys,
> I can help on documentation in my spare time. I tryed to submit a patch for
> ITS#6339 in the past but I don't know why it was not accepted and I did not
> received any feedback about it. There is some TODO list for documentation?
There is a TODO list which, I can't believe, I started in 2008 and
haven't made much progress:
OpenLDAP Test suite
Go through Samba stuff again
OpenLDAP contrib scripts for generating LDIF etc.
OpenLDAP Admin Guide -
Tighten "LDAP vs RDBMS"
Check "What is slapd and what can it do?"
"Replicated Directory Service" - add MultiMaster picture.
"Configuring slapd" - check DIT layout is right
"The slapd Configuration File" - check backends are correct and in above
"Access Control" - Finish "Converting from slapd.conf(5) to a
cn=config directory format"
Backends section to finish
Overlays section to finish
Maintenance section to finish
Monitoring section to finish
Tuning section to finish
More in Troubleshooting section
More in Upgrading from 2.3.x section
Check "Recommended OpenLDAP Software Dependency Versions" section
Do some "Real World OpenLDAP Deployments and Examples"
"OpenLDAP Software Contributions" to complete
"Configuration File Examples" to complete
Some are done and I'd rather build a build farm RESTful API now so we
can have a central build farm. We did get a server from Google for
that with 32GB Ram but last I heard it was down. Kurt?
I'll check out your ITS and also we talked about a new wiki at some point?
I have a problem removing ONE ( and only ONE !!! ) entry in
my directory server
ldapdelete fails like the following
ldap_delete: Other (e.g., implementation specific) error (80)
additional info: entry index delete failed
I've checked online openldap documentation and this error
refers to a access rights problem, but it is not the case for
my server , all db files belong to ldap:ldap which is the identity
the slapd deamon runs on.
the server runs 2.4.23 version on a FreeBSD 8.1-RELEASE-p5
compiled and installed from ports.
ldap# /usr/local/libexec/slapd -V
@(#) $OpenLDAP: slapd 2.4.23 (Oct 15 2010 16:35:06) $
Any help welcome
According to slapo-unique(5) it is possible to specify several URLs in one domain (in single unique_uri dircetive).
I have in my slapd.conf settings like:
But in OpenLDAP 2.4.31 all URLs except first one is silently ignored.
Debug logs show:
4ff309e3 line 208 (unique_uri ldap:///ou=lists,dc=example.ru,ou=mail,o=foo?cn?sub?(objectClass=nisMailAlias) ldap:///ou=aliases,dc=example.ru,ou=mail,o=foo?cn?sub?(objectClass=nisMailAlias))
4ff309e3 ==> unique_new_domain <ldap:///ou=lists,dc=example.ru,ou=mail,o=foo?cn?sub?(objectClass=nisMailAlias)>
4ff309e3 >>> dnPrettyNormal: <ou=lists,dc=example.ru,ou=mail,o=foo>
4ff309e3 <<< dnPrettyNormal: <ou=lists,dc=example.ru,ou=mail,o=foo>, <ou=lists,dc=example.ru,ou=mail,o=foo>
Prblem is around this code in servers/slapd/overlays/unique.c:
if ( c->line ) rc = unique_new_domain ( &domain, c->line, c );
else rc = unique_new_domain ( &domain, c->argv, c );
c->line is empty by some reason.
c->argv contains only first URL.
Is anybody know how to fix this bug?
Is it normal, that c->line is empty?
sis there a way to use pass-through authentication with saslauthd and
the new nssov overlay?
The only thing I got working at the moment was to use overlay pbind.
But then I have to split my database 'cause I need local passwords
stored in the database too.
Thanks in aadvance!