undefined symbol: ldap_x_utf8s_to_wcs
by Michael
Hi,
I originally sent this to the wrong mail list. I hope this is the correct one.
I've compiled v2.4.35 on CentOS v6.4 with the smbk5pwd overlay. When I change my password the
openldap terminates with the message:
/usr/sbin/slapd: symbol lookup error: /usr/lib64/openldap/smbk5pwd-2.4.so.2: undefined symbol: ldap_x_utf8s_to_wcs
Thanks for any help. Google wasn't so helpful this time.
Mike
7 years, 8 months
Example for SASL bind to Microsoft AD
by radiatejava
I am trying to do OpenLDAP integration with Microsoft AD/LDAP. For
some initial troublehooting purpose, I am looking for using ldapsearch
command with SASL bind (DIGEST-MD5).
Can anyone give me the exact syntax for how to use ldapsearch command
with SASL bind for active directory ? Appreciate your help. I have
been trying out whats there over the web but no luck yet.
Thanks.
7 years, 8 months
Fwd: Fwd: Example for SASL bind to Microsoft AD
by radiatejava
These are my tries, do you see anything wrong here:
ldapsearch -h 10.77.125.83 -p 389 -Y DIGEST-MD5 -R
agentdev-dc.agentdev.com -X
"dn:CN=sburnwal,CN=Users,DC=agentdev,DC=com" -b "dc=agentdev,dc=com"
"(cn=iqsyed)"
SASL/DIGEST-MD5 authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Invalid credentials (49)
additional info: 80090303: LdapErr: DSID-0C0904BE, comment: The
digest-uri does not match any LDAP SPN's registered for this server.,
data 0, v1db1
ldapsearch -h 10.77.125.83 -p 389 -Y DIGEST-MD5 -R
agentdev-dc.agentdev.com -U sburnwal(a)agentdev.com -X
"dn:CN=sburnwal,CN=Users,DC=agentdev,DC=com" -b "dc=agentdev,dc=com"
"(cn=iqsyed)"
SASL/DIGEST-MD5 authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Invalid credentials (49)
additional info: 8009030C: LdapErr: DSID-0C0904DC, comment:
AcceptSecurityContext error, data 52e, v1db1
Thanks.
7 years, 8 months
Replicating schema
by espeake@oreillyauto.com
Okay so I am very new to openLDAP and we are running v 2.4.28 on ubuntu
12.04. In trying to set up a mirror with two servers that will grow to 3
soon. THis is what I get in the log about syncing the schema:
Jul 25 13:26:42 tntest-ldap-1 slapd[27954]: conn=1004 fd=16 ACCEPT from IP=
172.17.3.148:39672 (IP=0.0.0.0:389)
Jul 25 13:26:42 tntest-ldap-1 slapd[27954]: conn=1004 op=0 BIND
dn="uid=admin,dc=example,dc=com" method=128
Jul 25 13:26:42 tntest-ldap-1 slapd[27954]: conn=1004 op=0 BIND
dn="uid=admin,dc=example,dc=com" mech=SIMPLE ssf=0
Jul 25 13:26:42 tntest-ldap-1 slapd[27954]: conn=1004 op=0 RESULT tag=97
err=0 text=
Jul 25 13:26:42 tntest-ldap-1 slapd[27954]: conn=1004 op=1 SRCH
base="cn=config" scope=2 deref=0 filter="(objectClass=*)"
Jul 25 13:26:42 tntest-ldap-1 slapd[27954]: conn=1004 op=1 SRCH attr=* +
Jul 25 13:26:42 tntest-ldap-1 slapd[27954]: findbase failed! 32
Jul 25 13:26:42 tntest-ldap-1 slapd[27954]: conn=1004 op=1 SEARCH RESULT
tag=101 err=32 nentries=0 text=
Jul 25 13:26:42 tntest-ldap-1 slapd[27954]: conn=1004 op=2 UNBIND
Jul 25 13:26:42 tntest-ldap-1 slapd[27954]: conn=1004 fd=16 closed
>From what I can tell it is binding with the simple methad establishes the
search base looking at all of the object classes. but then it says it can't
find the data base. Here is the ldif file from olcDatabase{0}config.ldif
dn: olcDatabase={0}config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcRootDN: cn=admin,cn=config
olcRootPW: secret
structuralObjectClass: olcDatabaseConfig
olcsyncrepl: rid=001 provider=ldap://tntest-ldap-1.example.com
type=refreshAndPersist retry="5 +" searchbase="cn=config" bindmethod=simple
binddn="uid=admin,dc=example,dc=com" credentials=secret
olcsyncrepl: rid=002 provider=ldap://tntest-ldap-2.example.com
type=refreshAndPersist retry="5 +" searchbase="cn=config" bindmethod=simple
binddn="uid=admin,example,dc=com" credentials=secret
olcMirrorMode: TRUE
olcAccess: to * by by dn="uid=admin,dc=example,dc=com" write by
dn="uid=ldapadmin,ou=system,dc=oreillyauto,dc=com" read by * none
Any ideas on where I should be looking to make a correction or any other
information you need to help me figure this out?
Thank you,
Eric Speake
Web Systems Administrator
O'Reilly Auto Parts
This communication and any attachments are confidential, protected by Communications Privacy Act 18 USCS � 2510, solely for the use of the intended recipient, and may contain legally privileged material. If you are not the intended recipient, please return or destroy it immediately. Thank you.
7 years, 8 months
Replicating the Access Log
by Tim Gustafson
Hi,
I'm using the accesslog overlay on all three of my LDAP servers to
record BIND and WRITE operations.
Is there any reason I can't replicate the data from cn=log on all
three of my servers in MirrorMode so that all three of my servers
contain a complete audit log of all bind and write operations?
I tried to Google this, but all I'm findind is how-tos and questions
about using accesslog and delta replication, which is not what I want.
I want to actually replicate the contents of the accesslog itself
between all of my servers.
--
Tim Gustafson
tjg(a)ucsc.edu
831-459-5354
Baskin Engineering, Room 313A
7 years, 8 months
delta sync error message in log
by Ludovic Brochard
Hello,
I use the 2.4.35 version of openldap.
I have three master ldap mulit-delta-sync: ldap01, ldap02 and ldap03.
We import data ldap03 on two others by a copy of the FileSystem.
Upon restart, the three seem OK but we have in the logs files 3GB of
message like
this:
Jul 22 20:10:46 ldap02 slapd[31439]: do_syncrep2: rid=992 (4096) Content
Sync Refresh Required
Jul 22 20:10:46 ldap02 slapd[31439]: do_syncrep2: rid=992 (4096) Content
Sync Refresh Required
Jul 22 20:10:46 ldap02 slapd[31439]: do_syncrep2: rid=992 (4096) Content
Sync Refresh Required
Jul 22 20:10:46 ldap02 slapd[31439]: do_syncrep2: rid=992 (4096) Content
Sync Refresh Required
Jul 22 20:10:46 ldap02 slapd[31439]: do_syncrep2: rid=992 (4096) Content
Sync Refresh Required
Jul 22 20:10:46 ldap02 slapd[31439]: do_syncrep2: rid=992 (4096) Content
Sync Refresh Required
Jul 22 20:10:46 ldap02 slapd[31439]: do_syncrep2: rid=992 (4096) Content
Sync Refresh Required
Jul 22 20:10:46 ldap02 slapd[31439]: do_syncrep2: rid=992 (4096) Content
Sync Refresh Required
Jul 22 20:10:46 ldap02 slapd[31439]: do_syncrep2: rid=992 (4096) Content
Sync Refresh Required
Jul 22 20:10:46 ldap02 slapd[31439]: do_syncrep2: rid=992 (4096) Content
Sync Refresh Required
Jul 22 20:10:46 ldap02 slapd[31439]: do_syncrep2: rid=992 (4096) Content
Sync Refresh Required
Jul 22 20:10:46 ldap02 slapd[31439]: do_syncrep2: rid=992 (4096) Content
Sync Refresh Required
Jul 22 20:10:46 ldap02 slapd[31439]: do_syncrep2: rid=992 (4096) Content
Sync Refresh Required
Jul 22 20:10:46 ldap02 slapd[31439]: do_syncrep2: rid=992 (4096) Content
Sync Refresh Required
Jul 22 20:10:46 ldap02 slapd[31439]: do_syncrep2: rid=992 (4096) Content
Sync Refresh Required
Jul 22 20:10:46 ldap02 slapd[31439]: do_syncrep2: rid=992 (4096) Content
Sync Refresh Required
Someone had an idea of the problem? Or significatuion of this message ?
Thank you.
--
If the automobile had followed the same development cycle as the computer,
a Rolls-Royce would today cost $100, get a million miles per gallon, and
explode once a year, killing everyone inside.
Robert X. Cringely, InfoWorld magazine
7 years, 8 months
cn=monitor issues.
by Mónico Briseño
Hi, there. I have installed ldap in Ubuntu 12.04. I decided to use
cn=monitor. I added that line in the slap.conf script. I stopped and
started the slpad deamon. After that I typed the following command:
ldapsearch -x -D 'cn=admin,dc=example,dc=com' -W \ -b 'cn=monitor' -s base
'(objectClass=*)' '*' '+'
The results of this command is:
extended LDIF
#
# LDAPv3
# base <> (default) with scope baseObject
# filter: (objectclass=*)
# requesting: -b cn=monitor (objectClass=*) * +
#
#
dn:
objectClass: top
objectClass: OpenLDAProotDSE
structuralObjectClass: OpenLDAProotDSE
configContext: cn=config
namingContexts: dc=example,dc=com
supportedControl: 2.16.840.1.113730.3.4.18
supportedControl: 2.16.840.1.113730.3.4.2
supportedControl: 1.3.6.1.4.1.4203.1.10.1
supportedControl: 1.2.840.113556.1.4.319
supportedControl: 1.2.826.0.1.3344810.2.3
supportedControl: 1.3.6.1.1.13.2
supportedControl: 1.3.6.1.1.13.1
supportedControl: 1.3.6.1.1.12
supportedExtension: 1.3.6.1.4.1.4203.1.11.1
supportedExtension: 1.3.6.1.4.1.4203.1.11.3
supportedExtension: 1.3.6.1.1.8
supportedFeatures: 1.3.6.1.1.14
supportedFeatures: 1.3.6.1.4.1.4203.1.5.1
supportedFeatures: 1.3.6.1.4.1.4203.1.5.2
supportedFeatures: 1.3.6.1.4.1.4203.1.5.3
supportedFeatures: 1.3.6.1.4.1.4203.1.5.4
supportedFeatures: 1.3.6.1.4.1.4203.1.5.5
supportedLDAPVersion: 3
supportedSASLMechanisms: DIGEST-MD5
supportedSASLMechanisms: CRAM-MD5
supportedSASLMechanisms: NTLM
entryDN:
subschemaSubentry: cn=Subschema
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
However, I don't see nothing related with cn=monitor.
What did I do wrong?
Thanks in Advance
--
M.S. José M. Briseño Cortés
Universidad de Guadalajara
Instructional Technologist Univ. Houston
Moodle Teacher Certificate
NTCM, IACEP, iNACOL, ACM member
7 years, 8 months
Ldap features installed.
by Mónico Briseño
Hi, there. I installed Ldap in Ubuntu 12.04
Question: How can I know the ldap features are installed?
--
M.S. José M. Briseño Cortés
Universidad de Guadalajara
Instructional Technologist Univ. Houston
Moodle Teacher Certificate
NTCM, IACEP, iNACOL, ACM member
7 years, 8 months
str2entry: invalid value for attributeType objectClass #2 URGENT
by 25Dollar Tech
Hello Team,
I have a problem with OpenLDAP exporting and importing in to a different
machine.
When I use slapadd -l /backupfilname.ldif I used to get below error message
_ 0.16% eta 05m31s elapsed none spd 6.7
k/s 51f0c75b str2entry: invalid value for attributeType objectClass #2
(syntax 1.3.6.1.4.1.1466.115.121.1.38)
slapadd: could not parse entry (line=168)
. 0.28% eta 04m29s elapsed none spd 12.1
k/s
Closing DB...
Below is the line 168
168 dn: ou=Idmap,dc=example,dc=test,dc=com
169 objectClass: top
170 objectClass: organizationalUnit
171 objectClass: sambaUnixIdPool
172 ou: Idmap
173 structuralObjectClass: organizationalUnit
174 entryUUID: 22da7a76-16e0-102f-87b0-799f55e47d38
175 creatorsName: cn=admin,dc=example,dc=test,dc=com
176 createTimestamp: 20100628090609Z
177 uidNumber: 1000
178 gidNumber: 20001
179 entryCSN: 20100814084304.552975Z#000000#002#000000
180 modifiersName: cn=admin,dc=example,dc=test,dc=com
181 modifyTimestamp: 20100814084304Z
I already installed samba.schema.
what could be the reason then.
--
*Thanks & Regards,
25dollarTech Team
https://sites.google.com/site/25dollartech/*
*Email: 25dollartechhelp(a)gmail.com*
7 years, 8 months
lmdb - atomic actions
by Tomer Doron
wondering what the best strategy to achieve atomic updates with LMDB.
what i am trying to achieve is a read then update atomic action given a highly concurrent use case, for example, if a key/value pair represents a counter, how does one increment or decrement the counter atomically.
i am pretty sure mdb_get -> mdv_set sequence is not atomic, wondering if mdb_cursor_get -> mdv_cursor_put sequence is? perhaps a certain flag is required on the get action to achieve a lock? in my bdb implementation i used lockers to achieve this.
thanks,
tomer
7 years, 8 months