Re: Initialize ldap with mdb
by Quanah Gibson-Mount
--On Monday, October 02, 2017 5:14 PM -0700 rammohan ganapavarapu
<rammohanganap(a)gmail.com> wrote:
>
> Thank you, would you recommend different user for replication or just use
> the roodn? i know its upto me but just trying to follow the best
> practices :)
It is generally recommended not to use the rootdn for replication.
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
5 years, 12 months
Re: slapd: null_callback : error code 0x14
by Quanah Gibson-Mount
--On Monday, October 02, 2017 2:20 PM -0700 "Paul B. Henson"
<henson(a)acm.org> wrote:
> On Mon, Sep 25, 2017 at 04:31:40PM +0200, Ondřej Kuzník wrote:
>
>> I'd apply it everywhere you have syncprov configured, these could send a
>> cookie with too little information for a replica to spot and skip a
>> duplicate.
>
> Hmm, I applied the patch to all four of my servers but I'm still seeing
> the errors :(...
Are you positive the servers are in sync at this point? I.e., did you
freshly reload from whatever you consider your golden master them after
applying the patch?
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
5 years, 12 months
Re: Initialize ldap with mdb
by rammohan ganapavarapu
Thank you, would you recommend different user for replication or just use
the roodn? i know its upto me but just trying to follow the best practices
:)
Ram
On Mon, Oct 2, 2017 at 2:38 PM, Quanah Gibson-Mount <quanah(a)symas.com>
wrote:
> --On Monday, October 02, 2017 3:30 PM -0700 rammohan ganapavarapu <
> rammohanganap(a)gmail.com> wrote:
>
>
> database config
>> # rootdn directive for config
>> rootdn "cn=admin,cn=config"
>> rootpw {SSHA}XXXXXXXXX
>>
>
> As noted in the slapd-config(5) man page, the default rootdn for cn=config
> is cn=config. I'd generally go with the default. You would need to set
> the rootpw as you've done above though. ;)
>
> I.e., I'd just do:
>
> database config
> rootpw {SSHA}XXXXXXXXXXXXXXXX
>
> And go with the default rootdn.
>
>
> --Quanah
>
>
> --
>
> Quanah Gibson-Mount
> Product Architect
> Symas Corporation
> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
> <http://www.symas.com>
>
>
5 years, 12 months
Re: Initialize ldap with mdb
by Quanah Gibson-Mount
--On Monday, October 02, 2017 3:30 PM -0700 rammohan ganapavarapu
<rammohanganap(a)gmail.com> wrote:
> database config
># rootdn directive for config
> rootdn "cn=admin,cn=config"
> rootpw {SSHA}XXXXXXXXX
As noted in the slapd-config(5) man page, the default rootdn for cn=config
is cn=config. I'd generally go with the default. You would need to set
the rootpw as you've done above though. ;)
I.e., I'd just do:
database config
rootpw {SSHA}XXXXXXXXXXXXXXXX
And go with the default rootdn.
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
5 years, 12 months
Re: Initialize ldap with mdb
by rammohan ganapavarapu
Quanah,
My slapd.d dir is empty and my initialization script only create config if
slapd.d dir is empty, i tried with slapd.conf every thing looks good
except i don't find a way to connect to cn=config db as i don't see roodDN
in "cn\=config/olcDatabase\=\{0\}config.ldif"
Thanks,
Ram
On Mon, Oct 2, 2017 at 1:35 PM, Quanah Gibson-Mount <quanah(a)symas.com>
wrote:
> --On Monday, October 02, 2017 2:19 PM -0700 rammohan ganapavarapu <
> rammohanganap(a)gmail.com> wrote:
>
>
>>
>> Hi,
>>
>>
>>
>> I am trying to follow this thread (
>> http://blog.roeften.com/2015/03/openldap-24-on-centos-7-using-mdb.html )
>> to initialize the ldap config in non-default directory but i am getting
>> this error.
>>
>>
>> cat example.ldif | slapadd -v -F /opt/data/slapd.d -n 0 -d -1
>>
>>
>>
>>
>> 59d29ce6 >>> dnPrettyNormal: <cn=config>
>> 59d29ce6 <<< dnPrettyNormal: <cn=config>, <cn=config>
>> 59d29ce6 str2entry: entry -1 has multiple DNs "cn=config" and
>> "cn=module,cn=config"
>> slapadd: could not parse entry (line=1)
>>
>>
>> If i add one by one (one dn at a time) it seems to be working.
>>
>>
>> Any idea?
>>
>
> Well, if you already have your own cn=config database, then you're just
> making a real mess out of it. That would be my guess. I'm not sure why
> you're following some random "how to" guide. If you already had a working
> slapd.conf, then all you needed to do was convert it to cn=config using
> "slaptest".
>
> --Quanah
>
> --
>
> Quanah Gibson-Mount
> Product Architect
> Symas Corporation
> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
> <http://www.symas.com>
>
>
5 years, 12 months
Re: Initialize ldap with mdb
by Quanah Gibson-Mount
--On Monday, October 02, 2017 2:19 PM -0700 rammohan ganapavarapu
<rammohanganap(a)gmail.com> wrote:
>
>
> Hi,
>
>
>
> I am trying to follow this thread (
> http://blog.roeften.com/2015/03/openldap-24-on-centos-7-using-mdb.html )
> to initialize the ldap config in non-default directory but i am getting
> this error.
>
>
> cat example.ldif | slapadd -v -F /opt/data/slapd.d -n 0 -d -1
>
>
>
>
> 59d29ce6 >>> dnPrettyNormal: <cn=config>
> 59d29ce6 <<< dnPrettyNormal: <cn=config>, <cn=config>
> 59d29ce6 str2entry: entry -1 has multiple DNs "cn=config" and
> "cn=module,cn=config"
> slapadd: could not parse entry (line=1)
>
>
> If i add one by one (one dn at a time) it seems to be working.
>
>
> Any idea?
Well, if you already have your own cn=config database, then you're just
making a real mess out of it. That would be my guess. I'm not sure why
you're following some random "how to" guide. If you already had a working
slapd.conf, then all you needed to do was convert it to cn=config using
"slaptest".
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
5 years, 12 months
Re: slapd: null_callback : error code 0x14
by Quanah Gibson-Mount
--On Thursday, September 21, 2017 9:59 PM -0700 "Paul B. Henson"
<henson(a)acm.org> wrote:
> It seems there are updates for that group coming from rid 002
> (egeria.ldap.cpp.edu) and 003 (minerva.ldap.cpp.edu), but none from rid
> 001 (themis.ldap.cpp.edu) which is serverid 4, where the change was
> actually made?
Oh, I thought you had said you only had two masters. This could well be
ITS#8444 (ignore the ITS title, it has nothing to do with memberOf), where
there are out of sync problems with 3+ MMR nodes and delta-syncrepl when
syncprov checkpoints.
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
5 years, 12 months
Initialize ldap with mdb
by rammohan ganapavarapu
Hi,
I am trying to follow this thread (
http://blog.roeften.com/2015/03/openldap-24-on-centos-7-using-mdb.html
) to initialize the ldap config in non-default directory but i am getting
this error.
cat example.ldif | slapadd -v -F /opt/data/slapd.d -n 0 -d -1
59d29ce6 >>> dnPrettyNormal: <cn=config>
59d29ce6 <<< dnPrettyNormal: <cn=config>, <cn=config>
59d29ce6 str2entry: entry -1 has multiple DNs "cn=config" and
"cn=module,cn=config"
slapadd: could not parse entry (line=1)
If i add one by one (one dn at a time) it seems to be working.
Any idea?
Thanks
5 years, 12 months
Re: Openldap periodic cpu spikes in one of the servers in two node MMR
by rammohan ganapavarapu
Quanah,
Thank you.
Ram
On Mon, Oct 2, 2017 at 10:11 AM, Quanah Gibson-Mount <quanah(a)symas.com>
wrote:
> --On Monday, October 02, 2017 10:59 AM -0700 rammohan ganapavarapu <
> rammohanganap(a)gmail.com> wrote:
>
>
>> Quanah,
>>
>>
>> Where can i get a minimal slapd.conf/cn=config for mdb? also all
>> supported properties for mdb?
>>
>
> The man page for slapd-mdb notes what its configuration options are:
>
> <http://www.openldap.org/software/man.cgi?query=slapd-mdb&
> apropos=0&sektion=0&manpath=OpenLDAP+2.4-Release&format=html>
>
> If you want a minimal slapd.conf for mdb, it's pretty basic:
>
> database mdb
> directory </path/to/database>
> index <indices>
> maxsize 85899345920
> <db specific ACLs>
>
>
> You could use slaptest to convert that trivially to cn=config
> representation.
>
>
> --Quanah
>
> --
>
> Quanah Gibson-Mount
> Product Architect
> Symas Corporation
> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
> <http://www.symas.com>
>
>
5 years, 12 months
Re: Openldap periodic cpu spikes in one of the servers in two node MMR
by Quanah Gibson-Mount
--On Monday, October 02, 2017 10:59 AM -0700 rammohan ganapavarapu
<rammohanganap(a)gmail.com> wrote:
>
> Quanah,
>
>
> Where can i get a minimal slapd.conf/cn=config for mdb? also all
> supported properties for mdb?
The man page for slapd-mdb notes what its configuration options are:
<http://www.openldap.org/software/man.cgi?query=slapd-mdb&apropos=0&sektio...>
If you want a minimal slapd.conf for mdb, it's pretty basic:
database mdb
directory </path/to/database>
index <indices>
maxsize 85899345920
<db specific ACLs>
You could use slaptest to convert that trivially to cn=config
representation.
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
5 years, 12 months