migrate from slapo-memberof to slapo-dynlist
by Michael Ströder
HI!
It's easy to change the config of OpenLDAP 2.5 from "overlay memberof"
to "overlay dynlist" and it just works. Nice. :-)
But the existing database then still contains the 'memberOf' attribute
values.
Ideally one should reload the database. But if anything fails:
Does it do any harm if 'memberOf' attribute values are still present in
the database but slapo-dynlist is supposed to compute 'memberOf'
attribute values based on recently changed group membership?
At the end I will instruct the admins to reload databases especially to
also save space. But it would be less operational stress if I could
decouple the config change from the database re-load.
Ciao, Michael.
2 years
Re: 2.5.7 - adding memberof module Duplicate attributeType
by Saša-Stjepan Bakša
On Mon, 30 Aug 2021 at 19:33, Quanah Gibson-Mount <quanah(a)symas.com> wrote:
> >
> > @Dave Macias Can you share the structure of your groups?
>
> member/memberOf depend on LDAP groups, not unix groups, which are based on
> DNs.
>
> Example groups objectClasses are:
>
> groupOfNames (core schema)
> groupOfUniqueNames (core schema)
> groupOfMembers (rfc2307bis schema)
>
>
> Of these three, I would recommend either groupOfNames or groupOfMembers
>
>
Thank you Quanah! I will try them as you suggested.
br
Saša
2 years
Re: 2.5.7 - adding memberof module Duplicate attributeType
by Quanah Gibson-Mount
--On Monday, August 30, 2021 8:26 PM +0200 Saša-Stjepan Bakša
<ssbaksa(a)gmail.com> wrote:
> --On Monday, August 30, 2021 11:14 AM +0200 Saša-Stjepan Bakša
> <ssbaksa(a)gmail.com> wrote:
>
>> I have similar situation and also a replicated environment. I am using
>> posixGroup only and never had any need for a memberOf attribute.
>> But now, my devs have a software which insists on that attribute so I
>> should provide it for them.
>
> posixGroup is not a valid objectClass to use with providing memberOf
> information.
>
> --Quanah
>
>
>
>
>
> Ouch! I have 51 different posixGroup groups which have been in use for
> more than 10 years and now because of one
> piece of software I must change the way I manage them all. Not happy at
> all.
>
>
> What is your suggestion Quanah? Can I just add an object? It would be a
> problem if I must change all services.
> Or maybe just add a few new groups of different types for that software.
> That will be great if it is appropriate.
>
>
>
> @Dave Macias Can you share the structure of your groups?
member/memberOf depend on LDAP groups, not unix groups, which are based on
DNs.
Example groups objectClasses are:
groupOfNames (core schema)
groupOfUniqueNames (core schema)
groupOfMembers (rfc2307bis schema)
Of these three, I would recommend either groupOfNames or groupOfMembers
Regards,
Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
2 years
Re: OpenLDAP 2.5.7 dies
by kevin martin
https://bugs.openldap.org/show_bug.cgi?id=9656
---
Regards,
Kevin Martin
On Mon, Aug 30, 2021 at 10:01 AM Quanah Gibson-Mount <quanah(a)symas.com>
wrote:
>
>
> --On Monday, August 30, 2021 10:41 AM -0500 kevin martin <ktmdms(a)gmail.com>
>
> wrote:
>
> >
> >
> > issue handled. missing pwdCheckModuleArg in the password policy
> > (apparently not using ppm.conf anymore). once added to the schema the
> > password change works.
>
> This still should not cause slapd to crash. Please file a bug at
> https://bugs.openldap.org with the reproduction steps. Thanks!
>
> Regards,
> Quanah
>
> --
>
> Quanah Gibson-Mount
> Product Architect
> Symas Corporation
> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
> <http://www.symas.com>
>
2 years
Re: 2.5.7 - adding memberof module Duplicate attributeType
by Dave Macias
Thank you for the input!
Ive been researching it a bit. As far as I understand, dynlist “allows for
expansion of dynamic groups and more” (from the man). Also, I'm assuming
that dynlist also works well with MMR syncrepl, yes? (Since memberof didnt)
I only have static groups.
Googling around showed that you can also use it against static groups…if I
understood it correctly.
Would this overlay config help me for expanding against static groups using
rfc2307bis schema?
dn: olcOverlay=dynlist,olcDatabase=mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcDynListConfig
olcOverlay: dynlist
olcDynListAttrSet: member
Thank you!
On Aug 27, 2021, 8:39 PM -0400, Quanah Gibson-Mount <quanah(a)symas.com>,
wrote:
--On Friday, August 27, 2021 8:10 PM -0400 Dave Macias <davama(a)gmail.com>
wrote:
So i rebuild but without memberof module/overlay
From the slapo-memberof(5) man page for OpenLDAP 2.5:
Note that this overlay is deprecated and support will be dropped
in
future OpenLDAP releases. Installations should use the dynlist
overlay
instead. Using this overlay in a replicated environment is
especially
discouraged.
The point was you should be using dynlist rather than memberOf.
Regards,
Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
2 years
Re: OpenLDAP 2.5.7 dies
by kevin martin
issue handled. missing pwdCheckModuleArg in the password policy
(apparently not using ppm.conf anymore). once added to the schema the
password change works.
---
Regards,
Kevin Martin
On Fri, Aug 27, 2021 at 7:42 PM Quanah Gibson-Mount <quanah(a)symas.com>
wrote:
>
>
> --On Friday, August 27, 2021 5:47 PM -0500 kevin martin <ktmdms(a)gmail.com>
>
> wrote:
>
> >
> >
> > Howard, I DID use ppm in 2.4 and there's a compile warning with ppm in
> > that:
>
> If you are using OpenLDAP 2.5, then you should be compiling the version of
> the ppm module that ships with it in contrib/slapd-modules/ppm. Or to be
> more clear, all modules you're using should be the 2.5 versions of the
> modules and not the 2.4 versions. I.e., same deal with the ppolicy
> overlay.
>
> Please provide your ppolicy configuration (for the ppolicy overlay), both
> the configuration from slapd.conf/cn=config AND the LDIF entry for
> whatever
> you have defined the default policy to be or whatever policy it is that
> applies to the entries you are modifying.
>
> Regards,
> Quanah
>
>
> --
>
> Quanah Gibson-Mount
> Product Architect
> Symas Corporation
> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
> <http://www.symas.com>
>
2 years
Re: OpenLDAP 2.5.7 dies
by kevin martin
Howard, I DID use ppm in 2.4 and there's a compile warning with ppm in that:
ppm]# make
gcc -g -O2 -fpic -DDEBUG -DCRACKLIB -c -I../../../include
-I../../../include -I../../../servers/slapd ppm.c
In function ‘strcpy_safe.part.1’,
inlined from ‘strcpy_safe’ at ppm.c:57:1:
ppm.c:68:9: warning: ‘strncpy’ specified bound depends on the length of the
source argument [-Wstringop-overflow=]
strncpy(dest, src, n);
^~~~~~~~~~~~~~~~~~~~~
ppm.c: In function ‘strcpy_safe’:
ppm.c:65:26: note: length computed here
int length_src = strlen(src);
^~~~~~~~~~~
gcc -I../../../include -I../../../include -I../../../servers/slapd -shared
-o ppm.so ppm.o -lcrack
gcc -g -O2 -fpic -I../../../include -I../../../include
-I../../../servers/slapd -L../../../libraries/liblber/.libs
-L../../../libraries/libldap/.libs -lldap -llber -Wl,-rpath=. -o ppm_test
ppm_test.c ppm.so -L../../../libraries/liblber/.libs
-L../../../libraries/libldap/.libs -lldap -llber -lcrack
as for the entire thread dump, here it is with a different password than
the one I was trying to change it to but that still caused the crash:
Thread 3 "slapd" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7ff8cff03700 (LWP 132587)]
check_password (pPasswd=0x7ff8c011bb81 "0penLD@p!1s@paiN!nth3@aSs!",
ppErrStr=0x7ff8cff01fd0, e=0x7ff8c0001c68, pArg=0x0) at ppm.c:444
444 ppm_log(LOG_NOTICE, "ppm: RAW configuration: %s",
(gdb) thr apply all bt full
Thread 3 (Thread 0x7ff8cff03700 (LWP 132587)):
#0 check_password (pPasswd=0x7ff8c011bb81 "0penLD@p!1s@paiN!nth3@aSs!",
ppErrStr=0x7ff8cff01fd0, e=0x7ff8c0001c68, pArg=0x0) at ppm.c:444
pEntry = 0x7ff8c0001c68
pwdCheckModuleArg = 0x0
szErrStr = 0x7ff8c0103220 ""
mem_len = <optimized out>
numParam = 32760
useCracklib = <optimized out>
cracklibDict = '\000' <repeats 32 times>,
"\002\000\000\000\000\000\000\000Hcq\024\371\177\000\000\020\000\000\000\000\000\000\000h\000\000\000\000\000\000\000\000rq\024\371\177\000\000\060\245\021\300\370\177\000\000\060\245\021\300\370\177\000\000\020\000\000\000\000\000\000\000Y\324\020\300\370\177\000\000Ф\021\300\370\177\000\000\220\323\020\300\370\177\000\000У\021\300\370\177\000"
cracklibDictFiles = {'\000' <repeats 132 times>, '\000' <repeats
132 times>, '\000' <repeats 132 times>}
cracklibExt = {0x7ff914a433a0 <aesni_256_gcm> "\205\003",
0x7ff8cfeef700 "K", 0x4b <error: Cannot access memory at address 0x4b>}
fd = <optimized out>
res = <optimized out>
minQuality = <optimized out>
checkRDN = <optimized out>
forbiddenChars =
"\020\201\021\300\370\177\000\000\212dq\024\371\177\000\000Ф\021\300\370\177\000\000\311\000\000\000\000\000\000\000\220\323\020\300\370\177\000\000N_n\024\371\177\000\000\000\000\000\000\000\000\000\000H\201\021\300\370\177\000\000\001\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\020\201\021\300\370\177\000\000@
\032\020\300\370\177\000\000h\370\356\317\370\177\000\000D\003\357\317\370\177\000\000m\372\356\317\370\177\000\000\356a\251\024\371\177\000"
nForbiddenChars = <optimized out>
nQuality = <optimized out>
maxConsecutivePerClass = <optimized out>
nbInClass = {1, 0, -806421907, 32760, 0, 16, 1, 0, -806419728,
32760, -806421489, 32760, -1072680416, 32760, -1072680416, 32760,
346305440, 32761, -806422432, 32760, 225, 0, 5326608, 0, -806422064, 32760,
5326651, 0, -1072675392, 32760, 1630100038, 0, 334573636, 32761, 333440017,
32761,
-72515583, 32761, 16281596, 0, 16281596, 0, 16281595, 0,
16281595, 0, 16281595, 0, 16281595, 0}
i = <optimized out>
j = <optimized out>
fileConf = {{param =
"\374o\370\000\000\000\000\000\020\000\000\000\060\000\000\000\060\377\356\317\370\177\000\000p\376\356\317\370\177\000",
iType = typeInt, value = {iVal = 419430400,
sVal = "\000\000\000\031\027\003\003\000;\000\000\000
\371\356π\000\000\000\350\375\356\317\370\177\000\000\000\000\000\000\370\177\000\000l\030\026\024\371\177\000\000\000\000\000\000\000\000\000\000P\000\000\000\000\000\000\000P9\020\300\370\177\000\000\020\020\000\300\370\177\000\000P\000\000\000\000\000\000\000\065:\361\024\371\177\000\000\377\377\377\377\370\177\000\000\340\376\356\317\370\177\000\000
\000\357\317\370\177\000\000\200t\024\024\371\177\000\000\000\000\000"},
min = 0, minForPoint = -806422080}, {
param =
"\370\177\000\000\360\372\356\317\370\177\000\000\246\241\344\023\371\177\000\000\300E\020\300\370\177\000\000\002\000\000",
iType = typeInt, value = {iVal = -806421488,
sVal =
"\020\374\356\317\370\177\000\000\000\261W;z\226ӕ\000\372\356\317\370\177\000\000\000\372\356\317\370\177\000\000\060\373\356\317\370\177\000\000\373o\370\000\000\000\000\000\300E\020\300\370\177\000\000FZ)a\000\000\000\000D0\361\023\371\177\000\000P\000\000\000\000\000\000\000\020\020\000\300\370\177\000\000\203\323\020\300\370\177\000\000\220\372\356\317\370\177\000\000@\032\020\300\370\177\000\000\000\000\000\000\000\000\000\000C/\025\025\371\177\000"},
min = -806421872, minForPoint = 32760}, {
param =
"\203\323\020\300\370\177\000\000P\000\000\000\000\000\000\000\036(c\024\371\177\000\000\020\020\000\300\370\177\000",
iType = (typeStr | unknown: 342038594), value = {iVal = 32761,
sVal =
"\371\177\000\000\000\000\000\000\000\000\000\030\310\"\020\300\370\177\000\000\310\"\020\300\370\177\000\000\200\066\360\317\370\177\000\000H\f\357\317\370\177\000\000\347\034c\024\371\177\000\000P\000\000\000\000\000\000\000\000\261W;z\226ӕ\230\001\357\317\370\177\000\000O&\251\024\371\177\000\000\027\000\000\000\000\000\000\000P\000\000\000\000\000\000\000\200\373\356\317\370\177\000\000@\032\020\300\370\177\000\000\350\001\357\317\370\177\000\000\300\373\356",
<incomplete sequence \317>}, min = 32760, minForPoint = 23}, {
param =
"\000\000\000\000\001\000\000\000\000\000\000\000\200\373\356\317\370\177\000\000\241\065\251\024\371\177\000\000\001\000\000",
iType = (unknown: 32760), value = {iVal = 2,
sVal =
"\002\000\000\000\027\000\000\000\001\000\000\000\000\000\000\000\350\"\000\300\370\177\000\000\063\000\000\000\000\000\000\000\210\373\356\317\370\177\000\000\001",
'\000' <repeats 15 times>,
"H\f\357\317\370\177\000\000\000\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\200\373\356\317\370\177\000\000\220\001\357\317\370\177\000\000\210\373\356\317\370\177\000\000\000\000\000\000\000\000\000\000K\000\000\000\000\000\000\000;\000\000\000\000\000\000"},
min = 353709891, minForPoint = 32761}, {
param =
"\000\000\000\000\000\000\000\000\200\323\020\300\370\177\000\000S\000\000\000\000\000\000\000S\000\000\000\000\000\000",
iType = (unknown: 16560), value = {iVal = 0,
sVal = '\000' <repeats 16 times>,
"\065\070\000\000\310\"\020\300\370\177\000\000\310\"\020\300\370\177\000\000\200\066\360\317\370\177\000\000\250\r\357\317\370\177\000\000\347\034c\024\371\177\000\000\346\000\000\000\000\000\000\000\000\261W;z\226ӕ\370\002\357\317\370\177\000\000O&\251\024\371\177\000\000\027\000\000\000\000\000\000\000\346\000\000\000\000\000\000\000\340\374\356\317\370\177\000\000@\032\020\300\370\177\000\000H\003\357",
<incomplete sequence \317>}, min = 32760, minForPoint = -806421216}, {
param =
"\370\177\000\000\027\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\340\374\356\317\370\177\000\000\241\065\251\024",
iType = (typeStr | unknown: 32760), value = {iVal = 1,
sVal =
"\001\000\000\000\370\177\000\000@\375\356\317\027\000\000\000\001\000\000\000\000\000\000\000\270*\000\300\370\177\000\000\311\000\000\000\000\000\000\000\350\374\356\317\370\177\000\000\001",
'\000' <repeats 15 times>,
"\250\r\357\317\370\177\000\000\000\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\340\374\356\317\370\177\000\000\360\002\357\317\370\177\000\000\350\374\356\317\370\177\000\000\000\000\000\000\000\000\000\000\341\000\000\000\000\000\000"},
min = 209, minForPoint = 0}, {
param =
"\300E\020\300\370\177\000\000\000\000\000\000\000\000\000\000\200\323\020\300\370\177\000\000\351\000\000\000\000\000\000",
iType = (typeStr | unknown: 232), value = {iVal = 0,
sVal = "\000\000\000\000\260@", '\000' <repeats 22 times>,
"\300E\020\300\370\177\000\000P\376\356\317\370\177\000\000\271\037\350\023\371\177\000\000\a\000\000\000y\000\000\000\020GQ",
'\000' <repeats 13 times>,
"FZ)a\000\000\000\000\340\t\022\300\370\177\000\000`\000\000\000\000\000\000\000:\000\000\000!\000\000\000\025\000\000\000\033\000\000\000\a\000\000\000y\000\000\000\005\000\000"},
min = 238, minForPoint = 0}, {param =
"\370\177\000\000\000\000\000\000\000\000\000\000p_\370\000\000\000\000\000\001\000\000\000\000\000\000\000\001\000\000",
iType = typeInt, value = {
iVal = -1073734768,
sVal =
"\220\033\000\300\370\177\000\000\200\376\356\317\370\177\000\000\300~E\000\000\000\000\000\250\"\000\300\370\177\000\000u>Q\000\001\000\000\000\200\376\356\317\370\177\000\000\340J\017\001\000\000\000\000?\020\000\000\000\000\000\000\240\232\373",
'\000' <repeats 14 times>,
"\261W;z\226ӕ\004\000\000\000\004\000\000\000u>Q\000\000\000\000\000\001\000\000\000\000\000\000\000`\n\357\317\370\177\000\000@\022\357\317\370\177\000"},
min = 17780656, minForPoint = 0}, {
param =
"\003\000\000\000\000\000\000\000\020#\350\023\371\177\000\000(\000\000\000\060\000\000\000\060\377\356\317\370\177\000",
iType = (unknown: 3488546416), value = {iVal = 32760,
sVal = "\370\177\000\000\000\261W;z\226ӕ\020
\000\000\000\000\000\000\000\261W;z\226ӕ\345`P\000\000\000\000\000u>Q\000\000\000\000\000`\n\357\317\370\177\000\000\a\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\377\377\377\377\000\000\000\000
\022\000\300\370\177\000\000=\244E\000\000\000\000\000\240\377\356\317\370\177\000\000\001\000\000\000\000\000\000\000\001",
'\000' <repeats 15 times>, "\240\377\356", <incomplete sequence \317>}, min
= 32760, minForPoint = 16423072}, {
param = "\000\000\000\000
\022\000\300\370\177\000\000=\244E\000\000\000\000\000@\022\357\317\370\177\000\000\001\000\000",
iType = typeInt, value = {iVal = 1,
sVal =
"\001\000\000\000\000\000\000\000\360)\000\300\370\177\000\000@
\022\357\317\370\177\000\000\300~E\000\000\000\000\000\250\"\000\300\370\177\000\000~@Q\000\001\000\000\000@\022\357\317\370\177\000\000\340J\017\001\000\000\000\000?\020\000\000\000\000\000\000\240\230\372",
'\000' <repeats 13 times>,
"\002\000\000\000\000\000\000\000\005\000\000\000\005\000\000\000\377dP\000\000\000\000\000?\020\000\000\000\000\000\000\366bQ\000\000\000\000"},
min = 16453344, minForPoint = 0}, {param = "d\n\357\317\370\177", '\000'
<repeats 25 times>, iType = typeInt, value = {iVal = 0,
sVal = "\000\000\000\000read(=rscxd)", '\000' <repeats 12
times>, "\002", '\000' <repeats 39 times>,
"\001\000\000\000\000\000\000\000\377\377\377\377\000\000\000\000\003\000\000\000\000\000\000\000\020#\350\023\371\177\000\000(\000\000\000\060\000\000\000\000\001\357\317\370\177\000\000read(=rscxd)"},
min = -1781295616, minForPoint = 0}, {param = '\000' <repeats 31 times>,
iType = typeInt, value = {iVal = 0,
sVal =
"\000\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\377\377\377\377",
'\000' <repeats 60 times>, "`w\373\000\000\000\000\000
\022\000\300\370\177\000\000=\244E\000\000\000\000\000\260\001\357\317\370\177\000\000\001\000\000\000\000\000\000\000\001\000\000\000\000\000\000"},
min = 0, minForPoint = 0}, {param =
"\260\001\357\317\370\177\000\000\300~E\000\000\000\000\000\260\036\000\300\370\177\000\000\000\000\000\000\001\000\000",
iType = (unknown: 3488547248), value = {iVal = 32760,
sVal =
"\370\177\000\000\340J\017\001\000\000\000\000?\020\000\000\000\000\000\000`w\373",
'\000' <repeats 13 times>,
"\002\000\000\000\000\000\000\000\004\000\000\000\004\000\000\000~@Q\000\000\000\000\000?\020\000\000\000\000\000\000\366bQ\000\000\000\000\000\000u\373\000\000\000\000\000\064\f\357\317\370\177",
'\000' <repeats 34 times>, "\003\003\000"}, min = 23, minForPoint = 80},
{param = '\000' <repeats 20 times>,
"\210\323\020\300\370\177\000\000\210\323\020\300", iType = (unknown:
32760), value = {iVal = 0, sVal = '\000' <repeats 127 times>}, min = 0,
minForPoint = 0}, {
param = '\000' <repeats 31 times>, iType = typeInt, value =
{iVal = 0, sVal = '\000' <repeats 127 times>}, min = 0, minForPoint = 0},
{param = '\000' <repeats 31 times>, iType = typeInt, value = {iVal = 0,
sVal = '\000' <repeats 127 times>}, min = 0, minForPoint = 0}, {
param = '\000' <repeats 31 times>, iType = typeInt, value =
{iVal = 0, sVal = '\000' <repeats 127 times>}, min = 0, minForPoint = 0},
{param = '\000' <repeats 31 times>, iType = typeInt, value = {iVal = 0,
sVal = '\000' <repeats 127 times>}, min = 0, minForPoint = 0}, {
param = '\000' <repeats 16 times>,
"h\006\357\317\370\177\000\000\000\000\005\000\000\000\000", iType =
(typeStr | unknown: 4294967294), value = {iVal = -1,
sVal = "\377\377\377\377", '\000' <repeats 16 times>,
"P\f\357\317\370\177\000\000\001\000\000\000\000\000\000\000`\f\357\317\370\177\000\000\001\000\000\000\000\000\000\000\377\377\377\377\000\000\000\000\224\246\336\023\371\177",
'\000' <repeats 34 times>,
")6\361\023\371\177\000\000\000\000\000\000\000\000\000\000\220\r\357\317\370\177\000\000\000\000\000"},
min = 0, minForPoint = 0}, {param = '\000' <repeats 28 times>,
"\001\000\000", iType = typeInt, value = {iVal = 0,
sVal =
"\000\000\000\000\000\000\000\000\240v\024\024\371\177", '\000' <repeats 26
times>, "\340\a\357\317\370\177", '\000' <repeats 22 times>,
"\001\000\000\000\340\264\024\024\371\177\000\000\377\377\377\377\000\000\000\000u",
'\000' <repeats 15 times>, "\200\377\377\377\377\377\377\377", '\000'
<repeats 15 times>}, min = 0, minForPoint = 0}, {param =
"\000\000\000\000\060\000\000\000p\016\357\317\370\177\000\000J0\361\023\371\177\000\000\001\b\357\317\370\177\000",
iType = (unknown: 336997088), value = {iVal = 32761,
sVal = "\371\177\000\000`\f\357\317\370\177", '\000' <repeats
42 times>, "
\000\000\000\060\000\000\000p\016\357\317\370\177\000\000\260\r\357\317\370\177",
'\000' <repeats 53 times>}, min = 0, minForPoint = 0}, {param = '\000'
<repeats 31 times>, iType = typeInt, value = {iVal = 0,
sVal = '\000' <repeats 127 times>}, min = 0, minForPoint =
0}, {param = '\000' <repeats 31 times>, iType = typeInt, value = {iVal = 0,
sVal = '\000' <repeats 21 times>,
"\b\357\317\370\177\000\000\000\f\357\317\370\177\000\000\000\b\357\317\370\177\000\000\000\004\000\000\000\000\000\000\060",
'\000' <repeats 74 times>}, min = 0, minForPoint = 0}, {param = '\000'
<repeats 31 times>, iType = typeInt, value = {
iVal = 0, sVal = '\000' <repeats 120 times>,
"\001\000\000\000\000\000\000"}, min = 0, minForPoint = 0}, {param =
"\000\000\000\000\000\000\000\000\300E\020\300\370\177\000\000\260\016\357\317\370\177\000\000\a\000\000\000\000\000\000",
iType = (unknown: 3488550592), value = {
iVal = 32760,
sVal =
"\370\177\000\000\070\067\361\023\371\177\000\000\000p\024\024\371\177\000\000\252\266\335\023\371\177",
'\000' <repeats 18 times>, "\350\005\002", '\000' <repeats 25 times>,
"\371\177\000\000\220\n\357\317\370\177\000\000\377\377\377\377\377\377\377\377\000\000\000\000\000\000\000\000\001",
'\000' <repeats 15 times>, "\n\000\000\000\371\177\000\000 \000\000"}, min
= 0, minForPoint = -806416776}, {param =
"\370\177\000\000\006\000\000\000\000\000\000\000\006", '\000' <repeats 15
times>, "X\226\340\023", iType = (typeStr | unknown: 32760), value = {iVal
= 1,
sVal =
"\001\000\000\000\000\000\000\000\066\067\361\023\371\177\000\000\000\000\000\000\000\000\000\000\300E\020\300\370\177\000\000\220\017\357\317\370\177\000\000Y\000\000\000\000\000\000\000\260\020\357\317\370\177\000\000F\026Q\000\000\000\000\000\000p\024\024\371\177\000\000\252\266\335\023\371\177\000\000\301\357",
'\000' <repeats 14 times>, "\004", '\000' <repeats 27 times>,
"\377\377\377\377"}, min = -806417552, minForPoint = 32760}, {param =
"\377\377\377\377\377\377\377\377\000\000\000\000\000\000\000\000\006",
'\000' <repeats 11 times>, "\370\177\000",
iType = (unknown: 5268038), value = {iVal = 0,
sVal = '\000' <repeats 13 times>, "bP", '\000' <repeats 29
times>,
"\200h\024\024\371\177\000\000h\r\000\000\000\000\000\000\020\026Q", '\000'
<repeats 13 times>, "\020\026Q", '\000' <repeats 13 times>, "G\026Q",
'\000' <repeats 32 times>}, min = 0, minForPoint = 0}, {
param = '\000' <repeats 31 times>, iType = typeInt, value =
{iVal = 0,
sVal = '\000' <repeats 16 times>,
"\020\000\000\000\060\000\000\000\240\021\357\317\370\177\000\000\020\000\000\000\060\000\000\000\220\021\357\317\370\177\000\000\320\020\357\317\370\177",
'\000' <repeats 50 times>,
"\374o\370\000\000\000\000\000\000\261W;z\226ӕ\000\000\000\000\000\000\000"},
min = -806417296, minForPoint = 32760}, {param = "3", '\000' <repeats 16
times>, "@\000\000\000\000\000\000\027\000\000\000\000\000\000", iType =
(unknown: 3222280768), value = {iVal = 32760,
sVal =
"\370\177\000\000\066\070\251\024\371\177\000\000H\f\357\317\370\177\000\000&7\251\024\371\177\000\000\377\377\377\377\377\377\377\377\350\"\000\300\370\177\000\000H\f\357\317\370\177\000\000\001\000\000\000\000\000\000\000\000@\000\000\000\000\000\000\000\261W;z\226ӕ`\f\357\317\370\177\000\000`\f\357\317\370\177\000\000\220\r\357\317\370\177\000\000\373o\370\000\000\000\000\000\300E\020\300\370\177\000\000FZ)a\000\000\000\000D0\361\023"},
min = 32761, minForPoint = 333440017}, {
param =
"\371\177\000\000\001\200\255\373\370\177\000\000\374o\370\000\000\000\000\000\374o\370\000\000\000\000\000\373",
<incomplete sequence \370>, iType = typeInt, value = {iVal = 16281595,
sVal =
"\373o\370\000\000\000\000\000\373o\370\000\000\000\000\000\373o\370\000\000\000\000\000\373o\370\000\000\000\000\000\374o\370",
'\000' <repeats 49 times>, "\200", '\000' <repeats 13 times>,
"\370\000\200", '\000' <repeats 13 times>,
"\357\317\370\177\000\000\000\000\000\000\000\000\000"}, min = -1,
minForPoint = -1}, {param =
"\000\000\000\000\000\000\000\000\377\377\377\377\065\070\377\377\000\261W;z\226ӕ\377\377\377\377\000\000\000",
iType = (typeStr | unknown: 333505162), value = {iVal = 32761,
sVal =
"\371\177\000\000\354\t\022\300\370\177\000\000\200t\024\024\371\177\000\000\000\000\000\000\000\000\000\000\017\000\000\000\001\000\000\000\354\t\022\300\370\177\000\000\246\241\344\023\371\177\000\000\202\r132584\002\000\000\000\000\000\000\000\320\017\357\317\370\177\000\000`|\024\024\371\177\000\000\207\017\357\317\370\177\000\000p_\370\000\000\000\000\000\356\037\000\000\000\000\000\000p\016\357\317\370\177\000\000\260\r\357\317\t\000\000\000\002\000\000"},
min = -1781295494, minForPoint = 51}, {
param =
"\000\000\000\000\060\016\357\317\370\177\000\000\216\016\357\317\370\177\000\000\224\016\357\317\370\177\000\000\220\016\357",
<incomplete sequence \317>, iType = (unknown: 32760), value = {iVal =
-806416748,
--Type <RET> for more, q to quit, c to continue without paging--c
sVal =
"\224\016\357\317\370\177\000\000\000\000\000\000\000\000\000\000`\000\000\000\000\000\000\000\020
\000\000\000\000\000\000\000\261W;z\226ӕ\240\071\020\300\370\177\000\000\320\071\020\300\370\177\000\000\063\000\000\000\000\000\000\000\350\"\000\300\370\177\000\000\200\020\357\317\065\070\000\000\000\261W;z\226ӕ\000\000\000\000\000\000\000\000\213\342\340\023\371\177\000\000\354\t\022\300\370\177\000\000\373\037\000\000\000\000\000\000@\231\024\024\371\177\000"},
min = 15, minForPoint = 1}, {param =
"\354\t\022\300\370\177\000\000\252\237\344\023\371\177\000\000\222\016\061\063\062\065\070\064\000\261W;z\226ӕ",
iType = (unknown: 3488550864), value = {iVal = 32760, sVal =
"\370\177\000\000\020
\000\000\000\000\000\000\320\t\022\300\370\177\000\000\220\000\000\000\000\000\000\000
\000\000\300\370\177\000\000\340)\022\300\370\177\000\000\004\000\000\000\000\000\000\000\177\004\341\023\371\177\000\000\030\000\000\000\060\000\000\000\240\017\357\317\370\177\000\000\340\016\357\317\370\177\000\000\340\t\022\300\370\177\000\000\177\000\000\000\000\000\000\000\320\t\022\300\370\177\000\000\000\000\000\000\000\000\000\000\220\000\000\000\000\000\000\000\020
\000"}, min = 0, minForPoint = 333518475}, {param =
"\371\177\000\000FZ)a\000\000\000\000\213\342\340\023\371\177\000\000\005\000\000\000\000\000\000\000\300E\020\300",
iType = (unknown: 32760), value = {iVal = -806416448, sVal =
"\300\017\357\317\370\177\000\000\000\261W;", '\000' <repeats 12 times>,
"\300E\020\300\370\177", '\000' <repeats 11 times>,
"\261W;z\226ӕ\000\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\377\377\377\377\000\000\000\000\025",
'\000' <repeats 15 times>,
"\300E\020\300\370\177\000\000\260\020\357\317\370\177\000\000\271\037\350\023\371\177\000\000\340\021\357\317\370\177\000\000\020\026Q\000\000\000\000"},
min = -806415904, minForPoint = 32760}, {param =
"FZ)a\000\000\000\000\340\t\022\300\370\177\000\000~\000\000\000\000\000\000\000:\000\000\000!\000\000",
iType = (typeStr | unknown: 20), value = {iVal = 27, sVal =
"\033\000\000\000\a\000\000\000y\000\000\000\005\000\000\000\356", '\000'
<repeats 19 times>,
"p_\370\000\000\000\000\000\020\000\000\000\370\177\000\000\000\000\357\317\370\177\000\000\000\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\377\377\377\377\377\377\377\377\000\000\000\000\000\000\000\000\320\"\000\300\370\177\000\000
\022\000\300\370\177\000\000\377\377\377\377\370\177\000\000\340)\360",
<incomplete sequence \317>}, min = 32760, minForPoint = -1073737184},
{param =
"\370\177\000\000\000\261W;z\226ӕ\000\000\000\000\000\000\000\000\340)\360\317\370\177\000\000\340)\360",
<incomplete sequence \317>, iType = (unknown: 32760), value = {iVal = 0,
sVal = "\000\000\000\000\000\000\000\000
\022\000\300\370\177\000\000\000\000\000\000\000\000\000\000
\022\000\300\370\177\000\000\020#\350\023\371\177\000\000\060\000\000\000\060\000\000\000\240\021\357\317\370\177\000\000\320\020\357\317\370\177\000\000\000\261W;z\226ӕ\340\020\357\317\370\177\000\000\000\261W;z\226ӕ\350\023\000\300\370\177\000\000e",
'\000' <repeats 15 times>,
"\340\021\357\317\370\177\000\000\000\000\000\000\000\000\000"}, min =
61377, minForPoint = 0}, {param =
"\334\017\000\000\000\000\000\000\260\377\377\377\377\377\377\377", '\000'
<repeats 15 times>, iType = (unknown: 3221230112), value = {iVal = 32760,
sVal =
"\370\177\000\000\202\f\341\023\371\177\000\000\220\022\357\317\370\177\000\000\320\021\357\317\370\177\000\000\000\000\000\000\000\000\000\000
\022\000\300\370\177\000\000\220\021\357\317\370\177\000\000|\310x@\375\177\000\000\067N\361\024\371\177\000\000\000\000\000\000\000\000\000\000\340)\360\317\370\177\000\000\065[D\000\000\000\000\000\004\000\000\000\000\000\000\000FbP\000\000\000\000\000\000\022\357\317\370\177\000\000\000\000\000\000\000\000\000\000\377\377\377\377"},
min = -1, minForPoint = 32445072}, {param =
"\000\000\000\000\240R\361\024\371\177\000\000\213\342\340\023\371\177\000\000\000\000\000\000\000\000\000\000\301\357\000",
iType = typeInt, value = {iVal = 1835627633, sVal =
"qtime=0.0000\000\000\000\000time=0.061377\000\000\000\340)\360\317\370\177\000\000\000\261W;z\226ӕp\022\357\317\370\177\000\000\220\022\357\317\370\177\000\000\340)\360\317\370\177\000\000\000\000\000\000\000\000\000\000`\025\021\300\370\177\000\000\000\026\357\317\370\177\000\000
\022\000\300\370\177\000\000|\025\361\024\371\177\000\000
\022\000\300\370\177\000\000;\327K\000\000\000\000"}, min = 1, minForPoint
= 0}, {param = "\000\000\000\000\000\000\000\000\250\"\000\300\370\177",
'\000' <repeats 17 times>, iType = (unknown: 5268038), value = {iVal = 0,
sVal =
"\000\000\000\000\000\000\001\000\000\000\000\000\377\377\377\377\377\377\377\377",
'\000' <repeats 24 times>,
"\067P\020\300\370\177\000\000\f`\020\300\370\177", '\000' <repeats 26
times>, " \022\000\300\370\177\000\000\000\026\357\317\370\177\000\000
\022\000\300\370\177\000\000\066-E\000\000\000\000\000\b\000\000\000\000\000\000\000\360S",
<incomplete sequence \320>}, min = 32760, minForPoint = -806415576}, {param
=
"\370\177\000\000\000\000\000\000\000\000\000\000p\025\357\317\370\177\000\000\260\025\357\317\370\177\000\000`\025\021\300",
iType = (unknown: 32760), value = {iVal = -806414848, sVal =
"\000\026\357\317\370\177\000\000
\022\000\300\370\177\000\000\031\371J\000\000\000\000\000V\000\000\000\000\000\000\000\062\000\000\000\001\000\000\000\242\211q\320\370\177\000\000\260\036\000\300\370\177\000\000
\022\000\300\370\177\000\000\260\025\357\317\370\177\000\000`\025\021\300\370\177\000\000\335jM\000\000\000\000\000`\025\021\300\370\177\000\000\340)\360\317\370\177\000\000\340)\360\317\370\177\000\000/\333K",
'\000' <repeats 12 times>}, min = -836759528, minForPoint = 32760}, {param
= "\020 @\317\370\177\000\000\377\377\377\377\377\377\377\377\030\020
\316\370\177\000\000\000\000\000\000\000\000\000", iType = (unknown:
3459256344), value = {iVal = 32760, sVal =
"\370\177\000\000\004\000\000\000\000\000\000\000\220*\000\300\370\177\000\000\000\000\000\000\000\000\000\000
\022\000\300\370\177\000\000FZ)a\000\000\000\000\000\000\000\000\020\016\000\000\000\000\000\000\000\000\000\000\340)\360\317\370\177\000\000\000\026\357\317\370\177",
'\000' <repeats 53 times>}, min = 4, minForPoint = 4}, {param =
"\000\000\000\000c", '\000' <repeats 15 times>,
"\260\036\000\300\370\177\000\000\000\000\000", iType = typeInt, value =
{iVal = 4159, sVal =
"?\020\000\000\000\000\000\000\220\066\021\300\370\177\000\000\340.\021\300\370\177\000\000\260\025\357\317\370\177",
'\000' <repeats 34 times>,
"\243\000\000\000\000\000\000\000P\025\357\317\370\177\000\000\030\034\000\300\370\177\000\000\000\000\000\000\000\000\000\000\241\000\000\000\000\000\000\000\320\024\357\317\370\177",
'\000' <repeats 17 times>}, min = 0, minForPoint = 0}, {param = '\000'
<repeats 31 times>, iType = typeInt, value = {iVal = 0, sVal = '\000'
<repeats 20 times>,
"\005\000\000\000\000\000\000\000\b\000\000\000\000\000\000\000\334\312R",
'\000' <repeats 13 times>,
"x\004\000\000\000\000\000\000\200\063{\320\370\177", '\000' <repeats 18
times>, "\034\000\000\000\000\000\000\000\210\036\000\300\370\177", '\000'
<repeats 26 times>, "P\035\003\001"}, min = 0, minForPoint = -1072622240},
{param =
"\370\177\000\000\001\000\000\000\001\000\000\000X\036\000\300\370\177",
'\000' <repeats 13 times>, iType = typeInt, value = {iVal = 0, sVal =
"\000\000\000\000\000\000\000\000\220\321K", '\000' <repeats 21 times>,
"\200\"\000\300\370\177", '\000' <repeats 34 times>,
"`\025\021\300\370\177", '\000' <repeats 38 times>,
"\004\000\000\000`\025\021\300\370\177\000"}, min = -1072615712,
minForPoint = 32760}, {param = "c\000\000\000\000\000\000\000\020
@\317\370\177\000\000\030\020\070\316\370\177\000\000\002\000\000\000\001\000\000",
iType = (unknown: 2), value = {iVal = 0, sVal =
"\000\000\000\000\023\000\000\000\000\000\000\000\030\211q\320\370\177\000\000\023\000\000\000\000\000\000\000\270\211q\320\370\177",
'\000' <repeats 93 times>}, min = 0, minForPoint = 0}, {param = '\000'
<repeats 31 times>, iType = typeInt, value = {iVal = 0, sVal = '\000'
<repeats 127 times>}, min = 0, minForPoint = 0}, {param = '\000' <repeats
31 times>, iType = typeInt, value = {iVal = 0, sVal = '\000' <repeats 127
times>}, min = 0, minForPoint = 0}, {param = '\000' <repeats 31 times>,
iType = typeInt, value = {iVal = 0, sVal = '\000' <repeats 127 times>}, min
= 0, minForPoint = 0}, {param = '\000' <repeats 31 times>, iType = typeInt,
value = {iVal = 0, sVal = '\000' <repeats 127 times>}, min = 0, minForPoint
= 0}, {param = '\000' <repeats 31 times>, iType = typeInt, value = {iVal =
0, sVal = '\000' <repeats 127 times>}, min = 0, minForPoint = 0}}
#1 0x00000000004e6691 in ?? ()
No symbol table info available.
#2 0x00000000004e8490 in ?? ()
No symbol table info available.
#3 0x000000000049e912 in overlay_op_walk ()
No symbol table info available.
#4 0x000000000049ea8b in ?? ()
No symbol table info available.
#5 0x0000000000466112 in passwd_extop ()
No symbol table info available.
#6 0x0000000000464996 in fe_extended ()
No symbol table info available.
#7 0x0000000000464672 in do_extended ()
No symbol table info available.
#8 0x0000000000435813 in ?? ()
No symbol table info available.
#9 0x00000000004362eb in ?? ()
No symbol table info available.
#10 0x00007ff91515afce in ldap_int_thread_pool_wrapper (xpool=0xfbcc00) at
tpool.c:1053
pq = 0xfbcc00
pool = 0xfbcb00
task = 0x7ff8c8000eb0
work_list = <optimized out>
ctx = {ltu_pq = 0xfbcc00, ltu_id = 140706617243392, ltu_key =
{{ltk_key = 0x4338e0, ltk_data = 0x7ff8c00016a0, ltk_free = 0x4339a0},
{ltk_key = 0x485b00 <slap_sl_mem_init>, ltk_data = 0x7ff8c0001090, ltk_free
= 0x4859c0 <slap_sl_mem_destroy>}, {ltk_key = 0x448200 <slap_op_free>,
ltk_data = 0x0, ltk_free = 0x4481c0}, {ltk_key = 0x1205800, ltk_data =
0x7ff8c0111560, ltk_free = 0x4d5c80}, {ltk_key = 0x4bd260, ltk_data =
0x7ff8ce201010, ltk_free = 0x4bd370}, {ltk_key = 0x4bd1b0, ltk_data =
0x7ff8cf402010, ltk_free = 0x4bd230}, {ltk_key = 0x0, ltk_data = 0x0,
ltk_free = 0x0} <repeats 26 times>}}
kctx = <optimized out>
i = <optimized out>
keyslot = <optimized out>
hash = <optimized out>
pool_lock = 0
freeme = 0
__PRETTY_FUNCTION__ = "ldap_int_thread_pool_wrapper"
#11 0x00007ff91415815a in start_thread (arg=<optimized out>) at
pthread_create.c:479
ret = <optimized out>
pd = <optimized out>
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140706617243392,
3733113568574194545, 140706625625230, 140706625625231, 140706625625360,
140706617241536, -3729208213329001615, -3729957785484639375},
mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev =
0x0, cleanup = 0x0, canceltype = 0}}}
not_first_call = <optimized out>
#12 0x00007ff913e87dd3 in clone () at
../sysdeps/unix/sysv/linux/x86_64/clone.S:95
No locals.
Thread 2 (Thread 0x7ff8d0704700 (LWP 132586)):
#0 0x00007ff913e88107 in epoll_wait (epfd=6, events=0xf8a270,
maxevents=1024, timeout=42960000) at
../sysdeps/unix/sysv/linux/epoll_wait.c:30
resultvar = 18446744073709551612
sc_cancel_oldtype = 0
sc_ret = <optimized out>
#1 0x000000000043083c in ?? ()
No symbol table info available.
#2 0x00007ff91415815a in start_thread (arg=<optimized out>) at
pthread_create.c:479
ret = <optimized out>
pd = <optimized out>
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140706625636096,
3733113568574194545, 140725685024126, 140725685024127, 140725685024256,
140706625634240, -3729244496675847311, -3729957785484639375},
mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev =
0x0, cleanup = 0x0, canceltype = 0}}}
not_first_call = <optimized out>
#3 0x00007ff913e87dd3 in clone () at
../sysdeps/unix/sysv/linux/x86_64/clone.S:95
No locals.
Thread 1 (Thread 0x7ff91558c740 (LWP 132584)):
#0 0x00007ff91415964d in __GI___pthread_timedjoin_ex
(threadid=140706625636096, thread_return=0x0, abstime=0x0, block=<optimized
out>) at pthread_join_common.c:89
__tid = 132586
_buffer = {__routine = 0x7ff9141594a0 <cleanup>, __arg =
0x7ff8d0704d28, __canceltype = 0, __prev = 0x0}
oldtype = 0
pd = 0x7ff8d0704700
self = <optimized out>
result = 0
#1 0x0000000000432fea in slapd_daemon ()
No symbol table info available.
#2 0x0000000000418ea9 in main ()
No symbol table info available.
---
Regards,
Kevin Martin
On Fri, Aug 27, 2021 at 1:00 PM Quanah Gibson-Mount <quanah(a)symas.com>
wrote:
>
>
> --On Friday, August 27, 2021 7:51 PM +0100 Howard Chu <hyc(a)symas.com>
> wrote:
>
> > kevin martin wrote:
> >> I'll try that. I have narrowed it down to the ppm.so from
> >> slapd-modules/ppm. I removed ppm.so from /usr/local/libexec/openldap,
> >> restarted slapd, ran the command that killed it prior and it didn't die,
> >> stopped slapd, recompiled ppm and installed the new ppm.so in
> >> libexec/openldap, restarted slapd and reran the password change and
> >> boom, down went Frazier!
> >
> > If this module was built for and working with OpenLDAP 2.4, then it needs
> > to be modified to work with 2.5. If you compiled it against a 2.5 source
> > tree, without any other modifications, you should have gotten a compile
> > error.
>
>
> It didn't exist in the contrib directory in OpenLDAP 2.4, and he
> specifically noted he built it out of contrib with 2.5.
>
> --Quanah
>
>
> --
>
> Quanah Gibson-Mount
> Product Architect
> Symas Corporation
> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
> <http://www.symas.com>
>
2 years
Re: 2.5.7 - adding memberof module Duplicate attributeType
by Dave Macias
Im attempting to move from rfc2307 to rfc2307bis
Ive had no issue doing this. I scripted it :)
Before, when i did not add the memberof module/overlay, i attempted to do an ldapsearch uid=bla memberof but would return nothing.
So i thought i missed something…
So i was going to add the module and then the overlay. But looks like im misunderstanding something altogether by your response… :)
Maybe my ldapsearch was wrong to begin with…
What could i be missing?
On Aug 27, 2021, 5:47 PM -0400, Quanah Gibson-Mount <quanah(a)symas.com>, wrote:
>
>
> --On Friday, August 27, 2021 6:09 PM -0400 Dave Macias <davama(a)gmail.com>
> wrote:
>
> >
> > Hello again...
> >
> > On a clean rocky linux install i cannot seem to be able to add the
> > memberof.la module. Get below output:
>
> First question is, why are you installing memberOf module at all? :)
>
> --Quanah
>
> --
>
> Quanah Gibson-Mount
> Product Architect
> Symas Corporation
> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
> <http://www.symas.com>
2 years
2.5.7 - adding memberof module Duplicate attributeType
by Dave Macias
Hello again...
On a clean rocky linux install i cannot seem to be able to add the
memberof.la module. Get below output:
61295355.3b7373e7 0x7ff631852940 @(#) $OpenLDAP: slapd 2.5.7 (Aug 19 2021
17:48:53) $
mockbuild@3b6af787015541c89363999d4338d587
:/builddir/build/BUILD/openldap-2.5.7/servers/slapd
61295356.01d90296 0x7ff631852940 config error processing
cn={4}msuser,cn=schema,cn=config: olcAttributeTypes: Duplicate
attributeType: "P�e�;V"
61295356.0203a145 0x7ff631852940 slapd stopped.
61295356.0204a690 0x7ff631852940 connections_destroy: nothing to destroy.
Here are all my steps I do:
wget -q https://repo.symas.com/configs/SOLDAP/rhel8/release25.repo -O
/etc/yum.repos.d/soldap-release25.repo
dnf install -y symas-openldap-clients symas-openldap-servers
# enable default configs
cd /opt/symas/etc/openldap/
cp ldap.conf.default ldap.conf
cp slapd.conf.default slapd.conf
cp slapd.ldif.default slapd.ldif
# use secret as cn=config password
sed -i 's/^# rootpw/rootpw/g' slapd.conf
# make some dirs
mkdir /opt/symas/etc/openldap/slapd.d
mkdir /var/log/slapd/
# enable/start
systemctl enable --now slapd
source /etc/profile.d/50-soldap.sh
# the slapd.d dir will be empty so create the slapd-conf structure
slaptest -f /opt/symas/etc/openldap/slapd.conf -F
/opt/symas/etc/openldap/slapd.d
systemctl restart slapd
cd
# change the cn=config secret
cat >config-secret.ldif <<EOF
dn: olcDatabase={0}config,cn=config
changetype: modify
replace: olcRootPW
olcRootPW: {SSHA}blablabalblabla/
EOF
ldapadd -D cn=config -w secret -H ldapi:/// -f config-secret.ldif
# add a few schemas
# had to remove tha last 7 lines
tac /opt/symas/etc/openldap/schema/rfc2307bis.ldif | sed '1,7 d' | tac >
/opt/symas/etc/openldap/schema/rfc2307bis-new.ldif
for def in cosine.ldif rfc2307bis-new.ldif inetorgperson.ldif msuser.ldif;
do
ldapadd -D cn=config -w $config_pass -H ldapi:/// -f
/opt/symas/etc/openldap/schema/$def
done
# add memberof module
cat >memberof-module.ldif <<EOF
dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulePath: /opt/symas/lib/openldap/
olcModuleLoad: memberof.la
EOF
ldapadd -D cn=config -w $config_pass -H ldapi:/// -f memberof-module.ldif
systemctl restart slapd
at this point i get the error from above....
I've looked around to see where the "Duplicate attribute" is... but cannot
find it..
Any input is much appreciated!
Thank you very much for the awesome support!!!!
-Dave
2 years