delta-sync replication setup
by frederic.goudal@bordeaux-inp.fr
Hello,
I'm trying to setup delta-sync replication. One difficulty I encounter is that the documentation only refer to the old slapd.conf syntax and not the cn=config one. It is a bit tricky to guess the olc names, objectClass and so on.
Is it posssible to update the documentation ?
By the way while trying to add the accesslog overlay to my main suffix the slapd daemon stopped with the following syslog entry :
slapd[219917]: ch_realloc of 18446744071562067968 bytes failed
Slapd 2.5.7
--
Frédéric Goudal
Administrateur Systèmes et Réseaux
Bordeaux-INP
1 year, 8 months
struggling with meta_backend, active directory and memberof
by Marco Baiguera
Hello everyone,
I am struggling to make an openldap/meta configuration work:
i have two active directory domain/servers: dc=mysite,cd=com and
dc=other,dc=mysite,dc=com
my goal is to integrate both domains with an application who can integrate
with a SINGLE ldap source for user authentication.
i'd like to build an openldap meta/proxy to build a virtual tree with
mysite.com (empty)
--- ou=virtual, dc= mysite,dc =com
--- ou=other, dc= mysite,dc =com
I'm working with these configuration:
database meta
suffix "dc=mysite,cd=com"
..
uri "ldap://SRV-xxxxxx/ou=virtual, dc= mysite,dc =com"
readonly yes
lastmod off
suffixmassage "ou=virtual, dc= mysite,dc =com" "dc= mysite,dc =com"
uri "ldap://SRV-yyyy/ou=other, dc= mysite,dc =com"
readonly yes
lastmod off
suffixmassage "ou=other, dc= mysite,dc =com" "dc=other,dc=mysite,dc=com"
The ldap tree is accessible but the group membership is wrong: the value of
memberof attributes for every user still has the original value, not the
remapped value,for example:
cn=user,ou=someou,dc=mysite,cd=com
cn=somegroup,ou=groups,dc=mysite,cd=com
are seen by the client as
cn=user,ou=someou,ou=virtual,dc=mysite,cd=com
cn=somegroup,ou=groups,ou=virtual,dc=mysite,cd=com
but the membeof attribute of user.someou.mysite.com is
cn=somegroup,ou=groups,dc=mysite,cd=com
i expect it to be
membeof=cn=somegroup,ou=groups,ou=virtual,dc=mysite,cd=com
Can someone advice if this is the correct way to address this problem ?
Can someone point me to the proper documentation ?
Thank you
Marco
1 year, 8 months
Failing while Configuring the OpenLDAP
by Challa N Kumar Reddy
Hi There,
I am new to OpenLDAP and followed the steps mentioned in this quick start guide as it is
https://www.openldap.org/doc/admin25/quickstart.html
but failing the configuration of OpenLDAP.
I followed the below steps on CentOS 8 with 2.5.7 and successfully installed but while configuring facing issues, please correct me if I am doing this in the wrong way.
1. Created a Linux user dedicated to OpenLDAP with the name "nchalla" which has sudo permissions.
2. Login with Root user and created a folder /u01
3. change permissions on /u01 (for time being granted 777 (
4. change ownership of /u01 to "nchalla"
5. downloaded the tarball and extracted the OpenLDAP 2.5.7
7. downloaded the required developer libraries
8. Logged in as nchalla and navigated to the OpenLDAP 2.5.7 extracted folder and start compiling and installing with the below commands
./configure --prefix=/u01/ldap
make depend
make
make test (all tests were passed)
make install
9. Started the configuration following the below steps
a. created a folder /u01/ldap/etc/slapd.d
b. updated the slapd.ldif with our domain name
c. navigate to /u01/ldap and executed the command below,
sbin/slapadd -n 0 -F /u01/ldap/etc/slapd.d -l /u01/ldap/etc/openldap/slapd.ldif
But getting an error message issue the above command
Also , the next step is to start the slapd service but It seems like I couldn't start the service as shown in the below screenshot
Please help! Thanks in advance.
1 year, 8 months
Re: 2.5.7 - help understanding syslog local4
by Dave Macias
Just to update:
by adding to cn=config :
olcLogLevel: Stats
or loglevel 256 to slapd.conf
and with -d 0
and no other change to rsyslog.conf nor to journal.conf
I get all my connections, LDAP operations, results logged via syslog to
/var/log/slapd/slapd.conf
Thank you!!!
On Thu, Sep 23, 2021 at 12:23 PM Quanah Gibson-Mount <quanah(a)symas.com>
wrote:
> --On Thursday, September 23, 2021 6:45 PM +0200 Michael Ströder
> <michael(a)stroeder.com> wrote:
>
> > Personally I have on my systems:
> >
> > In file /etc/systemd/journald.conf:
> >
> > [Journal]
> > Storage=none
> > ForwardToSyslog=yes
> >
> > In /etc/rsyslog.conf:
> >
> > $AddUnixListenSocket /dev/log
> >
> > And I start slapd with -d 0 and loglevel set.
>
> As a side note, I've encountered deadlocks on RHEL7 on extremely busy
> systems when journald is integrated with syslog like this. It also has a
> strong negative effect on performance. Whether the deadlock is RHEL7
> specific or not is unknown.
>
> When OpenLDAP 2.6 releases, syslog (and journald) can be bypassed entirely
> and a purely local log file can be used, resulting in a significant
> performance increase.
>
> --Quanah
>
>
> --
>
> Quanah Gibson-Mount
> Product Architect
> Symas Corporation
> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
> <http://www.symas.com>
>
1 year, 8 months
Uplift from 2.3.20 to 2.4.50
by Viggo Simonsen
Hi community,
I am trying to uplift a very old adaptation of OpenLDAP from 2.3.20 to
2.4.50.
I first tried a one-step approach, cherry-picking my delta, based on 2.3.20
into 2.4.50 - but that was a daunting task, given that there is 14 years
between the two releases
I am now trying again with a step-wise approach, merging one revision at a
time from 2.3.20 .. 2.3.43 - and then through the 2.4 releases.
So far up to 2.3.43, this has been simple - however now, merging the 2.4
releases, I am facing a huge number of conflicts on nearly all files. It is
most certainly due to a lack of ancestry between the 2.4 and 2.3 branches
I assume that 2.3 has been merged to master, and 2.4 branched of master at
some point, possibly before the 2.3.43 release
In short, there is a unclear, and possible collapsed merge path between the
2.3 and 2.4 branches that makes the leap between them difficult
Can someone from the development team advise, how I can get about making
this transition in a smooth manner?
Thanks
/Viggo
1 year, 8 months
configure: error: Could not locate Cyrus SASL
by Challa N Kumar Reddy
Hi There,
I have installed all the libraries including Cyrus SASL but while trying to compile I am getting the captioned error, Could you please advise.
[nchalla@server openldap-2.5.7]$ ./configure --prefix=/u01/ldap --disable-static --enable-debug --with-tls=auto --with-cyrus-sasl --enable-dynamic --enable-crypt --enable-spasswd --enable-slapd --enable-modules --enable-rlookups --enable-backends=mod --disable-ndb --disable-sql --disable-wt --enable-overlays=mod
Configuring OpenLDAP 2.5.7-Release ...
checking build system type... x86_64-pc-linux-gnu
checking host system type... x86_64-pc-linux-gnu
checking target system type... x86_64-pc-linux-gnu
checking configure arguments... done
checking for cc... cc
checking for ar... ar
checking for strip... strip
checking whether make sets $(MAKE)... yes
checking how to print strings... printf
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether cc accepts -g... yes
checking for cc option to accept ISO C89... none needed
checking for a sed that does not truncate output... /usr/bin/sed
checking for grep that handles long lines and -e... /usr/bin/grep
checking for egrep... /usr/bin/grep -E
checking for fgrep... /usr/bin/grep -F
checking for ld used by cc... /usr/bin/ld
checking if the linker (/usr/bin/ld) is GNU ld... yes
checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm -B
checking the name lister (/usr/bin/nm -B) interface... BSD nm
checking whether ln -s works... yes
checking the maximum length of command line arguments... 1572864
checking how to convert x86_64-pc-linux-gnu file names to x86_64-pc-linux-gnu format... func_convert_file_noop
checking how to convert x86_64-pc-linux-gnu file names to toolchain format... func_convert_file_noop
checking for /usr/bin/ld option to reload object files... -r
checking for objdump... objdump
checking how to recognize dependent libraries... pass_all
checking for dlltool... dlltool
checking how to associate runtime and link libraries... printf %s\n
checking for archiver @FILE support... @
checking for ranlib... ranlib
checking for gawk... gawk
checking command to parse /usr/bin/nm -B output from cc object... ok
checking for sysroot... no
checking for a working dd... /usr/bin/dd
checking how to truncate binary pipes... /usr/bin/dd bs=4096 count=1
checking for mt... no
checking if : is a manifest tool... no
checking how to run the C preprocessor... cc -E
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking for dlfcn.h... yes
checking for objdir... .libs
checking if cc supports -fno-rtti -fno-exceptions... no
checking for cc option to produce PIC... -fPIC -DPIC
checking if cc PIC flag -fPIC -DPIC works... yes
checking if cc static flag -static works... no
checking if cc supports -c -o file.o... yes
checking if cc supports -c -o file.o... (cached) yes
checking whether the cc linker (/usr/bin/ld -m elf_x86_64) supports shared libraries... yes
checking whether -lc should be explicitly linked in... no
checking dynamic linker characteristics... GNU/Linux ld.so
checking how to hardcode library paths into programs... immediate
checking for shl_load... no
checking for shl_load in -ldld... no
checking for dlopen... no
checking for dlopen in -ldl... yes
checking whether a program can dlopen itself... yes
checking whether a statically linked program can dlopen itself... yes
checking whether stripping libraries is possible... yes
checking if libtool supports shared libraries... yes
checking whether to build shared libraries... yes
checking whether to build static libraries... no
checking how to run the C preprocessor... cc -E
checking whether we are using MS Visual C++... no
checking for windres... no
checking for be_app in -lbe... no
checking whether we are using the GNU C compiler... (cached) yes
checking whether cc accepts -g... (cached) yes
checking for cc option to accept ISO C89... (cached) none needed
checking for cc depend flag... -M
checking for afopen in -ls... no
checking ltdl.h usability... yes
checking ltdl.h presence... yes
checking for ltdl.h... yes
checking for lt_dlinit in -lltdl... yes
checking for EBCDIC... no
checking for ANSI C header files... yes
checking for dirent.h that defines DIR... yes
checking for library containing opendir... none required
checking for sys/wait.h that is POSIX.1 compatible... yes
checking whether termios.h defines TIOCGWINSZ... no
checking whether sys/ioctl.h defines TIOCGWINSZ... yes
checking arpa/inet.h usability... yes
checking arpa/inet.h presence... yes
checking for arpa/inet.h... yes
checking arpa/nameser.h usability... yes
checking arpa/nameser.h presence... yes
checking for arpa/nameser.h... yes
checking assert.h usability... yes
checking assert.h presence... yes
checking for assert.h... yes
checking bits/types.h usability... yes
checking bits/types.h presence... yes
checking for bits/types.h... yes
checking conio.h usability... no
checking conio.h presence... no
checking for conio.h... no
checking crypt.h usability... yes
checking crypt.h presence... yes
checking for crypt.h... yes
checking direct.h usability... no
checking direct.h presence... no
checking for direct.h... no
checking errno.h usability... yes
checking errno.h presence... yes
checking for errno.h... yes
checking fcntl.h usability... yes
checking fcntl.h presence... yes
checking for fcntl.h... yes
checking filio.h usability... no
checking filio.h presence... no
checking for filio.h... no
checking getopt.h usability... yes
checking getopt.h presence... yes
checking for getopt.h... yes
checking grp.h usability... yes
checking grp.h presence... yes
checking for grp.h... yes
checking io.h usability... no
checking io.h presence... no
checking for io.h... no
checking libutil.h usability... no
checking libutil.h presence... no
checking for libutil.h... no
checking limits.h usability... yes
checking limits.h presence... yes
checking for limits.h... yes
checking locale.h usability... yes
checking locale.h presence... yes
checking for locale.h... yes
checking malloc.h usability... yes
checking malloc.h presence... yes
checking for malloc.h... yes
checking for memory.h... (cached) yes
checking psap.h usability... no
checking psap.h presence... no
checking for psap.h... no
checking pwd.h usability... yes
checking pwd.h presence... yes
checking for pwd.h... yes
checking process.h usability... no
checking process.h presence... no
checking for process.h... no
checking sgtty.h usability... yes
checking sgtty.h presence... yes
checking for sgtty.h... yes
checking shadow.h usability... yes
checking shadow.h presence... yes
checking for shadow.h... yes
checking stddef.h usability... yes
checking stddef.h presence... yes
checking for stddef.h... yes
checking for string.h... (cached) yes
checking for strings.h... (cached) yes
checking sysexits.h usability... yes
checking sysexits.h presence... yes
checking for sysexits.h... yes
checking sys/file.h usability... yes
checking sys/file.h presence... yes
checking for sys/file.h... yes
checking sys/filio.h usability... no
checking sys/filio.h presence... no
checking for sys/filio.h... no
checking sys/fstyp.h usability... no
checking sys/fstyp.h presence... no
checking for sys/fstyp.h... no
checking sys/errno.h usability... yes
checking sys/errno.h presence... yes
checking for sys/errno.h... yes
checking sys/ioctl.h usability... yes
checking sys/ioctl.h presence... yes
checking for sys/ioctl.h... yes
checking sys/param.h usability... yes
checking sys/param.h presence... yes
checking for sys/param.h... yes
checking sys/privgrp.h usability... no
checking sys/privgrp.h presence... no
checking for sys/privgrp.h... no
checking sys/resource.h usability... yes
checking sys/resource.h presence... yes
checking for sys/resource.h... yes
checking sys/select.h usability... yes
checking sys/select.h presence... yes
checking for sys/select.h... yes
checking sys/socket.h usability... yes
checking sys/socket.h presence... yes
checking for sys/socket.h... yes
checking for sys/stat.h... (cached) yes
checking sys/syslog.h usability... yes
checking sys/syslog.h presence... yes
checking for sys/syslog.h... yes
checking sys/time.h usability... yes
checking sys/time.h presence... yes
checking for sys/time.h... yes
checking for sys/types.h... (cached) yes
checking sys/uio.h usability... yes
checking sys/uio.h presence... yes
checking for sys/uio.h... yes
checking sys/vmount.h usability... no
checking sys/vmount.h presence... no
checking for sys/vmount.h... no
checking syslog.h usability... yes
checking syslog.h presence... yes
checking for syslog.h... yes
checking termios.h usability... yes
checking termios.h presence... yes
checking for termios.h... yes
checking for unistd.h... (cached) yes
checking utime.h usability... yes
checking utime.h presence... yes
checking for utime.h... yes
checking for resolv.h... yes
checking for netinet/tcp.h... yes
checking for sys/ucred.h... no
checking for sigaction... yes
checking for sigset... yes
checking for fmemopen... yes
checking for socket... yes
checking for select... yes
checking for sys/select.h... (cached) yes
checking for sys/socket.h... (cached) yes
checking types of arguments for select... int,fd_set *,struct timeval *
checking for poll... yes
checking poll.h usability... yes
checking poll.h presence... yes
checking for poll.h... yes
checking sys/poll.h usability... yes
checking sys/poll.h presence... yes
checking for sys/poll.h... yes
checking sys/epoll.h usability... yes
checking sys/epoll.h presence... yes
checking for sys/epoll.h... yes
checking for epoll system call... yes
checking sys/event.h usability... no
checking sys/event.h presence... no
checking for sys/event.h... no
checking sys/devpoll.h usability... no
checking sys/devpoll.h presence... no
checking for sys/devpoll.h... no
checking for strerror... yes
checking for strerror_r... yes
checking non-posix strerror_r... no
checking for regex.h... yes
checking for library containing regfree... none required
checking for compatible POSIX regex... yes
checking sys/uuid.h usability... no
checking sys/uuid.h presence... no
checking for sys/uuid.h... no
checking uuid/uuid.h usability... no
checking uuid/uuid.h presence... no
checking for uuid/uuid.h... no
checking to see if -lrpcrt4 is needed for win32 UUID support... no
checking for resolver link (default)... no
checking for resolver link (-lresolv)... yes
checking for hstrerror... yes
checking for getaddrinfo... yes
checking for getnameinfo... yes
checking for gai_strerror... yes
checking for inet_ntop... yes
checking INET6_ADDRSTRLEN... yes
checking struct sockaddr_storage... yes
checking sys/un.h usability... yes
checking sys/un.h presence... yes
checking for sys/un.h... yes
checking openssl/ssl.h usability... no
checking openssl/ssl.h presence... no
checking for openssl/ssl.h... no
checking gnutls/gnutls.h usability... no
checking gnutls/gnutls.h presence... no
checking for gnutls/gnutls.h... no
configure: WARNING: Could not locate TLS/SSL package
configure: WARNING: TLS data protection not supported!
checking for _beginthread... no
checking pthread.h usability... yes
checking pthread.h presence... yes
checking for pthread.h... yes
checking POSIX thread version... 10
checking for LinuxThreads pthread.h... no
checking for GNU Pth pthread.h... no
checking sched.h usability... yes
checking sched.h presence... yes
checking for sched.h... yes
checking for pthread_create in default libraries... no
checking for pthread link with -kthread... no
checking for pthread link with -pthread... yes
checking for sched_yield... yes
checking for pthread_yield... yes
checking for thr_yield... no
checking for pthread_kill... yes
checking for pthread_rwlock_destroy with <pthread.h>... yes
checking for pthread_detach with <pthread.h>... yes
checking for pthread_setconcurrency... yes
checking for pthread_getconcurrency... yes
checking for thr_setconcurrency... no
checking for thr_getconcurrency... no
checking for pthread_kill_other_threads_np... no
checking for LinuxThreads implementation... no
checking for LinuxThreads consistency... no
checking if pthread_create() works... yes
checking if select yields when using pthreads... yes
checking for thread specific errno... yes
checking for thread specific h_errno... yes
checking for ctime_r... yes
checking for gmtime_r... yes
checking for localtime_r... yes
checking for gethostbyname_r... yes
checking for gethostbyaddr_r... yes
checking number of arguments of ctime_r... 2
checking number of arguments of gethostbyname_r... 6
checking number of arguments of gethostbyaddr_r... 8
checking for openlog... yes
checking sasl/sasl.h usability... no
checking sasl/sasl.h presence... no
checking for sasl/sasl.h... no
checking sasl.h usability... no
checking sasl.h presence... no
checking for sasl.h... no
configure: error: Could not locate Cyrus SASL
Thanks in advance!
-Narendra
1 year, 8 months
./Configure failed on openldap
by Challa N Kumar Reddy
While performing the configure I am not able to pass. Please find the error shown below,
Could you please advise on how to fix this. Thanks in advance.
[nchalla@server openldap-2.5.7]$ ./configure --prefix=/u01/ldap --disable-static --enable-debug --with-tls=auto --with-cyrus-sasl --enable-dynamic --enable-crypt --enable-spasswd --enable-slapd --enable-modules --enable-rlookups --enable-backends=mod --disable-ndb --disable-sql --disable-shell --disable-bdb --disable-hdb --enable-overlays=mod
configure: WARNING: unrecognized options: --disable-shell, --disable-bdb, --disable-hdb
Configuring OpenLDAP 2.5.7-Release ...
checking build system type... x86_64-pc-linux-gnu
checking host system type... x86_64-pc-linux-gnu
checking target system type... x86_64-pc-linux-gnu
checking configure arguments... done
checking for cc... cc
checking for ar... ar
checking for strip... strip
checking whether make sets $(MAKE)... yes
checking how to print strings... printf
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether cc accepts -g... yes
checking for cc option to accept ISO C89... none needed
checking for a sed that does not truncate output... /usr/bin/sed
checking for grep that handles long lines and -e... /usr/bin/grep
checking for egrep... /usr/bin/grep -E
checking for fgrep... /usr/bin/grep -F
checking for ld used by cc... /usr/bin/ld
checking if the linker (/usr/bin/ld) is GNU ld... yes
checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm -B
checking the name lister (/usr/bin/nm -B) interface... BSD nm
checking whether ln -s works... yes
checking the maximum length of command line arguments... 1572864
checking how to convert x86_64-pc-linux-gnu file names to x86_64-pc-linux-gnu format... func_convert_file_noop
checking how to convert x86_64-pc-linux-gnu file names to toolchain format... func_convert_file_noop
checking for /usr/bin/ld option to reload object files... -r
checking for objdump... objdump
checking how to recognize dependent libraries... pass_all
checking for dlltool... dlltool
checking how to associate runtime and link libraries... printf %s\n
checking for archiver @FILE support... @
checking for ranlib... ranlib
checking for gawk... gawk
checking command to parse /usr/bin/nm -B output from cc object... ok
checking for sysroot... no
checking for a working dd... /usr/bin/dd
checking how to truncate binary pipes... /usr/bin/dd bs=4096 count=1
checking for mt... no
checking if : is a manifest tool... no
checking how to run the C preprocessor... cc -E
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking for dlfcn.h... yes
checking for objdir... .libs
checking if cc supports -fno-rtti -fno-exceptions... no
checking for cc option to produce PIC... -fPIC -DPIC
checking if cc PIC flag -fPIC -DPIC works... yes
checking if cc static flag -static works... no
checking if cc supports -c -o file.o... yes
checking if cc supports -c -o file.o... (cached) yes
checking whether the cc linker (/usr/bin/ld -m elf_x86_64) supports shared libraries... yes
checking whether -lc should be explicitly linked in... no
checking dynamic linker characteristics... GNU/Linux ld.so
checking how to hardcode library paths into programs... immediate
checking for shl_load... no
checking for shl_load in -ldld... no
checking for dlopen... no
checking for dlopen in -ldl... yes
checking whether a program can dlopen itself... yes
checking whether a statically linked program can dlopen itself... yes
checking whether stripping libraries is possible... yes
checking if libtool supports shared libraries... yes
checking whether to build shared libraries... yes
checking whether to build static libraries... no
checking how to run the C preprocessor... cc -E
checking whether we are using MS Visual C++... no
checking for windres... no
checking for be_app in -lbe... no
checking whether we are using the GNU C compiler... (cached) yes
checking whether cc accepts -g... (cached) yes
checking for cc option to accept ISO C89... (cached) none needed
checking for cc depend flag... -M
checking for afopen in -ls... no
checking ltdl.h usability... yes
checking ltdl.h presence... yes
checking for ltdl.h... yes
checking for lt_dlinit in -lltdl... yes
checking for EBCDIC... no
checking for ANSI C header files... yes
checking for dirent.h that defines DIR... yes
checking for library containing opendir... none required
checking for sys/wait.h that is POSIX.1 compatible... yes
checking whether termios.h defines TIOCGWINSZ... no
checking whether sys/ioctl.h defines TIOCGWINSZ... yes
checking arpa/inet.h usability... yes
checking arpa/inet.h presence... yes
checking for arpa/inet.h... yes
checking arpa/nameser.h usability... yes
checking arpa/nameser.h presence... yes
checking for arpa/nameser.h... yes
checking assert.h usability... yes
checking assert.h presence... yes
checking for assert.h... yes
checking bits/types.h usability... yes
checking bits/types.h presence... yes
checking for bits/types.h... yes
checking conio.h usability... no
checking conio.h presence... no
checking for conio.h... no
checking crypt.h usability... yes
checking crypt.h presence... yes
checking for crypt.h... yes
checking direct.h usability... no
checking direct.h presence... no
checking for direct.h... no
checking errno.h usability... yes
checking errno.h presence... yes
checking for errno.h... yes
checking fcntl.h usability... yes
checking fcntl.h presence... yes
checking for fcntl.h... yes
checking filio.h usability... no
checking filio.h presence... no
checking for filio.h... no
checking getopt.h usability... yes
checking getopt.h presence... yes
checking for getopt.h... yes
checking grp.h usability... yes
checking grp.h presence... yes
checking for grp.h... yes
checking io.h usability... no
checking io.h presence... no
checking for io.h... no
checking libutil.h usability... no
checking libutil.h presence... no
checking for libutil.h... no
checking limits.h usability... yes
checking limits.h presence... yes
checking for limits.h... yes
checking locale.h usability... yes
checking locale.h presence... yes
checking for locale.h... yes
checking malloc.h usability... yes
checking malloc.h presence... yes
checking for malloc.h... yes
checking for memory.h... (cached) yes
checking psap.h usability... no
checking psap.h presence... no
checking for psap.h... no
checking pwd.h usability... yes
checking pwd.h presence... yes
checking for pwd.h... yes
checking process.h usability... no
checking process.h presence... no
checking for process.h... no
checking sgtty.h usability... yes
checking sgtty.h presence... yes
checking for sgtty.h... yes
checking shadow.h usability... yes
checking shadow.h presence... yes
checking for shadow.h... yes
checking stddef.h usability... yes
checking stddef.h presence... yes
checking for stddef.h... yes
checking for string.h... (cached) yes
checking for strings.h... (cached) yes
checking sysexits.h usability... yes
checking sysexits.h presence... yes
checking for sysexits.h... yes
checking sys/file.h usability... yes
checking sys/file.h presence... yes
checking for sys/file.h... yes
checking sys/filio.h usability... no
checking sys/filio.h presence... no
checking for sys/filio.h... no
checking sys/fstyp.h usability... no
checking sys/fstyp.h presence... no
checking for sys/fstyp.h... no
checking sys/errno.h usability... yes
checking sys/errno.h presence... yes
checking for sys/errno.h... yes
checking sys/ioctl.h usability... yes
checking sys/ioctl.h presence... yes
checking for sys/ioctl.h... yes
checking sys/param.h usability... yes
checking sys/param.h presence... yes
checking for sys/param.h... yes
checking sys/privgrp.h usability... no
checking sys/privgrp.h presence... no
checking for sys/privgrp.h... no
checking sys/resource.h usability... yes
checking sys/resource.h presence... yes
checking for sys/resource.h... yes
checking sys/select.h usability... yes
checking sys/select.h presence... yes
checking for sys/select.h... yes
checking sys/socket.h usability... yes
checking sys/socket.h presence... yes
checking for sys/socket.h... yes
checking for sys/stat.h... (cached) yes
checking sys/syslog.h usability... yes
checking sys/syslog.h presence... yes
checking for sys/syslog.h... yes
checking sys/time.h usability... yes
checking sys/time.h presence... yes
checking for sys/time.h... yes
checking for sys/types.h... (cached) yes
checking sys/uio.h usability... yes
checking sys/uio.h presence... yes
checking for sys/uio.h... yes
checking sys/vmount.h usability... no
checking sys/vmount.h presence... no
checking for sys/vmount.h... no
checking syslog.h usability... yes
checking syslog.h presence... yes
checking for syslog.h... yes
checking termios.h usability... yes
checking termios.h presence... yes
checking for termios.h... yes
checking for unistd.h... (cached) yes
checking utime.h usability... yes
checking utime.h presence... yes
checking for utime.h... yes
checking for resolv.h... yes
checking for netinet/tcp.h... yes
checking for sys/ucred.h... no
checking for sigaction... yes
checking for sigset... yes
checking for fmemopen... yes
checking for socket... yes
checking for select... yes
checking for sys/select.h... (cached) yes
checking for sys/socket.h... (cached) yes
checking types of arguments for select... int,fd_set *,struct timeval *
checking for poll... yes
checking poll.h usability... yes
checking poll.h presence... yes
checking for poll.h... yes
checking sys/poll.h usability... yes
checking sys/poll.h presence... yes
checking for sys/poll.h... yes
checking sys/epoll.h usability... yes
checking sys/epoll.h presence... yes
checking for sys/epoll.h... yes
checking for epoll system call... yes
checking sys/event.h usability... no
checking sys/event.h presence... no
checking for sys/event.h... no
checking sys/devpoll.h usability... no
checking sys/devpoll.h presence... no
checking for sys/devpoll.h... no
checking for strerror... yes
checking for strerror_r... yes
checking non-posix strerror_r... no
checking for regex.h... yes
checking for library containing regfree... none required
checking for compatible POSIX regex... yes
checking sys/uuid.h usability... no
checking sys/uuid.h presence... no
checking for sys/uuid.h... no
checking uuid/uuid.h usability... no
checking uuid/uuid.h presence... no
checking for uuid/uuid.h... no
checking to see if -lrpcrt4 is needed for win32 UUID support... no
checking for resolver link (default)... no
checking for resolver link (-lresolv)... yes
checking for hstrerror... yes
checking for getaddrinfo... yes
checking for getnameinfo... yes
checking for gai_strerror... yes
checking for inet_ntop... yes
checking INET6_ADDRSTRLEN... yes
checking struct sockaddr_storage... yes
checking sys/un.h usability... yes
checking sys/un.h presence... yes
checking for sys/un.h... yes
checking openssl/ssl.h usability... no
checking openssl/ssl.h presence... no
checking for openssl/ssl.h... no
checking gnutls/gnutls.h usability... no
checking gnutls/gnutls.h presence... no
checking for gnutls/gnutls.h... no
configure: WARNING: Could not locate TLS/SSL package
configure: WARNING: TLS data protection not supported!
checking for _beginthread... no
checking pthread.h usability... yes
checking pthread.h presence... yes
checking for pthread.h... yes
checking POSIX thread version... 10
checking for LinuxThreads pthread.h... no
checking for GNU Pth pthread.h... no
checking sched.h usability... yes
checking sched.h presence... yes
checking for sched.h... yes
checking for pthread_create in default libraries... no
checking for pthread link with -kthread... no
checking for pthread link with -pthread... yes
checking for sched_yield... yes
checking for pthread_yield... yes
checking for thr_yield... no
checking for pthread_kill... yes
checking for pthread_rwlock_destroy with <pthread.h>... yes
checking for pthread_detach with <pthread.h>... yes
checking for pthread_setconcurrency... yes
checking for pthread_getconcurrency... yes
checking for thr_setconcurrency... no
checking for thr_getconcurrency... no
checking for pthread_kill_other_threads_np... no
checking for LinuxThreads implementation... no
checking for LinuxThreads consistency... no
checking if pthread_create() works... yes
checking if select yields when using pthreads... yes
checking for thread specific errno... yes
checking for thread specific h_errno... yes
checking for ctime_r... yes
checking for gmtime_r... yes
checking for localtime_r... yes
checking for gethostbyname_r... yes
checking for gethostbyaddr_r... yes
checking number of arguments of ctime_r... 2
checking number of arguments of gethostbyname_r... 6
checking number of arguments of gethostbyaddr_r... 8
checking for openlog... yes
checking for pkg-config... /usr/bin/pkg-config
checking pkg-config is at least version 0.9.0... yes
checking for WT... no
configure: error: Package requirements (wiredtiger) were not met:
Package 'wiredtiger', required by 'virtual:world', not found
Consider adjusting the PKG_CONFIG_PATH environment variable if you
installed software in a non-standard prefix.
Alternatively, you may set the environment variables WT_CFLAGS
and WT_LIBS to avoid the need to call pkg-config.
See the pkg-config man page for more details.
1 year, 8 months
Some problems while compiling + using openldap 2.5.7 ubuntu 20.04
by frederic.goudal@bordeaux-inp.fr
Hello,
I'm begining to migrate to openldap 2.5.7 So I did compile from source.
I have had one difficulty while configuring :
while running
./configure '--enable-overlays' '--enable-crypt' '--with-tls' '--enable-backends' '--with-cyrus-sasl' '--disable-ndb' '--enable-modules'
I did got the following error :
checking for WT... no
configure: error: in `/home/sgoudal/openldap-2.5.7':
configure: error: The pkg-config script could not be found or is too old. Make sure it
is in your PATH or set the PKG_CONFIG environment variable to the full
path to pkg-config.
Alternatively, you may set the environment variables WT_CFLAGS
and WT_LIBS to avoid the need to call pkg-config.checking for WT... no
configure: error: in `/home/sgoudal/openldap-2.5.7':
configure: error: The pkg-config script could not be found or is too old. Make sure it
is in your PATH or set the PKG_CONFIG environment variable to the full
path to pkg-config.
Alternatively, you may set the environment variables WT_CFLAGS
and WT_LIBS to avoid the need to call pkg-config.
It took me a while to figure out what was WT (of course google does not help). Maybe a more explicit name like... wiredtiger.. could be more informative ?
After correcting, compilation and installation went ok, but...
/usr/local/libexec/slapd -VV
/usr/local/libexec/slapd: error while loading shared libraries: libldap-2.5.so.0: cannot open shared object file: No such file or directory
The library file is well located in /usr/local/lib adding LD_LIBRARY_PATH before running slapd correct the problem, (or CFLAGS=-L/usr/local/lib before ./configure)
But it would be nice that it work out of the box.. or maybe I have missed something.
--
Frédéric Goudal
Administrateur Systèmes et Réseaux
Bordeaux-INP
1 year, 8 months
Re: Is there significance in overlay order in replicated environment
by Saša-Stjepan Bakša
> Lastbind functionality integrated partially? Nice! Where can I find
> > documentation about it or a description on how to extract data for each
> > user?
>
>
> See the slapd.conf(5) man page.
>
>
Ok I have found it, make it enabled and I can't find information where this
attribute is shown. I searched through this man page and through the latest
Admin guide but nothing points me in the direction of
this attribute location. I can see that it is loaded with schema but no
object class is using it.
So I must be doing something wrong or I do not understand this mechanism.
Also, in latest 2.5.7* olcLastBindPrecision* is not among list of possible
attributes for mdb. I Have searched for it also but only olcLastBind is
inherited from olcDatabaseConfig.
*olcLastBind: TRUE | FALSE*
Controls whether *slapd *will automatically maintain the
pwdLastSuccess attribute for entries. By default,
olcLastBind is FALSE.
*olcLastBindPrecision: <number>*
If olcLastBind is enabled, a new value is written only if
the current one is more than *number *seconds in the past.
Saša
1 year, 8 months
Question mark (?) in search filters
by Ángel L. Mateo Martínez
Hello,
I'm configuring an application using my openldap and I'm seeing queries I didn't know them before. The queries are like this:
filter="(|(objectClass=groupOfNames)(?objectClass=container)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=domain)(?objectClass=domaincomponent)(?objectClass=builtinDomain))"
This may be the first time I see the ? in the search filter of a query.
But when I try to reproduce it with ldapsearch command I get:
$ ldapsearch '(|(objectClass=groupOfNames)(?objectClass=container)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=domain)(?objectClass=domaincomponent)(?objectClass=builtinDomain))'
# extended LDIF
#
# LDAPv3
# base <dc=Telematica> (default) with scope subtree
# filter: (|(objectClass=groupOfNames)(?objectClass=container)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=domain)(?objectClass=domaincomponent)(?objectClass=builtinDomain))
# requesting: ALL
#
ldap_search_ext: Bad search filter (-7)
I guess the problem in the query is because of the '?' operator. So, how can I reproduce it with ldapsearch?
And... what does this '?' mean?
Thanks,
---
Angel L. Mateo Martínez
Sección de Telemática
Área de Tecnologías de la Información y las Comunicaciones Aplicadas (ATICA)
http://www.um.es/atica
Tfo: 868889150
Fax: 868888337
1 year, 8 months