March 2023 - openldap-technical

by Stefan Kania

Hi to all, the manpage of the slapo-dynlist is showing the following example: ----------- A dynamic group with dgIdentity authorization could be created with an entry like dn: cn=Dynamic Group,ou=Groups,dc=example,dc=com objectClass: groupOfURLs objectClass: dgIdentityAux cn: Dynamic Group memberURL: ldap:///ou=People,dc=example,dc=com??sub?(objectClass=person) dgIdentity: cn=Group Proxy,ou=Services,dc=example,dc=com ----------- I can't find an explanation of the attribute "dgIdentity", it's not mentioned what is "cn=Group Proxy,ou=Services,dc=example,dc=com". Can someone explain it please. Stefan

3 hours, 54 minutes

2
1
0 / 0

overlay pcache and cn=config

by Stefan Kania

Hello, I've got the following working slapd.conf: -------------------- include /opt/symas/etc/openldap/schema/core.schema include /opt/symas/etc/openldap/schema/cosine.schema include /opt/symas/etc/openldap/schema/inetorgperson.schema include /opt/symas/etc/openldap/schema/misc.schema include /opt/symas/etc/openldap/schema/nis.schema include /opt/symas/etc/openldap/schema/msuser.schema modulepath /opt/symas/lib/openldap moduleload back_ldap moduleload back_mdb moduleload rwm.la moduleload memberof.la moduleload pcache.la loglevel any pidfile /var/symas/run/slapd.pid argsfile /var/symas/run/slapd.args database ldap readonly yes protocol-version 3 rebind-as-user yes uri "ldap://192.168.56.201:389" suffix "dc=example1,dc=net" rootdn "cn=admin,dc=example1,dc=net" idassert-bind bindmethod=simple mode=none binddn="CN=Administrator,cn=users,dc=example1,dc=net" credentials=Passw0rd tls_cacertdir=/opt/symas/etc/openldap tls_reqcert=never idassert-authzFrom "*" overlay rwm rwm-map attribute uid sAMAccountName rwm-map objectClass posixAccount person overlay memberof memberof-group-oc groupOfuniqueNames memberof-member-ad uniquemember memberof-dangling error overlay pcache pcache mdb 100000 6 1000 100 pcachePersist TRUE directory "/var/symas/pcache" pcacheAttrset 0 1.1 pcacheTemplate (uid=) 0 3600 pcacheTemplate (&(|(objectClass=))) 0 3600 pcacheAttrset 1 employeetype givenName cn sn uid mail pcacheTemplate (uid=) 1 3600 pcacheBind (uid=) 1 3600 sub dc=de pcacheAttrset 2 givenName cn sn uid mail uidNumber pcacheTemplate (objectClass=) 2 3600 pcacheAttrset 3 userPassword pcacheTemplate (uid=) 3 3600 pcacheTemplate (objectClass=) 2 3600 pcacheAttrset 4 employeetype givenName cn sn uid mail pcacheTemplate (uid=) 1 3600 pcacheAttrset 5 memberOf pcacheTemplate (objectClass=*) 2 3600 -------------------- Search for an entry in AD is working: ---------------------- root@ldap-proxy01:~/server-setup/proxy# ldapsearch -x -b dc=example1,dc=net cn=administrator -LLL dn dn: cn=Administrator,cn=Users,dc=example1,dc=net ---------------------- Now I want to convert it to cn=config but Im getting the following error: -------------------- root@ldap-proxy01:/opt/symas/etc/openldap# slaptest -F ./my-slapd.d/ -f slapd.conf Entry (olcDatabase={0}mdb,olcOverlay={2}pcache,olcDatabase={1}ldap,cn=config): object class 'olcMdbBkConfig' requires attribute 'olcBackend' config_build_entry: build "olcDatabase={0}mdb" failed: "(null)" config file testing succeeded mdb_opinfo_get: err Permission denied(13) -------------------- Then I try to create my own LDIFs: basic config: ----------------- dn: cn=config objectClass: olcGlobal cn: config olcLogLevel: any olcPidFile: /var/symas/run/slapd.pid olcArgsFile: /var/symas/run/slapd.args olcToolThreads: 1 dn: cn=schema,cn=config objectClass: olcSchemaConfig cn: schema dn: cn=module{0},cn=config objectClass: olcModuleList cn: module{0} olcModulePath: /opt/symas/lib/openldap olcModuleLoad: back_mdb olcModuleLoad: back_ldap olcModuleLoad: back_monitor olcModuleLoad: argon2 include: file:///opt/symas/etc/openldap/schema/core.ldif include: file:///opt/symas/etc/openldap/schema/cosine.ldif include: file:///opt/symas/etc/openldap/schema/nis.ldif include: file:///opt/symas/etc/openldap/schema/inetorgperson.ldif include: file:///opt/symas/etc/openldap/schema/msuser.ldif dn: olcDatabase={-1}frontend,cn=config objectClass: olcDatabaseConfig objectClass: olcFrontendConfig olcDatabase: {-1}frontend olcSizeLimit: 500 olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break olcAccess: {1}to dn="" by * read olcAccess: {2}to dn.base="cn=subschema" by * read dn: olcDatabase={0}config,cn=config objectClass: olcDatabaseConfig olcDatabase: {0}config olcRootDN: cn=admin,cn=config olcRootPW: {ARGON2}$argon2i$v=19$m=4096,t=3,p=1$cXdlcnJ0enV6dWlvMTIz$G/l0lynf7ygdz0tG+E7S1fBibsFs/L80AUSisiGl/v4 olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage dn: olcDatabase={1}monitor,cn=config objectClass: olcDatabaseConfig olcDatabase: {1}monitor olcAccess: {0}to dn.subtree="cn=monitor" by dn.exact=cn=admin,cn=config read by dn.exact=cn=admin,dc=example,dc=net read by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth read dn: olcDatabase={2}ldap,cn=config objectClass: olcDatabaseConfig objectClass: olcLDAPConfig olcDatabase: {2}ldap olcSuffix: dc=example1,dc=net olcAddContentAcl: FALSE olcLastMod: FALSE olcLastBind: FALSE olcLastBindPrecision: 0 olcMaxDerefDepth: 15 olcReadOnly: TRUE olcRootDN: cn=admin,dc=example1,dc=net olcSyncUseSubentry: FALSE olcMonitoring: FALSE olcDbURI: "ldap://dc-net01.example.net:389" olcDbStartTLS: none starttls=no olcDbIDAssertBind: mode=none flags=prescriptive,proxy-authz-non-critical bindm ethod=simple timeout=0 network-timeout=0 binddn="cn=administrator,cn=users,dc =example1,dc=net" credentials="Passw0rd" keepalive=0:0:0 tcp-user-timeout=0 t ls_cacertdir="/opt/symas/etc/openldap" tls_reqcert=never tls_reqsan=allow tls _crlcheck=none olcDbIDAssertAuthzFrom: * olcDbRebindAsUser: TRUE olcDbChaseReferrals: FALSE olcDbTFSupport: no olcDbProxyWhoAmI: FALSE olcDbProtocolVersion: 3 olcDbSingleConn: FALSE olcDbCancel: abandon olcDbUseTemporaryConn: FALSE olcDbConnectionPoolMax: 16 olcDbSessionTrackingRequest: FALSE olcDbNoRefs: FALSE olcDbNoUndefFilter: FALSE olcDbOnErr: continue olcDbKeepalive: 0:0:0 ----------------- LDIF for rwm ------------------ dn: cn=module{0},cn=config changetype: modify add: olcModuleLoad olcModuleLoad: rwm.la dn: olcOverlay={0}rwm,olcDatabase={2}ldap,cn=config changetype: add objectClass: olcOverlayConfig objectClass: olcRwmConfig olcOverlay: {0}rwm olcRwmTFSupport: false olcRwmMap: {0}objectClass posixAccount person olcRwmMap: {1}attribute uid sAMAccountName ------------------ LDIF for pcache ------------------ dn: cn=module{0},cn=config changetype: modify add: olcModuleLoad olcModuleLoad: pcache.la dn: olcOverlay={3}pcache,olcDatabase={2}ldap,cn=config changetype: add objectClass: olcOverlayConfig objectClass: olcPcacheConfig olcOverlay: {3}pcache olcPcache: mdb 100000 5 1000 100 olcPcacheAttrset: 0 employeeType givenName cn sn uid mail olcPcacheAttrset: 1 givenName cn sn uid mail uidNumber olcPcacheAttrset: 2 userPassword olcPcacheAttrset: 3 employeeType givenName cn sn uid mail olcPcacheAttrset: 4 memberOf olcPcacheTemplate: "(objectClass=*)" 2 3600 0 0 0 olcPcacheTemplate: (&(objectClass=)(memberUid=)) 2 300 olcPcacheTemplate: (&(objectClass=)(uid=)) 0 300 dn: olcDatabase=mdb,olcOverlay={3}pcache,olcDatabase={2}ldap,cn=config changetype: add objectClass: olcMdbConfig objectClass: olcPcacheDatabase olcDbDirectory: /var/symas/pcache olcDbIndex: pcacheQueryID eq ------------------ But wenn I do a ldapsearch I got the following result: ---------------- root@ldap-proxy01:~/server-setup/proxy# ldapsearch -x -b dc=example1,dc=net cn=administrator -LLL dn # refldap://example1.net/CN=Configuration,DC=example1,DC=net # refldap://example1.net/DC=DomainDnsZones,DC=example1,DC=net # refldap://example1.net/DC=ForestDnsZones,DC=example1,DC=net ---------------- I only got the Referrals from AD, but not the object I'm looking for. It's nearly impossible to find a good documentation on how to setup pcache overlay via cn=config. As i said with slapd.conf everyting works. Any hint that get things working as expected? When I'm starting the slapd the log is showing: ----------- mdb_db_open: database "dc=example1,dc=net": dbenv_open(/var/symas/pcache). ----------- Same Server different problem I did not add memberof, because everytime I add the overlay with the following LDIF (should be replaced by dynlist in the near future) But I think it should work: -------------- dn: cn=module{0},cn=config changetype: modify add: olcModuleLoad olcModuleLoad: memberof.la dn: olcOverlay={1}memberof,olcDatabase={2}ldap,cn=config changetype: add objectClass: olcOverlayConfig objectClass: olcMemberOfConfig olcOverlay: {1}memberof olcMemberOfGroupOC: groupOfNames olcMemberOfMemberAD: member -------------- The slapd chrashes and "slapcat -n0" is giving e the following error: --------------- root@ldap-proxy01:~/server-setup/proxy# slapcat -n0 olcAttributeTypes: value #741 olcAttributeTypes: Duplicate attributeType: " z*V" config error processing cn={4}msuser,cn=schema,cn=config: olcAttributeTypes: Duplicate attributeType: " z*V" slapcat: bad configuration file! ---------------

1 day, 11 hours

1
0
0 / 0

.so dynamic library versioning

by Sam Dave

Hello, Thanks in advance for some clues on the below: 1. Has there ever been a release of LMDB that adds/removes/changes API? 2. On both Debian 10 (with lmdb 0.9.22) and Debian 11 (with lmdb 0.9.24) , under lib/ I see liblmdb.so -> liblmdb.so.0 (symlink) liblmdb.so.0 -> liblmdb.so.0.0.0 (symlink) liblmdb.so.0.0.0 (the original file) Has this always been at 0.0.0 since the beginning of LMDB? From the point of view of what the LMDB developers would expect, I mean. (I have no idea which distros were distributing LMDB in the early days) 3. What are your intentions regarding this .so versioning in relation to adding/removing/changes to the API? Something like this, perhaps? https://www.gnu.org/software/libtool/manual/html_node/Updating-version-in... 4. Another Linux distribution (NixOS 22.11, with lmdb 0.9.29) has *only* this under lib/: liblmdb.so (the original file) Does this sound right to you? What I mean is, when people compile LMDB down to an .so, would you expect them to normally add a version after the ".so"? (As they apparently did in Debian) Regards, Sam

3 days, 16 hours

2
1
0 / 0

Re: Adding to the schema

by Eric Fetzer

How do I enable this overlay if I'm using slapd-config? Sorry, I've been reading all of the Zytrex documentation, but it's going right over my head. Especially the slapd-config stuff... On Tue, Mar 7, 2023 at 12:10 PM Quanah Gibson-Mount <quanah(a)fast-mail.org> wrote: > > > --On Monday, March 6, 2023 11:23 AM -0700 Eric Fetzer > <eric.fetzer(a)gmail.com> wrote: > > > > > Hi All, > > > > > > I need to add to my schema on my freshly built server. > > If you're using OpenLDAP 2.5 or later, the ppolicy schema is built into > the > ppolicy overlay and you should not be loading it separately at all. I > would note that all releases prior to OpenLDAP 2.5 are historic and not > supported. > > Regards, > Quanah > > > >

6 days, 3 hours

1
0
0 / 0

After update slapd 2.5.13->2.5.14, dynlist memberOf not working anymore

by Andreas Ladanyi

Hi, after upgrade from 2.5.13->2.5.14 i cant get any search result from slapd when filtering for specific memberOf=value. If i downgrade back to slapd 2.5.13 all is working again. It doesnt work with ldapsearch nor with sssd-ldap modul when filtering entities with a specific memberOf=Value: ldapsearch -o ldif-wrap=no -LLL -x -ZZ -H ldap://ldap-server -b OUR_BASE_DN '(memberOf=.........)' memberOf uid ldapsearch shows the entities with memberOf attribute and the memberOf value if i search without a specific memberOf value in the filter: ldapsearch -o ldif-wrap=no -LLL -x -ZZ -H ldap://ldap-server -b OUR_BASE-DN memberOf The dynlist config is: dynlist-attrset labeledURIObject labeledURI memberOf regards, Andreas

6 days, 3 hours

4
8
0 / 0

Are there plans to support OpenSSL 3.0.x in OpenLDAP v2.5?

by Soichiro Shishido

Are there plans to support OpenSSL 3.0.x in OpenLDAP v2.5? OpenSSL 1.1.1 will be discontinued this year on 2023-09-11. Also, according to the OpenLDAP Project Release Maintenance Policy, it appears that v2.6 will not be LTS for some time yet. If OpenSSL 1.1.1 vulnerabilities are reported after 2023-09-12, and if we do not migrate to OpenSSL 3.0.x, OpenLDAP v2.5 will be left vulnerable.

1 week, 2 days

1
0
0 / 0

Re: slapd.conf or OLC (cn=config)

by Eric Fetzer

Thanks! On Thu, Mar 16, 2023 at 8:50 AM Quanah Gibson-Mount <quanah(a)fast-mail.org> wrote: > > > --On Thursday, March 16, 2023 9:30 AM -0600 Eric Fetzer > <eric.fetzer(a)gmail.com> wrote: > > > > > Options: > > > > > > Environment="SLAPD_URLS=ldap:/// ldapi:/// ldaps:///" > > Environment="SLAPD_OPTIONS=-F /etc/openldap/slapd.d" > > ExecStart=/usr/libexec/slapd -u ldap -g ldap -h ${SLAPD_URLS} > > $SLAPD_OPTIONS > > > > > > > > Yes, there is a slapd.d directory. > > You're using slapd-config and not slapd.conf then. > > --Quanah > > > >

1 week, 3 days

1
0
0 / 0

Problems with syncrepl and password changes

by Manolo Garcia Alvarez

Hello. We're having some problems with replication and password changes. Let me explain... In our institution we are using Shibboleth to provide SSO to the users. The credentials are stored in OpenLDAP, but due to the high demand (100 auths/second) and the high volume (more than 700K users), we had to split it in three servers: - one is the producer, which receives all of the changes (both data and password changes), - two are the consumers, sync'd with the producer via syncrepl. The two consumers are behind a load balancer and are used to perform the BINDs and the user lookup. The problem that we are facing is that in some cirscunstances (maybe high load, high traffic?) the syncrepl lasts more than expected, and that causes the next situation: 1. an user changes its password, the object changes its modifyTimestamp to T1 2. before the syncrepl gets to replicate that change, the user tries to authenticate with the new password, the balancer assigns one of the consumers (say C1), tries to bind, but the password is not yet changed, so it fails recording one pwdFailureTime and updating its modifyTimestamp to T2 3. when syncrepl tries to update the object in C1, T2 is older than T1 so it refuses to change the object ("dn_callback : new entry is older than ours cn=XXXXX,dc=acces,dc=uoc,dc=edu ours 20230313155537.264968Z#000000#00d#000000, new 20230313155506.235663Z#000000#00b#000000 ") Resulting in one user with the password changed in the provider and in only one of the consumers. Have you found the same problem? Maybe is there something wrong in our setup? Thanks a lot. ------------------------------ Manolo García Arquitecte de Solucions Universitat Oberta de Catalunya 689 88 30 93 | mgarciaal(a)uoc.edu [image: Universitat Oberta de Catalunya] -- INFORMACIÓ SOBRE PROTECCIÓ DE DADES DE LA UNIVERSITAT OBERTA DE CATALUNYA (UOC) Us informem que les vostres dades identificatives i les contingudes en els missatges electrònics i fitxers adjunts es poden incorporar a les nostres bases de dades amb la finalitat de gestionar les relacions i comunicacions vinculades a la UOC, i que es poden conservar mentre es mantingui la relació. Si ho voleu, podeu exercir el dret a accedir a les vostres dades, rectificar-les i suprimir-les i altres drets reconeguts normativament adreçant-vos a l'adreça de correu emissora o a fuoc_pd(a)uoc.edu <mailto:fuoc_pd@uoc.edu>. Aquest missatge i qualsevol fitxer que porti adjunt, si escau, tenen el caràcter de confidencials i s'adrecen únicament a la persona o entitat a qui s'han enviat. Així mateix, posem a la vostra disposició un delegat de protecció de dades que no només s'encarregarà de supervisar tots els tractaments de dades de la nostra entitat, sinó que us podrà atendre per a qualsevol qüestió relacionada amb el tractament de dades. La seva adreça de contacte és dpd(a)uoc.edu <mailto:dpd@uoc.edu>. INFORMACIÓN SOBRE PROTECCIÓN DE DATOS DE LA UNIVERSITAT OBERTA DE CATALUNYA (UOC) Os informamos de que vuestros datos identificativos y los contenidos en los mensajes electrónicos y ficheros adjuntos pueden incorporarse a nuestras bases de datos con el fin de gestionar las relaciones y comunicaciones vinculadas a la UOC, y de que pueden conservarse mientras se mantenga la relación. Si lo deseáis, podéis ejercer el derecho a acceder a vuestros datos, rectificarlos y suprimirlos y otros derechos reconocidos normativamente dirigiéndoos a la dirección de correo emisora o a fuoc_pd(a)uoc.edu <mailto:fuoc_pd@uoc.edu>. Este mensaje y cualquier fichero que lleve adjunto, si procede, tienen el carácter de confidenciales y se dirigen únicamente a la persona o entidad a quien se han enviado. Así mismo, ponemos a vuestra disposición a un delegado de protección de datos que no solo se encargará de supervisar todos los tratamientos de datos de nuestra entidad, sino que podrá atenderos para cualquier cuestión relacionada con el tratamiento de datos. Su dirección de contacto es dpd(a)uoc.edu <mailto:dpd@uoc.edu>. UNIVERSITAT OBERTA DE CATALUNYA (UOC) DATA PROTECTION INFORMATION Your personal data and the data contained in your email messages and attached files may be stored in our databases for the purpose of maintaining relations and communications linked to the UOC, and the data may be stored for as long as these relations and communications are maintained. If you so wish, you can exercise your rights to access, rectification and erasure of your data, and any other legally held rights, by writing to the sender’s email address or to fuoc_pd(a)uoc.edu <http://fuoc_pd@uoc.edu>. This message and, where applicable, any attachments are confidential and addressed solely to the individual or organization they were sent to. The UOC has a data protection officer who not only supervises the data processing carried out at the University, but who will also respond to any questions you may have about this data processing. You can contact our data protection officer by writing to dpd(a)uoc.edu <http://dpd@uoc.edu>.

1 week, 3 days

3
2
0 / 0

Re: Antw: [EXT] invalid opcode

by Jeffrey Walton

On Thu, Mar 16, 2023 at 10:50 AM Quanah Gibson-Mount <quanah(a)fast-mail.org> wrote: > > --On Thursday, March 16, 2023 11:29 AM -0400 Jeffrey Walton > <noloader(a)gmail.com> wrote: > > >> This doesn't make sense. You should be using an ldapv3 password modify > >> operation on the user account in question and letting the server do the > >> hashing (and also allows password policies, if deployed, to be used). > > > > If I understand things correctly... The server does not hash the > > password. The server never gets to see the plaintext password. > > You don't. > > > See > > https://www.postgresql.org/message-id/379034.1673389287%40sss.pgh.pa.us . > > What does a thread about how postgres works have to do with OpenLDAP or the > LDAP protocol? My bad... I crossed my mailing lists. Jeff

1 week, 3 days

1
0
0 / 0

Re: Problems with syncrepl and password changes

by Manolo Garcia Alvarez

You're right, sorry. We are running version 2.4.44: OpenLDAP: slapd 2.4.44 (Jan 29 2019 17:42:45) Thanks ! El jue, 16 mar 2023 a las 15:14, Quanah Gibson-Mount (<quanah(a)fast-mail.org>) escribió: > > > --On Thursday, March 16, 2023 11:12 AM +0100 Manolo Garcia Alvarez > <mgarciaal(a)uoc.edu> wrote: > > > > > > > Hello. > > > > We're having some problems with replication and password changes. Let me > > explain... In our institution we are using Shibboleth to provide SSO to > > the users. The credentials are stored in OpenLDAP, but due to the high > > demand (100 auths/second) and the high volume (more than 700K users), we > > had to split it in three servers: > > Thta's not high volume or a large amount of users (just to note). You > didn't provide any information on the version of OpenLDAP in use, which is > critical information. > > --Quanah > > > -- ------------------------------ Manolo García Arquitecte de Solucions Universitat Oberta de Catalunya 689 88 30 93 | mgarciaal(a)uoc.edu [image: Universitat Oberta de Catalunya] -- INFORMACIÓ SOBRE PROTECCIÓ DE DADES DE LA UNIVERSITAT OBERTA DE CATALUNYA (UOC) Us informem que les vostres dades identificatives i les contingudes en els missatges electrònics i fitxers adjunts es poden incorporar a les nostres bases de dades amb la finalitat de gestionar les relacions i comunicacions vinculades a la UOC, i que es poden conservar mentre es mantingui la relació. Si ho voleu, podeu exercir el dret a accedir a les vostres dades, rectificar-les i suprimir-les i altres drets reconeguts normativament adreçant-vos a l'adreça de correu emissora o a fuoc_pd(a)uoc.edu <mailto:fuoc_pd@uoc.edu>. Aquest missatge i qualsevol fitxer que porti adjunt, si escau, tenen el caràcter de confidencials i s'adrecen únicament a la persona o entitat a qui s'han enviat. Així mateix, posem a la vostra disposició un delegat de protecció de dades que no només s'encarregarà de supervisar tots els tractaments de dades de la nostra entitat, sinó que us podrà atendre per a qualsevol qüestió relacionada amb el tractament de dades. La seva adreça de contacte és dpd(a)uoc.edu <mailto:dpd@uoc.edu>. INFORMACIÓN SOBRE PROTECCIÓN DE DATOS DE LA UNIVERSITAT OBERTA DE CATALUNYA (UOC) Os informamos de que vuestros datos identificativos y los contenidos en los mensajes electrónicos y ficheros adjuntos pueden incorporarse a nuestras bases de datos con el fin de gestionar las relaciones y comunicaciones vinculadas a la UOC, y de que pueden conservarse mientras se mantenga la relación. Si lo deseáis, podéis ejercer el derecho a acceder a vuestros datos, rectificarlos y suprimirlos y otros derechos reconocidos normativamente dirigiéndoos a la dirección de correo emisora o a fuoc_pd(a)uoc.edu <mailto:fuoc_pd@uoc.edu>. Este mensaje y cualquier fichero que lleve adjunto, si procede, tienen el carácter de confidenciales y se dirigen únicamente a la persona o entidad a quien se han enviado. Así mismo, ponemos a vuestra disposición a un delegado de protección de datos que no solo se encargará de supervisar todos los tratamientos de datos de nuestra entidad, sino que podrá atenderos para cualquier cuestión relacionada con el tratamiento de datos. Su dirección de contacto es dpd(a)uoc.edu <mailto:dpd@uoc.edu>. UNIVERSITAT OBERTA DE CATALUNYA (UOC) DATA PROTECTION INFORMATION Your personal data and the data contained in your email messages and attached files may be stored in our databases for the purpose of maintaining relations and communications linked to the UOC, and the data may be stored for as long as these relations and communications are maintained. If you so wish, you can exercise your rights to access, rectification and erasure of your data, and any other legally held rights, by writing to the sender’s email address or to fuoc_pd(a)uoc.edu <http://fuoc_pd@uoc.edu>. This message and, where applicable, any attachments are confidential and addressed solely to the individual or organization they were sent to. The UOC has a data protection officer who not only supervises the data processing carried out at the University, but who will also respond to any questions you may have about this data processing. You can contact our data protection officer by writing to dpd(a)uoc.edu <http://dpd@uoc.edu>.

1 week, 3 days

2
1
0 / 0

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

openldap-technical March 2023