question about manpage slapo-dynlist
by Stefan Kania
Hi to all,
the manpage of the slapo-dynlist is showing the following example:
-----------
A dynamic group with dgIdentity authorization could be created
with an entry like
dn: cn=Dynamic Group,ou=Groups,dc=example,dc=com
objectClass: groupOfURLs
objectClass: dgIdentityAux
cn: Dynamic Group
memberURL:
ldap:///ou=People,dc=example,dc=com??sub?(objectClass=person)
dgIdentity: cn=Group Proxy,ou=Services,dc=example,dc=com
-----------
I can't find an explanation of the attribute "dgIdentity", it's not
mentioned what is "cn=Group Proxy,ou=Services,dc=example,dc=com".
Can someone explain it please.
Stefan
3 hours, 54 minutes
overlay pcache and cn=config
by Stefan Kania
Hello,
I've got the following working slapd.conf:
--------------------
include /opt/symas/etc/openldap/schema/core.schema
include /opt/symas/etc/openldap/schema/cosine.schema
include /opt/symas/etc/openldap/schema/inetorgperson.schema
include /opt/symas/etc/openldap/schema/misc.schema
include /opt/symas/etc/openldap/schema/nis.schema
include /opt/symas/etc/openldap/schema/msuser.schema
modulepath /opt/symas/lib/openldap
moduleload back_ldap
moduleload back_mdb
moduleload rwm.la
moduleload memberof.la
moduleload pcache.la
loglevel any
pidfile /var/symas/run/slapd.pid
argsfile /var/symas/run/slapd.args
database ldap
readonly yes
protocol-version 3
rebind-as-user yes
uri "ldap://192.168.56.201:389"
suffix "dc=example1,dc=net"
rootdn "cn=admin,dc=example1,dc=net"
idassert-bind bindmethod=simple
mode=none
binddn="CN=Administrator,cn=users,dc=example1,dc=net"
credentials=Passw0rd
tls_cacertdir=/opt/symas/etc/openldap
tls_reqcert=never
idassert-authzFrom "*"
overlay rwm
rwm-map attribute uid sAMAccountName
rwm-map objectClass posixAccount person
overlay memberof
memberof-group-oc groupOfuniqueNames
memberof-member-ad uniquemember
memberof-dangling error
overlay pcache
pcache mdb 100000 6 1000 100
pcachePersist TRUE
directory "/var/symas/pcache"
pcacheAttrset 0 1.1
pcacheTemplate (uid=) 0 3600
pcacheTemplate (&(|(objectClass=))) 0 3600
pcacheAttrset 1 employeetype givenName cn sn uid mail
pcacheTemplate (uid=) 1 3600
pcacheBind (uid=) 1 3600 sub dc=de
pcacheAttrset 2 givenName cn sn uid mail uidNumber
pcacheTemplate (objectClass=) 2 3600
pcacheAttrset 3 userPassword
pcacheTemplate (uid=) 3 3600
pcacheTemplate (objectClass=) 2 3600
pcacheAttrset 4 employeetype givenName cn sn uid mail
pcacheTemplate (uid=) 1 3600
pcacheAttrset 5 memberOf
pcacheTemplate (objectClass=*) 2 3600
--------------------
Search for an entry in AD is working:
----------------------
root@ldap-proxy01:~/server-setup/proxy# ldapsearch -x -b
dc=example1,dc=net cn=administrator -LLL dn
dn: cn=Administrator,cn=Users,dc=example1,dc=net
----------------------
Now I want to convert it to cn=config but Im getting the following error:
--------------------
root@ldap-proxy01:/opt/symas/etc/openldap# slaptest -F ./my-slapd.d/ -f
slapd.conf
Entry
(olcDatabase={0}mdb,olcOverlay={2}pcache,olcDatabase={1}ldap,cn=config):
object class 'olcMdbBkConfig' requires attribute 'olcBackend'
config_build_entry: build "olcDatabase={0}mdb" failed: "(null)"
config file testing succeeded
mdb_opinfo_get: err Permission denied(13)
--------------------
Then I try to create my own LDIFs:
basic config:
-----------------
dn: cn=config
objectClass: olcGlobal
cn: config
olcLogLevel: any
olcPidFile: /var/symas/run/slapd.pid
olcArgsFile: /var/symas/run/slapd.args
olcToolThreads: 1
dn: cn=schema,cn=config
objectClass: olcSchemaConfig
cn: schema
dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module{0}
olcModulePath: /opt/symas/lib/openldap
olcModuleLoad: back_mdb
olcModuleLoad: back_ldap
olcModuleLoad: back_monitor
olcModuleLoad: argon2
include: file:///opt/symas/etc/openldap/schema/core.ldif
include: file:///opt/symas/etc/openldap/schema/cosine.ldif
include: file:///opt/symas/etc/openldap/schema/nis.ldif
include: file:///opt/symas/etc/openldap/schema/inetorgperson.ldif
include: file:///opt/symas/etc/openldap/schema/msuser.ldif
dn: olcDatabase={-1}frontend,cn=config
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: {-1}frontend
olcSizeLimit: 500
olcAccess: {0}to *
by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
manage
by * break
olcAccess: {1}to dn="" by * read
olcAccess: {2}to dn.base="cn=subschema" by * read
dn: olcDatabase={0}config,cn=config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcRootDN: cn=admin,cn=config
olcRootPW:
{ARGON2}$argon2i$v=19$m=4096,t=3,p=1$cXdlcnJ0enV6dWlvMTIz$G/l0lynf7ygdz0tG+E7S1fBibsFs/L80AUSisiGl/v4
olcAccess: {0}to *
by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
manage
dn: olcDatabase={1}monitor,cn=config
objectClass: olcDatabaseConfig
olcDatabase: {1}monitor
olcAccess: {0}to dn.subtree="cn=monitor"
by dn.exact=cn=admin,cn=config read
by dn.exact=cn=admin,dc=example,dc=net read
by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth read
dn: olcDatabase={2}ldap,cn=config
objectClass: olcDatabaseConfig
objectClass: olcLDAPConfig
olcDatabase: {2}ldap
olcSuffix: dc=example1,dc=net
olcAddContentAcl: FALSE
olcLastMod: FALSE
olcLastBind: FALSE
olcLastBindPrecision: 0
olcMaxDerefDepth: 15
olcReadOnly: TRUE
olcRootDN: cn=admin,dc=example1,dc=net
olcSyncUseSubentry: FALSE
olcMonitoring: FALSE
olcDbURI: "ldap://dc-net01.example.net:389"
olcDbStartTLS: none starttls=no
olcDbIDAssertBind: mode=none flags=prescriptive,proxy-authz-non-critical
bindm
ethod=simple timeout=0 network-timeout=0
binddn="cn=administrator,cn=users,dc
=example1,dc=net" credentials="Passw0rd" keepalive=0:0:0
tcp-user-timeout=0 t
ls_cacertdir="/opt/symas/etc/openldap" tls_reqcert=never
tls_reqsan=allow tls
_crlcheck=none
olcDbIDAssertAuthzFrom: *
olcDbRebindAsUser: TRUE
olcDbChaseReferrals: FALSE
olcDbTFSupport: no
olcDbProxyWhoAmI: FALSE
olcDbProtocolVersion: 3
olcDbSingleConn: FALSE
olcDbCancel: abandon
olcDbUseTemporaryConn: FALSE
olcDbConnectionPoolMax: 16
olcDbSessionTrackingRequest: FALSE
olcDbNoRefs: FALSE
olcDbNoUndefFilter: FALSE
olcDbOnErr: continue
olcDbKeepalive: 0:0:0
-----------------
LDIF for rwm
------------------
dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: rwm.la
dn: olcOverlay={0}rwm,olcDatabase={2}ldap,cn=config
changetype: add
objectClass: olcOverlayConfig
objectClass: olcRwmConfig
olcOverlay: {0}rwm
olcRwmTFSupport: false
olcRwmMap: {0}objectClass posixAccount person
olcRwmMap: {1}attribute uid sAMAccountName
------------------
LDIF for pcache
------------------
dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: pcache.la
dn: olcOverlay={3}pcache,olcDatabase={2}ldap,cn=config
changetype: add
objectClass: olcOverlayConfig
objectClass: olcPcacheConfig
olcOverlay: {3}pcache
olcPcache: mdb 100000 5 1000 100
olcPcacheAttrset: 0 employeeType givenName cn sn uid mail
olcPcacheAttrset: 1 givenName cn sn uid mail uidNumber
olcPcacheAttrset: 2 userPassword
olcPcacheAttrset: 3 employeeType givenName cn sn uid mail
olcPcacheAttrset: 4 memberOf
olcPcacheTemplate: "(objectClass=*)" 2 3600 0 0 0
olcPcacheTemplate: (&(objectClass=)(memberUid=)) 2 300
olcPcacheTemplate: (&(objectClass=)(uid=)) 0 300
dn: olcDatabase=mdb,olcOverlay={3}pcache,olcDatabase={2}ldap,cn=config
changetype: add
objectClass: olcMdbConfig
objectClass: olcPcacheDatabase
olcDbDirectory: /var/symas/pcache
olcDbIndex: pcacheQueryID eq
------------------
But wenn I do a ldapsearch I got the following result:
----------------
root@ldap-proxy01:~/server-setup/proxy# ldapsearch -x -b
dc=example1,dc=net cn=administrator -LLL dn
# refldap://example1.net/CN=Configuration,DC=example1,DC=net
# refldap://example1.net/DC=DomainDnsZones,DC=example1,DC=net
# refldap://example1.net/DC=ForestDnsZones,DC=example1,DC=net
----------------
I only got the Referrals from AD, but not the object I'm looking for.
It's nearly impossible to find a good documentation on how to setup
pcache overlay via cn=config. As i said with slapd.conf everyting works.
Any hint that get things working as expected?
When I'm starting the slapd the log is showing:
-----------
mdb_db_open: database "dc=example1,dc=net": dbenv_open(/var/symas/pcache).
-----------
Same Server different problem
I did not add memberof, because everytime I add the overlay with the
following LDIF (should be replaced by dynlist in the near future) But I
think it should work:
--------------
dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: memberof.la
dn: olcOverlay={1}memberof,olcDatabase={2}ldap,cn=config
changetype: add
objectClass: olcOverlayConfig
objectClass: olcMemberOfConfig
olcOverlay: {1}memberof
olcMemberOfGroupOC: groupOfNames
olcMemberOfMemberAD: member
--------------
The slapd chrashes and "slapcat -n0" is giving e the following error:
---------------
root@ldap-proxy01:~/server-setup/proxy# slapcat -n0
olcAttributeTypes: value #741 olcAttributeTypes: Duplicate
attributeType: " z*V"
config error processing cn={4}msuser,cn=schema,cn=config:
olcAttributeTypes: Duplicate attributeType: " z*V"
slapcat: bad configuration file!
---------------
1 day, 11 hours
.so dynamic library versioning
by Sam Dave
Hello,
Thanks in advance for some clues on the below:
1.
Has there ever been a release of LMDB that adds/removes/changes API?
2.
On both Debian 10 (with lmdb 0.9.22) and Debian 11 (with lmdb 0.9.24) , under lib/ I see
liblmdb.so -> liblmdb.so.0 (symlink)
liblmdb.so.0 -> liblmdb.so.0.0.0 (symlink)
liblmdb.so.0.0.0 (the original file)
Has this always been at 0.0.0 since the beginning of LMDB? From the point of view of what the LMDB developers would expect, I mean. (I have no idea which distros were distributing LMDB in the early days)
3.
What are your intentions regarding this .so versioning in relation to adding/removing/changes to the API?
Something like this, perhaps? https://www.gnu.org/software/libtool/manual/html_node/Updating-version-in...
4.
Another Linux distribution (NixOS 22.11, with lmdb 0.9.29) has *only* this under lib/:
liblmdb.so (the original file)
Does this sound right to you?
What I mean is, when people compile LMDB down to an .so, would you expect them to normally add a version after the ".so"? (As they apparently did in Debian)
Regards,
Sam
3 days, 16 hours
Re: Adding to the schema
by Eric Fetzer
How do I enable this overlay if I'm using slapd-config? Sorry, I've been
reading all of the Zytrex documentation, but it's going right over my
head. Especially the slapd-config stuff...
On Tue, Mar 7, 2023 at 12:10 PM Quanah Gibson-Mount <quanah(a)fast-mail.org>
wrote:
>
>
> --On Monday, March 6, 2023 11:23 AM -0700 Eric Fetzer
> <eric.fetzer(a)gmail.com> wrote:
>
> >
> > Hi All,
> >
> >
> > I need to add to my schema on my freshly built server.
>
> If you're using OpenLDAP 2.5 or later, the ppolicy schema is built into
> the
> ppolicy overlay and you should not be loading it separately at all. I
> would note that all releases prior to OpenLDAP 2.5 are historic and not
> supported.
>
> Regards,
> Quanah
>
>
>
>
6 days, 3 hours
After update slapd 2.5.13->2.5.14, dynlist memberOf not working anymore
by Andreas Ladanyi
Hi,
after upgrade from 2.5.13->2.5.14 i cant get any search result from
slapd when filtering for specific memberOf=value. If i downgrade back to
slapd 2.5.13 all is working again.
It doesnt work with ldapsearch nor with sssd-ldap modul when filtering
entities with a specific memberOf=Value:
ldapsearch -o ldif-wrap=no -LLL -x -ZZ -H ldap://ldap-server -b
OUR_BASE_DN '(memberOf=.........)' memberOf uid
ldapsearch shows the entities with memberOf attribute and the memberOf
value if i search without a specific memberOf value in the filter:
ldapsearch -o ldif-wrap=no -LLL -x -ZZ -H ldap://ldap-server -b
OUR_BASE-DN memberOf
The dynlist config is:
dynlist-attrset labeledURIObject labeledURI memberOf
regards,
Andreas
6 days, 3 hours
Are there plans to support OpenSSL 3.0.x in OpenLDAP v2.5?
by Soichiro Shishido
Are there plans to support OpenSSL 3.0.x in OpenLDAP v2.5?
OpenSSL 1.1.1 will be discontinued this year on 2023-09-11. Also, according to the OpenLDAP Project Release Maintenance Policy, it appears that v2.6 will not be LTS for some time yet.
If OpenSSL 1.1.1 vulnerabilities are reported after 2023-09-12, and if we do not migrate to OpenSSL 3.0.x, OpenLDAP v2.5 will be left vulnerable.
1 week, 2 days
Re: slapd.conf or OLC (cn=config)
by Eric Fetzer
Thanks!
On Thu, Mar 16, 2023 at 8:50 AM Quanah Gibson-Mount <quanah(a)fast-mail.org>
wrote:
>
>
> --On Thursday, March 16, 2023 9:30 AM -0600 Eric Fetzer
> <eric.fetzer(a)gmail.com> wrote:
>
> >
> > Options:
> >
> >
> > Environment="SLAPD_URLS=ldap:/// ldapi:/// ldaps:///"
> > Environment="SLAPD_OPTIONS=-F /etc/openldap/slapd.d"
> > ExecStart=/usr/libexec/slapd -u ldap -g ldap -h ${SLAPD_URLS}
> > $SLAPD_OPTIONS
> >
> >
> >
> > Yes, there is a slapd.d directory.
>
> You're using slapd-config and not slapd.conf then.
>
> --Quanah
>
>
>
>
1 week, 3 days
Problems with syncrepl and password changes
by Manolo Garcia Alvarez
Hello.
We're having some problems with replication and password changes. Let me
explain... In our institution we are using Shibboleth to provide SSO to the
users. The credentials are stored in OpenLDAP, but due to the high demand
(100 auths/second) and the high volume (more than 700K users), we had to
split it in three servers:
- one is the producer, which receives all of the changes (both data and
password changes),
- two are the consumers, sync'd with the producer via syncrepl.
The two consumers are behind a load balancer and are used to perform the
BINDs and the user lookup.
The problem that we are facing is that in some cirscunstances (maybe high
load, high traffic?) the syncrepl lasts more than expected, and that causes
the next situation:
1. an user changes its password, the object changes its modifyTimestamp
to T1
2. before the syncrepl gets to replicate that change, the user tries to
authenticate with the new password, the balancer assigns one of the
consumers (say C1), tries to bind, but the password is not yet changed, so
it fails recording one pwdFailureTime and updating its modifyTimestamp to T2
3. when syncrepl tries to update the object in C1, T2 is older than T1
so it refuses to change the object ("dn_callback : new entry is older
than ours cn=XXXXX,dc=acces,dc=uoc,dc=edu ours
20230313155537.264968Z#000000#00d#000000, new
20230313155506.235663Z#000000#00b#000000 ")
Resulting in one user with the password changed in the provider and in only
one of the consumers.
Have you found the same problem? Maybe is there something wrong in our
setup?
Thanks a lot.
------------------------------
Manolo García
Arquitecte de Solucions
Universitat Oberta de Catalunya
689 88 30 93 | mgarciaal(a)uoc.edu
[image: Universitat Oberta de Catalunya]
--
INFORMACIÓ SOBRE PROTECCIÓ DE DADES DE LA UNIVERSITAT OBERTA DE
CATALUNYA (UOC)
Us informem que les vostres dades identificatives i les
contingudes en els missatges electrònics i fitxers adjunts es poden
incorporar a les nostres bases de dades amb la finalitat de gestionar les
relacions i comunicacions vinculades a la UOC, i que es poden conservar
mentre es mantingui la relació. Si ho voleu, podeu exercir el dret a
accedir a les vostres dades, rectificar-les i suprimir-les i altres drets
reconeguts normativament adreçant-vos a l'adreça de correu emissora o a
fuoc_pd(a)uoc.edu <mailto:fuoc_pd@uoc.edu>.
Aquest missatge i qualsevol
fitxer que porti adjunt, si escau, tenen el caràcter de confidencials i
s'adrecen únicament a la persona o entitat a qui s'han enviat.
Així
mateix, posem a la vostra disposició un delegat de protecció de dades que
no només s'encarregarà de supervisar tots els tractaments de dades de la
nostra entitat, sinó que us podrà atendre per a qualsevol qüestió
relacionada amb el tractament de dades. La seva adreça de contacte és
dpd(a)uoc.edu <mailto:dpd@uoc.edu>.
INFORMACIÓN SOBRE PROTECCIÓN DE DATOS DE
LA UNIVERSITAT OBERTA DE CATALUNYA (UOC)
Os informamos de que vuestros
datos identificativos y los contenidos en los mensajes electrónicos y
ficheros adjuntos pueden incorporarse a nuestras bases de datos con el fin
de gestionar las relaciones y comunicaciones vinculadas a la UOC, y de que
pueden conservarse mientras se mantenga la relación. Si lo deseáis, podéis
ejercer el derecho a acceder a vuestros datos, rectificarlos y suprimirlos
y otros derechos reconocidos normativamente dirigiéndoos a la dirección de
correo emisora o a fuoc_pd(a)uoc.edu <mailto:fuoc_pd@uoc.edu>.
Este mensaje y
cualquier fichero que lleve adjunto, si procede, tienen el carácter de
confidenciales y se dirigen únicamente a la persona o entidad a quien se
han enviado.
Así mismo, ponemos a vuestra disposición a un delegado de
protección de datos que no solo se encargará de supervisar todos los
tratamientos de datos de nuestra entidad, sino que podrá atenderos para
cualquier cuestión relacionada con el tratamiento de datos. Su dirección de
contacto es dpd(a)uoc.edu <mailto:dpd@uoc.edu>.
UNIVERSITAT OBERTA DE
CATALUNYA (UOC) DATA PROTECTION INFORMATION
Your personal data and the data
contained in your email messages and attached files may be stored in our
databases for the purpose of maintaining relations and communications
linked to the UOC, and the data may be stored for as long as these
relations and communications are maintained. If you so wish, you can
exercise your rights to access, rectification and erasure of your data, and
any other legally held rights, by writing to the sender’s email address or
to fuoc_pd(a)uoc.edu <http://fuoc_pd@uoc.edu>.
This message and, where
applicable, any attachments are confidential and addressed solely to the
individual or organization they were sent to.
The UOC has a data protection
officer who not only supervises the data processing carried out at the
University, but who will also respond to any questions you may have about
this data processing. You can contact our data protection officer by
writing to dpd(a)uoc.edu <http://dpd@uoc.edu>.
1 week, 3 days
Re: Antw: [EXT] invalid opcode
by Jeffrey Walton
On Thu, Mar 16, 2023 at 10:50 AM Quanah Gibson-Mount
<quanah(a)fast-mail.org> wrote:
>
> --On Thursday, March 16, 2023 11:29 AM -0400 Jeffrey Walton
> <noloader(a)gmail.com> wrote:
>
> >> This doesn't make sense. You should be using an ldapv3 password modify
> >> operation on the user account in question and letting the server do the
> >> hashing (and also allows password policies, if deployed, to be used).
> >
> > If I understand things correctly... The server does not hash the
> > password. The server never gets to see the plaintext password.
>
> You don't.
>
> > See
> > https://www.postgresql.org/message-id/379034.1673389287%40sss.pgh.pa.us .
>
> What does a thread about how postgres works have to do with OpenLDAP or the
> LDAP protocol?
My bad... I crossed my mailing lists.
Jeff
1 week, 3 days
Re: Problems with syncrepl and password changes
by Manolo Garcia Alvarez
You're right, sorry.
We are running version 2.4.44:
OpenLDAP: slapd 2.4.44 (Jan 29 2019 17:42:45)
Thanks !
El jue, 16 mar 2023 a las 15:14, Quanah Gibson-Mount (<quanah(a)fast-mail.org>)
escribió:
>
>
> --On Thursday, March 16, 2023 11:12 AM +0100 Manolo Garcia Alvarez
> <mgarciaal(a)uoc.edu> wrote:
>
> >
> >
> > Hello.
> >
> > We're having some problems with replication and password changes. Let me
> > explain... In our institution we are using Shibboleth to provide SSO to
> > the users. The credentials are stored in OpenLDAP, but due to the high
> > demand (100 auths/second) and the high volume (more than 700K users), we
> > had to split it in three servers:
>
> Thta's not high volume or a large amount of users (just to note). You
> didn't provide any information on the version of OpenLDAP in use, which is
> critical information.
>
> --Quanah
>
>
>
--
------------------------------
Manolo García
Arquitecte de Solucions
Universitat Oberta de Catalunya
689 88 30 93 | mgarciaal(a)uoc.edu
[image: Universitat Oberta de Catalunya]
--
INFORMACIÓ SOBRE PROTECCIÓ DE DADES DE LA UNIVERSITAT OBERTA DE
CATALUNYA (UOC)
Us informem que les vostres dades identificatives i les
contingudes en els missatges electrònics i fitxers adjunts es poden
incorporar a les nostres bases de dades amb la finalitat de gestionar les
relacions i comunicacions vinculades a la UOC, i que es poden conservar
mentre es mantingui la relació. Si ho voleu, podeu exercir el dret a
accedir a les vostres dades, rectificar-les i suprimir-les i altres drets
reconeguts normativament adreçant-vos a l'adreça de correu emissora o a
fuoc_pd(a)uoc.edu <mailto:fuoc_pd@uoc.edu>.
Aquest missatge i qualsevol
fitxer que porti adjunt, si escau, tenen el caràcter de confidencials i
s'adrecen únicament a la persona o entitat a qui s'han enviat.
Així
mateix, posem a la vostra disposició un delegat de protecció de dades que
no només s'encarregarà de supervisar tots els tractaments de dades de la
nostra entitat, sinó que us podrà atendre per a qualsevol qüestió
relacionada amb el tractament de dades. La seva adreça de contacte és
dpd(a)uoc.edu <mailto:dpd@uoc.edu>.
INFORMACIÓN SOBRE PROTECCIÓN DE DATOS DE
LA UNIVERSITAT OBERTA DE CATALUNYA (UOC)
Os informamos de que vuestros
datos identificativos y los contenidos en los mensajes electrónicos y
ficheros adjuntos pueden incorporarse a nuestras bases de datos con el fin
de gestionar las relaciones y comunicaciones vinculadas a la UOC, y de que
pueden conservarse mientras se mantenga la relación. Si lo deseáis, podéis
ejercer el derecho a acceder a vuestros datos, rectificarlos y suprimirlos
y otros derechos reconocidos normativamente dirigiéndoos a la dirección de
correo emisora o a fuoc_pd(a)uoc.edu <mailto:fuoc_pd@uoc.edu>.
Este mensaje y
cualquier fichero que lleve adjunto, si procede, tienen el carácter de
confidenciales y se dirigen únicamente a la persona o entidad a quien se
han enviado.
Así mismo, ponemos a vuestra disposición a un delegado de
protección de datos que no solo se encargará de supervisar todos los
tratamientos de datos de nuestra entidad, sino que podrá atenderos para
cualquier cuestión relacionada con el tratamiento de datos. Su dirección de
contacto es dpd(a)uoc.edu <mailto:dpd@uoc.edu>.
UNIVERSITAT OBERTA DE
CATALUNYA (UOC) DATA PROTECTION INFORMATION
Your personal data and the data
contained in your email messages and attached files may be stored in our
databases for the purpose of maintaining relations and communications
linked to the UOC, and the data may be stored for as long as these
relations and communications are maintained. If you so wish, you can
exercise your rights to access, rectification and erasure of your data, and
any other legally held rights, by writing to the sender’s email address or
to fuoc_pd(a)uoc.edu <http://fuoc_pd@uoc.edu>.
This message and, where
applicable, any attachments are confidential and addressed solely to the
individual or organization they were sent to.
The UOC has a data protection
officer who not only supervises the data processing carried out at the
University, but who will also respond to any questions you may have about
this data processing. You can contact our data protection officer by
writing to dpd(a)uoc.edu <http://dpd@uoc.edu>.
1 week, 3 days