openldap-technical

openldap-technical@openldap.org

9 participants
9866 discussions

deltasyncrepl in mirror node configuration
by Andreas Juretzka 11 Sep '20

11 Sep '20

Hi there, since I'm suspicious about some delays in between our master-master replication I'd like to ask you if it's possible to use deltasyncrepl with mirror node configuration? Our setup is two master in active passive mode behind an loadbalancer and several slaves. The deltasyncrepl works fine there. We only have sometimes problems with the active master to passive master replication. Especially when we have a lot of changes. The version is 2.4.50 running on debian 10. Thanks! Andreas -- Heinlein Support GmbH Schwedter Str. 8/9b, 10119 Berlin http://www.heinlein-support.de Tel: 030 / 405051-0 Fax: 030 / 405051-19 HRB 93818 B / Amtsgericht Berlin-Charlottenburg, Geschäftsführer: Peer Heinlein -- Sitz: Berlin

3 4

mdb and memory size...
by Frédéric Goudal 10 Sep '20

10 Sep '20

Hello, As I understand mdb database should be in memory. Is there a way to calculate the correct amount of memory that should be allocated to a server so the database fit with no swap ? I guess the maxsize attribute should be set to a correct value too.. Thanks in advance f.g.

3 4

memberof Overlay not showing in base search
by Umar Draz 10 Sep '20

10 Sep '20

Hi, I am running OpenLDAP server on Ubuntu 18. The memberOf attribute is not showing in ldap simple search, if I do the following then memberOf attribute is hidden. *ldapsearch -Y external -H ldapi:/// -b dc=example,dc=com* # udraz, Users, example.com <http://lablynx.com/> dn: uid=udraz,ou=Users,dc=example,dc=com objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount uid: udraz sn: Draz givenName: Umar mail: udraz(a)example.com cn: Umar Draz displayName: Umar Draz uidNumber: 5000 gidNumber: 5000 gecos: Umar Draz loginShell: /bin/bash homeDirectory: /home/udraz But if I do the following then memberOf attribute appear *ldapsearch -Y external -H ldapi:/// -b dc=example,dc=com memberOf* # udraz, Users, example.com dn: uid=udraz,ou=Users,dc=example,dc=com memberOf: cn=developers,ou=Users,dc=example,dc=com Would you please help me how to solve this

7 8

LDAP Tool Box packages (was: OpenLDAP 2.4.53 available)
by Clément OUDOT 09 Sep '20

09 Sep '20

Le lun. 7 sept. 2020 à 17:37, <project(a)openldap.org> a écrit : > > OpenLDAP 2.4.53 is now available for download as detailed on our download page: > > https://www.openldap.org/software/download/ LTB packages for OpenLDAP 2.4.53 are also available: https://projects.ow2.org/view/ldaptoolbox/ltb-openldap-2-4-53-packages-rele… Clément.

1 0

mdb_opinfo_get: err MDB_READERS_FULL: Environment maxreaders limit reached(-30790)
by Christopher Paul 08 Sep '20

08 Sep '20

Hello OpenLDAP-Technical, I am running slamd tests against OpenLDAP 2.4.44 (RHEL7; client is RHEL shop so stuck for now at this version). I realize that olcThreads: 128 is probably overkill for most systems, but when I tried it, I got the captioned error. The max that olcThreads can be set to it seems is 128 minus the number of syncrepls you have. Otherwise it looks like that with enough client connections, this error will happen, and operations will fail err=80 (internal error). -- Chris Paul Rex Consulting, Inc https://www.rexconsulting.net

2 2

acl for attrs with regex
by Stefan Kania 08 Sep '20

08 Sep '20

Hello, I would like to set ACLs to a bunch of attributes via ACL. Is it possible to use regular expressions in the <what>x field for attrs, someting like access to attrs.regex=[a.*] by ..... read by * break I couldn't figure it out :-( If it is possible could someone please write a short example Thank you Stefan

3 2

Segfault upgrading to OpenLDAP 2.5.52 from 2.4.50 with curse form the past
by Francesco Malvezzi 07 Sep '20

07 Sep '20

hi experts, good morning you all. My OpenLDAP milieu is a two providers in mirrormode and a few consumers. They are all at version 2.4.50. A few days ago I have tried to upgrade to 2.4.52 a couple of consumers. After a while slapd seg faults; in order to let it start again I need a full sync; but after sometime it stops again. Rolling back to 2.4.50 sets everything fine again. I noticed I didn't read the release note in version 2.4.50 that said I would need to export / import the database if I have been using ppolicy in those time and had changed pwdChangedTime with Relax control (both apply to my setup). Do I need to perform the export / import on the providers first? If providers have a clean database, does syncrepl take care to clean databases on consumers without further export / import? Can my present segfault be linked to the above issue? Or should have it called its toll before? Thank you so much for your time, Francesco

3 3

Symas OpenLDAP for Linux RHEL7 & RHEL8 2.4.53-1 now available
by Quanah Gibson-Mount 07 Sep '20

07 Sep '20

Symas OpenLDAP for Linux on RHEL7 and RHEL8 for OpenLDAP 2.4.53-1 are now available. As previously noted, the RHEL8 packages differ from the Red Hat packages in that they do not contain Red Hat's patch violating RFC 4513 and RFC 6125. Regards, Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>

1 0

groupOfNames vs. groupOfUniqueNames
by Olaf Hopp 07 Sep '20

07 Sep '20

Hi everybody, we are at the point of reorganising our LDAP. Currently we only have posixGroups, but in future we also want to support groupOfNames or groupOfUniqueNames My question what is the common sense of usage ? groupOfNames or groupOfUniqueNames ? I know your answers, you will say "it depends on your applications" but currently I have no application using it. All my current applications use my posixGroups. I just want to extend my LDAP for future use cases. So what to take : groupOf Names or groupOfUniqueNames besides posixGroup ? Regards, Olaf -- Karlsruher Institut für Technologie (KIT) ATIS - Abt. Technische Infrastruktur, Fakultät für Informatik Dipl.-Geophys. Olaf Hopp - Leitung IT-Dienste - Am Fasanengarten 5, Gebäude 50.34, Raum 009 76131 Karlsruhe Telefon: +49 721 608-43973 Fax: +49 721 608-46699 E-Mail: Olaf.Hopp(a)kit.edu atis.informatik.kit.edu www.kit.edu KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft Das KIT ist seit 2010 als familiengerechte Hochschule zertifiziert.

5 7

Multiple LDAP admins
by Tayyab Saeed 07 Sep '20

07 Sep '20

Dear LDAP guys / Quanah, I want to create another LDAP administrative account with same or limited privileges. Kindly guide me or share any link which help to achieve the above goal. Thanks, Tayyab Saeed

3 4

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

openldap-technical