Hi,
I am trying to set up a syncrepl consumer. I have done this a number of times without any problem.
The consumer seems to be connecting via TLS to the producer and authenticating but the consumer directory never gets populated.
Here is the log from the producer:
Nov 22 19:19:57 anubis slapd[24088]: slap_listener_activate(7): Nov 22 19:19:57 anubis slapd[24088]: >>> slap_listener(ldap://) Nov 22 19:19:57 anubis slapd[24088]: conn=1026 fd=15 ACCEPT from IP=172.20.150.141:38831 (IP=0.0.0.0:389) Nov 22 19:19:57 anubis slapd[24088]: connection_get(15) Nov 22 19:19:57 anubis slapd[24088]: connection_get(15): got connid=1026 Nov 22 19:19:57 anubis slapd[24088]: connection_read(15): checking for input on id=1026 Nov 22 19:19:57 anubis slapd[24088]: op tag 0x77, time 1290471597 Nov 22 19:19:57 anubis slapd[24088]: conn=1026 op=0 do_extended Nov 22 19:19:57 anubis slapd[24088]: conn=1026 op=0 EXT oid=1.3.6.1.4.1.1466.20037 Nov 22 19:19:57 anubis slapd[24088]: do_extended: oid=1.3.6.1.4.1.1466.20037 Nov 22 19:19:57 anubis slapd[24088]: conn=1026 op=0 STARTTLS Nov 22 19:19:57 anubis slapd[24088]: send_ldap_extended: err=0 oid= len=0 Nov 22 19:19:57 anubis slapd[24088]: send_ldap_response: msgid=1 tag=120 err=0 Nov 22 19:19:57 anubis slapd[24088]: conn=1026 op=0 RESULT oid= err=0 text= Nov 22 19:19:58 anubis slapd[24088]: connection_get(15) Nov 22 19:19:58 anubis slapd[24088]: connection_get(15): got connid=1026 Nov 22 19:19:58 anubis slapd[24088]: connection_read(15): checking for input on id=1026 Nov 22 19:19:58 anubis slapd[24088]: connection_get(15) Nov 22 19:19:58 anubis slapd[24088]: connection_get(15): got connid=1026 Nov 22 19:19:58 anubis slapd[24088]: connection_read(15): checking for input on id=1026 Nov 22 19:19:58 anubis slapd[24088]: connection_read(15): unable to get TLS client DN, error=49 id=1026 Nov 22 19:19:58 anubis slapd[24088]: conn=1026 fd=15 TLS established tls_ssf=256 ssf=256 Nov 22 19:19:58 anubis slapd[24088]: connection_get(15) Nov 22 19:19:58 anubis slapd[24088]: connection_get(15): got connid=1026 Nov 22 19:19:58 anubis slapd[24088]: connection_read(15): checking for input on id=1026 Nov 22 19:19:58 anubis slapd[24088]: op tag 0x60, time 1290471598 Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=1 do_bind Nov 22 19:19:58 anubis slapd[24088]: >>> dnPrettyNormal: <uid=syncrepl,ou=system,dc=ls,dc=cbn> Nov 22 19:19:58 anubis slapd[24088]: <<< dnPrettyNormal: <uid=syncrepl,ou=system,dc=ls,dc=cbn>, <uid=syncrepl,ou=system,dc=ls,dc=cbn> Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=1 BIND dn="uid=syncrepl,ou=system,dc=ls,dc=cbn" method=128 Nov 22 19:19:58 anubis slapd[24088]: do_bind: version=3 dn="uid=syncrepl,ou=system,dc=ls,dc=cbn" method=128 Nov 22 19:19:58 anubis slapd[24088]: ==> hdb_bind: dn: uid=syncrepl,ou=system,dc=ls,dc=cbn Nov 22 19:19:58 anubis slapd[24088]: bdb_dn2entry("uid=syncrepl,ou=system,dc=ls,dc=cbn") Nov 22 19:19:58 anubis slapd[24088]: => access_allowed: result not in cache (userPassword) Nov 22 19:19:58 anubis slapd[24088]: => access_allowed: auth access to "uid=syncrepl,ou=system,dc=ls,dc=cbn" "userPassword" requested Nov 22 19:19:58 anubis slapd[24088]: => acl_get: [2] attr userPassword Nov 22 19:19:58 anubis slapd[24088]: => acl_mask: access to entry "uid=syncrepl,ou=system,dc=ls,dc=cbn", attr "userPassword" requested Nov 22 19:19:58 anubis slapd[24088]: => acl_mask: to value by "", (=0) Nov 22 19:19:58 anubis slapd[24088]: <= check a_dn_pat: uid=syncrepl,ou=system,dc=ls,dc=cbn Nov 22 19:19:58 anubis slapd[24088]: <= check a_dn_pat: * Nov 22 19:19:58 anubis slapd[24088]: <= acl_mask: [2] applying +0 (break) Nov 22 19:19:58 anubis slapd[24088]: <= acl_mask: [2] mask: =0 Nov 22 19:19:58 anubis slapd[24088]: => acl_get: [3] attr userPassword Nov 22 19:19:58 anubis slapd[24088]: => acl_mask: access to entry "uid=syncrepl,ou=system,dc=ls,dc=cbn", attr "userPassword" requested Nov 22 19:19:58 anubis slapd[24088]: => acl_mask: to value by "", (=0) Nov 22 19:19:58 anubis slapd[24088]: <= check a_dn_pat: self Nov 22 19:19:58 anubis slapd[24088]: <= check a_dn_pat: * Nov 22 19:19:58 anubis slapd[24088]: <= acl_mask: [2] applying auth(=xd) (stop) Nov 22 19:19:58 anubis slapd[24088]: <= acl_mask: [2] mask: auth(=xd) Nov 22 19:19:58 anubis slapd[24088]: => slap_access_allowed: auth access granted by auth(=xd) Nov 22 19:19:58 anubis slapd[24088]: => access_allowed: auth access granted by auth(=xd) Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=1 BIND dn="uid=syncrepl,ou=system,dc=ls,dc=cbn" mech=SIMPLE ssf=0 Nov 22 19:19:58 anubis slapd[24088]: do_bind: v3 bind: "uid=syncrepl,ou=system,dc=ls,dc=cbn" to "uid=syncrepl,ou=system,dc=ls,dc=cbn" Nov 22 19:19:58 anubis slapd[24088]: send_ldap_result: conn=1026 op=1 p=3 Nov 22 19:19:58 anubis slapd[24088]: send_ldap_result: err=0 matched="" text="" Nov 22 19:19:58 anubis slapd[24088]: send_ldap_response: msgid=2 tag=97 err=0 Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=1 RESULT tag=97 err=0 text= Nov 22 19:19:58 anubis slapd[24088]: connection_get(15) Nov 22 19:19:58 anubis slapd[24088]: connection_get(15): got connid=1026 Nov 22 19:19:58 anubis slapd[24088]: connection_read(15): checking for input on id=1026 Nov 22 19:19:58 anubis slapd[24088]: op tag 0x63, time 1290471598 Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=2 do_search Nov 22 19:19:58 anubis slapd[24088]: >>> dnPrettyNormal: <dc=ls,dc=cbn> Nov 22 19:19:58 anubis slapd[24088]: <<< dnPrettyNormal: <dc=ls,dc=cbn>, <dc=ls,dc=cbn> Nov 22 19:19:58 anubis slapd[24088]: SRCH "dc=ls,dc=cbn" 2 0 Nov 22 19:19:58 anubis slapd[24088]: 0 0 0 Nov 22 19:19:58 anubis slapd[24088]: filter: (objectClass=*) Nov 22 19:19:58 anubis slapd[24088]: => get_ctrls Nov 22 19:19:58 anubis slapd[24088]: => get_ctrls: oid="1.3.6.1.4.1.4203.1.9.1.1" (noncritical) Nov 22 19:19:58 anubis slapd[24088]: => get_ctrls: oid="2.16.840.1.113730.3.4.2" (critical) Nov 22 19:19:58 anubis slapd[24088]: <= get_ctrls: n=2 rc=0 err="" Nov 22 19:19:58 anubis slapd[24088]: attrs: Nov 22 19:19:58 anubis slapd[24088]: * Nov 22 19:19:58 anubis slapd[24088]: + Nov 22 19:19:58 anubis slapd[24088]: Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=2 SRCH base="dc=ls,dc=cbn" scope=2 deref=0 filter="(objectClass=*)" Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=2 SRCH attr=* + Nov 22 19:19:58 anubis slapd[24088]: ==> limits_get: conn=1026 op=2 self="uid=syncrepl,ou=system,dc=ls,dc=cbn" this="dc=ls,dc=cbn" Nov 22 19:19:58 anubis slapd[24088]: <== limits_get: type=DN match=EXACT dn="uid=syncrepl,ou=system,dc=ls,dc=cbn" Nov 22 19:19:58 anubis slapd[24088]: send_ldap_result: conn=1026 op=2 p=3 Nov 22 19:19:58 anubis slapd[24088]: send_ldap_result: err=0 matched="" text="" Nov 22 19:19:58 anubis slapd[24088]: send_ldap_response: msgid=3 tag=101 err=0 Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text= Nov 22 19:19:58 anubis slapd[24088]: connection_get(15) Nov 22 19:19:58 anubis slapd[24088]: connection_get(15): got connid=1026 Nov 22 19:19:58 anubis slapd[24088]: connection_read(15): checking for input on id=1026 Nov 22 19:19:58 anubis slapd[24088]: op tag 0x42, time 1290471598 Nov 22 19:19:58 anubis slapd[24088]: ber_get_next on fd 15 failed errno=0 (Success) Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=3 do_unbind Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=3 UNBIND Nov 22 19:19:58 anubis slapd[24088]: connection_close: conn=1026 sd=15 Nov 22 19:19:58 anubis slapd[24088]: conn=1026 fd=15 closed
Here is the log from the consumer:
Nov 22 18:22:49 mgaauth1 slapd[12587]: daemon: shutdown requested and initiated. Nov 22 18:22:49 mgaauth1 slapd[12587]: slapd shutdown: waiting for 0 operations/tasks to finish Nov 22 18:22:49 mgaauth1 slapd[12587]: slapd shutdown: initiated Nov 22 18:22:49 mgaauth1 slapd[12587]: ====> bdb_cache_release_all Nov 22 18:22:49 mgaauth1 slapd[12587]: slapd destroy: freeing system resources. Nov 22 18:22:49 mgaauth1 slapd[12587]: syncinfo_free: rid=001 Nov 22 18:22:49 mgaauth1 slapd[12587]: syncinfo_free: rid=002 Nov 22 18:22:49 mgaauth1 slapd[12587]: slapd stopped. Nov 22 18:22:52 mgaauth1 slapd[12638]: @(#) $OpenLDAP: slapd 2.4.20 (Jun 16 2010 10:21:06) $ abuild@anonymi:/usr/src/packages/BUILD/openldap-2.4.20/servers/slapd Nov 22 18:22:52 mgaauth1 slapd[12638]: daemon: IPv6 socket() failed errno=97 (Address family not supported by protocol) Nov 22 18:22:52 mgaauth1 slapd[12638]: daemon: IPv6 socket() failed errno=97 (Address family not supported by protocol) Nov 22 18:22:52 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/cn=schema.ldif" Nov 22 18:22:52 mgaauth1 slapd[12638]: => str2entry: "dn: cn=schema objectClass: olcSchemaConfig cn: schema structuralObjectClass: olcSchemaConfig entryUUID: 1a05f3b8-8ade-102f-8d02-5da984889200 creatorsName: cn=config createTimestamp: 20101122234350Z entryCSN: 20101122234350.437126Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20101122234350Z " Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn=schema> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn=schema>, <cn=schema> Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <= str2entry(cn=schema) -> 0x7ff49ab19758 Nov 22 18:22:52 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/cn=schema/cn={0}core.ldif" Nov 22 18:22:52 mgaauth1 slapd[12638]: => str2entry: "dn: cn={0}core objectClass: olcSchemaConfig cn: {0}core olcAttributeTypes: {0}( 2.5.4.2 NAME 'knowledgeInformation' DESC 'RFC2256: kno wledge information' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121. 1.15{32768} ) olcAttributeTypes: {1}( 2.5.4.4 NAME ( 'sn' 'surname' ) DESC 'RFC2256: last (f amily) name(s) for which the entity is known by' SUP name ) olcAttributeTypes: {2}( 2.5.4.5 NAME 'serialNumber' DESC 'RFC2256: serial numb er of the entity' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch S YNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} ) olcAttributeTypes: {3}( 2.5.4.6 NAME ( 'c' 'countryName' ) DESC 'RFC4519: two- letter ISO-3166 country code' SUP name SYNTAX 1.3.6.1.4.1.1466.115.121.1.11 S INGLE-VALUE ) olcAttributeTypes: {4}( 2.5.4.7 NAME ( 'l' 'localityName' ) DESC 'RFC2256: loc ality which this object resides in' SUP name ) olcAttributeTypes: {5}( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) DESC 'RFC2 256: state or province which this object resides in' SUP name ) olcAttributeTypes: {6}( 2.5.4.9 NAME ( 'street' 'streetAddress' ) DESC 'RFC225 6: street address of this object' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreS ubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) olcAttributeTypes: {7}( 2.5.4.10 NAME ( 'o' 'organizationName' ) DESC 'RFC2256 : organization this object belongs to' SUP name ) olcAttributeTypes: {8}( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) DESC ' RFC2256: organizational unit this object belongs to' SUP name ) olcAttributeTypes: {9}( 2.5.4.12 NAME 'title' DESC 'RFC2256: title associated with the entity' SUP name ) olcAttributeTypes: {10}( 2.5.4.14 NAME 'searchGuide' DESC 'RFC2256: search gui de, deprecated by enhancedSearchGuide' SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 ) olcAttributeTypes: {11}( 2.5.4.15 NAME 'businessCategory' DESC 'RFC2256: busin ess category' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTA X 1.3.6.1.4.1.1466.115.121.1.15{128} ) olcAttributeTypes: {12}( 2.5.4.16 NAME 'postalAddress' DESC 'RFC2256: postal a ddress' EQUALITY caseIgnoreListMatch SUBSTR caseIgnoreListSubstringsMatch SYN TAX 1.3.6.1.4.1.1466.115.121.1.41 ) olcAttributeTypes: {13}( 2.5.4.17 NAME 'postalCode' DESC 'RFC2256: postal code ' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4. 1.1466.115.121.1.15{40} ) olcAttributeTypes: {14}( 2.5.4.18 NAME 'postOfficeBox' DESC 'RFC2256: Post Off ice Box' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3 .6.1.4.1.1466.115.121.1.15{40} ) olcAttributeTypes: {15}( 2.5.4.19 NAME 'physicalDeliveryOfficeName' DESC 'RFC2 256: Physical Delivery Office Name' EQUALITY caseIgnoreMatch SUBSTR caseIgnor eSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) olcAttributeTypes: {16}( 2.5.4.20 NAME 'telephoneNumber' DESC 'RFC2256: Teleph one Number' EQUALITY telephoneNumberMatch SUBSTR telephoneNumberSubstringsMat ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} ) olcAttributeTypes: {17}( 2.5.4.21 NAME 'telexNumber' DESC 'RFC2256: Telex Numb er' SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 ) olcAttributeTypes: {18}( 2.5.4.22 NAME 'teletexTerminalIdentifier' DESC 'RFC22 56: Teletex Terminal Identifier' SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 ) olcAttributeTypes: {19}( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' ) DE SC 'RFC2256: Facsimile (Fax) Telephone Number' SYNTAX 1.3.6.1.4.1.1466.115.12 1.1.22 ) olcAttributeTypes: {20}( 2.5.4.24 NAME 'x121Address' DESC 'RFC2256: X.121 Addr ess' EQUALITY numericStringMatch SUBSTR numericStringSubstringsMatch SYNTAX 1 .3.6.1.4.1.1466.115.121.1.36{15} ) olcAttributeTypes: {21}( 2.5.4.25 NAME 'internationaliSDNNumber' DESC 'RFC2256 : international ISDN number' EQUALITY numericStringMatch SUBSTR numericString SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} ) olcAttributeTypes: {22}( 2.5.4.26 NAME 'registeredAddress' DESC 'RFC2256: regi stered postal address' SUP postalAddress SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) olcAttributeTypes: {23}( 2.5.4.27 NAME 'destinationIndicator' DESC 'RFC2256: d estination indicator' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMat ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} ) olcAttributeTypes: {24}( 2.5.4.28 NAME 'preferredDeliveryMethod' DESC 'RFC2256 : preferred delivery method' SYNTAX 1.3.6.1.4.1.1466.115.121.1.14 SINGLE-VALU E ) olcAttributeTypes: {25}( 2.5.4.29 NAME 'presentationAddress' DESC 'RFC2256: pr esentation address' EQUALITY presentationAddressMatch SYNTAX 1.3.6.1.4.1.1466 .115.121.1.43 SINGLE-VALUE ) olcAttributeTypes: {26}( 2.5.4.30 NAME 'supportedApplicationContext' DESC 'RFC 2256: supported application context' EQUALITY objectIdentifierMatch SYNTAX 1. 3.6.1.4.1.1466.115.121.1.38 ) olcAttributeTypes: {27}( 2.5.4.31 NAME 'member' DESC 'RFC2256: member of a gro up' SUP distinguishedName ) olcAttributeTypes: {28}( 2.5.4.32 NAME 'owner' DESC 'RFC2256: owner (of the ob ject)' SUP distinguishedName ) olcAttributeTypes: {29}( 2.5.4.33 NAME 'roleOccupant' DESC 'RFC2256: occupant of role' SUP distinguishedName ) olcAttributeTypes: {30}( 2.5.4.36 NAME 'userCertificate' DESC 'RFC2256: X.509 user certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX 1.3.6.1. 4.1.1466.115.121.1.8 ) olcAttributeTypes: {31}( 2.5.4.37 NAME 'cACertificate' DESC 'RFC2256: X.509 CA certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX 1.3.6.1.4.1. 1466.115.121.1.8 ) olcAttributeTypes: {32}( 2.5.4.38 NAME 'authorityRevocationList' DESC 'RFC2256 : X.509 authority revocation list, use ;binary' SYNTAX 1.3.6.1.4.1.1466.115.1 21.1.9 ) olcAttributeTypes: {33}( 2.5.4.39 NAME 'certificateRevocationList' DESC 'RFC22 56: X.509 certificate revocation list, use ;binary' SYNTAX 1.3.6.1.4.1.1466.1 15.121.1.9 ) olcAttributeTypes: {34}( 2.5.4.40 NAME 'crossCertificatePair' DESC 'RFC2256: X .509 cross certificate pair, use ;binary' SYNTAX 1.3.6.1.4.1.1466.115.121.1.1 0 ) olcAttributeTypes: {35}( 2.5.4.42 NAME ( 'givenName' 'gn' ) DESC 'RFC2256: fir st name(s) for which the entity is known by' SUP name ) olcAttributeTypes: {36}( 2.5.4.43 NAME 'initials' DESC 'RFC2256: initials of s ome or all of names, but not the surname(s).' SUP name ) olcAttributeTypes: {37}( 2.5.4.44 NAME 'generationQualifier' DESC 'RFC2256: na me qualifier indicating a generation' SUP name ) olcAttributeTypes: {38}( 2.5.4.45 NAME 'x500UniqueIdentifier' DESC 'RFC2256: X .500 unique identifier' EQUALITY bitStringMatch SYNTAX 1.3.6.1.4.1.1466.115.1 21.1.6 ) olcAttributeTypes: {39}( 2.5.4.46 NAME 'dnQualifier' DESC 'RFC2256: DN qualifi er' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgno reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) olcAttributeTypes: {40}( 2.5.4.47 NAME 'enhancedSearchGuide' DESC 'RFC2256: en hanced search guide' SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 ) olcAttributeTypes: {41}( 2.5.4.48 NAME 'protocolInformation' DESC 'RFC2256: pr otocol information' EQUALITY protocolInformationMatch SYNTAX 1.3.6.1.4.1.1466 .115.121.1.42 ) olcAttributeTypes: {42}( 2.5.4.50 NAME 'uniqueMember' DESC 'RFC2256: unique me mber of a group' EQUALITY uniqueMemberMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1 .34 ) olcAttributeTypes: {43}( 2.5.4.51 NAME 'houseIdentifier' DESC 'RFC2256: house identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) olcAttributeTypes: {44}( 2.5.4.52 NAME 'supportedAlgorithms' DESC 'RFC2256: su pported algorithms' SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 ) olcAttributeTypes: {45}( 2.5.4.53 NAME 'deltaRevocationList' DESC 'RFC2256: de lta revocation list; use ;binary' SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) olcAttributeTypes: {46}( 2.5.4.54 NAME 'dmdName' DESC 'RFC2256: name of DMD' S UP name ) olcAttributeTypes: {47}( 2.5.4.65 NAME 'pseudonym' DESC 'X.520(4th): pseudonym for the object' SUP name ) olcAttributeTypes: {48}( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbo x' ) DESC 'RFC1274: RFC822 Mailbox' EQUALITY caseIgnoreIA5Match SUBSTR ca seIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) olcAttributeTypes: {49}( 0.9.234 Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn={0}core> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn={0}core>, <cn={0}core> Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <= str2entry(cn={0}core) -> 0x7ff49ab19758 Nov 22 18:22:52 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/cn=schema/cn={1}cosine.ldif" Nov 22 18:22:52 mgaauth1 slapd[12638]: => str2entry: "dn: cn={1}cosine objectClass: olcSchemaConfig cn: {1}cosine olcAttributeTypes: {0}( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1. 1466.115.121.1.15{256} ) olcAttributeTypes: {1}( 0.9.2342.19200300.100.1.4 NAME 'info' DESC 'RFC1274: g eneral information' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} ) olcAttributeTypes: {2}( 0.9.2342.19200300.100.1.5 NAME ( 'drink' 'favouriteDri nk' ) DESC 'RFC1274: favorite drink' EQUALITY caseIgnoreMatch SUBSTR caseIgno reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {3}( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' DESC 'RFC1 274: room number' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch S YNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {4}( 0.9.2342.19200300.100.1.7 NAME 'photo' DESC 'RFC1274: photo (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} ) olcAttributeTypes: {5}( 0.9.2342.19200300.100.1.8 NAME 'userClass' DESC 'RFC12 74: category of user' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMat ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {6}( 0.9.2342.19200300.100.1.9 NAME 'host' DESC 'RFC1274: h ost computer' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTA X 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {7}( 0.9.2342.19200300.100.1.10 NAME 'manager' DESC 'RFC127 4: DN of manager' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115 .121.1.12 ) olcAttributeTypes: {8}( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier' D ESC 'RFC1274: unique identifier of document' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {9}( 0.9.2342.19200300.100.1.12 NAME 'documentTitle' DESC ' RFC1274: title of document' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstri ngsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {10}( 0.9.2342.19200300.100.1.13 NAME 'documentVersion' DES C 'RFC1274: version of document' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSu bstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {11}( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor' DESC 'RFC1274: DN of author of document' EQUALITY distinguishedNameMatch SYNTAX 1 .3.6.1.4.1.1466.115.121.1.12 ) olcAttributeTypes: {12}( 0.9.2342.19200300.100.1.15 NAME 'documentLocation' DE SC 'RFC1274: location of document original' EQUALITY caseIgnoreMatch SUBSTR c aseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {13}( 0.9.2342.19200300.100.1.20 NAME ( 'homePhone' 'homeTe lephoneNumber' ) DESC 'RFC1274: home telephone number' EQUALITY telephoneNumb erMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121 .1.50 ) olcAttributeTypes: {14}( 0.9.2342.19200300.100.1.21 NAME 'secretary' DESC 'RFC 1274: DN of secretary' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.146 6.115.121.1.12 ) olcAttributeTypes: {15}( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox' SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 ) olcAttributeTypes: {16}( 0.9.2342.19200300.100.1.26 NAME 'aRecord' EQUALITY ca seIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) olcAttributeTypes: {17}( 0.9.2342.19200300.100.1.27 NAME 'mDRecord' EQUALITY c aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) olcAttributeTypes: {18}( 0.9.2342.19200300.100.1.28 NAME 'mXRecord' EQUALITY c aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) olcAttributeTypes: {19}( 0.9.2342.19200300.100.1.29 NAME 'nSRecord' EQUALITY c aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) olcAttributeTypes: {20}( 0.9.2342.19200300.100.1.30 NAME 'sOARecord' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) olcAttributeTypes: {21}( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord' EQUALIT Y caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) olcAttributeTypes: {22}( 0.9.2342.19200300.100.1.38 NAME 'associatedName' DESC 'RFC1274: DN of entry associated with domain' EQUALITY distinguishedNameMatc h SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) olcAttributeTypes: {23}( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress' D ESC 'RFC1274: home postal address' EQUALITY caseIgnoreListMatch SUBSTR caseIg noreListSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) olcAttributeTypes: {24}( 0.9.2342.19200300.100.1.40 NAME 'personalTitle' DESC 'RFC1274: personal title' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstring sMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {25}( 0.9.2342.19200300.100.1.41 NAME ( 'mobile' 'mobileTel ephoneNumber' ) DESC 'RFC1274: mobile telephone number' EQUALITY telephoneNum berMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.12 1.1.50 ) olcAttributeTypes: {26}( 0.9.2342.19200300.100.1.42 NAME ( 'pager' 'pagerTelep honeNumber' ) DESC 'RFC1274: pager telephone number' EQUALITY telephoneNumber Match SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1 .50 ) olcAttributeTypes: {27}( 0.9.2342.19200300.100.1.43 NAME ( 'co' 'friendlyCount ryName' ) DESC 'RFC1274: friendly country name' EQUALITY caseIgnoreMatch SUBS TR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) olcAttributeTypes: {28}( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier' DE SC 'RFC1274: unique identifer' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.14 66.115.121.1.15{256} ) olcAttributeTypes: {29}( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus ' DESC 'RFC1274: organizational status' EQUALITY caseIgnoreMatch SUBSTR caseI gnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {30}( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox' DESC ' RFC1274: Janet mailbox' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5Subst ringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) olcAttributeTypes: {31}( 0.9.2342.19200300.100.1.47 NAME 'mailPreferenceOption ' DESC 'RFC1274: mail preference option' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) olcAttributeTypes: {32}( 0.9.2342.19200300.100.1.48 NAME 'buildingName' DESC ' RFC1274: name of building' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstrin gsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {33}( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality' DESC 'RF C1274: DSA Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 SINGLE-VALUE ) olcAttributeTypes: {34}( 0.9.2342.19200300.100.1.50 NAME 'singleLevelQuality' DESC 'RFC1274: Single Level Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SIN GLE-VALUE ) olcAttributeTypes: {35}( 0.9.2342.19200300.100.1.51 NAME 'subtreeMinimumQualit y' DESC 'RFC1274: Subtree Mininum Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1. 13 SINGLE-VALUE ) olcAttributeTypes: {36}( 0.9.2342.19200300.100.1.52 NAME 'subtreeMaximumQualit y' DESC 'RFC1274: Subtree Maximun Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1. 13 SINGLE-VALUE ) olcAttributeTypes: {37}( 0.9.2342.19200300.100.1.53 NAME 'personalSignature' D ESC 'RFC1274: Personal Signature (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1. 23 ) olcAttributeTypes: {38}( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect' DESC 'R FC1274: DIT Redirect' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466 .115.121.1.12 ) olcAttributeTypes: {39}( 0.9.2342.19200300.100.1.55 NAME 'audio' DESC 'RFC1274 : audio (u-law)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} ) olcAttributeTypes: {40}( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher' D ESC 'RFC1274: publisher of document' EQUALITY caseIgnoreMatch SUBSTR caseIgno reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) olcObjectClasses: {0}( 0.9.2342.19200300.100.4.4 NAME ( 'pilotPerson' 'newPilo tPerson' ) SUP person STRUCTURAL MAY ( userid $ textEncodedORAddress $ rfc822 Mailbox $ favouriteDrink $ roomNumber $ userClass $ homeTelephoneNumber $ hom ePostalAddress $ secretary $ personalTitle $ preferredDeliveryMethod $ busine ssCategory $ janetMailbox $ otherMailbox $ mobileTelephoneNumber $ pagerTelep hone Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn={1}cosine> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn={1}cosine>, <cn={1}cosine> Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <= str2entry(cn={1}cosine) -> 0x7ff49ab19758 Nov 22 18:22:52 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/cn=schema/cn={2}inetorgperson.ldif" Nov 22 18:22:52 mgaauth1 slapd[12638]: => str2entry: "dn: cn={2}inetorgperson objectClass: olcSchemaConfig cn: {2}inetorgperson olcAttributeTypes: {0}( 2.16.840.1.113730.3.1.1 NAME 'carLicense' DESC 'RFC279 8: vehicle license or registration plate' EQUALITY caseIgnoreMatch SUBSTR cas eIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) olcAttributeTypes: {1}( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber' DESC ' RFC2798: identifies a department within an organization' EQUALITY caseIgnoreM atch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) olcAttributeTypes: {2}( 2.16.840.1.113730.3.1.241 NAME 'displayName' DESC 'RFC 2798: preferred name to be used when displaying entries' EQUALITY caseIgnoreM atch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SI NGLE-VALUE ) olcAttributeTypes: {3}( 2.16.840.1.113730.3.1.3 NAME 'employeeNumber' DESC 'RF C2798: numerically identifies an employee within an organization' EQUALITY ca seIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.12 1.1.15 SINGLE-VALUE ) olcAttributeTypes: {4}( 2.16.840.1.113730.3.1.4 NAME 'employeeType' DESC 'RFC2 798: type of employment for a person' EQUALITY caseIgnoreMatch SUBSTR caseIgn oreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) olcAttributeTypes: {5}( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto' DESC 'RFC2 798: a JPEG image' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 ) olcAttributeTypes: {6}( 2.16.840.1.113730.3.1.39 NAME 'preferredLanguage' DESC 'RFC2798: preferred written or spoken language for a person' EQUALITY caseIg noreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1. 15 SINGLE-VALUE ) olcAttributeTypes: {7}( 2.16.840.1.113730.3.1.40 NAME 'userSMIMECertificate' D ESC 'RFC2798: PKCS#7 SignedData used to support S/MIME' SYNTAX 1.3.6.1.4.1.14 66.115.121.1.5 ) olcAttributeTypes: {8}( 2.16.840.1.113730.3.1.216 NAME 'userPKCS12' DESC 'RFC2 798: personal identity information, a PKCS #12 PFX' SYNTAX 1.3.6.1.4.1.1466.1 15.121.1.5 ) olcObjectClasses: {0}( 2.16.840.1.113730.3.2.2 NAME 'inetOrgPerson' DESC 'RFC2 798: Internet Organizational Person' SUP organizationalPerson STRUCTURAL MAY ( audio $ businessCategory $ carLicense $ departmentNumber $ displayName $ em ployeeNumber $ employeeType $ givenName $ homePhone $ homePostalAddress $ ini tials $ jpegPhoto $ labeledURI $ mail $ manager $ mobile $ o $ pager $ photo $ roomNumber $ secretary $ uid $ userCertificate $ x500uniqueIdentifier $ pre ferredLanguage $ userSMIMECertificate $ userPKCS12 ) ) structuralObjectClass: olcSchemaConfig entryUUID: 1a06766c-8ade-102f-8d05-5da984889200 creatorsName: cn=config createTimestamp: 20101122234350Z entryCSN: 20101122234350.440473Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20101122234350Z " Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn={2}inetorgperson> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn={2}inetorgperson>, <cn={2}inetorgperson> Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <= str2entry(cn={2}inetorgperson) -> 0x7ff49ab19758 Nov 22 18:22:53 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/cn=schema/cn={3}rfc2307bis.ldif" Nov 22 18:22:53 mgaauth1 slapd[12638]: => str2entry: "dn: cn={3}rfc2307bis objectClass: olcSchemaConfig cn: {3}rfc2307bis olcAttributeTypes: {0}( 1.3.6.1.1.1.1.2 NAME 'gecos' DESC 'The GECOS field; th e common name' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatc h SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) olcAttributeTypes: {1}( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' DESC 'The absolut e path to the home directory' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1 466.115.121.1.26 SINGLE-VALUE ) olcAttributeTypes: {2}( 1.3.6.1.1.1.1.4 NAME 'loginShell' DESC 'The path to th e login shell' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.2 6 SINGLE-VALUE ) olcAttributeTypes: {3}( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange' EQUALITY integ erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {4}( 1.3.6.1.1.1.1.6 NAME 'shadowMin' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {5}( 1.3.6.1.1.1.1.7 NAME 'shadowMax' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {6}( 1.3.6.1.1.1.1.8 NAME 'shadowWarning' EQUALITY integerM atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {7}( 1.3.6.1.1.1.1.9 NAME 'shadowInactive' EQUALITY integer Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {8}( 1.3.6.1.1.1.1.10 NAME 'shadowExpire' EQUALITY integerM atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {9}( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' EQUALITY integerMat ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {10}( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY caseExactI A5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) olcAttributeTypes: {11}( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup' EQUALITY ca seExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.11 5.121.1.26 ) olcAttributeTypes: {12}( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' DESC 'Netgr oup triple' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) olcAttributeTypes: {13}( 1.3.6.1.1.1.1.15 NAME 'ipServicePort' DESC 'Service p ort number' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE -VALUE ) olcAttributeTypes: {14}( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol' DESC 'Servi ce protocol name' SUP name ) olcAttributeTypes: {15}( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber' DESC 'IP pro tocol number' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SING LE-VALUE ) olcAttributeTypes: {16}( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber' DESC 'ONC RPC nu mber' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {17}( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber' DESC 'IPv4 addre sses as a dotted decimal omitting leading zeros or IPv6 addresses as de fined in RFC2373' SUP name ) olcAttributeTypes: {18}( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber' DESC 'IP netw ork as a dotted decimal, eg. 192.168, omitting leading zeros' SUP name SINGLE-VALUE ) olcAttributeTypes: {19}( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber' DESC 'IP netm ask as a dotted decimal, eg. 255.255.255.0, omitting leading zeros' EQU ALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) olcAttributeTypes: {20}( 1.3.6.1.1.1.1.22 NAME 'macAddress' DESC 'MAC address in maximal, colon separated hex notation, eg. 00:00:92:90:ee:e2' EQUALI TY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) olcAttributeTypes: {21}( 1.3.6.1.1.1.1.23 NAME 'bootParameter' DESC 'rpc.bootp aramd parameter' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1 .26 ) olcAttributeTypes: {22}( 1.3.6.1.1.1.1.24 NAME 'bootFile' DESC 'Boot image nam e' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) olcAttributeTypes: {23}( 1.3.6.1.1.1.1.26 NAME 'nisMapName' DESC 'Name of a A generic NIS map' SUP name ) olcAttributeTypes: {24}( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry' DESC 'A generic N IS entry' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTA X 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) olcAttributeTypes: {25}( 1.3.6.1.1.1.1.28 NAME 'nisPublicKey' DESC 'NIS public key' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-V ALUE ) olcAttributeTypes: {26}( 1.3.6.1.1.1.1.29 NAME 'nisSecretKey' DESC 'NIS secret key' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-V ALUE ) olcAttributeTypes: {27}( 1.3.6.1.1.1.1.30 NAME 'nisDomain' DESC 'NIS domain' E QUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26) olcAttributeTypes: {28}( 1.3.6.1.1.1.1.31 NAME 'automountMapName' DESC 'automo unt Map Name' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch S YNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) olcAttributeTypes: {29}( 1.3.6.1.1.1.1.32 NAME 'automountKey' DESC 'Automount Key value' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNT AX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) olcAttributeTypes: {30}( 1.3.6.1.1.1.1.33 NAME 'automountInformation' DESC 'Au tomount information' EQUALITY caseExactIA5Match SUBSTR caseExactIA5Substrings Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) olcObjectClasses: {0}( 1.3.6.1.1.1.2.0 NAME 'posixAccount' SUP top AUXILIARY D ESC 'Abstraction of an account with POSIX attributes' MUST ( cn $ uid $ uidNu mber $ gidNumber $ homeDirectory ) MAY ( userPassword $ loginShell $ gecos $ description ) ) olcObjectClasses: {1}( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' SUP top AUXILIARY DESC 'Additional attributes for shadow passwords' MUST uid MAY ( userPassword $ description $ shadowLastChange $ shadowMin $ shadowMax $ shado wWarning $ shadowInactive $ shadowExpire $ shadowFlag ) ) olcObjectClasses: {2}( 1.3.6.1.1.1.2.2 NAME 'posixGroup' SUP top AUXILIARY DES C 'Abstraction of a group of accounts' MUST gidNumber MAY ( userPassword $ me mberUid $ description ) ) olcObjectClasses: {3}( 1.3.6.1.1.1.2.3 NAME 'ipService' SUP top STRUCTURAL DES C 'Abstraction an Internet Protocol service. Maps an IP port and protoc ol (such as tcp or udp) to one or more names; the distinguished value o f the cn attribute denotes the services canonical name' MUST ( cn $ ipServicePort $ ipServiceProtocol ) MAY description ) olcObjectClasses: {4}( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' SUP top STRUCTURAL DE SC 'Abstraction of an IP protocol. Maps a protocol number to one or mor e names. The distinguished value of the cn attribute denotes the protoc ols canonical name' MUST ( cn $ ipProtocolNumber ) MAY description ) olcObjectClasses: {5}( 1.3.6.1.1.1.2.5 NAME 'oncRpc' SUP top STRUCTURAL DESC ' Abstraction of an Open Network Computing (ONC) [RFC1057] Remote Procedur e Call (RPC) binding. This class maps an ONC RPC number to a name. The distinguished value of the cn attribute denotes the RPC services can onical name' MUST ( cn $ oncRpcNumber ) MAY description ) olcObjectClasses: {6}( 1.3.6.1.1.1.2.6 NAME 'ipHost' SUP top AUXILIARY DESC 'A bstraction of a host, an IP device. The distinguished value of the cn a ttribute denotes the hosts canonical name. Device SHOULD be used as a s tructural class' MUST ( cn $ ipHostNumber ) MAY ( userPassword $ l $ descript ion $ manager ) ) olcObjectClasses: {7}( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' SUP top STRUCTURAL DES C 'Abstraction of a network. The distinguished value of the cn attribut e denotes the networks canonical name' MUST ipNetworkNumber MAY ( cn $ ipNetm askNumber $ l $ description $ manager ) ) olcObjectClasses: {8}( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' SUP top STRUCTURAL D ESC 'Abstraction of a netgroup. May refer to other netgroups' MUST cn MAY ( n isNetgroupTriple $ memberNisNetgroup $ description ) ) olcObjectClasses: {9}( 1.3.6.1.1.1.2.9 NAME 'nisMap' SUP top STRUCTURAL DESC ' A generic abstraction of a NIS map' MUST nisMapName MAY description ) olcObjectClasses: {10}( 1.3.6.1.1.1.2.10 NAME 'nisObject' SUP top STRUCTURAL D ESC 'An entry in a NIS map' MUST ( cn $ nisMapE Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn={3}rfc2307bis> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn={3}rfc2307bis>, <cn={3}rfc2307bis> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <= str2entry(cn={3}rfc2307bis) -> 0x7ff49ab19758 Nov 22 18:22:53 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/cn=schema/cn={4}yast.ldif" Nov 22 18:22:53 mgaauth1 slapd[12638]: => str2entry: "dn: cn={4}yast objectClass: olcSchemaConfig cn: {4}yast olcObjectIdentifier: {0}SUSE 1.3.6.1.4.1.7057 olcObjectIdentifier: {1}SUSE.YaST SUSE:10.1 olcObjectIdentifier: {2}SUSE.YaST.ModuleConfig SUSE:10.1.2 olcObjectIdentifier: {3}SUSE.YaST.ModuleConfig.OC SUSE.YaST.ModuleConfig:1 olcObjectIdentifier: {4}SUSE.YaST.ModuleConfig.Attr SUSE.YaST.ModuleConfig:2 olcAttributeTypes: {0}( SUSE.YaST.ModuleConfig.Attr:2 NAME ( 'suseDefaultBase' ) DESC 'Base DN where new Objects should be created by default' EQUALITY dis tinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) olcAttributeTypes: {1}( SUSE.YaST.ModuleConfig.Attr:3 NAME ( 'suseNextUniqueId ' ) DESC 'Next unused unique ID, can be used to generate directory wide uniqe IDs' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1. 1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {2}( SUSE.YaST.ModuleConfig.Attr:4 NAME ( 'suseMinUniqueId' ) DESC 'lower Border for Unique IDs' EQUALITY integerMatch ORDERING integerO rderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {3}( SUSE.YaST.ModuleConfig.Attr:5 NAME ( 'suseMaxUniqueId' ) DESC 'upper Border for Unique IDs' EQUALITY integerMatch ORDERING integerO rderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {4}( SUSE.YaST.ModuleConfig.Attr:6 NAME ( 'suseDefaultTempl ate' ) DESC 'The DN of a template that should be used by default' EQUALITY di stinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) olcAttributeTypes: {5}( SUSE.YaST.ModuleConfig.Attr:7 NAME ( 'suseSearchFilter ' ) DESC 'Search filter to localize Objects' SYNTAX 1.3.6.1.4.1.1466.115.121. 1.15 SINGLE-VALUE ) olcAttributeTypes: {6}( SUSE.YaST.ModuleConfig.Attr:11 NAME ( 'suseDefaultValu e' ) DESC 'an Attribute-Value-Assertions to define defaults for specific Attr ibutes' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) olcAttributeTypes: {7}( SUSE.YaST.ModuleConfig.Attr:12 NAME ( 'suseNamingAttri bute' ) DESC 'AttributeType that should be used as the RDN' EQUALITY caseIgno reIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) olcAttributeTypes: {8}( SUSE.YaST.ModuleConfig.Attr:15 NAME ( 'suseSecondaryGr oup' ) DESC 'seconday group DN' EQUALITY distinguishedNameMatch SYNTAX 1.3.6. 1.4.1.1466.115.121.1.12 ) olcAttributeTypes: {9}( SUSE.YaST.ModuleConfig.Attr:16 NAME ( 'suseMinPassword Length' ) DESC 'minimum Password length for new users' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VAL UE ) olcAttributeTypes: {10}( SUSE.YaST.ModuleConfig.Attr:17 NAME ( 'suseMaxPasswor dLength' ) DESC 'maximum Password length for new users' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VA LUE ) olcAttributeTypes: {11}( SUSE.YaST.ModuleConfig.Attr:18 NAME ( 'susePasswordHa sh' ) DESC 'Hash method to use for new users' EQUALITY caseIgnoreIA5Match SYN TAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) olcAttributeTypes: {12}( SUSE.YaST.ModuleConfig.Attr:19 NAME ( 'suseSkelDir' ) DESC '' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) olcAttributeTypes: {13}( SUSE.YaST.ModuleConfig.Attr:20 NAME ( 'susePlugin' ) DESC 'plugin to use upon user/ group creation' EQUALITY caseIgnoreMatch SYNTA X 1.3.6.1.4.1.1466.115.121.1.15 ) olcAttributeTypes: {14}( SUSE.YaST.ModuleConfig.Attr:21 NAME ( 'suseMapAttribu te' ) DESC '' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) olcAttributeTypes: {15}( SUSE.YaST.ModuleConfig.Attr:22 NAME ( 'suseImapServer ' ) DESC '' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) olcAttributeTypes: {16}( SUSE.YaST.ModuleConfig.Attr:23 NAME ( 'suseImapAdmin' ) DESC '' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) olcAttributeTypes: {17}( SUSE.YaST.ModuleConfig.Attr:24 NAME ( 'suseImapDefaul tQuota' ) DESC '' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {18}( SUSE.YaST.ModuleConfig.Attr:25 NAME ( 'suseImapUseSsl ' ) DESC '' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121 .1.7 SINGLE-VALUE ) olcObjectClasses: {0}( SUSE.YaST.ModuleConfig.OC:2 NAME 'suseModuleConfigurati on' SUP top STRUCTURAL DESC 'Contains configuration of Management Modu les' MUST ( cn ) MAY ( suseDefaultBase )) olcObjectClasses: {1}( SUSE.YaST.ModuleConfig.OC:3 NAME 'suseUserConfiguration ' SUP suseModuleConfiguration STRUCTURAL DESC 'Configuration of user m anagement tools' MAY ( suseMinPasswordLength $ suseMaxPasswordLength $ susePasswordHash $ suseSkelDir $ suseNextUniqueId $ suseMinUniqueId $ suseMaxUniqueId $ suseDefaultTemplate $ suseSearchFilter $ suseMapAttribute )) olcObjectClasses: {2}( SUSE.YaST.ModuleConfig.OC:4 NAME 'suseObjectTemplate' SUP top STRUCTURAL DESC 'Base Class for Object-Templates' MUST ( cn ) M AY ( susePlugin $ suseDefaultValue $ suseNamingAttribute )) olcObjectClasses: {3}( SUSE.YaST.ModuleConfig.OC:5 NAME 'suseUserTemplate' SUP suseObjectTemplate STRUCTURAL DESC 'User object template' MUST ( cn ) MAY ( suseSecondaryGroup )) olcObjectClasses: {4}( SUSE.YaST.ModuleConfig.OC:6 NAME 'suseGroupTemplate' SUP suseObjectTemplate STRUCTURAL DESC 'Group object template' MUST ( cn )) olcObjectClasses: {5}( SUSE.YaST.ModuleConfig.OC:7 NAME 'suseGroupConfiguratio n' SUP suseModuleConfiguration STRUCTURAL DESC 'Configuration of user management tools' MAY ( suseNextUniqueId $ suseMinUniqueId $ suseMaxUni queId $ suseDefaultTemplate $ suseSearchFilter $ suseMapAttribut e )) olcObjectClasses: {6}( SUSE.YaST.ModuleConfig.OC:8 NAME 'suseCaConfiguration' SUP suseModuleConfiguration STRUCTURAL DESC 'Configuration of CA manage ment tools') olcObjectClasses: {7}( SUSE.YaST.ModuleConfig.OC:9 NAME 'suseDnsConfiguration' SUP suseModuleConfiguration STRUCTURAL DESC 'Configuration of mail se rver management tools') olcObjectClasses: {8}( SUSE.YaST.ModuleConfig.OC:10 NAME 'suseDhcpConfiguratio n' SUP suseModuleConfiguration STRUCTURAL DESC 'Configuration of DHCP server management tools') olcObjectClasses: {9}( SUSE.YaST.ModuleConfig.OC:11 NAME 'suseMailConfiguratio n' SUP suseModuleConfiguration STRUCTURAL DESC 'Configuration of IMAP user management tools' MUST ( suseImapServer $ suseImapAdmin $ suseImap DefaultQuota $ suseImapUseSsl )) structuralObjectClass: olcSchemaConfig entryUUID: 1a06ad4e-8ade-102f-8d07-5da984889200 creatorsName: cn=config createTimestamp: 20101122234350Z entryCSN: 20101122234350.441878Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20101122234350Z " Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn={4}yast> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn={4}yast>, <cn={4}yast> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <= str2entry(cn={4}yast) -> 0x7ff49ab19758 Nov 22 18:22:53 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/cn=schema/cn={5}kerberos.ldif" Nov 22 18:22:53 mgaauth1 slapd[12638]: => str2entry: "dn: cn={5}kerberos objectClass: olcSchemaConfig cn: {5}kerberos olcAttributeTypes:: ezB9KCAyLjE2Ljg0MC4xLjExMzcxOS4xLjMwMS40LjEuMSAgICAgICAgIC AgICAgIE5BTUUgJ2tyYlByaW5jaXBhbE5hbWUnICAgICAgICAgICAgICAgRVFVQUxJVFkgY2FzZUV 4YWN0SUE1TWF0Y2ggCVNVQlNUUiBjYXNlRXhhY3RTdWJzdHJpbmdzTWF0Y2ggICAgICAgICAgICAg ICBTWU5UQVggMS4zLjYuMS40LjEuMTQ2Ni4xMTUuMTIxLjEuMjYp olcAttributeTypes: {1}( 1.2.840.113554.1.4.1.6.1 NAME 'krbCanoni calName' EQUALITY caseExactIA5Match SUBSTR caseEx actSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE) olcAttributeTypes: {2}( 2.16.840.1.113719.1.301.4.3.1 NAME 'krbP rincipalType' EQUALITY integerMatch SYNTAX 1.3.6. 1.4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {3}( 2.16.840.1.113719.1.301.4.5.1 NAME 'krbU PEnabled' DESC 'Boolean' SYNTAX 1.3.6.1.4.1.1466. 115.121.1.7 SINGLE-VALUE) olcAttributeTypes: {4}( 2.16.840.1.113719.1.301.4.6.1 NAME 'krbP rincipalExpiration' EQUALITY generalizedTimeMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE) olcAttributeTypes: {5}( 2.16.840.1.113719.1.301.4.8.1 NAME 'krbT icketFlags' EQUALITY integerMatch SYNTAX 1.3.6.1. 4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {6}( 2.16.840.1.113719.1.301.4.9.1 NAME 'krbM axTicketLife' EQUALITY integerMatch SYNTAX 1.3.6. 1.4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {7}( 2.16.840.1.113719.1.301.4.10.1 NAME 'krb MaxRenewableAge' EQUALITY integerMatch SYNTAX 1.3 .6.1.4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {8}( 2.16.840.1.113719.1.301.4.14.1 NAME 'krb RealmReferences' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) olcAttributeTypes: {9}( 2.16.840.1.113719.1.301.4.15.1 NAME 'krb LdapServers' EQUALITY caseIgnoreMatch SYNTAX 1.3. 6.1.4.1.1466.115.121.1.15) olcAttributeTypes: {10}( 2.16.840.1.113719.1.301.4.17.1 NAME 'kr bKdcServers' EQUALITY distinguishedNameMatch SYNT AX 1.3.6.1.4.1.1466.115.121.1.12) olcAttributeTypes: {11}( 2.16.840.1.113719.1.301.4.18.1 NAME 'kr bPwdServers' EQUALITY distinguishedNameMatch SYNT AX 1.3.6.1.4.1.1466.115.121.1.12) olcAttributeTypes: {12}( 2.16.840.1.113719.1.301.4.24.1 NAME 'kr bHostServer' EQUALITY caseExactIA5Match SYNTAX 1. 3.6.1.4.1.1466.115.121.1.26) olcAttributeTypes: {13}( 2.16.840.1.113719.1.301.4.25.1 NAME 'kr bSearchScope' EQUALITY integerMatch SYNTAX 1.3.6. 1.4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {14}( 2.16.840.1.113719.1.301.4.26.1 NAME 'kr bPrincipalReferences' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) olcAttributeTypes: {15}( 2.16.840.1.113719.1.301.4.28.1 NAME 'kr bPrincNamingAttr' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE) olcAttributeTypes: {16}( 2.16.840.1.113719.1.301.4.29.1 NAME 'kr bAdmServers' EQUALITY distinguishedNameMatch SYNT AX 1.3.6.1.4.1.1466.115.121.1.12) olcAttributeTypes: {17}( 2.16.840.1.113719.1.301.4.30.1 NAME 'kr bMaxPwdLife' EQUALITY integerMatch SYNTAX 1.3.6.1 .4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {18}( 2.16.840.1.113719.1.301.4.31.1 NAME 'kr bMinPwdLife' EQUALITY integerMatch SYNTAX 1.3.6.1 .4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {19}( 2.16.840.1.113719.1.301.4.32.1 NAME 'kr bPwdMinDiffChars' EQUALITY integerMatch SYNTAX 1 .3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {20}( 2.16.840.1.113719.1.301.4.33.1 NAME 'kr bPwdMinLength' EQUALITY integerMatch SYNTAX 1.3. 6.1.4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {21}( 2.16.840.1.113719.1.301.4.34.1 NAME 'kr bPwdHistoryLength' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {22}( 1.3.6.1.4.1.5322.21.2.1 NAME 'krbPwdMax Failure' EQUALITY integerMatch SYNTAX 1.3.6.1.4. 1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {23}( 1.3.6.1.4.1.5322.21.2.2 NAME 'krbPwdFai lureCountInterval' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {24}( 1.3.6.1.4.1.5322.21.2.3 NAME 'krbPwdLoc koutDuration' EQUALITY integerMatch SYNTAX 1.3.6 .1.4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {25}( 2.16.840.1.113719.1.301.4.36.1 NAME 'kr bPwdPolicyReference' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE) olcAttributeTypes: {26}( 2.16.840.1.113719.1.301.4.37.1 NAME 'kr bPasswordExpiration' EQUALITY generalizedTimeMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE) olcAttributeTypes: {27}( 2.16.840.1.113719.1.301.4.39.1 NAME 'kr bPrincipalKey' EQUALITY octetStringMatch SYNTAX 1 .3.6.1.4.1.1466.115.121.1.40) olcAttributeTypes: {28}( 2.16.840.1.113719.1.301.4.40.1 NAME 'kr bTicketPolicyReference' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE) olcAttributeTypes: {29}( 2.16.840.1.113719.1.301.4.41.1 NAME 'kr bSubTrees' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) olcAttributeTypes: {30}( 2.16.840.1.113719.1.301.4.42.1 NAME 'kr bDefaultEncSaltTypes' EQUALITY caseIgnoreMatch SY NTAX 1.3.6.1.4.1.1466.115.121.1.15) olcAttributeTypes: {31}( 2.16.840.1.113719.1.301.4.43.1 NAME 'kr bSupportedEncSaltTypes' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) olcAttributeTypes: {32}( 2.16.840.1.113719.1.301.4.44.1 NAME 'kr bPwdHistory' EQUALITY octetStringMatch SYNTAX 1.3 .6.1.4.1.1466.115.121.1.40) olcAttributeTypes: {33}( 2.16.840.1.113719.1.301.4.45.1 NAME 'kr bLastPwdChange' EQUALITY generalizedTimeMatch SYN TAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE) olcAttributeTypes: {34}( 2.16.840.1.113719.1.301.4.46.1 NAME 'kr bMKey' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4 .1.1466.115.121.1.40) olcAttributeTypes: {35}( 2.16.840.1.113719.1.301.4.47.1 NAME 'kr bPrincipalAliases' EQUALITY caseExactIA5Match SYN TAX 1.3.6.1.4.1.1466.115.121.1.26) olcAttributeTypes: {36}( 2.16.840.1.113719.1.301.4.48.1 NAME 'kr bLastSuccessfulAuth' EQUALITY generalizedTimeMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE) olcAttributeTypes: {37}( 2.16.840.1.113719.1.301.4.49.1 NAME 'kr bLastFailedAuth' EQUALITY generalizedTimeMatch SY NTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE) olcAttributeTypes: {38}( 2.16.840.1.113719.1.301.4.50.1 NAME 'kr bLo Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn={5}kerberos> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn={5}kerberos>, <cn={5}kerberos> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <= str2entry(cn={5}kerberos) -> 0x7ff49ab19758 Nov 22 18:22:53 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/cn=schema/cn={6}uidnext.ldif" Nov 22 18:22:53 mgaauth1 slapd[12638]: => str2entry: "dn: cn={6}uidnext objectClass: olcSchemaConfig cn: {6}uidnext olcObjectClasses: {0}( 1.1.2.2.1.30 NAME 'uidnext' SUP top STRUCTURAL MUST ( cn $ uidNumber )) structuralObjectClass: olcSchemaConfig entryUUID: 189d1db6-8adf-102f-87a7-a13f60af0032 creatorsName: cn=config createTimestamp: 20101122235057Z entryCSN: 20101122235057.569075Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20101122235057Z " Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn={6}uidnext> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn={6}uidnext>, <cn={6}uidnext> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <= str2entry(cn={6}uidnext) -> 0x7ff49ab19758 Nov 22 18:22:53 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/olcDatabase={-1}frontend.ldif" Nov 22 18:22:53 mgaauth1 slapd[12638]: => str2entry: "dn: olcDatabase={-1}frontend objectClass: olcDatabaseConfig olcDatabase: {-1}frontend olcAccess: {0}to dn.base="" by * read olcAccess: {1}to dn.base="cn=Subschema" by * read structuralObjectClass: olcDatabaseConfig entryUUID: 1a06c66c-8ade-102f-8d08-5da984889200 creatorsName: cn=config createTimestamp: 20101122234350Z entryCSN: 20101122234350.442520Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20101122234350Z " Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <olcDatabase={-1}frontend> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <olcDatabase={-1}frontend>, <olcDatabase={-1}frontend> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <= str2entry(olcDatabase={-1}frontend) -> 0x7ff49ab19758 Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=Subschema> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=subschema> Nov 22 18:22:53 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/olcDatabase={0}config.ldif" Nov 22 18:22:53 mgaauth1 slapd[12638]: => str2entry: "dn: olcDatabase={0}config objectClass: olcDatabaseConfig olcDatabase: {0}config olcAccess: {0}to * by dn.base="uid=syncrepl,ou=system,dc=ls,dc=cbn" read by * break olcLimits: {0}dn.exact="uid=syncrepl,ou=system,dc=ls,dc=cbn" size.soft=unlimit ed olcRootDN: cn=config olcRootPW:: e1NTSEF9K3hqNDB5T2U1ZGtyTU45aWVrMGhpSlFMMFVGUlFVNWFXZz09 olcSecurity: simple_bind=128 ssf=71 olcSyncrepl: {0}rid=1 provider="ldap://mgaauth1.ni.ls.cbn/" searchbase="cn=con fig" type="refreshAndPersist" retry="120 +" starttls=critical tls_reqcert=dem and bindmethod="simple" binddn="uid=syncrepl,ou=system,dc=ls,dc=cbn" credenti als="I9BpLVmLdOaL" olcUpdateRef: ldap://mgaauth1.ni.ls.cbn/ structuralObjectClass: olcDatabaseConfig entryUUID: 1a06cd10-8ade-102f-8d09-5da984889200 creatorsName: cn=config createTimestamp: 20101122234350Z entryCSN: 20101122234350.442690Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20101122234350Z " Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <olcDatabase={0}config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <olcDatabase={0}config>, <olcDatabase={0}config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <= str2entry(olcDatabase={0}config) -> 0x7ff49ab19758 Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn=config>, <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <uid=syncrepl,ou=system,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <uid=syncrepl,ou=system,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <uid=syncrepl,ou=system,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <uid=syncrepl,ou=system,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn=config>, <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <uid=syncrepl,ou=system,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <uid=syncrepl,ou=system,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/olcDatabase={0}config/olcOverlay={0}syncprov.ldif" Nov 22 18:22:53 mgaauth1 slapd[12638]: => str2entry: "dn: olcOverlay={0}syncprov objectClass: olcSyncProvConfig olcOverlay: {0}syncprov olcSpCheckpoint: 100 10 structuralObjectClass: olcSyncProvConfig entryUUID: 1a06d9fe-8ade-102f-8d0a-5da984889200 creatorsName: cn=config createTimestamp: 20101122234350Z entryCSN: 20101122234350.443021Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20101122234350Z " Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <olcOverlay={0}syncprov> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <olcOverlay={0}syncprov>, <olcOverlay={0}syncprov> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <= str2entry(olcOverlay={0}syncprov) -> 0x7ff49ab19758 Nov 22 18:22:53 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/olcDatabase={1}hdb.ldif" Nov 22 18:22:53 mgaauth1 slapd[12638]: => str2entry: "dn: olcDatabase={1}hdb objectClass: olcDatabaseConfig objectClass: olcHdbConfig olcDatabase: {1}hdb olcDbDirectory: /var/lib/ldap olcSuffix: dc=ls,dc=cbn olcAccess: {0}to attrs=userPassword by self write by * auth olcAccess: {1}to attrs=shadowLastChange by self write by * read olcAccess: {2}to attrs=userPKCS12 by self read by * none olcAccess: {3}to * by * read olcRootDN: cn=admin,dc=ls,dc=cbn olcRootPW:: e1NTSEF9TkJSVVEyR0FGMlNQN1dsbFh3eS9GK2t5MFBST1UxaEpWQT09 olcUpdateRef: ldap://anubis.ls.cbn/ olcDbCacheSize: 10000 olcDbCheckpoint: 1024 5 olcDbConfig: {0}set_cachesize 0 15000000 1 olcDbConfig: {1}set_lg_regionmax 262144 olcDbConfig: {2}set_lg_bsize 2097152 olcDbConfig: {3}set_flags DB_LOG_AUTOREMOVE olcDbIDLcacheSize: 30000 olcDbIndex: objectclass eq olcDbIndex: uidNumber eq olcDbIndex: gidNumber eq olcDbIndex: member eq olcDbIndex: memberUid eq olcDbIndex: mail eq olcDbIndex: cn eq,sub olcDbIndex: displayName eq,sub olcDbIndex: uid eq,sub olcDbIndex: sn eq,sub olcDbIndex: givenName eq,sub olcDbIndex: entryUUID eq olcDbIndex: entryCSN eq structuralObjectClass: olcHdbConfig entryUUID: 65b86196-8adf-102f-87a8-a13f60af0032 creatorsName: cn=config createTimestamp: 20101122235306Z olcSyncrepl: {0}rid=2 provider="ldap://anubis.ls.cbn/" searchbase="dc=ls,dc=cb n" type="refreshOnly" retry="120 +" interval="00:00:01:00" starttls=critical tls_reqcert=demand bindmethod="simple" binddn="uid=syncrepl,ou=system,dc=ls,d c=cbn" credentials="lieguYwHee" entryCSN: 20101123001649.251496Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20101123001649Z " Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <olcDatabase={1}hdb> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <olcDatabase={1}hdb>, <olcDatabase={1}hdb> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=admin,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=admin,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <= str2entry(olcDatabase={1}hdb) -> 0x7ff49ab19758 Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <dc=ls,dc=cbn>, <dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn=admin,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn=admin,dc=ls,dc=cbn>, <cn=admin,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: hdb_db_init: Initializing HDB database Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <dc=ls,dc=cbn>, <dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn=admin,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn=admin,dc=ls,dc=cbn>, <cn=admin,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <uid=syncrepl,ou=system,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <uid=syncrepl,ou=system,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: send_ldap_result: conn=-1 op=0 p=0 Nov 22 18:22:53 mgaauth1 slapd[12638]: send_ldap_result: err=0 matched="" text="" Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=Subschema> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=subschema> Nov 22 18:22:53 mgaauth1 slapd[12638]: matching_rule_use_init Nov 22 18:22:53 mgaauth1 slapd[12638]: 1.2.840.113556.1.4.804 (integerBitOrMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 1.2.840.113556.1.4.804 NAME 'integerBitOrMatch' APPLIES ( supportedLDAPVersion $ entryTtl $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcWriteTimeout $ olcDbCacheFree $ olcDbCacheSize $ olcDbDNcacheSize $ olcDbIDLcacheSize $ olcDbSearchStack $ olcDbShmKey $ olcChainMaxReferralDepth $ olcDbProtocolVersion $ olcDbConnectionPoolMax $ olcDDSmaxDynamicObjects $ olcPcacheMaxQueries $ olcRetcodeSleep $ olcSssVlvMax $ olcSssVlvMaxKeys $ olcSpSessionlog $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpcNumber $ suseNextUniqueId $ suseMinUniqueId $ suseMaxUniqueId $ suseMinPasswordLength $ suseMaxPasswordLength $ suseImapDefaultQuota $ krbPrincipalType $ krbTicketFlags $ krbMaxTicketLife $ krbMaxRenewableAge $ krbSearchScope $ krbMaxPwdLife $ krbMinPwdLife $ krbPwdMinDiffChars $ krbPwdMinLength $ krbPwdHistoryLength $ krbPwdMaxFailure $ krbPwdFailureCountInterval $ krbPwdLockoutDuration $ krbLoginFailedCount ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 1.2.840.113556.1.4.803 (integerBitAndMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 1.2.840.113556.1.4.803 NAME 'integerBitAndMatch' APPLIES ( supportedLDAPVersion $ entryTtl $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcWriteTimeout $ olcDbCacheFree $ olcDbCacheSize $ olcDbDNcacheSize $ olcDbIDLcacheSize $ olcDbSearchStack $ olcDbShmKey $ olcChainMaxReferralDepth $ olcDbProtocolVersion $ olcDbConnectionPoolMax $ olcDDSmaxDynamicObjects $ olcPcacheMaxQueries $ olcRetcodeSleep $ olcSssVlvMax $ olcSssVlvMaxKeys $ olcSpSessionlog $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpcNumber $ suseNextUniqueId $ suseMinUniqueId $ suseMaxUniqueId $ suseMinPasswordLength $ suseMaxPasswordLength $ suseImapDefaultQuota $ krbPrincipalType $ krbTicketFlags $ krbMaxTicketLife $ krbMaxRenewableAge $ krbSearchScope $ krbMaxPwdLife $ krbMinPwdLife $ krbPwdMinDiffChars $ krbPwdMinLength $ krbPwdHistoryLength $ krbPwdMaxFailure $ krbPwdFailureCountInterval $ krbPwdLockoutDuration $ krbLoginFailedCount ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 1.3.6.1.4.1.1466.109.114.2 (caseIgnoreIA5Match): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' APPLIES ( altServer $ olcDbConfig $ c $ mail $ dc $ associatedDomain $ email $ aRecord $ mDRecord $ mXRecord $ nSRecord $ sOARecord $ cNAMERecord $ janetMailbox $ gecos $ homeDirectory $ loginShell $ memberUid $ memberNisNetgroup $ nisNetgroupTriple $ ipNetmaskNumber $ macAddress $ bootParameter $ bootFile $ nisMapEntry $ nisDomain $ automountMapName $ automountKey $ automountInformation $ suseNamingAttribute $ susePasswordHash $ suseSkelDir $ krbPrincipalName $ krbCanonicalName $ krbHostServer $ krbPrincipalAliases $ krbAllowedToDelegateTo ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 1.3.6.1.4.1.1466.109.114.1 (caseExactIA5Match): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' APPLIES ( altServer $ olcDbConfig $ c $ mail $ dc $ associatedDomain $ email $ aRecord $ mDRecord $ mXRecord $ nSRecord $ sOARecord $ cNAMERecord $ janetMailbox $ gecos $ homeDirectory $ loginShell $ memberUid $ memberNisNetgroup $ nisNetgroupTriple $ ipNetmaskNumber $ macAddress $ bootParameter $ bootFile $ nisMapEntry $ nisDomain $ automountMapName $ automountKey $ automountInformation $ suseNamingAttribute $ susePasswordHash $ suseSkelDir $ krbPrincipalName $ krbCanonicalName $ krbHostServer $ krbPrincipalAliases $ krbAllowedToDelegateTo ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.39 (certificateListMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.38 (certificateListExactMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.38 NAME 'certificateListExactMatch' APPLIES ( authorityRevocationList $ certificateRevocationList $ deltaRevocationList ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.35 (certificateMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.34 (certificateExactMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.34 NAME 'certificateExactMatch' APPLIES ( userCertificate $ cACertificate ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.30 (objectIdentifierFirstComponentMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.30 NAME 'objectIdentifierFirstComponentMatch' APPLIES ( supportedControl $ supportedExtension $ supportedFeatures $ ldapSyntaxes $ supportedApplicationContext ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.29 (integerFirstComponentMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.29 NAME 'integerFirstComponentMatch' APPLIES ( supportedLDAPVersion $ entryTtl $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcWriteTimeout $ olcDbCacheFree $ olcDbCacheSize $ olcDbDNcacheSize $ olcDbIDLcacheSize $ olcDbSearchStack $ olcDbShmKey $ olcChainMaxReferralDepth $ olcDbProtocolVersion $ olcDbConnectionPoolMax $ olcDDSmaxDynamicObjects $ olcPcacheMaxQueries $ olcRetcodeSleep $ olcSssVlvMax $ olcSssVlvMaxKeys $ olcSpSessionlog $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpcNumber $ suseNextUniqueId $ suseMinUniqueId $ suseMaxUniqueId $ suseMinPasswordLength $ suseMaxPasswordLength $ suseImapDefaultQuota $ krbPrincipalType $ krbTicketFlags $ krbMaxTicketLife $ krbMaxRenewableAge $ krbSearchScope $ krbMaxPwdLife $ krbMinPwdLife $ krbPwdMinDiffChars $ krbPwdMinLength $ krbPwdHistoryLength $ krbPwdMaxFailure $ krbPwdFailureCountInterval $ krbPwdLockoutDuration $ krbLoginFailedCount ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.27 (generalizedTimeMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.27 NAME 'generalizedTimeMatch' APPLIES ( createTimestamp $ modifyTimestamp $ pwdChangedTime $ pwdAccountLockedTime $ pwdFailureTime $ pwdGraceUseTime $ krbPrincipalExpiration $ krbPasswordExpiration $ krbLastPwdChange $ krbLastSuccessfulAuth $ krbLastFailedAuth ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.24 (protocolInformationMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.24 NAME 'protocolInformationMatch' APPLIES protocolInformation ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.23 (uniqueMemberMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.23 NAME 'uniqueMemberMatch' APPLIES uniqueMember ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.22 (presentationAddressMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.22 NAME 'presentationAddressMatch' APPLIES presentationAddress ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.20 (telephoneNumberMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.20 NAME 'telephoneNumberMatch' APPLIES ( telephoneNumber $ homePhone $ mobile $ pager ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.17 (octetStringMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.17 NAME 'octetStringMatch' APPLIES ( userPassword $ olcDbCryptKey $ pwdHistory $ nisPublicKey $ nisSecretKey $ krbPrincipalKey $ krbPwdHistory $ krbMKey $ krbExtraData ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.16 (bitStringMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.16 NAME 'bitStringMatch' APPLIES x500UniqueIdentifier ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.14 (integerMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.14 NAME 'integerMatch' APPLIES ( supportedLDAPVersion $ entryTtl $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcWriteTimeout $ olcDbCacheFree $ olcDbCacheSize $ olcDbDNcacheSize $ olcDbIDLcacheSize $ olcDbSearchStack $ olcDbShmKey $ olcChainMaxReferralDepth $ olcDbProtocolVersion $ olcDbConnectionPoolMax $ olcDDSmaxDynamicObjects $ olcPcacheMaxQueries $ olcRetcodeSleep $ olcSssVlvMax $ olcSssVlvMaxKeys $ olcSpSessionlog $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpcNumber $ suseNextUniqueId $ suseMinUniqueId $ suseMaxUniqueId $ suseMinPasswordLength $ suseMaxPasswordLength $ suseImapDefaultQuota $ krbPrincipalType $ krbTicketFlags $ krbMaxTicketLife $ krbMaxRenewableAge $ krbSearchScope $ krbMaxPwdLife $ krbMinPwdLife $ krbPwdMinDiffChars $ krbPwdMinLength $ krbPwdHistoryLength $ krbPwdMaxFailure $ krbPwdFailureCountInterval $ krbPwdLockoutDuration $ krbLoginFailedCount ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.13 (booleanMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.13 NAME 'booleanMatch' APPLIES ( hasSubordinates $ olcAddContentAcl $ olcGentleHUP $ olcHidden $ olcLastMod $ olcMirrorMode $ olcMonitoring $ olcReadOnly $ olcReverseLookup $ olcSyncUseSubentry $ olcDbChecksum $ olcDbNoSync $ olcDbDirtyRead $ olcDbLinearIndex $ olcChainCacheURI $ olcChainReturnError $ olcDbRebindAsUser $ olcDbChaseReferrals $ olcDbProxyWhoAmI $ olcDbSingleConn $ olcDbUseTemporaryConn $ olcDbNoRefs $ olcDbNoUndefFilter $ olcAccessLogSuccess $ olcDDSstate $ olcMemberOfRefInt $ pwdReset $ olcPPolicyHashCleartext $ olcPPolicyForwardUpdates $ olcPPolicyUseLockout $ olcPcachePersist $ olcPcacheValidate $ olcPcacheOffline $ olcRetcodeInDir $ olcRwmNormalizeMapped $ olcRwmDropUnrequested $ olcSpNoPresent $ olcSpReloadHint $ olcTranslucentStrict $ olcTranslucentNoGlue $ olcTranslucentBindLocal $ olcTranslucentPwModLocal $ olcUniqueStrict $ suseImapUseSsl $ krbUPEnabled ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.11 (caseIgnoreListMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.11 NAME 'caseIgnoreListMatch' APPLIES ( postalAddress $ registeredAddress $ homePostalAddress ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.8 (numericStringMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.8 NAME 'numericStringMatch' APPLIES ( x121Address $ internationaliSDNNumber ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.7 (caseExactSubstringsMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.7 NAME 'caseExactSubstringsMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.6 (caseExactOrderingMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.6 NAME 'caseExactOrderingMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.5 (caseExactMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.5 NAME 'caseExactMatch' APPLIES ( supportedSASLMechanisms $ vendorName $ vendorVersion $ ref $ name $ cn $ uid $ labeledURI $ description $ olcConfigFile $ olcConfigDir $ olcAccess $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcBackend $ olcDatabase $ olcDisallows $ olcDitContentRules $ olcInclude $ olcLdapSyntaxes $ olcLimits $ olcLogFile $ olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectClasses $ olcObjectIdentifier $ olcOverlay $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPlugin $ olcPluginLogFile $ olcReferral $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDSE $ olcRootPW $ olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcServerID $ olcSizeLimit $ olcSortVals $ olcSubordinate $ olcSyncrepl $ olcTCPBuffer $ olcTimeLimit $ olcTLSCACertificateFile $ olcTLSCACertificatePath $ olcTLSCertificateFile $ olcTLSCertificateKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ olcTLSCRLFile $ olcTLSRandFile $ olcTLSVerifyClient $ olcTLSDHParamFile $ olcTLSProtocolMin $ olcUpdateRef $ olcDbDirectory $ olcDbCheckpoint $ olcDbCryptFile $ olcDbPageSize $ olcDbIndex $ olcDbLockDetect $ olcDbMode $ olcChainingBehavior $ olcDbURI $ olcDbStartTLS $ olcDbACLPasswd $ olcDbACLBind $ olcDbIDAssertPasswd $ olcDbIDAssertBind $ olcDbIDAssertMode $ olcDbIDAssertAuthzFrom $ olcDbTFSupport $ olcDbTimeout $ olcDbIdleTimeout $ olcDbConnTtl $ olcDbNetworkTimeout $ olcDbCancel $ olcDbQuarantine $ olcAccessLogOps $ olcAccessLogPurge $ olcAccessLogOld $ olcAccessLogOldAttr $ olcAuditlogFile $ olcCollectInfo $ olcConstraintAttribute $ olcDDSmaxTtl $ olcDDSminTtl $ olcDDSdefaultTtl $ olcDDSinterval $ olcDDStolerance $ olcDGAttrPair $ olcDlAttrSet $ olcMemberOfDangling $ olcMemberOfGroupOC $ olcMemberOfMemberAD $ olcMemberOfMemberOfAD $ olcMemberOfDanglingError $ olcPcache $ olcPcacheAttrset $ olcPcacheTemplate $ olcPcachePosition $ olcPcacheBind $ olcRefintAttribute $ olcRetcodeItem $ olcRwmRewrite $ olcRwmTFSupport $ olcRwmMap $ olcSpCheckpoint $ olcTranslucentLocal $ olcTranslucentRemote $ olcUniqueIgnore $ olcUniqueAttribute $ olcUniqueURI $ olcValSortAttr $ knowledgeInformation $ sn $ serialNumber $ c $ l $ st $ street $ o $ ou $ title $ businessCategory $ postalCode $ postOfficeBox $ physicalDeliveryOfficeName $ destinationIndicator $ givenName $ initials $ generationQualifier $ dnQualifier $ houseIdentifier $ dmdName $ pseudonym $ textEncodedORAddress $ info $ drink $ roomNumber $ userClass $ host $ documentIdentifier $ documentTitle $ documentVersion $ documentLocation $ personalTitle $ co $ uniqueIdentifier $ organizationalStatus $ buildingName $ documentPublisher $ carLicense $ departmentNumber $ displayName $ employeeNumber $ employeeType $ preferredLanguage $ ipServiceProtocol $ ipHostNumber $ ipNetworkNumber $ nisMapName $ suseSearchFilter $ suseDefaultValue $ susePlugin $ suseMapAttribute $ suseImapServer $ suseImapAdmin $ krbLdapServers $ krbPrincNamingAttr $ krbDefaultEncSaltTypes $ krbSupportedEncSaltTypes ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.4 (caseIgnoreSubstringsMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.4 NAME 'caseIgnoreSubstringsMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.3 (caseIgnoreOrderingMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.3 NAME 'caseIgnoreOrderingMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.2 (caseIgnoreMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.2 NAME 'caseIgnoreMatch' APPLIES ( supportedSASLMechanisms $ vendorName $ vendorVersion $ ref $ name $ cn $ uid $ labeledURI $ description $ olcConfigFile $ olcConfigDir $ olcAccess $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcBackend $ olcDatabase $ olcDisallows $ olcDitContentRules $ olcInclude $ olcLdapSyntaxes $ olcLimits $ olcLogFile $ olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectClasses $ olcObjectIdentifier $ olcOverlay $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPlugin $ olcPluginLogFile $ olcReferral $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDSE $ olcRootPW $ olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcServerID $ olcSizeLimit $ olcSortVals $ olcSubordinate $ olcSyncrepl $ olcTCPBuffer $ olcTimeLimit $ olcTLSCACertificateFile $ olcTLSCACertificatePath $ olcTLSCertificateFile $ olcTLSCertificateKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ olcTLSCRLFile $ olcTLSRandFile $ olcTLSVerifyClient $ olcTLSDHParamFile $ olcTLSProtocolMin $ olcUpdateRef $ olcDbDirectory $ olcDbCheckpoint $ olcDbCryptFile $ olcDbPageSize $ olcDbIndex $ olcDbLockDetect $ olcDbMode $ olcChainingBehavior $ olcDbURI $ olcDbStartTLS $ olcDbACLPasswd $ olcDbACLBind $ olcDbIDAssertPasswd $ olcDbIDAssertBind $ olcDbIDAssertMode $ olcDbIDAssertAuthzFrom $ olcDbTFSupport $ olcDbTimeout $ olcDbIdleTimeout $ olcDbConnTtl $ olcDbNetworkTimeout $ olcDbCancel $ olcDbQuarantine $ olcAccessLogOps $ olcAccessLogPurge $ olcAccessLogOld $ olcAccessLogOldAttr $ olcAuditlogFile $ olcCollectInfo $ olcConstraintAttribute $ olcDDSmaxTtl $ olcDDSminTtl $ olcDDSdefaultTtl $ olcDDSinterval $ olcDDStolerance $ olcDGAttrPair $ olcDlAttrSet $ olcMemberOfDangling $ olcMemberOfGroupOC $ olcMemberOfMemberAD $ olcMemberOfMemberOfAD $ olcMemberOfDanglingError $ olcPcache $ olcPcacheAttrset $ olcPcacheTemplate $ olcPcachePosition $ olcPcacheBind $ olcRefintAttribute $ olcRetcodeItem $ olcRwmRewrite $ olcRwmTFSupport $ olcRwmMap $ olcSpCheckpoint $ olcTranslucentLocal $ olcTranslucentRemote $ olcUniqueIgnore $ olcUniqueAttribute $ olcUniqueURI $ olcValSortAttr $ knowledgeInformation $ sn $ serialNumber $ c $ l $ st $ street $ o $ ou $ title $ businessCategory $ postalCode $ postOfficeBox $ physicalDeliveryOfficeName $ destinationIndicator $ givenName $ initials $ generationQualifier $ dnQualifier $ houseIdentifier $ dmdName $ pseudonym $ textEncodedORAddress $ info $ drink $ roomNumber $ userClass $ host $ documentIdentifier $ documentTitle $ documentVersion $ documentLocation $ personalTitle $ co $ uniqueIdentifier $ organizationalStatus $ buildingName $ documentPublisher $ carLicense $ departmentNumber $ displayName $ employeeNumber $ employeeType $ preferredLanguage $ ipServiceProtocol $ ipHostNumber $ ipNetworkNumber $ nisMapName $ suseSearchFilter $ suseDefaultValue $ susePlugin $ suseMapAttribute $ suseImapServer $ suseImapAdmin $ krbLdapServers $ krbPrincNamingAttr $ krbDefaultEncSaltTypes $ krbSupportedEncSaltTypes ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 1.2.36.79672281.1.13.3 (rdnMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.1 (distinguishedNameMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.1 NAME 'distinguishedNameMatch' APPLIES ( creatorsName $ modifiersName $ subschemaSubentry $ entryDN $ namingContexts $ aliasedObjectName $ dynamicSubtrees $ distinguishedName $ seeAlso $ olcDefaultSearchBase $ olcRootDN $ olcSchemaDN $ olcSuffix $ olcUpdateDN $ olcDbACLAuthcDn $ olcDbIDAssertAuthcDn $ olcRelay $ olcAccessLogDB $ memberOf $ olcMemberOfDN $ pwdPolicySubentry $ olcPPolicyDefault $ olcRefintNothing $ olcRefintModifiersName $ olcRetcodeParent $ olcUniqueBase $ member $ owner $ roleOccupant $ manager $ documentAuthor $ secretary $ associatedName $ dITRedirect $ suseDefaultBase $ suseDefaultTemplate $ suseSecondaryGroup $ krbRealmReferences $ krbKdcServers $ krbPwdServers $ krbPrincipalReferences $ krbAdmServers $ krbPwdPolicyReference $ krbTicketPolicyReference $ krbSubTrees $ krbObjectReferences $ krbPrincContainerRef ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.0 (objectIdentifierMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.0 NAME 'objectIdentifierMatch' APPLIES ( supportedControl $ supportedExtension $ supportedFeatures $ supportedApplicationContext ) ) Nov 22 18:22:53 mgaauth1 slapd[12651]: slapd startup: initiated. Nov 22 18:22:53 mgaauth1 slapd[12651]: backend_startup_one: starting "cn=config" Nov 22 18:22:53 mgaauth1 slapd[12651]: config_back_db_open Nov 22 18:22:53 mgaauth1 slapd[12651]: send_ldap_result: conn=-1 op=0 p=0 Nov 22 18:22:53 mgaauth1 slapd[12651]: send_ldap_result: err=0 matched="" text="" Nov 22 18:22:53 mgaauth1 slapd[12651]: backend_startup_one: starting "dc=ls,dc=cbn" Nov 22 18:22:53 mgaauth1 slapd[12651]: hdb_db_open: "dc=ls,dc=cbn" Nov 22 18:22:53 mgaauth1 slapd[12651]: hdb_db_open: database "dc=ls,dc=cbn": dbenv_open(/var/lib/ldap). Nov 22 18:22:53 mgaauth1 slapd[12651]: hdb_monitor_db_open: monitoring disabled; configure monitor database to enable Nov 22 18:22:53 mgaauth1 slapd[12651]: slapd starting Nov 22 18:22:53 mgaauth1 slapd[12651]: =>do_syncrepl rid=002 Nov 22 18:22:53 mgaauth1 slapd[12651]: => bdb_entry_get: ndn: "dc=ls,dc=cbn" Nov 22 18:22:53 mgaauth1 slapd[12651]: => bdb_entry_get: oc: "(null)", at: "contextCSN" Nov 22 18:22:53 mgaauth1 slapd[12651]: bdb_dn2entry("dc=ls,dc=cbn") Nov 22 18:22:53 mgaauth1 slapd[12651]: => hdb_dn2id("dc=ls,dc=cbn") Nov 22 18:22:53 mgaauth1 slapd[12651]: <= hdb_dn2id: got id=0x1 Nov 22 18:22:53 mgaauth1 slapd[12651]: entry_decode: "" Nov 22 18:22:53 mgaauth1 slapd[12651]: <= entry_decode() Nov 22 18:22:53 mgaauth1 slapd[12651]: bdb_entry_get: rc=0 Nov 22 18:22:53 mgaauth1 slapd[12651]: =>do_syncrep2 rid=002 Nov 22 18:22:53 mgaauth1 slapd[12651]: do_syncrep2: rid=002 LDAP_RES_SEARCH_RESULT Nov 22 18:22:54 mgaauth1 slapd[12651]: slap_listener_activate(7): Nov 22 18:22:54 mgaauth1 slapd[12651]: >>> slap_listener(ldap://) Nov 22 18:22:54 mgaauth1 slapd[12651]: conn=1000 fd=13 ACCEPT from IP=127.0.0.1:33205 (IP=0.0.0.0:389) Nov 22 18:22:54 mgaauth1 slapd[12651]: connection_get(13) Nov 22 18:22:54 mgaauth1 slapd[12651]: connection_get(13): got connid=1000 Nov 22 18:22:54 mgaauth1 slapd[12651]: connection_read(13): checking for input on id=1000 Nov 22 18:22:54 mgaauth1 slapd[12651]: op tag 0x60, time 1290471774 Nov 22 18:22:54 mgaauth1 slapd[12651]: conn=1000 op=0 do_bind Nov 22 18:22:54 mgaauth1 slapd[12651]: >>> dnPrettyNormal: <> Nov 22 18:22:54 mgaauth1 slapd[12651]: <<< dnPrettyNormal: <>, <> Nov 22 18:22:54 mgaauth1 slapd[12651]: conn=1000 op=0 BIND dn="" method=128 Nov 22 18:22:54 mgaauth1 slapd[12651]: do_bind: version=3 dn="" method=128 Nov 22 18:22:54 mgaauth1 slapd[12651]: send_ldap_result: conn=1000 op=0 p=3 Nov 22 18:22:54 mgaauth1 slapd[12651]: send_ldap_result: err=0 matched="" text="" Nov 22 18:22:54 mgaauth1 slapd[12651]: send_ldap_response: msgid=1 tag=97 err=0 Nov 22 18:22:54 mgaauth1 slapd[12651]: conn=1000 op=0 RESULT tag=97 err=0 text= Nov 22 18:22:54 mgaauth1 slapd[12651]: do_bind: v3 anonymous bind Nov 22 18:22:54 mgaauth1 slapd[12651]: connection_get(13) Nov 22 18:22:54 mgaauth1 slapd[12651]: connection_get(13): got connid=1000 Nov 22 18:22:54 mgaauth1 slapd[12651]: connection_read(13): checking for input on id=1000 Nov 22 18:22:54 mgaauth1 slapd[12651]: op tag 0x63, time 1290471774 Nov 22 18:22:54 mgaauth1 slapd[12651]: conn=1000 op=1 do_search Nov 22 18:22:54 mgaauth1 slapd[12651]: >>> dnPrettyNormal: <> Nov 22 18:22:54 mgaauth1 slapd[12651]: <<< dnPrettyNormal: <>, <> Nov 22 18:22:54 mgaauth1 slapd[12651]: SRCH "" 0 0 Nov 22 18:22:54 mgaauth1 slapd[12651]: 0 0 0 Nov 22 18:22:54 mgaauth1 slapd[12651]: filter: (objectClass=*) Nov 22 18:22:54 mgaauth1 slapd[12651]: attrs: Nov 22 18:22:54 mgaauth1 slapd[12651]: Nov 22 18:22:54 mgaauth1 slapd[12651]: conn=1000 op=1 SRCH base="" scope=0 deref=0 filter="(objectClass=*)" Nov 22 18:22:54 mgaauth1 slapd[12651]: => send_search_entry: conn 1000 dn="" Nov 22 18:22:54 mgaauth1 slapd[12651]: conn=1000 op=1 ENTRY dn="" Nov 22 18:22:54 mgaauth1 slapd[12651]: <= send_search_entry: conn 1000 exit. Nov 22 18:22:54 mgaauth1 slapd[12651]: send_ldap_result: conn=1000 op=1 p=3 Nov 22 18:22:54 mgaauth1 slapd[12651]: send_ldap_result: err=0 matched="" text="" Nov 22 18:22:54 mgaauth1 slapd[12651]: send_ldap_response: msgid=2 tag=101 err=0 Nov 22 18:22:54 mgaauth1 slapd[12651]: conn=1000 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Nov 22 18:22:54 mgaauth1 slapd[12651]: connection_get(13) Nov 22 18:22:54 mgaauth1 slapd[12651]: connection_get(13): got connid=1000 Nov 22 18:22:54 mgaauth1 slapd[12651]: connection_read(13): checking for input on id=1000 Nov 22 18:22:54 mgaauth1 slapd[12651]: op tag 0x42, time 1290471774 Nov 22 18:22:54 mgaauth1 slapd[12651]: conn=1000 op=2 do_unbind Nov 22 18:22:54 mgaauth1 slapd[12651]: conn=1000 op=2 UNBIND Nov 22 18:22:54 mgaauth1 slapd[12651]: connection_close: conn=1000 sd=13 Nov 22 18:22:54 mgaauth1 slapd[12651]: conn=1000 fd=13 closed
Any idea what could be going on?
Thanks,
On 11/22/2010 07:24 PM, Bram Cymet wrote:
Hi,
I am trying to set up a syncrepl consumer. I have done this a number of times without any problem.
The consumer seems to be connecting via TLS to the producer and authenticating but the consumer directory never gets populated.
Here is the log from the producer:
Nov 22 19:19:57 anubis slapd[24088]: slap_listener_activate(7): Nov 22 19:19:57 anubis slapd[24088]: >>> slap_listener(ldap://) Nov 22 19:19:57 anubis slapd[24088]: conn=1026 fd=15 ACCEPT from IP=172.20.150.141:38831 (IP=0.0.0.0:389) Nov 22 19:19:57 anubis slapd[24088]: connection_get(15) Nov 22 19:19:57 anubis slapd[24088]: connection_get(15): got connid=1026 Nov 22 19:19:57 anubis slapd[24088]: connection_read(15): checking for input on id=1026 Nov 22 19:19:57 anubis slapd[24088]: op tag 0x77, time 1290471597 Nov 22 19:19:57 anubis slapd[24088]: conn=1026 op=0 do_extended Nov 22 19:19:57 anubis slapd[24088]: conn=1026 op=0 EXT oid=1.3.6.1.4.1.1466.20037 Nov 22 19:19:57 anubis slapd[24088]: do_extended: oid=1.3.6.1.4.1.1466.20037 Nov 22 19:19:57 anubis slapd[24088]: conn=1026 op=0 STARTTLS Nov 22 19:19:57 anubis slapd[24088]: send_ldap_extended: err=0 oid= len=0 Nov 22 19:19:57 anubis slapd[24088]: send_ldap_response: msgid=1 tag=120 err=0 Nov 22 19:19:57 anubis slapd[24088]: conn=1026 op=0 RESULT oid= err=0 text= Nov 22 19:19:58 anubis slapd[24088]: connection_get(15) Nov 22 19:19:58 anubis slapd[24088]: connection_get(15): got connid=1026 Nov 22 19:19:58 anubis slapd[24088]: connection_read(15): checking for input on id=1026 Nov 22 19:19:58 anubis slapd[24088]: connection_get(15) Nov 22 19:19:58 anubis slapd[24088]: connection_get(15): got connid=1026 Nov 22 19:19:58 anubis slapd[24088]: connection_read(15): checking for input on id=1026 Nov 22 19:19:58 anubis slapd[24088]: connection_read(15): unable to get TLS client DN, error=49 id=1026 Nov 22 19:19:58 anubis slapd[24088]: conn=1026 fd=15 TLS established tls_ssf=256 ssf=256 Nov 22 19:19:58 anubis slapd[24088]: connection_get(15) Nov 22 19:19:58 anubis slapd[24088]: connection_get(15): got connid=1026 Nov 22 19:19:58 anubis slapd[24088]: connection_read(15): checking for input on id=1026 Nov 22 19:19:58 anubis slapd[24088]: op tag 0x60, time 1290471598 Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=1 do_bind Nov 22 19:19:58 anubis slapd[24088]: >>> dnPrettyNormal: <uid=syncrepl,ou=system,dc=ls,dc=cbn> Nov 22 19:19:58 anubis slapd[24088]: <<< dnPrettyNormal: <uid=syncrepl,ou=system,dc=ls,dc=cbn>, <uid=syncrepl,ou=system,dc=ls,dc=cbn> Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=1 BIND dn="uid=syncrepl,ou=system,dc=ls,dc=cbn" method=128 Nov 22 19:19:58 anubis slapd[24088]: do_bind: version=3 dn="uid=syncrepl,ou=system,dc=ls,dc=cbn" method=128 Nov 22 19:19:58 anubis slapd[24088]: ==> hdb_bind: dn: uid=syncrepl,ou=system,dc=ls,dc=cbn Nov 22 19:19:58 anubis slapd[24088]: bdb_dn2entry("uid=syncrepl,ou=system,dc=ls,dc=cbn") Nov 22 19:19:58 anubis slapd[24088]: => access_allowed: result not in cache (userPassword) Nov 22 19:19:58 anubis slapd[24088]: => access_allowed: auth access to "uid=syncrepl,ou=system,dc=ls,dc=cbn" "userPassword" requested Nov 22 19:19:58 anubis slapd[24088]: => acl_get: [2] attr userPassword Nov 22 19:19:58 anubis slapd[24088]: => acl_mask: access to entry "uid=syncrepl,ou=system,dc=ls,dc=cbn", attr "userPassword" requested Nov 22 19:19:58 anubis slapd[24088]: => acl_mask: to value by "", (=0) Nov 22 19:19:58 anubis slapd[24088]: <= check a_dn_pat: uid=syncrepl,ou=system,dc=ls,dc=cbn Nov 22 19:19:58 anubis slapd[24088]: <= check a_dn_pat: * Nov 22 19:19:58 anubis slapd[24088]: <= acl_mask: [2] applying +0 (break) Nov 22 19:19:58 anubis slapd[24088]: <= acl_mask: [2] mask: =0 Nov 22 19:19:58 anubis slapd[24088]: => acl_get: [3] attr userPassword Nov 22 19:19:58 anubis slapd[24088]: => acl_mask: access to entry "uid=syncrepl,ou=system,dc=ls,dc=cbn", attr "userPassword" requested Nov 22 19:19:58 anubis slapd[24088]: => acl_mask: to value by "", (=0) Nov 22 19:19:58 anubis slapd[24088]: <= check a_dn_pat: self Nov 22 19:19:58 anubis slapd[24088]: <= check a_dn_pat: * Nov 22 19:19:58 anubis slapd[24088]: <= acl_mask: [2] applying auth(=xd) (stop) Nov 22 19:19:58 anubis slapd[24088]: <= acl_mask: [2] mask: auth(=xd) Nov 22 19:19:58 anubis slapd[24088]: => slap_access_allowed: auth access granted by auth(=xd) Nov 22 19:19:58 anubis slapd[24088]: => access_allowed: auth access granted by auth(=xd) Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=1 BIND dn="uid=syncrepl,ou=system,dc=ls,dc=cbn" mech=SIMPLE ssf=0 Nov 22 19:19:58 anubis slapd[24088]: do_bind: v3 bind: "uid=syncrepl,ou=system,dc=ls,dc=cbn" to "uid=syncrepl,ou=system,dc=ls,dc=cbn" Nov 22 19:19:58 anubis slapd[24088]: send_ldap_result: conn=1026 op=1 p=3 Nov 22 19:19:58 anubis slapd[24088]: send_ldap_result: err=0 matched="" text="" Nov 22 19:19:58 anubis slapd[24088]: send_ldap_response: msgid=2 tag=97 err=0 Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=1 RESULT tag=97 err=0 text= Nov 22 19:19:58 anubis slapd[24088]: connection_get(15) Nov 22 19:19:58 anubis slapd[24088]: connection_get(15): got connid=1026 Nov 22 19:19:58 anubis slapd[24088]: connection_read(15): checking for input on id=1026 Nov 22 19:19:58 anubis slapd[24088]: op tag 0x63, time 1290471598 Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=2 do_search Nov 22 19:19:58 anubis slapd[24088]: >>> dnPrettyNormal: <dc=ls,dc=cbn> Nov 22 19:19:58 anubis slapd[24088]: <<< dnPrettyNormal: <dc=ls,dc=cbn>, <dc=ls,dc=cbn> Nov 22 19:19:58 anubis slapd[24088]: SRCH "dc=ls,dc=cbn" 2 0 Nov 22 19:19:58 anubis slapd[24088]: 0 0 0 Nov 22 19:19:58 anubis slapd[24088]: filter: (objectClass=*) Nov 22 19:19:58 anubis slapd[24088]: => get_ctrls Nov 22 19:19:58 anubis slapd[24088]: => get_ctrls: oid="1.3.6.1.4.1.4203.1.9.1.1" (noncritical) Nov 22 19:19:58 anubis slapd[24088]: => get_ctrls: oid="2.16.840.1.113730.3.4.2" (critical) Nov 22 19:19:58 anubis slapd[24088]: <= get_ctrls: n=2 rc=0 err="" Nov 22 19:19:58 anubis slapd[24088]: attrs: Nov 22 19:19:58 anubis slapd[24088]: * Nov 22 19:19:58 anubis slapd[24088]: + Nov 22 19:19:58 anubis slapd[24088]: Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=2 SRCH base="dc=ls,dc=cbn" scope=2 deref=0 filter="(objectClass=*)" Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=2 SRCH attr=* + Nov 22 19:19:58 anubis slapd[24088]: ==> limits_get: conn=1026 op=2 self="uid=syncrepl,ou=system,dc=ls,dc=cbn" this="dc=ls,dc=cbn" Nov 22 19:19:58 anubis slapd[24088]: <== limits_get: type=DN match=EXACT dn="uid=syncrepl,ou=system,dc=ls,dc=cbn" Nov 22 19:19:58 anubis slapd[24088]: send_ldap_result: conn=1026 op=2 p=3 Nov 22 19:19:58 anubis slapd[24088]: send_ldap_result: err=0 matched="" text="" Nov 22 19:19:58 anubis slapd[24088]: send_ldap_response: msgid=3 tag=101 err=0 Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text= Nov 22 19:19:58 anubis slapd[24088]: connection_get(15) Nov 22 19:19:58 anubis slapd[24088]: connection_get(15): got connid=1026 Nov 22 19:19:58 anubis slapd[24088]: connection_read(15): checking for input on id=1026 Nov 22 19:19:58 anubis slapd[24088]: op tag 0x42, time 1290471598 Nov 22 19:19:58 anubis slapd[24088]: ber_get_next on fd 15 failed errno=0 (Success) Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=3 do_unbind Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=3 UNBIND Nov 22 19:19:58 anubis slapd[24088]: connection_close: conn=1026 sd=15 Nov 22 19:19:58 anubis slapd[24088]: conn=1026 fd=15 closed
Here is the log from the consumer:
Nov 22 18:22:49 mgaauth1 slapd[12587]: daemon: shutdown requested and initiated. Nov 22 18:22:49 mgaauth1 slapd[12587]: slapd shutdown: waiting for 0 operations/tasks to finish Nov 22 18:22:49 mgaauth1 slapd[12587]: slapd shutdown: initiated Nov 22 18:22:49 mgaauth1 slapd[12587]: ====> bdb_cache_release_all Nov 22 18:22:49 mgaauth1 slapd[12587]: slapd destroy: freeing system resources. Nov 22 18:22:49 mgaauth1 slapd[12587]: syncinfo_free: rid=001 Nov 22 18:22:49 mgaauth1 slapd[12587]: syncinfo_free: rid=002 Nov 22 18:22:49 mgaauth1 slapd[12587]: slapd stopped. Nov 22 18:22:52 mgaauth1 slapd[12638]: @(#) $OpenLDAP: slapd 2.4.20 (Jun 16 2010 10:21:06) $ abuild@anonymi:/usr/src/packages/BUILD/openldap-2.4.20/servers/slapd Nov 22 18:22:52 mgaauth1 slapd[12638]: daemon: IPv6 socket() failed errno=97 (Address family not supported by protocol) Nov 22 18:22:52 mgaauth1 slapd[12638]: daemon: IPv6 socket() failed errno=97 (Address family not supported by protocol) Nov 22 18:22:52 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/cn=schema.ldif" Nov 22 18:22:52 mgaauth1 slapd[12638]: => str2entry: "dn: cn=schema objectClass: olcSchemaConfig cn: schema structuralObjectClass: olcSchemaConfig entryUUID: 1a05f3b8-8ade-102f-8d02-5da984889200 creatorsName: cn=config createTimestamp: 20101122234350Z entryCSN: 20101122234350.437126Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20101122234350Z " Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn=schema> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn=schema>, <cn=schema> Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <= str2entry(cn=schema) -> 0x7ff49ab19758 Nov 22 18:22:52 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/cn=schema/cn={0}core.ldif" Nov 22 18:22:52 mgaauth1 slapd[12638]: => str2entry: "dn: cn={0}core objectClass: olcSchemaConfig cn: {0}core olcAttributeTypes: {0}( 2.5.4.2 NAME 'knowledgeInformation' DESC 'RFC2256: kno wledge information' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121. 1.15{32768} ) olcAttributeTypes: {1}( 2.5.4.4 NAME ( 'sn' 'surname' ) DESC 'RFC2256: last (f amily) name(s) for which the entity is known by' SUP name ) olcAttributeTypes: {2}( 2.5.4.5 NAME 'serialNumber' DESC 'RFC2256: serial numb er of the entity' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch S YNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} ) olcAttributeTypes: {3}( 2.5.4.6 NAME ( 'c' 'countryName' ) DESC 'RFC4519: two- letter ISO-3166 country code' SUP name SYNTAX 1.3.6.1.4.1.1466.115.121.1.11 S INGLE-VALUE ) olcAttributeTypes: {4}( 2.5.4.7 NAME ( 'l' 'localityName' ) DESC 'RFC2256: loc ality which this object resides in' SUP name ) olcAttributeTypes: {5}( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) DESC 'RFC2 256: state or province which this object resides in' SUP name ) olcAttributeTypes: {6}( 2.5.4.9 NAME ( 'street' 'streetAddress' ) DESC 'RFC225 6: street address of this object' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreS ubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) olcAttributeTypes: {7}( 2.5.4.10 NAME ( 'o' 'organizationName' ) DESC 'RFC2256 : organization this object belongs to' SUP name ) olcAttributeTypes: {8}( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) DESC ' RFC2256: organizational unit this object belongs to' SUP name ) olcAttributeTypes: {9}( 2.5.4.12 NAME 'title' DESC 'RFC2256: title associated with the entity' SUP name ) olcAttributeTypes: {10}( 2.5.4.14 NAME 'searchGuide' DESC 'RFC2256: search gui de, deprecated by enhancedSearchGuide' SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 ) olcAttributeTypes: {11}( 2.5.4.15 NAME 'businessCategory' DESC 'RFC2256: busin ess category' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTA X 1.3.6.1.4.1.1466.115.121.1.15{128} ) olcAttributeTypes: {12}( 2.5.4.16 NAME 'postalAddress' DESC 'RFC2256: postal a ddress' EQUALITY caseIgnoreListMatch SUBSTR caseIgnoreListSubstringsMatch SYN TAX 1.3.6.1.4.1.1466.115.121.1.41 ) olcAttributeTypes: {13}( 2.5.4.17 NAME 'postalCode' DESC 'RFC2256: postal code ' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4. 1.1466.115.121.1.15{40} ) olcAttributeTypes: {14}( 2.5.4.18 NAME 'postOfficeBox' DESC 'RFC2256: Post Off ice Box' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3 .6.1.4.1.1466.115.121.1.15{40} ) olcAttributeTypes: {15}( 2.5.4.19 NAME 'physicalDeliveryOfficeName' DESC 'RFC2 256: Physical Delivery Office Name' EQUALITY caseIgnoreMatch SUBSTR caseIgnor eSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) olcAttributeTypes: {16}( 2.5.4.20 NAME 'telephoneNumber' DESC 'RFC2256: Teleph one Number' EQUALITY telephoneNumberMatch SUBSTR telephoneNumberSubstringsMat ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} ) olcAttributeTypes: {17}( 2.5.4.21 NAME 'telexNumber' DESC 'RFC2256: Telex Numb er' SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 ) olcAttributeTypes: {18}( 2.5.4.22 NAME 'teletexTerminalIdentifier' DESC 'RFC22 56: Teletex Terminal Identifier' SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 ) olcAttributeTypes: {19}( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' ) DE SC 'RFC2256: Facsimile (Fax) Telephone Number' SYNTAX 1.3.6.1.4.1.1466.115.12 1.1.22 ) olcAttributeTypes: {20}( 2.5.4.24 NAME 'x121Address' DESC 'RFC2256: X.121 Addr ess' EQUALITY numericStringMatch SUBSTR numericStringSubstringsMatch SYNTAX 1 .3.6.1.4.1.1466.115.121.1.36{15} ) olcAttributeTypes: {21}( 2.5.4.25 NAME 'internationaliSDNNumber' DESC 'RFC2256 : international ISDN number' EQUALITY numericStringMatch SUBSTR numericString SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} ) olcAttributeTypes: {22}( 2.5.4.26 NAME 'registeredAddress' DESC 'RFC2256: regi stered postal address' SUP postalAddress SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) olcAttributeTypes: {23}( 2.5.4.27 NAME 'destinationIndicator' DESC 'RFC2256: d estination indicator' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMat ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} ) olcAttributeTypes: {24}( 2.5.4.28 NAME 'preferredDeliveryMethod' DESC 'RFC2256 : preferred delivery method' SYNTAX 1.3.6.1.4.1.1466.115.121.1.14 SINGLE-VALU E ) olcAttributeTypes: {25}( 2.5.4.29 NAME 'presentationAddress' DESC 'RFC2256: pr esentation address' EQUALITY presentationAddressMatch SYNTAX 1.3.6.1.4.1.1466 .115.121.1.43 SINGLE-VALUE ) olcAttributeTypes: {26}( 2.5.4.30 NAME 'supportedApplicationContext' DESC 'RFC 2256: supported application context' EQUALITY objectIdentifierMatch SYNTAX 1. 3.6.1.4.1.1466.115.121.1.38 ) olcAttributeTypes: {27}( 2.5.4.31 NAME 'member' DESC 'RFC2256: member of a gro up' SUP distinguishedName ) olcAttributeTypes: {28}( 2.5.4.32 NAME 'owner' DESC 'RFC2256: owner (of the ob ject)' SUP distinguishedName ) olcAttributeTypes: {29}( 2.5.4.33 NAME 'roleOccupant' DESC 'RFC2256: occupant of role' SUP distinguishedName ) olcAttributeTypes: {30}( 2.5.4.36 NAME 'userCertificate' DESC 'RFC2256: X.509 user certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX 1.3.6.1. 4.1.1466.115.121.1.8 ) olcAttributeTypes: {31}( 2.5.4.37 NAME 'cACertificate' DESC 'RFC2256: X.509 CA certificate, use ;binary' EQUALITY certificateExactMatch SYNTAX 1.3.6.1.4.1. 1466.115.121.1.8 ) olcAttributeTypes: {32}( 2.5.4.38 NAME 'authorityRevocationList' DESC 'RFC2256 : X.509 authority revocation list, use ;binary' SYNTAX 1.3.6.1.4.1.1466.115.1 21.1.9 ) olcAttributeTypes: {33}( 2.5.4.39 NAME 'certificateRevocationList' DESC 'RFC22 56: X.509 certificate revocation list, use ;binary' SYNTAX 1.3.6.1.4.1.1466.1 15.121.1.9 ) olcAttributeTypes: {34}( 2.5.4.40 NAME 'crossCertificatePair' DESC 'RFC2256: X .509 cross certificate pair, use ;binary' SYNTAX 1.3.6.1.4.1.1466.115.121.1.1 0 ) olcAttributeTypes: {35}( 2.5.4.42 NAME ( 'givenName' 'gn' ) DESC 'RFC2256: fir st name(s) for which the entity is known by' SUP name ) olcAttributeTypes: {36}( 2.5.4.43 NAME 'initials' DESC 'RFC2256: initials of s ome or all of names, but not the surname(s).' SUP name ) olcAttributeTypes: {37}( 2.5.4.44 NAME 'generationQualifier' DESC 'RFC2256: na me qualifier indicating a generation' SUP name ) olcAttributeTypes: {38}( 2.5.4.45 NAME 'x500UniqueIdentifier' DESC 'RFC2256: X .500 unique identifier' EQUALITY bitStringMatch SYNTAX 1.3.6.1.4.1.1466.115.1 21.1.6 ) olcAttributeTypes: {39}( 2.5.4.46 NAME 'dnQualifier' DESC 'RFC2256: DN qualifi er' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch SUBSTR caseIgno reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) olcAttributeTypes: {40}( 2.5.4.47 NAME 'enhancedSearchGuide' DESC 'RFC2256: en hanced search guide' SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 ) olcAttributeTypes: {41}( 2.5.4.48 NAME 'protocolInformation' DESC 'RFC2256: pr otocol information' EQUALITY protocolInformationMatch SYNTAX 1.3.6.1.4.1.1466 .115.121.1.42 ) olcAttributeTypes: {42}( 2.5.4.50 NAME 'uniqueMember' DESC 'RFC2256: unique me mber of a group' EQUALITY uniqueMemberMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1 .34 ) olcAttributeTypes: {43}( 2.5.4.51 NAME 'houseIdentifier' DESC 'RFC2256: house identifier' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) olcAttributeTypes: {44}( 2.5.4.52 NAME 'supportedAlgorithms' DESC 'RFC2256: su pported algorithms' SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 ) olcAttributeTypes: {45}( 2.5.4.53 NAME 'deltaRevocationList' DESC 'RFC2256: de lta revocation list; use ;binary' SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) olcAttributeTypes: {46}( 2.5.4.54 NAME 'dmdName' DESC 'RFC2256: name of DMD' S UP name ) olcAttributeTypes: {47}( 2.5.4.65 NAME 'pseudonym' DESC 'X.520(4th): pseudonym for the object' SUP name ) olcAttributeTypes: {48}( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbo x' ) DESC 'RFC1274: RFC822 Mailbox' EQUALITY caseIgnoreIA5Match SUBSTR ca seIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) olcAttributeTypes: {49}( 0.9.234 Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn={0}core> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn={0}core>, <cn={0}core> Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <= str2entry(cn={0}core) -> 0x7ff49ab19758 Nov 22 18:22:52 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/cn=schema/cn={1}cosine.ldif" Nov 22 18:22:52 mgaauth1 slapd[12638]: => str2entry: "dn: cn={1}cosine objectClass: olcSchemaConfig cn: {1}cosine olcAttributeTypes: {0}( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1. 1466.115.121.1.15{256} ) olcAttributeTypes: {1}( 0.9.2342.19200300.100.1.4 NAME 'info' DESC 'RFC1274: g eneral information' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} ) olcAttributeTypes: {2}( 0.9.2342.19200300.100.1.5 NAME ( 'drink' 'favouriteDri nk' ) DESC 'RFC1274: favorite drink' EQUALITY caseIgnoreMatch SUBSTR caseIgno reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {3}( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' DESC 'RFC1 274: room number' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch S YNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {4}( 0.9.2342.19200300.100.1.7 NAME 'photo' DESC 'RFC1274: photo (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} ) olcAttributeTypes: {5}( 0.9.2342.19200300.100.1.8 NAME 'userClass' DESC 'RFC12 74: category of user' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMat ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {6}( 0.9.2342.19200300.100.1.9 NAME 'host' DESC 'RFC1274: h ost computer' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTA X 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {7}( 0.9.2342.19200300.100.1.10 NAME 'manager' DESC 'RFC127 4: DN of manager' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115 .121.1.12 ) olcAttributeTypes: {8}( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier' D ESC 'RFC1274: unique identifier of document' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {9}( 0.9.2342.19200300.100.1.12 NAME 'documentTitle' DESC ' RFC1274: title of document' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstri ngsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {10}( 0.9.2342.19200300.100.1.13 NAME 'documentVersion' DES C 'RFC1274: version of document' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSu bstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {11}( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor' DESC 'RFC1274: DN of author of document' EQUALITY distinguishedNameMatch SYNTAX 1 .3.6.1.4.1.1466.115.121.1.12 ) olcAttributeTypes: {12}( 0.9.2342.19200300.100.1.15 NAME 'documentLocation' DE SC 'RFC1274: location of document original' EQUALITY caseIgnoreMatch SUBSTR c aseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {13}( 0.9.2342.19200300.100.1.20 NAME ( 'homePhone' 'homeTe lephoneNumber' ) DESC 'RFC1274: home telephone number' EQUALITY telephoneNumb erMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121 .1.50 ) olcAttributeTypes: {14}( 0.9.2342.19200300.100.1.21 NAME 'secretary' DESC 'RFC 1274: DN of secretary' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.146 6.115.121.1.12 ) olcAttributeTypes: {15}( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox' SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 ) olcAttributeTypes: {16}( 0.9.2342.19200300.100.1.26 NAME 'aRecord' EQUALITY ca seIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) olcAttributeTypes: {17}( 0.9.2342.19200300.100.1.27 NAME 'mDRecord' EQUALITY c aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) olcAttributeTypes: {18}( 0.9.2342.19200300.100.1.28 NAME 'mXRecord' EQUALITY c aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) olcAttributeTypes: {19}( 0.9.2342.19200300.100.1.29 NAME 'nSRecord' EQUALITY c aseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) olcAttributeTypes: {20}( 0.9.2342.19200300.100.1.30 NAME 'sOARecord' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) olcAttributeTypes: {21}( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord' EQUALIT Y caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) olcAttributeTypes: {22}( 0.9.2342.19200300.100.1.38 NAME 'associatedName' DESC 'RFC1274: DN of entry associated with domain' EQUALITY distinguishedNameMatc h SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) olcAttributeTypes: {23}( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress' D ESC 'RFC1274: home postal address' EQUALITY caseIgnoreListMatch SUBSTR caseIg noreListSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) olcAttributeTypes: {24}( 0.9.2342.19200300.100.1.40 NAME 'personalTitle' DESC 'RFC1274: personal title' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstring sMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {25}( 0.9.2342.19200300.100.1.41 NAME ( 'mobile' 'mobileTel ephoneNumber' ) DESC 'RFC1274: mobile telephone number' EQUALITY telephoneNum berMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.12 1.1.50 ) olcAttributeTypes: {26}( 0.9.2342.19200300.100.1.42 NAME ( 'pager' 'pagerTelep honeNumber' ) DESC 'RFC1274: pager telephone number' EQUALITY telephoneNumber Match SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1 .50 ) olcAttributeTypes: {27}( 0.9.2342.19200300.100.1.43 NAME ( 'co' 'friendlyCount ryName' ) DESC 'RFC1274: friendly country name' EQUALITY caseIgnoreMatch SUBS TR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) olcAttributeTypes: {28}( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier' DE SC 'RFC1274: unique identifer' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.14 66.115.121.1.15{256} ) olcAttributeTypes: {29}( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus ' DESC 'RFC1274: organizational status' EQUALITY caseIgnoreMatch SUBSTR caseI gnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {30}( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox' DESC ' RFC1274: Janet mailbox' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5Subst ringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) olcAttributeTypes: {31}( 0.9.2342.19200300.100.1.47 NAME 'mailPreferenceOption ' DESC 'RFC1274: mail preference option' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) olcAttributeTypes: {32}( 0.9.2342.19200300.100.1.48 NAME 'buildingName' DESC ' RFC1274: name of building' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstrin gsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) olcAttributeTypes: {33}( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality' DESC 'RF C1274: DSA Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 SINGLE-VALUE ) olcAttributeTypes: {34}( 0.9.2342.19200300.100.1.50 NAME 'singleLevelQuality' DESC 'RFC1274: Single Level Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SIN GLE-VALUE ) olcAttributeTypes: {35}( 0.9.2342.19200300.100.1.51 NAME 'subtreeMinimumQualit y' DESC 'RFC1274: Subtree Mininum Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1. 13 SINGLE-VALUE ) olcAttributeTypes: {36}( 0.9.2342.19200300.100.1.52 NAME 'subtreeMaximumQualit y' DESC 'RFC1274: Subtree Maximun Quality' SYNTAX 1.3.6.1.4.1.1466.115.121.1. 13 SINGLE-VALUE ) olcAttributeTypes: {37}( 0.9.2342.19200300.100.1.53 NAME 'personalSignature' D ESC 'RFC1274: Personal Signature (G3 fax)' SYNTAX 1.3.6.1.4.1.1466.115.121.1. 23 ) olcAttributeTypes: {38}( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect' DESC 'R FC1274: DIT Redirect' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466 .115.121.1.12 ) olcAttributeTypes: {39}( 0.9.2342.19200300.100.1.55 NAME 'audio' DESC 'RFC1274 : audio (u-law)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} ) olcAttributeTypes: {40}( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher' D ESC 'RFC1274: publisher of document' EQUALITY caseIgnoreMatch SUBSTR caseIgno reSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) olcObjectClasses: {0}( 0.9.2342.19200300.100.4.4 NAME ( 'pilotPerson' 'newPilo tPerson' ) SUP person STRUCTURAL MAY ( userid $ textEncodedORAddress $ rfc822 Mailbox $ favouriteDrink $ roomNumber $ userClass $ homeTelephoneNumber $ hom ePostalAddress $ secretary $ personalTitle $ preferredDeliveryMethod $ busine ssCategory $ janetMailbox $ otherMailbox $ mobileTelephoneNumber $ pagerTelep hone Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn={1}cosine> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn={1}cosine>, <cn={1}cosine> Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <= str2entry(cn={1}cosine) -> 0x7ff49ab19758 Nov 22 18:22:52 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/cn=schema/cn={2}inetorgperson.ldif" Nov 22 18:22:52 mgaauth1 slapd[12638]: => str2entry: "dn: cn={2}inetorgperson objectClass: olcSchemaConfig cn: {2}inetorgperson olcAttributeTypes: {0}( 2.16.840.1.113730.3.1.1 NAME 'carLicense' DESC 'RFC279 8: vehicle license or registration plate' EQUALITY caseIgnoreMatch SUBSTR cas eIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) olcAttributeTypes: {1}( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber' DESC ' RFC2798: identifies a department within an organization' EQUALITY caseIgnoreM atch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) olcAttributeTypes: {2}( 2.16.840.1.113730.3.1.241 NAME 'displayName' DESC 'RFC 2798: preferred name to be used when displaying entries' EQUALITY caseIgnoreM atch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SI NGLE-VALUE ) olcAttributeTypes: {3}( 2.16.840.1.113730.3.1.3 NAME 'employeeNumber' DESC 'RF C2798: numerically identifies an employee within an organization' EQUALITY ca seIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.12 1.1.15 SINGLE-VALUE ) olcAttributeTypes: {4}( 2.16.840.1.113730.3.1.4 NAME 'employeeType' DESC 'RFC2 798: type of employment for a person' EQUALITY caseIgnoreMatch SUBSTR caseIgn oreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) olcAttributeTypes: {5}( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto' DESC 'RFC2 798: a JPEG image' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 ) olcAttributeTypes: {6}( 2.16.840.1.113730.3.1.39 NAME 'preferredLanguage' DESC 'RFC2798: preferred written or spoken language for a person' EQUALITY caseIg noreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1. 15 SINGLE-VALUE ) olcAttributeTypes: {7}( 2.16.840.1.113730.3.1.40 NAME 'userSMIMECertificate' D ESC 'RFC2798: PKCS#7 SignedData used to support S/MIME' SYNTAX 1.3.6.1.4.1.14 66.115.121.1.5 ) olcAttributeTypes: {8}( 2.16.840.1.113730.3.1.216 NAME 'userPKCS12' DESC 'RFC2 798: personal identity information, a PKCS #12 PFX' SYNTAX 1.3.6.1.4.1.1466.1 15.121.1.5 ) olcObjectClasses: {0}( 2.16.840.1.113730.3.2.2 NAME 'inetOrgPerson' DESC 'RFC2 798: Internet Organizational Person' SUP organizationalPerson STRUCTURAL MAY ( audio $ businessCategory $ carLicense $ departmentNumber $ displayName $ em ployeeNumber $ employeeType $ givenName $ homePhone $ homePostalAddress $ ini tials $ jpegPhoto $ labeledURI $ mail $ manager $ mobile $ o $ pager $ photo $ roomNumber $ secretary $ uid $ userCertificate $ x500uniqueIdentifier $ pre ferredLanguage $ userSMIMECertificate $ userPKCS12 ) ) structuralObjectClass: olcSchemaConfig entryUUID: 1a06766c-8ade-102f-8d05-5da984889200 creatorsName: cn=config createTimestamp: 20101122234350Z entryCSN: 20101122234350.440473Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20101122234350Z " Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn={2}inetorgperson> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn={2}inetorgperson>, <cn={2}inetorgperson> Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:52 mgaauth1 slapd[12638]: <= str2entry(cn={2}inetorgperson) -> 0x7ff49ab19758 Nov 22 18:22:53 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/cn=schema/cn={3}rfc2307bis.ldif" Nov 22 18:22:53 mgaauth1 slapd[12638]: => str2entry: "dn: cn={3}rfc2307bis objectClass: olcSchemaConfig cn: {3}rfc2307bis olcAttributeTypes: {0}( 1.3.6.1.1.1.1.2 NAME 'gecos' DESC 'The GECOS field; th e common name' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatc h SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) olcAttributeTypes: {1}( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' DESC 'The absolut e path to the home directory' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1 466.115.121.1.26 SINGLE-VALUE ) olcAttributeTypes: {2}( 1.3.6.1.1.1.1.4 NAME 'loginShell' DESC 'The path to th e login shell' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.2 6 SINGLE-VALUE ) olcAttributeTypes: {3}( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange' EQUALITY integ erMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {4}( 1.3.6.1.1.1.1.6 NAME 'shadowMin' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {5}( 1.3.6.1.1.1.1.7 NAME 'shadowMax' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {6}( 1.3.6.1.1.1.1.8 NAME 'shadowWarning' EQUALITY integerM atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {7}( 1.3.6.1.1.1.1.9 NAME 'shadowInactive' EQUALITY integer Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {8}( 1.3.6.1.1.1.1.10 NAME 'shadowExpire' EQUALITY integerM atch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {9}( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' EQUALITY integerMat ch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {10}( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY caseExactI A5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) olcAttributeTypes: {11}( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup' EQUALITY ca seExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.11 5.121.1.26 ) olcAttributeTypes: {12}( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' DESC 'Netgr oup triple' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) olcAttributeTypes: {13}( 1.3.6.1.1.1.1.15 NAME 'ipServicePort' DESC 'Service p ort number' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE -VALUE ) olcAttributeTypes: {14}( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol' DESC 'Servi ce protocol name' SUP name ) olcAttributeTypes: {15}( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber' DESC 'IP pro tocol number' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SING LE-VALUE ) olcAttributeTypes: {16}( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber' DESC 'ONC RPC nu mber' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {17}( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber' DESC 'IPv4 addre sses as a dotted decimal omitting leading zeros or IPv6 addresses as de fined in RFC2373' SUP name ) olcAttributeTypes: {18}( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber' DESC 'IP netw ork as a dotted decimal, eg. 192.168, omitting leading zeros' SUP name SINGLE-VALUE ) olcAttributeTypes: {19}( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber' DESC 'IP netm ask as a dotted decimal, eg. 255.255.255.0, omitting leading zeros' EQU ALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) olcAttributeTypes: {20}( 1.3.6.1.1.1.1.22 NAME 'macAddress' DESC 'MAC address in maximal, colon separated hex notation, eg. 00:00:92:90:ee:e2' EQUALI TY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) olcAttributeTypes: {21}( 1.3.6.1.1.1.1.23 NAME 'bootParameter' DESC 'rpc.bootp aramd parameter' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1 .26 ) olcAttributeTypes: {22}( 1.3.6.1.1.1.1.24 NAME 'bootFile' DESC 'Boot image nam e' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) olcAttributeTypes: {23}( 1.3.6.1.1.1.1.26 NAME 'nisMapName' DESC 'Name of a A generic NIS map' SUP name ) olcAttributeTypes: {24}( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry' DESC 'A generic N IS entry' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTA X 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) olcAttributeTypes: {25}( 1.3.6.1.1.1.1.28 NAME 'nisPublicKey' DESC 'NIS public key' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-V ALUE ) olcAttributeTypes: {26}( 1.3.6.1.1.1.1.29 NAME 'nisSecretKey' DESC 'NIS secret key' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-V ALUE ) olcAttributeTypes: {27}( 1.3.6.1.1.1.1.30 NAME 'nisDomain' DESC 'NIS domain' E QUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26) olcAttributeTypes: {28}( 1.3.6.1.1.1.1.31 NAME 'automountMapName' DESC 'automo unt Map Name' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch S YNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) olcAttributeTypes: {29}( 1.3.6.1.1.1.1.32 NAME 'automountKey' DESC 'Automount Key value' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNT AX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) olcAttributeTypes: {30}( 1.3.6.1.1.1.1.33 NAME 'automountInformation' DESC 'Au tomount information' EQUALITY caseExactIA5Match SUBSTR caseExactIA5Substrings Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) olcObjectClasses: {0}( 1.3.6.1.1.1.2.0 NAME 'posixAccount' SUP top AUXILIARY D ESC 'Abstraction of an account with POSIX attributes' MUST ( cn $ uid $ uidNu mber $ gidNumber $ homeDirectory ) MAY ( userPassword $ loginShell $ gecos $ description ) ) olcObjectClasses: {1}( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' SUP top AUXILIARY DESC 'Additional attributes for shadow passwords' MUST uid MAY ( userPassword $ description $ shadowLastChange $ shadowMin $ shadowMax $ shado wWarning $ shadowInactive $ shadowExpire $ shadowFlag ) ) olcObjectClasses: {2}( 1.3.6.1.1.1.2.2 NAME 'posixGroup' SUP top AUXILIARY DES C 'Abstraction of a group of accounts' MUST gidNumber MAY ( userPassword $ me mberUid $ description ) ) olcObjectClasses: {3}( 1.3.6.1.1.1.2.3 NAME 'ipService' SUP top STRUCTURAL DES C 'Abstraction an Internet Protocol service. Maps an IP port and protoc ol (such as tcp or udp) to one or more names; the distinguished value o f the cn attribute denotes the services canonical name' MUST ( cn $ ipServicePort $ ipServiceProtocol ) MAY description ) olcObjectClasses: {4}( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' SUP top STRUCTURAL DE SC 'Abstraction of an IP protocol. Maps a protocol number to one or mor e names. The distinguished value of the cn attribute denotes the protoc ols canonical name' MUST ( cn $ ipProtocolNumber ) MAY description ) olcObjectClasses: {5}( 1.3.6.1.1.1.2.5 NAME 'oncRpc' SUP top STRUCTURAL DESC ' Abstraction of an Open Network Computing (ONC) [RFC1057] Remote Procedur e Call (RPC) binding. This class maps an ONC RPC number to a name. The distinguished value of the cn attribute denotes the RPC services can onical name' MUST ( cn $ oncRpcNumber ) MAY description ) olcObjectClasses: {6}( 1.3.6.1.1.1.2.6 NAME 'ipHost' SUP top AUXILIARY DESC 'A bstraction of a host, an IP device. The distinguished value of the cn a ttribute denotes the hosts canonical name. Device SHOULD be used as a s tructural class' MUST ( cn $ ipHostNumber ) MAY ( userPassword $ l $ descript ion $ manager ) ) olcObjectClasses: {7}( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' SUP top STRUCTURAL DES C 'Abstraction of a network. The distinguished value of the cn attribut e denotes the networks canonical name' MUST ipNetworkNumber MAY ( cn $ ipNetm askNumber $ l $ description $ manager ) ) olcObjectClasses: {8}( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' SUP top STRUCTURAL D ESC 'Abstraction of a netgroup. May refer to other netgroups' MUST cn MAY ( n isNetgroupTriple $ memberNisNetgroup $ description ) ) olcObjectClasses: {9}( 1.3.6.1.1.1.2.9 NAME 'nisMap' SUP top STRUCTURAL DESC ' A generic abstraction of a NIS map' MUST nisMapName MAY description ) olcObjectClasses: {10}( 1.3.6.1.1.1.2.10 NAME 'nisObject' SUP top STRUCTURAL D ESC 'An entry in a NIS map' MUST ( cn $ nisMapE Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn={3}rfc2307bis> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn={3}rfc2307bis>, <cn={3}rfc2307bis> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <= str2entry(cn={3}rfc2307bis) -> 0x7ff49ab19758 Nov 22 18:22:53 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/cn=schema/cn={4}yast.ldif" Nov 22 18:22:53 mgaauth1 slapd[12638]: => str2entry: "dn: cn={4}yast objectClass: olcSchemaConfig cn: {4}yast olcObjectIdentifier: {0}SUSE 1.3.6.1.4.1.7057 olcObjectIdentifier: {1}SUSE.YaST SUSE:10.1 olcObjectIdentifier: {2}SUSE.YaST.ModuleConfig SUSE:10.1.2 olcObjectIdentifier: {3}SUSE.YaST.ModuleConfig.OC SUSE.YaST.ModuleConfig:1 olcObjectIdentifier: {4}SUSE.YaST.ModuleConfig.Attr SUSE.YaST.ModuleConfig:2 olcAttributeTypes: {0}( SUSE.YaST.ModuleConfig.Attr:2 NAME ( 'suseDefaultBase' ) DESC 'Base DN where new Objects should be created by default' EQUALITY dis tinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) olcAttributeTypes: {1}( SUSE.YaST.ModuleConfig.Attr:3 NAME ( 'suseNextUniqueId ' ) DESC 'Next unused unique ID, can be used to generate directory wide uniqe IDs' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1. 1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {2}( SUSE.YaST.ModuleConfig.Attr:4 NAME ( 'suseMinUniqueId' ) DESC 'lower Border for Unique IDs' EQUALITY integerMatch ORDERING integerO rderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {3}( SUSE.YaST.ModuleConfig.Attr:5 NAME ( 'suseMaxUniqueId' ) DESC 'upper Border for Unique IDs' EQUALITY integerMatch ORDERING integerO rderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {4}( SUSE.YaST.ModuleConfig.Attr:6 NAME ( 'suseDefaultTempl ate' ) DESC 'The DN of a template that should be used by default' EQUALITY di stinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) olcAttributeTypes: {5}( SUSE.YaST.ModuleConfig.Attr:7 NAME ( 'suseSearchFilter ' ) DESC 'Search filter to localize Objects' SYNTAX 1.3.6.1.4.1.1466.115.121. 1.15 SINGLE-VALUE ) olcAttributeTypes: {6}( SUSE.YaST.ModuleConfig.Attr:11 NAME ( 'suseDefaultValu e' ) DESC 'an Attribute-Value-Assertions to define defaults for specific Attr ibutes' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) olcAttributeTypes: {7}( SUSE.YaST.ModuleConfig.Attr:12 NAME ( 'suseNamingAttri bute' ) DESC 'AttributeType that should be used as the RDN' EQUALITY caseIgno reIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) olcAttributeTypes: {8}( SUSE.YaST.ModuleConfig.Attr:15 NAME ( 'suseSecondaryGr oup' ) DESC 'seconday group DN' EQUALITY distinguishedNameMatch SYNTAX 1.3.6. 1.4.1.1466.115.121.1.12 ) olcAttributeTypes: {9}( SUSE.YaST.ModuleConfig.Attr:16 NAME ( 'suseMinPassword Length' ) DESC 'minimum Password length for new users' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VAL UE ) olcAttributeTypes: {10}( SUSE.YaST.ModuleConfig.Attr:17 NAME ( 'suseMaxPasswor dLength' ) DESC 'maximum Password length for new users' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VA LUE ) olcAttributeTypes: {11}( SUSE.YaST.ModuleConfig.Attr:18 NAME ( 'susePasswordHa sh' ) DESC 'Hash method to use for new users' EQUALITY caseIgnoreIA5Match SYN TAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) olcAttributeTypes: {12}( SUSE.YaST.ModuleConfig.Attr:19 NAME ( 'suseSkelDir' ) DESC '' EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) olcAttributeTypes: {13}( SUSE.YaST.ModuleConfig.Attr:20 NAME ( 'susePlugin' ) DESC 'plugin to use upon user/ group creation' EQUALITY caseIgnoreMatch SYNTA X 1.3.6.1.4.1.1466.115.121.1.15 ) olcAttributeTypes: {14}( SUSE.YaST.ModuleConfig.Attr:21 NAME ( 'suseMapAttribu te' ) DESC '' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) olcAttributeTypes: {15}( SUSE.YaST.ModuleConfig.Attr:22 NAME ( 'suseImapServer ' ) DESC '' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) olcAttributeTypes: {16}( SUSE.YaST.ModuleConfig.Attr:23 NAME ( 'suseImapAdmin' ) DESC '' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) olcAttributeTypes: {17}( SUSE.YaST.ModuleConfig.Attr:24 NAME ( 'suseImapDefaul tQuota' ) DESC '' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) olcAttributeTypes: {18}( SUSE.YaST.ModuleConfig.Attr:25 NAME ( 'suseImapUseSsl ' ) DESC '' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121 .1.7 SINGLE-VALUE ) olcObjectClasses: {0}( SUSE.YaST.ModuleConfig.OC:2 NAME 'suseModuleConfigurati on' SUP top STRUCTURAL DESC 'Contains configuration of Management Modu les' MUST ( cn ) MAY ( suseDefaultBase )) olcObjectClasses: {1}( SUSE.YaST.ModuleConfig.OC:3 NAME 'suseUserConfiguration ' SUP suseModuleConfiguration STRUCTURAL DESC 'Configuration of user m anagement tools' MAY ( suseMinPasswordLength $ suseMaxPasswordLength $ susePasswordHash $ suseSkelDir $ suseNextUniqueId $ suseMinUniqueId $ suseMaxUniqueId $ suseDefaultTemplate $ suseSearchFilter $ suseMapAttribute )) olcObjectClasses: {2}( SUSE.YaST.ModuleConfig.OC:4 NAME 'suseObjectTemplate' SUP top STRUCTURAL DESC 'Base Class for Object-Templates' MUST ( cn ) M AY ( susePlugin $ suseDefaultValue $ suseNamingAttribute )) olcObjectClasses: {3}( SUSE.YaST.ModuleConfig.OC:5 NAME 'suseUserTemplate' SUP suseObjectTemplate STRUCTURAL DESC 'User object template' MUST ( cn ) MAY ( suseSecondaryGroup )) olcObjectClasses: {4}( SUSE.YaST.ModuleConfig.OC:6 NAME 'suseGroupTemplate' SUP suseObjectTemplate STRUCTURAL DESC 'Group object template' MUST ( cn )) olcObjectClasses: {5}( SUSE.YaST.ModuleConfig.OC:7 NAME 'suseGroupConfiguratio n' SUP suseModuleConfiguration STRUCTURAL DESC 'Configuration of user management tools' MAY ( suseNextUniqueId $ suseMinUniqueId $ suseMaxUni queId $ suseDefaultTemplate $ suseSearchFilter $ suseMapAttribut e )) olcObjectClasses: {6}( SUSE.YaST.ModuleConfig.OC:8 NAME 'suseCaConfiguration' SUP suseModuleConfiguration STRUCTURAL DESC 'Configuration of CA manage ment tools') olcObjectClasses: {7}( SUSE.YaST.ModuleConfig.OC:9 NAME 'suseDnsConfiguration' SUP suseModuleConfiguration STRUCTURAL DESC 'Configuration of mail se rver management tools') olcObjectClasses: {8}( SUSE.YaST.ModuleConfig.OC:10 NAME 'suseDhcpConfiguratio n' SUP suseModuleConfiguration STRUCTURAL DESC 'Configuration of DHCP server management tools') olcObjectClasses: {9}( SUSE.YaST.ModuleConfig.OC:11 NAME 'suseMailConfiguratio n' SUP suseModuleConfiguration STRUCTURAL DESC 'Configuration of IMAP user management tools' MUST ( suseImapServer $ suseImapAdmin $ suseImap DefaultQuota $ suseImapUseSsl )) structuralObjectClass: olcSchemaConfig entryUUID: 1a06ad4e-8ade-102f-8d07-5da984889200 creatorsName: cn=config createTimestamp: 20101122234350Z entryCSN: 20101122234350.441878Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20101122234350Z " Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn={4}yast> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn={4}yast>, <cn={4}yast> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <= str2entry(cn={4}yast) -> 0x7ff49ab19758 Nov 22 18:22:53 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/cn=schema/cn={5}kerberos.ldif" Nov 22 18:22:53 mgaauth1 slapd[12638]: => str2entry: "dn: cn={5}kerberos objectClass: olcSchemaConfig cn: {5}kerberos olcAttributeTypes:: ezB9KCAyLjE2Ljg0MC4xLjExMzcxOS4xLjMwMS40LjEuMSAgICAgICAgIC AgICAgIE5BTUUgJ2tyYlByaW5jaXBhbE5hbWUnICAgICAgICAgICAgICAgRVFVQUxJVFkgY2FzZUV 4YWN0SUE1TWF0Y2ggCVNVQlNUUiBjYXNlRXhhY3RTdWJzdHJpbmdzTWF0Y2ggICAgICAgICAgICAg ICBTWU5UQVggMS4zLjYuMS40LjEuMTQ2Ni4xMTUuMTIxLjEuMjYp olcAttributeTypes: {1}( 1.2.840.113554.1.4.1.6.1 NAME 'krbCanoni calName' EQUALITY caseExactIA5Match SUBSTR caseEx actSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE) olcAttributeTypes: {2}( 2.16.840.1.113719.1.301.4.3.1 NAME 'krbP rincipalType' EQUALITY integerMatch SYNTAX 1.3.6. 1.4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {3}( 2.16.840.1.113719.1.301.4.5.1 NAME 'krbU PEnabled' DESC 'Boolean' SYNTAX 1.3.6.1.4.1.1466. 115.121.1.7 SINGLE-VALUE) olcAttributeTypes: {4}( 2.16.840.1.113719.1.301.4.6.1 NAME 'krbP rincipalExpiration' EQUALITY generalizedTimeMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE) olcAttributeTypes: {5}( 2.16.840.1.113719.1.301.4.8.1 NAME 'krbT icketFlags' EQUALITY integerMatch SYNTAX 1.3.6.1. 4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {6}( 2.16.840.1.113719.1.301.4.9.1 NAME 'krbM axTicketLife' EQUALITY integerMatch SYNTAX 1.3.6. 1.4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {7}( 2.16.840.1.113719.1.301.4.10.1 NAME 'krb MaxRenewableAge' EQUALITY integerMatch SYNTAX 1.3 .6.1.4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {8}( 2.16.840.1.113719.1.301.4.14.1 NAME 'krb RealmReferences' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) olcAttributeTypes: {9}( 2.16.840.1.113719.1.301.4.15.1 NAME 'krb LdapServers' EQUALITY caseIgnoreMatch SYNTAX 1.3. 6.1.4.1.1466.115.121.1.15) olcAttributeTypes: {10}( 2.16.840.1.113719.1.301.4.17.1 NAME 'kr bKdcServers' EQUALITY distinguishedNameMatch SYNT AX 1.3.6.1.4.1.1466.115.121.1.12) olcAttributeTypes: {11}( 2.16.840.1.113719.1.301.4.18.1 NAME 'kr bPwdServers' EQUALITY distinguishedNameMatch SYNT AX 1.3.6.1.4.1.1466.115.121.1.12) olcAttributeTypes: {12}( 2.16.840.1.113719.1.301.4.24.1 NAME 'kr bHostServer' EQUALITY caseExactIA5Match SYNTAX 1. 3.6.1.4.1.1466.115.121.1.26) olcAttributeTypes: {13}( 2.16.840.1.113719.1.301.4.25.1 NAME 'kr bSearchScope' EQUALITY integerMatch SYNTAX 1.3.6. 1.4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {14}( 2.16.840.1.113719.1.301.4.26.1 NAME 'kr bPrincipalReferences' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) olcAttributeTypes: {15}( 2.16.840.1.113719.1.301.4.28.1 NAME 'kr bPrincNamingAttr' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE) olcAttributeTypes: {16}( 2.16.840.1.113719.1.301.4.29.1 NAME 'kr bAdmServers' EQUALITY distinguishedNameMatch SYNT AX 1.3.6.1.4.1.1466.115.121.1.12) olcAttributeTypes: {17}( 2.16.840.1.113719.1.301.4.30.1 NAME 'kr bMaxPwdLife' EQUALITY integerMatch SYNTAX 1.3.6.1 .4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {18}( 2.16.840.1.113719.1.301.4.31.1 NAME 'kr bMinPwdLife' EQUALITY integerMatch SYNTAX 1.3.6.1 .4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {19}( 2.16.840.1.113719.1.301.4.32.1 NAME 'kr bPwdMinDiffChars' EQUALITY integerMatch SYNTAX 1 .3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {20}( 2.16.840.1.113719.1.301.4.33.1 NAME 'kr bPwdMinLength' EQUALITY integerMatch SYNTAX 1.3. 6.1.4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {21}( 2.16.840.1.113719.1.301.4.34.1 NAME 'kr bPwdHistoryLength' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {22}( 1.3.6.1.4.1.5322.21.2.1 NAME 'krbPwdMax Failure' EQUALITY integerMatch SYNTAX 1.3.6.1.4. 1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {23}( 1.3.6.1.4.1.5322.21.2.2 NAME 'krbPwdFai lureCountInterval' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {24}( 1.3.6.1.4.1.5322.21.2.3 NAME 'krbPwdLoc koutDuration' EQUALITY integerMatch SYNTAX 1.3.6 .1.4.1.1466.115.121.1.27 SINGLE-VALUE) olcAttributeTypes: {25}( 2.16.840.1.113719.1.301.4.36.1 NAME 'kr bPwdPolicyReference' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE) olcAttributeTypes: {26}( 2.16.840.1.113719.1.301.4.37.1 NAME 'kr bPasswordExpiration' EQUALITY generalizedTimeMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE) olcAttributeTypes: {27}( 2.16.840.1.113719.1.301.4.39.1 NAME 'kr bPrincipalKey' EQUALITY octetStringMatch SYNTAX 1 .3.6.1.4.1.1466.115.121.1.40) olcAttributeTypes: {28}( 2.16.840.1.113719.1.301.4.40.1 NAME 'kr bTicketPolicyReference' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE) olcAttributeTypes: {29}( 2.16.840.1.113719.1.301.4.41.1 NAME 'kr bSubTrees' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) olcAttributeTypes: {30}( 2.16.840.1.113719.1.301.4.42.1 NAME 'kr bDefaultEncSaltTypes' EQUALITY caseIgnoreMatch SY NTAX 1.3.6.1.4.1.1466.115.121.1.15) olcAttributeTypes: {31}( 2.16.840.1.113719.1.301.4.43.1 NAME 'kr bSupportedEncSaltTypes' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) olcAttributeTypes: {32}( 2.16.840.1.113719.1.301.4.44.1 NAME 'kr bPwdHistory' EQUALITY octetStringMatch SYNTAX 1.3 .6.1.4.1.1466.115.121.1.40) olcAttributeTypes: {33}( 2.16.840.1.113719.1.301.4.45.1 NAME 'kr bLastPwdChange' EQUALITY generalizedTimeMatch SYN TAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE) olcAttributeTypes: {34}( 2.16.840.1.113719.1.301.4.46.1 NAME 'kr bMKey' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4 .1.1466.115.121.1.40) olcAttributeTypes: {35}( 2.16.840.1.113719.1.301.4.47.1 NAME 'kr bPrincipalAliases' EQUALITY caseExactIA5Match SYN TAX 1.3.6.1.4.1.1466.115.121.1.26) olcAttributeTypes: {36}( 2.16.840.1.113719.1.301.4.48.1 NAME 'kr bLastSuccessfulAuth' EQUALITY generalizedTimeMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE) olcAttributeTypes: {37}( 2.16.840.1.113719.1.301.4.49.1 NAME 'kr bLastFailedAuth' EQUALITY generalizedTimeMatch SY NTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE) olcAttributeTypes: {38}( 2.16.840.1.113719.1.301.4.50.1 NAME 'kr bLo Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn={5}kerberos> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn={5}kerberos>, <cn={5}kerberos> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <= str2entry(cn={5}kerberos) -> 0x7ff49ab19758 Nov 22 18:22:53 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/cn=schema/cn={6}uidnext.ldif" Nov 22 18:22:53 mgaauth1 slapd[12638]: => str2entry: "dn: cn={6}uidnext objectClass: olcSchemaConfig cn: {6}uidnext olcObjectClasses: {0}( 1.1.2.2.1.30 NAME 'uidnext' SUP top STRUCTURAL MUST ( cn $ uidNumber )) structuralObjectClass: olcSchemaConfig entryUUID: 189d1db6-8adf-102f-87a7-a13f60af0032 creatorsName: cn=config createTimestamp: 20101122235057Z entryCSN: 20101122235057.569075Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20101122235057Z " Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn={6}uidnext> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn={6}uidnext>, <cn={6}uidnext> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <= str2entry(cn={6}uidnext) -> 0x7ff49ab19758 Nov 22 18:22:53 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/olcDatabase={-1}frontend.ldif" Nov 22 18:22:53 mgaauth1 slapd[12638]: => str2entry: "dn: olcDatabase={-1}frontend objectClass: olcDatabaseConfig olcDatabase: {-1}frontend olcAccess: {0}to dn.base="" by * read olcAccess: {1}to dn.base="cn=Subschema" by * read structuralObjectClass: olcDatabaseConfig entryUUID: 1a06c66c-8ade-102f-8d08-5da984889200 creatorsName: cn=config createTimestamp: 20101122234350Z entryCSN: 20101122234350.442520Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20101122234350Z " Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <olcDatabase={-1}frontend> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <olcDatabase={-1}frontend>, <olcDatabase={-1}frontend> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <= str2entry(olcDatabase={-1}frontend) -> 0x7ff49ab19758 Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=Subschema> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=subschema> Nov 22 18:22:53 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/olcDatabase={0}config.ldif" Nov 22 18:22:53 mgaauth1 slapd[12638]: => str2entry: "dn: olcDatabase={0}config objectClass: olcDatabaseConfig olcDatabase: {0}config olcAccess: {0}to * by dn.base="uid=syncrepl,ou=system,dc=ls,dc=cbn" read by * break olcLimits: {0}dn.exact="uid=syncrepl,ou=system,dc=ls,dc=cbn" size.soft=unlimit ed olcRootDN: cn=config olcRootPW:: e1NTSEF9K3hqNDB5T2U1ZGtyTU45aWVrMGhpSlFMMFVGUlFVNWFXZz09 olcSecurity: simple_bind=128 ssf=71 olcSyncrepl: {0}rid=1 provider="ldap://mgaauth1.ni.ls.cbn/" searchbase="cn=con fig" type="refreshAndPersist" retry="120 +" starttls=critical tls_reqcert=dem and bindmethod="simple" binddn="uid=syncrepl,ou=system,dc=ls,dc=cbn" credenti als="I9BpLVmLdOaL" olcUpdateRef: ldap://mgaauth1.ni.ls.cbn/ structuralObjectClass: olcDatabaseConfig entryUUID: 1a06cd10-8ade-102f-8d09-5da984889200 creatorsName: cn=config createTimestamp: 20101122234350Z entryCSN: 20101122234350.442690Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20101122234350Z " Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <olcDatabase={0}config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <olcDatabase={0}config>, <olcDatabase={0}config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <= str2entry(olcDatabase={0}config) -> 0x7ff49ab19758 Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn=config>, <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <uid=syncrepl,ou=system,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <uid=syncrepl,ou=system,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <uid=syncrepl,ou=system,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <uid=syncrepl,ou=system,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn=config>, <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <uid=syncrepl,ou=system,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <uid=syncrepl,ou=system,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/olcDatabase={0}config/olcOverlay={0}syncprov.ldif" Nov 22 18:22:53 mgaauth1 slapd[12638]: => str2entry: "dn: olcOverlay={0}syncprov objectClass: olcSyncProvConfig olcOverlay: {0}syncprov olcSpCheckpoint: 100 10 structuralObjectClass: olcSyncProvConfig entryUUID: 1a06d9fe-8ade-102f-8d0a-5da984889200 creatorsName: cn=config createTimestamp: 20101122234350Z entryCSN: 20101122234350.443021Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20101122234350Z " Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <olcOverlay={0}syncprov> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <olcOverlay={0}syncprov>, <olcOverlay={0}syncprov> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <= str2entry(olcOverlay={0}syncprov) -> 0x7ff49ab19758 Nov 22 18:22:53 mgaauth1 slapd[12638]: ldif_read_file: read entry file: "/etc/openldap/slapd.d/cn=config/olcDatabase={1}hdb.ldif" Nov 22 18:22:53 mgaauth1 slapd[12638]: => str2entry: "dn: olcDatabase={1}hdb objectClass: olcDatabaseConfig objectClass: olcHdbConfig olcDatabase: {1}hdb olcDbDirectory: /var/lib/ldap olcSuffix: dc=ls,dc=cbn olcAccess: {0}to attrs=userPassword by self write by * auth olcAccess: {1}to attrs=shadowLastChange by self write by * read olcAccess: {2}to attrs=userPKCS12 by self read by * none olcAccess: {3}to * by * read olcRootDN: cn=admin,dc=ls,dc=cbn olcRootPW:: e1NTSEF9TkJSVVEyR0FGMlNQN1dsbFh3eS9GK2t5MFBST1UxaEpWQT09 olcUpdateRef: ldap://anubis.ls.cbn/ olcDbCacheSize: 10000 olcDbCheckpoint: 1024 5 olcDbConfig: {0}set_cachesize 0 15000000 1 olcDbConfig: {1}set_lg_regionmax 262144 olcDbConfig: {2}set_lg_bsize 2097152 olcDbConfig: {3}set_flags DB_LOG_AUTOREMOVE olcDbIDLcacheSize: 30000 olcDbIndex: objectclass eq olcDbIndex: uidNumber eq olcDbIndex: gidNumber eq olcDbIndex: member eq olcDbIndex: memberUid eq olcDbIndex: mail eq olcDbIndex: cn eq,sub olcDbIndex: displayName eq,sub olcDbIndex: uid eq,sub olcDbIndex: sn eq,sub olcDbIndex: givenName eq,sub olcDbIndex: entryUUID eq olcDbIndex: entryCSN eq structuralObjectClass: olcHdbConfig entryUUID: 65b86196-8adf-102f-87a8-a13f60af0032 creatorsName: cn=config createTimestamp: 20101122235306Z olcSyncrepl: {0}rid=2 provider="ldap://anubis.ls.cbn/" searchbase="dc=ls,dc=cb n" type="refreshOnly" retry="120 +" interval="00:00:01:00" starttls=critical tls_reqcert=demand bindmethod="simple" binddn="uid=syncrepl,ou=system,dc=ls,d c=cbn" credentials="lieguYwHee" entryCSN: 20101123001649.251496Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20101123001649Z " Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <olcDatabase={1}hdb> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <olcDatabase={1}hdb>, <olcDatabase={1}hdb> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=admin,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=admin,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=config> Nov 22 18:22:53 mgaauth1 slapd[12638]: <= str2entry(olcDatabase={1}hdb) -> 0x7ff49ab19758 Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <dc=ls,dc=cbn>, <dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn=admin,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn=admin,dc=ls,dc=cbn>, <cn=admin,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: hdb_db_init: Initializing HDB database Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <dc=ls,dc=cbn>, <dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnPrettyNormal: <cn=admin,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnPrettyNormal: <cn=admin,dc=ls,dc=cbn>, <cn=admin,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <uid=syncrepl,ou=system,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <uid=syncrepl,ou=system,dc=ls,dc=cbn> Nov 22 18:22:53 mgaauth1 slapd[12638]: send_ldap_result: conn=-1 op=0 p=0 Nov 22 18:22:53 mgaauth1 slapd[12638]: send_ldap_result: err=0 matched="" text="" Nov 22 18:22:53 mgaauth1 slapd[12638]: >>> dnNormalize: <cn=Subschema> Nov 22 18:22:53 mgaauth1 slapd[12638]: <<< dnNormalize: <cn=subschema> Nov 22 18:22:53 mgaauth1 slapd[12638]: matching_rule_use_init Nov 22 18:22:53 mgaauth1 slapd[12638]: 1.2.840.113556.1.4.804 (integerBitOrMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 1.2.840.113556.1.4.804 NAME 'integerBitOrMatch' APPLIES ( supportedLDAPVersion $ entryTtl $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcWriteTimeout $ olcDbCacheFree $ olcDbCacheSize $ olcDbDNcacheSize $ olcDbIDLcacheSize $ olcDbSearchStack $ olcDbShmKey $ olcChainMaxReferralDepth $ olcDbProtocolVersion $ olcDbConnectionPoolMax $ olcDDSmaxDynamicObjects $ olcPcacheMaxQueries $ olcRetcodeSleep $ olcSssVlvMax $ olcSssVlvMaxKeys $ olcSpSessionlog $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpcNumber $ suseNextUniqueId $ suseMinUniqueId $ suseMaxUniqueId $ suseMinPasswordLength $ suseMaxPasswordLength $ suseImapDefaultQuota $ krbPrincipalType $ krbTicketFlags $ krbMaxTicketLife $ krbMaxRenewableAge $ krbSearchScope $ krbMaxPwdLife $ krbMinPwdLife $ krbPwdMinDiffChars $ krbPwdMinLength $ krbPwdHistoryLength $ krbPwdMaxFailure $ krbPwdFailureCountInterval $ krbPwdLockoutDuration $ krbLoginFailedCount ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 1.2.840.113556.1.4.803 (integerBitAndMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 1.2.840.113556.1.4.803 NAME 'integerBitAndMatch' APPLIES ( supportedLDAPVersion $ entryTtl $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcWriteTimeout $ olcDbCacheFree $ olcDbCacheSize $ olcDbDNcacheSize $ olcDbIDLcacheSize $ olcDbSearchStack $ olcDbShmKey $ olcChainMaxReferralDepth $ olcDbProtocolVersion $ olcDbConnectionPoolMax $ olcDDSmaxDynamicObjects $ olcPcacheMaxQueries $ olcRetcodeSleep $ olcSssVlvMax $ olcSssVlvMaxKeys $ olcSpSessionlog $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpcNumber $ suseNextUniqueId $ suseMinUniqueId $ suseMaxUniqueId $ suseMinPasswordLength $ suseMaxPasswordLength $ suseImapDefaultQuota $ krbPrincipalType $ krbTicketFlags $ krbMaxTicketLife $ krbMaxRenewableAge $ krbSearchScope $ krbMaxPwdLife $ krbMinPwdLife $ krbPwdMinDiffChars $ krbPwdMinLength $ krbPwdHistoryLength $ krbPwdMaxFailure $ krbPwdFailureCountInterval $ krbPwdLockoutDuration $ krbLoginFailedCount ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 1.3.6.1.4.1.1466.109.114.2 (caseIgnoreIA5Match): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' APPLIES ( altServer $ olcDbConfig $ c $ mail $ dc $ associatedDomain $ email $ aRecord $ mDRecord $ mXRecord $ nSRecord $ sOARecord $ cNAMERecord $ janetMailbox $ gecos $ homeDirectory $ loginShell $ memberUid $ memberNisNetgroup $ nisNetgroupTriple $ ipNetmaskNumber $ macAddress $ bootParameter $ bootFile $ nisMapEntry $ nisDomain $ automountMapName $ automountKey $ automountInformation $ suseNamingAttribute $ susePasswordHash $ suseSkelDir $ krbPrincipalName $ krbCanonicalName $ krbHostServer $ krbPrincipalAliases $ krbAllowedToDelegateTo ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 1.3.6.1.4.1.1466.109.114.1 (caseExactIA5Match): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' APPLIES ( altServer $ olcDbConfig $ c $ mail $ dc $ associatedDomain $ email $ aRecord $ mDRecord $ mXRecord $ nSRecord $ sOARecord $ cNAMERecord $ janetMailbox $ gecos $ homeDirectory $ loginShell $ memberUid $ memberNisNetgroup $ nisNetgroupTriple $ ipNetmaskNumber $ macAddress $ bootParameter $ bootFile $ nisMapEntry $ nisDomain $ automountMapName $ automountKey $ automountInformation $ suseNamingAttribute $ susePasswordHash $ suseSkelDir $ krbPrincipalName $ krbCanonicalName $ krbHostServer $ krbPrincipalAliases $ krbAllowedToDelegateTo ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.39 (certificateListMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.38 (certificateListExactMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.38 NAME 'certificateListExactMatch' APPLIES ( authorityRevocationList $ certificateRevocationList $ deltaRevocationList ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.35 (certificateMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.34 (certificateExactMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.34 NAME 'certificateExactMatch' APPLIES ( userCertificate $ cACertificate ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.30 (objectIdentifierFirstComponentMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.30 NAME 'objectIdentifierFirstComponentMatch' APPLIES ( supportedControl $ supportedExtension $ supportedFeatures $ ldapSyntaxes $ supportedApplicationContext ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.29 (integerFirstComponentMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.29 NAME 'integerFirstComponentMatch' APPLIES ( supportedLDAPVersion $ entryTtl $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcWriteTimeout $ olcDbCacheFree $ olcDbCacheSize $ olcDbDNcacheSize $ olcDbIDLcacheSize $ olcDbSearchStack $ olcDbShmKey $ olcChainMaxReferralDepth $ olcDbProtocolVersion $ olcDbConnectionPoolMax $ olcDDSmaxDynamicObjects $ olcPcacheMaxQueries $ olcRetcodeSleep $ olcSssVlvMax $ olcSssVlvMaxKeys $ olcSpSessionlog $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpcNumber $ suseNextUniqueId $ suseMinUniqueId $ suseMaxUniqueId $ suseMinPasswordLength $ suseMaxPasswordLength $ suseImapDefaultQuota $ krbPrincipalType $ krbTicketFlags $ krbMaxTicketLife $ krbMaxRenewableAge $ krbSearchScope $ krbMaxPwdLife $ krbMinPwdLife $ krbPwdMinDiffChars $ krbPwdMinLength $ krbPwdHistoryLength $ krbPwdMaxFailure $ krbPwdFailureCountInterval $ krbPwdLockoutDuration $ krbLoginFailedCount ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.27 (generalizedTimeMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.27 NAME 'generalizedTimeMatch' APPLIES ( createTimestamp $ modifyTimestamp $ pwdChangedTime $ pwdAccountLockedTime $ pwdFailureTime $ pwdGraceUseTime $ krbPrincipalExpiration $ krbPasswordExpiration $ krbLastPwdChange $ krbLastSuccessfulAuth $ krbLastFailedAuth ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.24 (protocolInformationMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.24 NAME 'protocolInformationMatch' APPLIES protocolInformation ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.23 (uniqueMemberMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.23 NAME 'uniqueMemberMatch' APPLIES uniqueMember ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.22 (presentationAddressMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.22 NAME 'presentationAddressMatch' APPLIES presentationAddress ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.20 (telephoneNumberMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.20 NAME 'telephoneNumberMatch' APPLIES ( telephoneNumber $ homePhone $ mobile $ pager ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.17 (octetStringMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.17 NAME 'octetStringMatch' APPLIES ( userPassword $ olcDbCryptKey $ pwdHistory $ nisPublicKey $ nisSecretKey $ krbPrincipalKey $ krbPwdHistory $ krbMKey $ krbExtraData ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.16 (bitStringMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.16 NAME 'bitStringMatch' APPLIES x500UniqueIdentifier ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.14 (integerMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.14 NAME 'integerMatch' APPLIES ( supportedLDAPVersion $ entryTtl $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcWriteTimeout $ olcDbCacheFree $ olcDbCacheSize $ olcDbDNcacheSize $ olcDbIDLcacheSize $ olcDbSearchStack $ olcDbShmKey $ olcChainMaxReferralDepth $ olcDbProtocolVersion $ olcDbConnectionPoolMax $ olcDDSmaxDynamicObjects $ olcPcacheMaxQueries $ olcRetcodeSleep $ olcSssVlvMax $ olcSssVlvMaxKeys $ olcSpSessionlog $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpcNumber $ suseNextUniqueId $ suseMinUniqueId $ suseMaxUniqueId $ suseMinPasswordLength $ suseMaxPasswordLength $ suseImapDefaultQuota $ krbPrincipalType $ krbTicketFlags $ krbMaxTicketLife $ krbMaxRenewableAge $ krbSearchScope $ krbMaxPwdLife $ krbMinPwdLife $ krbPwdMinDiffChars $ krbPwdMinLength $ krbPwdHistoryLength $ krbPwdMaxFailure $ krbPwdFailureCountInterval $ krbPwdLockoutDuration $ krbLoginFailedCount ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.13 (booleanMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.13 NAME 'booleanMatch' APPLIES ( hasSubordinates $ olcAddContentAcl $ olcGentleHUP $ olcHidden $ olcLastMod $ olcMirrorMode $ olcMonitoring $ olcReadOnly $ olcReverseLookup $ olcSyncUseSubentry $ olcDbChecksum $ olcDbNoSync $ olcDbDirtyRead $ olcDbLinearIndex $ olcChainCacheURI $ olcChainReturnError $ olcDbRebindAsUser $ olcDbChaseReferrals $ olcDbProxyWhoAmI $ olcDbSingleConn $ olcDbUseTemporaryConn $ olcDbNoRefs $ olcDbNoUndefFilter $ olcAccessLogSuccess $ olcDDSstate $ olcMemberOfRefInt $ pwdReset $ olcPPolicyHashCleartext $ olcPPolicyForwardUpdates $ olcPPolicyUseLockout $ olcPcachePersist $ olcPcacheValidate $ olcPcacheOffline $ olcRetcodeInDir $ olcRwmNormalizeMapped $ olcRwmDropUnrequested $ olcSpNoPresent $ olcSpReloadHint $ olcTranslucentStrict $ olcTranslucentNoGlue $ olcTranslucentBindLocal $ olcTranslucentPwModLocal $ olcUniqueStrict $ suseImapUseSsl $ krbUPEnabled ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.11 (caseIgnoreListMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.11 NAME 'caseIgnoreListMatch' APPLIES ( postalAddress $ registeredAddress $ homePostalAddress ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.8 (numericStringMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.8 NAME 'numericStringMatch' APPLIES ( x121Address $ internationaliSDNNumber ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.7 (caseExactSubstringsMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.7 NAME 'caseExactSubstringsMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.6 (caseExactOrderingMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.6 NAME 'caseExactOrderingMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.5 (caseExactMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.5 NAME 'caseExactMatch' APPLIES ( supportedSASLMechanisms $ vendorName $ vendorVersion $ ref $ name $ cn $ uid $ labeledURI $ description $ olcConfigFile $ olcConfigDir $ olcAccess $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcBackend $ olcDatabase $ olcDisallows $ olcDitContentRules $ olcInclude $ olcLdapSyntaxes $ olcLimits $ olcLogFile $ olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectClasses $ olcObjectIdentifier $ olcOverlay $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPlugin $ olcPluginLogFile $ olcReferral $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDSE $ olcRootPW $ olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcServerID $ olcSizeLimit $ olcSortVals $ olcSubordinate $ olcSyncrepl $ olcTCPBuffer $ olcTimeLimit $ olcTLSCACertificateFile $ olcTLSCACertificatePath $ olcTLSCertificateFile $ olcTLSCertificateKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ olcTLSCRLFile $ olcTLSRandFile $ olcTLSVerifyClient $ olcTLSDHParamFile $ olcTLSProtocolMin $ olcUpdateRef $ olcDbDirectory $ olcDbCheckpoint $ olcDbCryptFile $ olcDbPageSize $ olcDbIndex $ olcDbLockDetect $ olcDbMode $ olcChainingBehavior $ olcDbURI $ olcDbStartTLS $ olcDbACLPasswd $ olcDbACLBind $ olcDbIDAssertPasswd $ olcDbIDAssertBind $ olcDbIDAssertMode $ olcDbIDAssertAuthzFrom $ olcDbTFSupport $ olcDbTimeout $ olcDbIdleTimeout $ olcDbConnTtl $ olcDbNetworkTimeout $ olcDbCancel $ olcDbQuarantine $ olcAccessLogOps $ olcAccessLogPurge $ olcAccessLogOld $ olcAccessLogOldAttr $ olcAuditlogFile $ olcCollectInfo $ olcConstraintAttribute $ olcDDSmaxTtl $ olcDDSminTtl $ olcDDSdefaultTtl $ olcDDSinterval $ olcDDStolerance $ olcDGAttrPair $ olcDlAttrSet $ olcMemberOfDangling $ olcMemberOfGroupOC $ olcMemberOfMemberAD $ olcMemberOfMemberOfAD $ olcMemberOfDanglingError $ olcPcache $ olcPcacheAttrset $ olcPcacheTemplate $ olcPcachePosition $ olcPcacheBind $ olcRefintAttribute $ olcRetcodeItem $ olcRwmRewrite $ olcRwmTFSupport $ olcRwmMap $ olcSpCheckpoint $ olcTranslucentLocal $ olcTranslucentRemote $ olcUniqueIgnore $ olcUniqueAttribute $ olcUniqueURI $ olcValSortAttr $ knowledgeInformation $ sn $ serialNumber $ c $ l $ st $ street $ o $ ou $ title $ businessCategory $ postalCode $ postOfficeBox $ physicalDeliveryOfficeName $ destinationIndicator $ givenName $ initials $ generationQualifier $ dnQualifier $ houseIdentifier $ dmdName $ pseudonym $ textEncodedORAddress $ info $ drink $ roomNumber $ userClass $ host $ documentIdentifier $ documentTitle $ documentVersion $ documentLocation $ personalTitle $ co $ uniqueIdentifier $ organizationalStatus $ buildingName $ documentPublisher $ carLicense $ departmentNumber $ displayName $ employeeNumber $ employeeType $ preferredLanguage $ ipServiceProtocol $ ipHostNumber $ ipNetworkNumber $ nisMapName $ suseSearchFilter $ suseDefaultValue $ susePlugin $ suseMapAttribute $ suseImapServer $ suseImapAdmin $ krbLdapServers $ krbPrincNamingAttr $ krbDefaultEncSaltTypes $ krbSupportedEncSaltTypes ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.4 (caseIgnoreSubstringsMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.4 NAME 'caseIgnoreSubstringsMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.3 (caseIgnoreOrderingMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.3 NAME 'caseIgnoreOrderingMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.2 (caseIgnoreMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.2 NAME 'caseIgnoreMatch' APPLIES ( supportedSASLMechanisms $ vendorName $ vendorVersion $ ref $ name $ cn $ uid $ labeledURI $ description $ olcConfigFile $ olcConfigDir $ olcAccess $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcBackend $ olcDatabase $ olcDisallows $ olcDitContentRules $ olcInclude $ olcLdapSyntaxes $ olcLimits $ olcLogFile $ olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectClasses $ olcObjectIdentifier $ olcOverlay $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPlugin $ olcPluginLogFile $ olcReferral $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDSE $ olcRootPW $ olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcServerID $ olcSizeLimit $ olcSortVals $ olcSubordinate $ olcSyncrepl $ olcTCPBuffer $ olcTimeLimit $ olcTLSCACertificateFile $ olcTLSCACertificatePath $ olcTLSCertificateFile $ olcTLSCertificateKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ olcTLSCRLFile $ olcTLSRandFile $ olcTLSVerifyClient $ olcTLSDHParamFile $ olcTLSProtocolMin $ olcUpdateRef $ olcDbDirectory $ olcDbCheckpoint $ olcDbCryptFile $ olcDbPageSize $ olcDbIndex $ olcDbLockDetect $ olcDbMode $ olcChainingBehavior $ olcDbURI $ olcDbStartTLS $ olcDbACLPasswd $ olcDbACLBind $ olcDbIDAssertPasswd $ olcDbIDAssertBind $ olcDbIDAssertMode $ olcDbIDAssertAuthzFrom $ olcDbTFSupport $ olcDbTimeout $ olcDbIdleTimeout $ olcDbConnTtl $ olcDbNetworkTimeout $ olcDbCancel $ olcDbQuarantine $ olcAccessLogOps $ olcAccessLogPurge $ olcAccessLogOld $ olcAccessLogOldAttr $ olcAuditlogFile $ olcCollectInfo $ olcConstraintAttribute $ olcDDSmaxTtl $ olcDDSminTtl $ olcDDSdefaultTtl $ olcDDSinterval $ olcDDStolerance $ olcDGAttrPair $ olcDlAttrSet $ olcMemberOfDangling $ olcMemberOfGroupOC $ olcMemberOfMemberAD $ olcMemberOfMemberOfAD $ olcMemberOfDanglingError $ olcPcache $ olcPcacheAttrset $ olcPcacheTemplate $ olcPcachePosition $ olcPcacheBind $ olcRefintAttribute $ olcRetcodeItem $ olcRwmRewrite $ olcRwmTFSupport $ olcRwmMap $ olcSpCheckpoint $ olcTranslucentLocal $ olcTranslucentRemote $ olcUniqueIgnore $ olcUniqueAttribute $ olcUniqueURI $ olcValSortAttr $ knowledgeInformation $ sn $ serialNumber $ c $ l $ st $ street $ o $ ou $ title $ businessCategory $ postalCode $ postOfficeBox $ physicalDeliveryOfficeName $ destinationIndicator $ givenName $ initials $ generationQualifier $ dnQualifier $ houseIdentifier $ dmdName $ pseudonym $ textEncodedORAddress $ info $ drink $ roomNumber $ userClass $ host $ documentIdentifier $ documentTitle $ documentVersion $ documentLocation $ personalTitle $ co $ uniqueIdentifier $ organizationalStatus $ buildingName $ documentPublisher $ carLicense $ departmentNumber $ displayName $ employeeNumber $ employeeType $ preferredLanguage $ ipServiceProtocol $ ipHostNumber $ ipNetworkNumber $ nisMapName $ suseSearchFilter $ suseDefaultValue $ susePlugin $ suseMapAttribute $ suseImapServer $ suseImapAdmin $ krbLdapServers $ krbPrincNamingAttr $ krbDefaultEncSaltTypes $ krbSupportedEncSaltTypes ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 1.2.36.79672281.1.13.3 (rdnMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.1 (distinguishedNameMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.1 NAME 'distinguishedNameMatch' APPLIES ( creatorsName $ modifiersName $ subschemaSubentry $ entryDN $ namingContexts $ aliasedObjectName $ dynamicSubtrees $ distinguishedName $ seeAlso $ olcDefaultSearchBase $ olcRootDN $ olcSchemaDN $ olcSuffix $ olcUpdateDN $ olcDbACLAuthcDn $ olcDbIDAssertAuthcDn $ olcRelay $ olcAccessLogDB $ memberOf $ olcMemberOfDN $ pwdPolicySubentry $ olcPPolicyDefault $ olcRefintNothing $ olcRefintModifiersName $ olcRetcodeParent $ olcUniqueBase $ member $ owner $ roleOccupant $ manager $ documentAuthor $ secretary $ associatedName $ dITRedirect $ suseDefaultBase $ suseDefaultTemplate $ suseSecondaryGroup $ krbRealmReferences $ krbKdcServers $ krbPwdServers $ krbPrincipalReferences $ krbAdmServers $ krbPwdPolicyReference $ krbTicketPolicyReference $ krbSubTrees $ krbObjectReferences $ krbPrincContainerRef ) ) Nov 22 18:22:53 mgaauth1 slapd[12638]: 2.5.13.0 (objectIdentifierMatch): Nov 22 18:22:53 mgaauth1 slapd[12638]: matchingRuleUse: ( 2.5.13.0 NAME 'objectIdentifierMatch' APPLIES ( supportedControl $ supportedExtension $ supportedFeatures $ supportedApplicationContext ) ) Nov 22 18:22:53 mgaauth1 slapd[12651]: slapd startup: initiated. Nov 22 18:22:53 mgaauth1 slapd[12651]: backend_startup_one: starting "cn=config" Nov 22 18:22:53 mgaauth1 slapd[12651]: config_back_db_open Nov 22 18:22:53 mgaauth1 slapd[12651]: send_ldap_result: conn=-1 op=0 p=0 Nov 22 18:22:53 mgaauth1 slapd[12651]: send_ldap_result: err=0 matched="" text="" Nov 22 18:22:53 mgaauth1 slapd[12651]: backend_startup_one: starting "dc=ls,dc=cbn" Nov 22 18:22:53 mgaauth1 slapd[12651]: hdb_db_open: "dc=ls,dc=cbn" Nov 22 18:22:53 mgaauth1 slapd[12651]: hdb_db_open: database "dc=ls,dc=cbn": dbenv_open(/var/lib/ldap). Nov 22 18:22:53 mgaauth1 slapd[12651]: hdb_monitor_db_open: monitoring disabled; configure monitor database to enable Nov 22 18:22:53 mgaauth1 slapd[12651]: slapd starting Nov 22 18:22:53 mgaauth1 slapd[12651]: =>do_syncrepl rid=002 Nov 22 18:22:53 mgaauth1 slapd[12651]: => bdb_entry_get: ndn: "dc=ls,dc=cbn" Nov 22 18:22:53 mgaauth1 slapd[12651]: => bdb_entry_get: oc: "(null)", at: "contextCSN" Nov 22 18:22:53 mgaauth1 slapd[12651]: bdb_dn2entry("dc=ls,dc=cbn") Nov 22 18:22:53 mgaauth1 slapd[12651]: => hdb_dn2id("dc=ls,dc=cbn") Nov 22 18:22:53 mgaauth1 slapd[12651]: <= hdb_dn2id: got id=0x1 Nov 22 18:22:53 mgaauth1 slapd[12651]: entry_decode: "" Nov 22 18:22:53 mgaauth1 slapd[12651]: <= entry_decode() Nov 22 18:22:53 mgaauth1 slapd[12651]: bdb_entry_get: rc=0 Nov 22 18:22:53 mgaauth1 slapd[12651]: =>do_syncrep2 rid=002 Nov 22 18:22:53 mgaauth1 slapd[12651]: do_syncrep2: rid=002 LDAP_RES_SEARCH_RESULT Nov 22 18:22:54 mgaauth1 slapd[12651]: slap_listener_activate(7): Nov 22 18:22:54 mgaauth1 slapd[12651]: >>> slap_listener(ldap://) Nov 22 18:22:54 mgaauth1 slapd[12651]: conn=1000 fd=13 ACCEPT from IP=127.0.0.1:33205 (IP=0.0.0.0:389) Nov 22 18:22:54 mgaauth1 slapd[12651]: connection_get(13) Nov 22 18:22:54 mgaauth1 slapd[12651]: connection_get(13): got connid=1000 Nov 22 18:22:54 mgaauth1 slapd[12651]: connection_read(13): checking for input on id=1000 Nov 22 18:22:54 mgaauth1 slapd[12651]: op tag 0x60, time 1290471774 Nov 22 18:22:54 mgaauth1 slapd[12651]: conn=1000 op=0 do_bind Nov 22 18:22:54 mgaauth1 slapd[12651]: >>> dnPrettyNormal: <> Nov 22 18:22:54 mgaauth1 slapd[12651]: <<< dnPrettyNormal: <>, <> Nov 22 18:22:54 mgaauth1 slapd[12651]: conn=1000 op=0 BIND dn="" method=128 Nov 22 18:22:54 mgaauth1 slapd[12651]: do_bind: version=3 dn="" method=128 Nov 22 18:22:54 mgaauth1 slapd[12651]: send_ldap_result: conn=1000 op=0 p=3 Nov 22 18:22:54 mgaauth1 slapd[12651]: send_ldap_result: err=0 matched="" text="" Nov 22 18:22:54 mgaauth1 slapd[12651]: send_ldap_response: msgid=1 tag=97 err=0 Nov 22 18:22:54 mgaauth1 slapd[12651]: conn=1000 op=0 RESULT tag=97 err=0 text= Nov 22 18:22:54 mgaauth1 slapd[12651]: do_bind: v3 anonymous bind Nov 22 18:22:54 mgaauth1 slapd[12651]: connection_get(13) Nov 22 18:22:54 mgaauth1 slapd[12651]: connection_get(13): got connid=1000 Nov 22 18:22:54 mgaauth1 slapd[12651]: connection_read(13): checking for input on id=1000 Nov 22 18:22:54 mgaauth1 slapd[12651]: op tag 0x63, time 1290471774 Nov 22 18:22:54 mgaauth1 slapd[12651]: conn=1000 op=1 do_search Nov 22 18:22:54 mgaauth1 slapd[12651]: >>> dnPrettyNormal: <> Nov 22 18:22:54 mgaauth1 slapd[12651]: <<< dnPrettyNormal: <>, <> Nov 22 18:22:54 mgaauth1 slapd[12651]: SRCH "" 0 0 Nov 22 18:22:54 mgaauth1 slapd[12651]: 0 0 0 Nov 22 18:22:54 mgaauth1 slapd[12651]: filter: (objectClass=*) Nov 22 18:22:54 mgaauth1 slapd[12651]: attrs: Nov 22 18:22:54 mgaauth1 slapd[12651]: Nov 22 18:22:54 mgaauth1 slapd[12651]: conn=1000 op=1 SRCH base="" scope=0 deref=0 filter="(objectClass=*)" Nov 22 18:22:54 mgaauth1 slapd[12651]: => send_search_entry: conn 1000 dn="" Nov 22 18:22:54 mgaauth1 slapd[12651]: conn=1000 op=1 ENTRY dn="" Nov 22 18:22:54 mgaauth1 slapd[12651]: <= send_search_entry: conn 1000 exit. Nov 22 18:22:54 mgaauth1 slapd[12651]: send_ldap_result: conn=1000 op=1 p=3 Nov 22 18:22:54 mgaauth1 slapd[12651]: send_ldap_result: err=0 matched="" text="" Nov 22 18:22:54 mgaauth1 slapd[12651]: send_ldap_response: msgid=2 tag=101 err=0 Nov 22 18:22:54 mgaauth1 slapd[12651]: conn=1000 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Nov 22 18:22:54 mgaauth1 slapd[12651]: connection_get(13) Nov 22 18:22:54 mgaauth1 slapd[12651]: connection_get(13): got connid=1000 Nov 22 18:22:54 mgaauth1 slapd[12651]: connection_read(13): checking for input on id=1000 Nov 22 18:22:54 mgaauth1 slapd[12651]: op tag 0x42, time 1290471774 Nov 22 18:22:54 mgaauth1 slapd[12651]: conn=1000 op=2 do_unbind Nov 22 18:22:54 mgaauth1 slapd[12651]: conn=1000 op=2 UNBIND Nov 22 18:22:54 mgaauth1 slapd[12651]: connection_close: conn=1000 sd=13 Nov 22 18:22:54 mgaauth1 slapd[12651]: conn=1000 fd=13 closed
Any idea what could be going on?
Thanks,
I have fixed this problem. There was a problem with the DB_CONFIG file.
Hi,
Am Mon, 22 Nov 2010 19:24:26 -0500 schrieb Bram Cymet bcymet@cbnco.com:
Hi,
I am trying to set up a syncrepl consumer. I have done this a number of times without any problem.
The consumer seems to be connecting via TLS to the producer and authenticating but the consumer directory never gets populated.
Here is the log from the producer:
[...] Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text= Nov 22 19:19:58 anubis slapd[24088]: connection_get(15) Nov 22 19:19:58 anubis slapd[24088]: connection_get(15): got connid=1026 Nov 22 19:19:58 anubis slapd[24088]: connection_read(15): checking for input on id=1026 Nov 22 19:19:58 anubis slapd[24088]: op tag 0x42, time 1290471598 Nov 22 19:19:58 anubis slapd[24088]: ber_get_next on fd 15 failed errno=0 (Success) Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=3 do_unbind Nov 22 19:19:58 anubis slapd[24088]: conn=1026 op=3 UNBIND Nov 22 19:19:58 anubis slapd[24088]: connection_close: conn=1026 sd=15 Nov 22 19:19:58 anubis slapd[24088]: conn=1026 fd=15 closed
The search result is obvious (nentries=0), check access rules and limits.
[...]
Any idea what could be going on?
-Dieter
openldap-technical@openldap.org