In Use: Oracle OpenLDAP 2.4.30, I cannot change to the OpenLDAP version that one can compile. Problem: I have the module and overlay in the conf files and slaptest says it's fine. Both files are from Openldap.org version 2.4.37But how do I test it? I have created unix shell scripts to do actions like add, delete, modify, view, etc. I can share these if requested. But I am unsure on the lock, unlock, policy stuff. Also, How should the OpenLDAP hierarchy look? Here's mine: dn: dc=bozo_company,dc=com ou: com objectClass: dcObject objectClass: organizationalUnit objectClass: top dc: bozo_company userPassword: {SSHA}XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX dn: cn=Directory Administrators,dc=bozo_company,dc=com objectClass: top objectClass: groupOfUniqueNames cn: Directory Administrators uniqueMember: cn=clownadmin,ou=Special Users,dc=bozo_company,dc=com uniqueMember: cn=david.barr,ou=People,dc=bozo_company,dc=com dn: ou=Groups,dc=bozo_company,dc=com objectClass: top objectClass: organizationalUnit ou: Groups dn: ou=People,dc=bozo_company,dc=com objectClass: top objectClass: organizationalUnit ou: People dn: ou=Special Users,dc=bozo_company,dc=com objectClass: top objectClass: organizationalUnit ou: Special Users description: Special Administrative Accounts dn: cn=Accounting Managers,ou=groups,dc=bozo_company,dc=com objectClass: top objectClass: groupOfUniqueNames cn: Accounting Managers ou: groups description: People who can manage accounting entries uniqueMember: cn=clownadmin,ou=Special Users,dc=bozo_company,dc=com uniqueMember: uid=Replica,ou=People,dc=bozo_company,dc=com uniqueMember: cn=david.barr,ou=People,dc=bozo_company,dc=com dn: cn=HR Managers,ou=groups,dc=bozo_company,dc=com objectClass: top objectClass: groupOfUniqueNames cn: HR Managers ou: groups description: People who can manage HR entries uniqueMember: cn=clownadmin,ou=Special Users,dc=bozo_company,dc=com uniqueMember: cn=david.barr,ou=People,dc=bozo_company,dc=com dn: cn=QA Managers,ou=groups,dc=bozo_company,dc=com objectClass: top objectClass: groupOfUniqueNames cn: QA Managers ou: groups description: People who can manage QA entries uniqueMember: cn=clownadmin,ou=Special Users,dc=bozo_company,dc=com uniqueMember: cn=david.barr,ou=People,dc=bozo_company,dc=com dn: cn=PD Managers,ou=groups,dc=bozo_company,dc=com objectClass: top objectClass: groupOfUniqueNames cn: PD Managers ou: groups description: People who can manage engineer entries uniqueMember: cn=clownadmin,ou=Special Users,dc=bozo_company,dc=com uniqueMember: cn=david.barr,ou=People,dc=bozo_company,dc=com dn: ou=Services,dc=bozo_company,dc=com ou: Services objectClass: top objectClass: organizationalUnit dn: ou=DML,ou=Services,dc=bozo_company,dc=com ou: DML objectClass: top objectClass: organizationalUnit dn: ou=1.0,ou=DML,ou=Services,dc=bozo_company,dc=com ou: 1.0 objectClass: top objectClass: organizationalUnit dn: ou=UserForm,ou=1.0,ou=DML,ou=Services,dc=bozo_company,dc=com ou: UserForm objectClass: top objectClass: organizationalUnit dn: ou=Configuration,ou=1.0,ou=DML,ou=Services,dc=bozo_company,dc=com ou: Configuration objectClass: top objectClass: organizationalUnit dn: cn=Configuration:#ID#Configuration:SystemConfiguration,ou=Configuration,ou=1 .0,ou=DML,ou=Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: Configuration:#ID#Configuration:SystemConfiguration dn: cn=Configuration:#ID#Configuration:CustomRoles,ou=Configuration,ou=1.0,ou=DM L,ou=Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: Configuration:#ID#Configuration:CustomRoles dn: cn=Configuration:#ID#Configuration:DmlManagedDirectory,ou=Configuration,ou=1 .0,ou=DML,ou=Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: Configuration:#ID#Configuration:DmlManagedDirectory dn: cn=UserForm:#ID#UserForm:DefaultUserForm,ou=UserForm,ou=1.0,ou=DML,ou=Servic es,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultUserForm dn: cn=UserForm:#ID#UserForm:DefaultNtUserForm,ou=UserForm,ou=1.0,ou=DML,ou=Serv ices,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultNtUserForm dn: cn=UserForm:#ID#UserForm:DefaultHomeForm,ou=UserForm,ou=1.0,ou=DML,ou=Servic es,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultHomeForm dn: cn=UserForm:#ID#UserForm:DefaultDMLObjectForm,ou=UserForm,ou=1.0,ou=DML,ou=S ervices,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultDMLObjectForm dn: cn=UserForm:#ID#UserForm:DefaultCreateForm,ou=UserForm,ou=1.0,ou=DML,ou=Serv ices,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultCreateForm dn: cn=UserForm:#ID#UserForm:DefaultObjectClassSelectionForm,ou=UserForm,ou=1.0, ou=DML,ou=Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultObjectClassSelectionForm dn: cn=UserForm:#ID#UserForm:DefaultDisplayComponentFields,ou=UserForm,ou=1.0,ou =DML,ou=Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultDisplayComponentFields dn: cn=UserForm:#ID#UserForm:DefaultEditFieldForm,ou=UserForm,ou=1.0,ou=DML,ou=S ervices,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultEditFieldForm dn: cn=UserForm:#ID#UserForm:DefaultListFormsForm,ou=UserForm,ou=1.0,ou=DML,ou=S ervices,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultListFormsForm dn: cn=UserForm:#ID#UserForm:DefaultEditFormForm,ou=UserForm,ou=1.0,ou=DML,ou=Se rvices,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultEditFormForm dn: cn=UserForm:#ID#UserForm:DefaultGroupForm,ou=UserForm,ou=1.0,ou=DML,ou=Servi ces,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultGroupForm dn: cn=UserForm:#ID#UserForm:DefaultFindLibrary,ou=UserForm,ou=1.0,ou=DML,ou=Ser vices,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultFindLibrary dn: cn=UserForm:#ID#UserForm:DefaultGroupFilterForm,ou=UserForm,ou=1.0,ou=DML,ou =Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultGroupFilterForm dn: cn=UserForm:#ID#UserForm:DefaultOuForm,ou=UserForm,ou=1.0,ou=DML,ou=Services ,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultOuForm dn: cn=UserForm:#ID#UserForm:DefaultDomainForm,ou=UserForm,ou=1.0,ou=DML,ou=Serv ices,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultDomainForm dn: cn=UserForm:#ID#UserForm:DefaultLocalityForm,ou=UserForm,ou=1.0,ou=DML,ou=Se rvices,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultLocalityForm dn: cn=UserForm:#ID#UserForm:DefaultFindForm,ou=UserForm,ou=1.0,ou=DML,ou=Servic es,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultFindForm dn: cn=UserForm:#ID#UserForm:DefaultSearchConfigForm,ou=UserForm,ou=1.0,ou=DML,o u=Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultSearchConfigForm dn: cn=Configuration:#ID#Configuration:DefaultSearchOptions,ou=Configuration,ou= 1.0,ou=DML,ou=Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: Configuration:#ID#Configuration:DefaultSearchOptions dn: cn=UserForm:#ID#UserForm:DefaultCOSTemplateForm,ou=UserForm,ou=1.0,ou=DML,ou =Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultCOSTemplateForm dn: cn=UserForm:#ID#UserForm:DefaultExtensionsEditForm,ou=UserForm,ou=1.0,ou=DML ,ou=Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultExtensionsEditForm dn: cn=UserForm:#ID#UserForm:DefaultManagedDirectoryForm,ou=UserForm,ou=1.0,ou=D ML,ou=Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultManagedDirectoryForm dn: cn=UserForm:#ID#UserForm:DefaultOrganizationPickerForm,ou=UserForm,ou=1.0,ou =DML,ou=Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultOrganizationPickerForm dn: cn=UserForm:#ID#UserForm:DefaultListNamingAttributesForm,ou=UserForm,ou=1.0, ou=DML,ou=Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultListNamingAttributesForm dn: cn=UserForm:#ID#UserForm:DefaultNamingAttributeForm,ou=UserForm,ou=1.0,ou=DM L,ou=Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultNamingAttributeForm dn: cn=UserForm:#ID#UserForm:DefaultRolesForm,ou=UserForm,ou=1.0,ou=DML,ou=Servi ces,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultRolesForm dn: cn=UserForm:#ID#UserForm:DefaultRoleForm,ou=UserForm,ou=1.0,ou=DML,ou=Servic es,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultRoleForm dn: cn=UserForm:#ID#UserForm:DefaultDeleteForm,ou=UserForm,ou=1.0,ou=DML,ou=Serv ices,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultDeleteForm dn: cn=UserForm:#ID#UserForm:DefaultDeleteGeneralPurposeForm,ou=UserForm,ou=1.0, ou=DML,ou=Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultDeleteGeneralPurposeForm dn: cn=UserForm:#ID#UserForm:DefaultEnableForm,ou=UserForm,ou=1.0,ou=DML,ou=Serv ices,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultEnableForm dn: cn=UserForm:#ID#UserForm:DefaultDisableForm,ou=UserForm,ou=1.0,ou=DML,ou=Ser vices,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultDisableForm dn: cn=UserForm:#ID#UserForm:DefaultRenameForm,ou=UserForm,ou=1.0,ou=DML,ou=Serv ices,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultRenameForm dn: cn=UserForm:#ID#UserForm:DefaultConfigBackupRestoreForm,ou=UserForm,ou=1.0,o u=DML,ou=Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultConfigBackupRestoreForm dn: cn=UserForm:#ID#UserForm:DefaultBrowseForm,ou=UserForm,ou=1.0,ou=DML,ou=Serv ices,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultBrowseForm dn: cn=Configuration:#ID#Configuration:ComponentProperties,ou=Configuration,ou=1 .0,ou=DML,ou=Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: Configuration:#ID#Configuration:ComponentProperties dn: cn=Configuration:#ID#Configuration:DefaultFormConfiguration,ou=Configuration ,ou=1.0,ou=DML,ou=Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: Configuration:#ID#Configuration:DefaultFormConfiguration dn: cn=Configuration:#ID#Configuration:DefaultRoles,ou=Configuration,ou=1.0,ou=D ML,ou=Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: Configuration:#ID#Configuration:DefaultRoles dn: cn=Configuration:#ID#Configuration:DefaultCapabilities,ou=Configuration,ou=1 .0,ou=DML,ou=Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: Configuration:#ID#Configuration:DefaultCapabilities dn: cn=Configuration:#ID#Configuration:DefaultNamingAttributesConfiguration,ou=C onfiguration,ou=1.0,ou=DML,ou=Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: Configuration:#ID#Configuration:DefaultNamingAttributesConfiguration dn: cn=UserForm:#ID#UserForm:DefaultEditPasswordForm,ou=UserForm,ou=1.0,ou=DML,o u=Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:DefaultEditPasswordForm dn: cn=Configuration:#ID#Configuration:WPSearchOptions,ou=Configuration,ou=1.0,o u=DML,ou=Services,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: Configuration:#ID#Configuration:WPSearchOptions dn: cn=UserForm:#ID#UserForm:WPSearchLibrary,ou=UserForm,ou=1.0,ou=DML,ou=Servic es,dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:WPSearchLibrary dn: cn=UserForm:#ID#UserForm:WPSearchForm,ou=UserForm,ou=1.0,ou=DML,ou=Services, dc=bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:WPSearchForm dn: cn=UserForm:#ID#UserForm:WPViewForm,ou=UserForm,ou=1.0,ou=DML,ou=Services,dc =bozo_company,dc=com objectClass: top objectClass: applicationProcess description:: cn: UserForm:#ID#UserForm:WPViewForm dn: cn=clownadmin,ou=Special Users,dc=bozo_company,dc=com sn: clownadmin ou: People ou: Special Users cn: clownadmin objectClass: top objectClass: person objectClass: organizationalPerson userPassword: {SHA}ZC/bQou6tU8wl3TJ6dCoSasxgVA= dn: uid=Replica,ou=People,dc=bozo_company,dc=com uid: Replica cn: Replica objectClass: account objectClass: posixAccount objectClass: top objectClass: shadowAccount userPassword: {SSHA}xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx shadowLastChange: 13761 shadowMax: 99999 shadowWarning: 7 loginShell: /bin/bash uidNumber: 22222 gidNumber: 100 homeDirectory: /tmp gecos: Replica userid for slave LDAP servers dn: cn=david.m.barr,ou=People,dc=bozo_company,dc=com uid: david.m.barr sn: david.m.barr ou: People cn: david.m.barr objectClass: top objectClass: person objectClass: organizationalPerson objectClass: uidObject objectClass: pwdPolicyChecker objectClass: pwdPolicy pwdCheckModule:: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX pwdAttribute: userPassword userPassword: {SSHA}XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX dn: cn=Test.user02,ou=People,dc=bozo_company,dc=com uid: Test.user02 sn: Test.user02 ou: People cn: Test.user02 objectClass: top objectClass: person objectClass: organizationalPerson objectClass: uidObject objectClass: pwdPolicyChecker objectClass: pwdPolicy pwdCheckModule:: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX pwdAttribute: userPassword pwdLockout: TRUE userPassword: {SSHA}XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX dn: cn=Test.user04,ou=People,dc=bozo_company,dc=com uid: Test.user04 sn: Test.user04 ou: People cn: Test.user04 objectClass: top objectClass: person objectClass: organizationalPerson objectClass: uidObject userPassword: {SSHA}XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX dn: ou=Policies,dc=bozo_company,dc=com objectClass: top objectClass: organizationalUnit ou: Policies dn: cn=Password Policy,ou=Policies,dc=bozo_company,dc=com objectClass: top objectClass: pwdPolicy objectClass: person description: The default password policy pwdAllowUserChange: TRUE pwdAttribute: userPassword pwdCheckQuality: 2 pwdExpireWarning: 3600 pwdFailureCountInterval: 30 pwdGraceAuthNLimit: 5 pwdInHistory: 5 pwdLockout: TRUE pwdLockoutDuration: 0 pwdMaxAge: 5184000 pwdMaxFailure: 5 pwdMinAge: 3600 pwdMinLength: 5 pwdMustChange: TRUE pwdSafeModify: FALSE sn: Password Policy cn: Password Policy dn: ou=Standard Policy,ou=Policies,dc=bozo_company,dc=com objectClass: top objectClass: organizationalUnit objectClass: pwdPolicy objectClass: pwdPolicyChecker ou: Standard Policy pwdAttribute: userPassword pwdCheckQuality: 2 pwdMaxFailure: 3 pwdMustChange: TRUE pwdSafeModify: TRUE pwdLockoutDuration: 0 pwdCheckModule: ou=Standard Policy,ou=Policies,dc=bozo_company,dc=com pwdAllowUserChange: TRUE description: Standard Password Policy pwdMaxAge: 7776002 pwdExpireWarning: 432000 pwdFailureCountInterval: 120 pwdMinLength: 14 pwdInHistory: 10 pwdGraceAuthNLimit: 0 pwdMinAge: 86400 dn: cn=accesslogname,dc=bozo_company,dc=com objectClass: top objectClass: person objectClass: organizationalPerson ou: accesslogname description: accesslog sn: accesslogname cn: accesslogname dn: cn=john.d.doe,ou=People,dc=bozo_company,dc=com uid: john.d.doe sn: john.d.doe ou: People cn: john.d.doe objectClass: top objectClass: person objectClass: organizationalPerson objectClass: uidObject userPassword: {SSHA}XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Anyone out there who can help? -David dbc(a)usa.net ________________________________ CONFIDENTIALITY NOTICE: The information contained in this electronic mail (email) transmission (including attachments), is intended by MCLANE ADVANCED TECHNOLOGIES for the use of the named individual or entity to which it is addressed and may contain information that is privileged, confidential and/or protected as a trade secret. It is not intended for transmission to, or receipt by, any individual or entity other than the named addressee(s). If you have received this email in error, please delete it (including attachments) and any copies thereof without printing, copying or forwarding it, and notify the sender of the error by email reply immediately.