Hello,
I am trying to migrate from
directory.emich.edu : redhat ES 7 : redhat supplied ldap
[root@directory.emich.edu:/etc/openldap]# /usr/sbin/slapd -V
@(#) $OpenLDAP: slapd 2.4.44 (Jun 6 2020 17:06:42) $
mockbuild@x86-vm-25.build.eng.bos.redhat.com: /builddir/build/BUILD/openldap-2.4.44/openldap-2.4.44/servers/slapd
to
directory8.emich.edu : redhat ES 8 : hand rolled from source code ldap
[root@directory8.emich.edu:/root]# /usr/local/libexec/slapd -V
@(#) $OpenLDAP: slapd 2.6.X (Nov 15 2022 16:59:29) $
root@directory8.emich.edu: /home/src/openldap-OPENLDAP_REL_ENG_2_6/servers/slapd
And everything seems to work except for one thing.
I can't seem to do global anonymous searches?
I don't understand ldap well enough to figure out what step or config
I've missed.
[root@directory8.emich.edu:/tmp]# ldapsearch -H "ldap://directory.emich.edu" -LLL -b "uid=mgoebel,ou=people,o=emich.edu" -x -s sub "(objectClass=*)"
dn: uid=mgoebel,ou=people,o=emich.edu
objectClass: top
objectClass: person
objectClass: inetOrgPerson
objectClass: organizationalPerson
uid: mgoebel
[root@directory8.emich.edu:/tmp]# ldapsearch -H "ldap://directory8.emich.edu" -LLL -b "uid=mgoebel,ou=people,o=emich.edu" -x -s sub "(objectClass=*)"
dn: uid=mgoebel,ou=people,o=emich.edu
objectClass: top
objectClass: person
objectClass: inetOrgPerson
objectClass: organizationalPerson
uid: mgoebel
[root@directory8.emich.edu:/tmp]# ldapsearch -H "ldap://directory.emich.edu" -LLL -b "ou=people,o=emich.edu" -x -s sub "(objectClass=*)"
returns every record with objectClass set
[root@directory8.emich.edu:/tmp]# ldapsearch -H "ldap://directory8.emich.edu" -LLL -b "ou=people,o=emich.edu" -x -s sub "(objectClass=*)"
No such object (32)
compile options used for openldap were
./configure \
--prefix=/usr/local \
--disable-ipv6 \
--with-kerberos \
--enable-monitor \
--enable-dynamic \
--enable-phonetic \
--enable-slapd \
--enable-spasswd \
--enable-rlookups \
--enable-hdb \
--enable-dyngroup=yes \
--enable-proxycache=yes \
--enable-bdb \
--enable-crypt \
--with-cyrus-sasl=yes \
--with-tls
Thanks,
Matt
--On Monday, February 6, 2023 4:58 PM -0500 Matthew Goebel mgoebel@emich.edu wrote:
directory8.emich.edu : redhat ES 8 : hand rolled from source code ldap
[root@directory8.emich.edu:/root]# /usr/local/libexec/slapd -V
@(#) $OpenLDAP: slapd 2.6.X (Nov 15 2022 16:59:29) $
That's the engineering branch. It's not advised to run development code in production.
I can't seem to do global anonymous searches?
I don't understand ldap well enough to figure out what step or config
I've missed.
compile options used for openldap were
compile options should be irrelevant, this would be an ACL issue. You've not provided any information about the ACLs the deployment uses.
--Quanah
openldap-technical@openldap.org
-
Matthew Goebel -
Quanah Gibson-Mount