Hi,
I'm sure this was working in the past on this server but Im now not getting anything returned when I request the memberOf attribute.
I compiled OpenLDAP 2.4.23 with the following flags:
./configure --prefix=/usr/local/authz --enable-meta --enable-ldap --enable-bdb --enable-monitor --enable-syncprov --enable-translucent --enable-memberof --enable-dyngroup --enable-dynlist --with-threads --with-tls --with-cyrus-sasl --enable-syslog --enable-spasswd cd make depend make make test make install
I'm using slapd.d and I have the following in /usr/local/authz/etc/openldap/slapd.d/cn=config/olcDatabase={1}bdb
olcOverlay={0}dynlist.ldif olcOverlay={1}memberof.ldif olcOverlay={2}syncprov.ldif
The contents of olcOverlay={1}memberof.ldif are:
dn: olcOverlay={1}memberof objectClass: olcOverlayConfig objectClass: olcMemberOf olcMemberOfDangling: ignore olcMemberOfRefInt: FALSE olcMemberOfGroupOC: posixGroup olcMemberOfMemberAD: member olcMemberOfMemberOfAD: memberOf structuralObjectClass: olcMemberOf entryUUID: 4d5a3aa8-fbac-45c9-b259-941d13e02724 creatorsName: cn=config createTimestamp: 20100318151149Z entryCSN: 20100318151149.488341Z#000000#003#000000 modifiersName: cn=config modifyTimestamp: 20100318151149Z olcOverlay: {1}memberof
The log is attached.
Mark Cairney wrote:
Hi,
I'm sure this was working in the past on this server but Im now not getting anything returned when I request the memberOf attribute.
I compiled OpenLDAP 2.4.23 with the following flags:
./configure --prefix=/usr/local/authz --enable-meta --enable-ldap --enable-bdb --enable-monitor --enable-syncprov --enable-translucent --enable-memberof --enable-dyngroup --enable-dynlist --with-threads --with-tls --with-cyrus-sasl --enable-syslog --enable-spasswd cd make depend make make test make install
I'm using slapd.d and I have the following in /usr/local/authz/etc/openldap/slapd.d/cn=config/olcDatabase={1}bdb
olcOverlay={0}dynlist.ldif olcOverlay={1}memberof.ldif olcOverlay={2}syncprov.ldif
The contents of olcOverlay={1}memberof.ldif are:
You should not be poking or peeking at the files inside slapd.d. You should be using "slapcat -n0" or "ldapsearch -b cn=config" to show the contents of the config database. As with other slapd databases, its structure and format are subject to change without notice at any time. The only thing guaranteed to remain compatible is the LDAP interfaces to the database.
Warning duly noted. Lessing the files in question seemed like the best way of providing a concise description of what configuration I had and where in the config it lay. As it stands I answered my question anyway.
Kind regards,
Mark
On 27 Jan 2011, at 12:16, Howard Chu wrote:
Mark Cairney wrote:
Hi,
I'm sure this was working in the past on this server but Im now not getting anything returned when I request the memberOf attribute.
I compiled OpenLDAP 2.4.23 with the following flags:
./configure --prefix=/usr/local/authz --enable-meta --enable-ldap --enable-bdb --enable-monitor --enable-syncprov --enable-translucent --enable-memberof --enable-dyngroup --enable-dynlist --with-threads --with-tls --with-cyrus-sasl --enable-syslog --enable-spasswd cd make depend make make test make install
I'm using slapd.d and I have the following in /usr/local/authz/etc/openldap/slapd.d/cn=config/olcDatabase={1}bdb
olcOverlay={0}dynlist.ldif olcOverlay={1}memberof.ldif olcOverlay={2}syncprov.ldif
The contents of olcOverlay={1}memberof.ldif are:
You should not be poking or peeking at the files inside slapd.d. You should be using "slapcat -n0" or "ldapsearch -b cn=config" to show the contents of the config database. As with other slapd databases, its structure and format are subject to change without notice at any time. The only thing guaranteed to remain compatible is the LDAP interfaces to the database.
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
/********************************* Mark Cairney ITI UNIX Section Information Services University of Edinburgh
Tel: 0131 650 6565 Email: mark.cairney@ed.ac.uk
*********************************/
openldap-technical@openldap.org
-
Howard Chu -
Mark Cairney