| |
| |
| |
|
Page: 1 2 3 4
<nuck> if anyone care to help i pasted my a1.ldif in http://cpp.sourceforge.net/?show=9576
<_ranger_> ac3, you can use an objectcl*** name
<_ranger_> or, omit the attribute list (in which case it is all attibs)
<ac3> nice
<syamajala> hi
<syamajala> i'm having problems with smbldap-populate
<syamajala> http://pastebin.com/413187
<syamajala> does anyone know how to fix this/
<_ranger_> ac3, that has to be done client-side
<_ranger_> ac3, BTW, why?
<ac3> for easy viewing
<_ranger_> I fail to see the link, your client should be configurable
<ac3> found it:)
<ac3> by * search works
<_ranger_> ac3, beware, you may break something
<ac3> yeah?
<syamajala> so anyone know how i can fix problem?
<ac3> gonna test a bit then:)
<_ranger_> ac3, I'd think finding a better client for your users to use would be a better idea
<syamajala> is there another way to add users?
<syamajala> without smbldap-useradd
<ac3> yeah maybe:)
<_ranger_> syamajala, smbldap-tools works fine if configured right
<syamajala> 1 sec i'll post my smbldap.conf
<syamajala> http://pastebin.com/413197
<syamajala> so what am i doing wrong?
<syamajala> _ranger_ any ideas?
<syamajala> i guess i'll try the smbldap-tools mailing list
<syamajala> thanks
<nuck> anyone know a good website that explains DIT structure, how ldif and slapd.conf files are organized? can't find one
<coca0> hi there
<coca0> if i wann alogin with my ldap user over squirrelmail i get a strange log output besids i cant login
<coca0> http://pastebin.com/413231
<coca0> but if i use any other user everything is all fine -....
<coca0> *Grrrr* ;D
<coca0> why that ?
<tioan> hello
<tioan> i have some problrems with openldap
<tioan> i want add an user ldif with ldapadd
<tioan> but i get the error that the user already exist
<tioan> but ldapbrowser and ldapsearch doent show the user
<coca0> ldapsearch -x | grep -i XXXX
<coca0> restart ldap
<tioan> for what stand XXXX
<coca0> XXX is the user ure searching for but i see uve already done that ...
<coca0> here u you can compare my errors -----------> http://pastebin.com/413239 HELP ...... ;D
<tioan> normal is use ldapsearch -D "cn=admin,o=bugzone,c=org" -W
<tioan> so ldapsearch show the full ldap directory
<tioan> but ldapsearch doent show the user
<tioan> so the user isnt in ldap
<coca0> update index ?
<tioan> but ldapadd means that the user already exist
<coca0> slapindex -v ?
<coca0> stop ldap
<coca0> slapindex -v
<coca0> start ldap
<_ranger_> or, maybe check ACLs?
<coca0> if u use index ....
<tioan> ldap_add: Already exist (68)
<coca0> ah yeah
<tioan> _ranger_: acls are okay
<_ranger_> since there's no search filter, it's unlikely to be indexes
<tioan> anding an othger user works fine
<_ranger_> tioan, only way you can tell is at loglevel 384 ...
<coca0> _ranger_: i got a problem with one user i cannot login but the other users all all fine starnge http://pastebin.com/413239
<coca0> _ranger_: probably you can give me alittle hint where to search the error :)
<tioan> http://nopaste.php-q.net/169351
<tioan> it is the ldadadd and ldapsearch output
<_ranger_> coca0, try the search manually, and see why you're exceeding the sizelimit
<tioan> _ranger_: can you see some errors in the nopaste
<Antel_afc> Hiya, a small question... anyone in here that uses Apache 2.1.8 with user authentication via mod_ldap and mod_auth_ldap over SSL?
<tioan> http://nopaste.php-q.net/169351 can someone help me with this
<Zombie> I can't find documentation of LDAP's handling of SRV Under DNS.
<Antel_afc> tioan, check the ldif file for mistypes?
<tioan> Antel_afc: i have checked the ldif file
<_ranger_> Zombie, the only thing LDAP knows about SRV is back-dsn
<_ranger_> back-dns*
<coca0> _ranger_: see if i do it manually it works http://pastebin.com/413250
<tioan> http://nopaste.php-q.net/169356 is the ldif
<_ranger_> Zombie, other LDAP-base apps may though (such as nss_ldap)
<_ranger_> Zombie, so ... you need to be more explicit
<tioan> Zombie: bind9 has an good ldap support
<_ranger_> tioan, sure, but Zombie
<_ranger_> is asking about the other way around
<Antel_afc> tioan, i have no idea... looks correct to me.
<tioan> Antel_afc: for me too
<tioan> but i i can adding the crazy user
<coca0> _ranger_: now it works the problem was i have the enty cg two times in the ldap so it got probably confiused ....
<coca0> ;)
<tioan> has ldapadd nene optioon to overwrite existing entrys
<_ranger_> coca0, was wondering about that, but then you have weird limits ...
<ac3> anyone is using peername acl in slapd.conf (working) I cannot get it to work:(
<_ranger_> tioan, you can ldapdelete it
<Antel_afc> tioan, ldapmodify or ldapcompare?
<tioan> _ranger_: how?
<ac3> according to the manual my syntax is correct
<tioan> sry but ldap is very now for me
<_ranger_> tioan, see the man page
<_ranger_> (I'm not answering man page questions)
<tioan> i dont have tried ldapdelte because am worry abouzt deleting the whole ldap
<Antel_afc> So, noone in here is using mod_authnz_ldap to connect to an OpenLDAP server via SSL?
<coca0> _ranger_: what do you mean bythat ---> "but then you have weird limits ..."
<_ranger_> coca0, your error message was that your saslauthd had exceeded your ldap limit
<_ranger_> and, 2 accounts is quite a weird size limit ...
<Zombie> Using Kerberos SRV Records, I was able to completely eliminate the need to push a krb5.conf
<_ranger_> Zombie, and?
<Zombie> Using LDAP SRV Records, I'd like to comleteley eliminate the need to push a ldap.conf
<coca0> _ranger_: whats wront about it what schould i change in my config ?
<coca0> s/wront/wrong
<_ranger_> Zombie, nss_ldap has support for SRV records
<_ranger_> Zombie, so, use nss_ldap and pam_krb5 to auth
<_ranger_> then, remove the host/uri/base entries from your /etc/ldap.conf
<tioan> ldapdelete "uin=blazor,ou=users,o=bugzone.c=org" doesnt work
<tioan> ldapdelete -D "o=bugzone,c=org" "uin=blazor,ou=users,o=bugzone.c=org" doesnt work, too
<_ranger_> (note that this SRV support is not in libldap, so you can't remove the HOST/URI/BASE entries from /etc/openldal/ldap.conf)
<_ranger_> tioan, what is your rootdn? cn=Manager ...
<ac3> strange, it works on redhat, but not on debian
<tioan> "cn=admin,o=bugzone,c=org"
<Zombie> Crap.
<_ranger_> tioan, ok, so *that* needs to follow -D
<_ranger_> Zombie, ?
<tioan> ldapdelete -D "cn=admin,o=bugzone,c=org" "uin=blazor,ou=users,o=bugzone.c=org" work
<_ranger_> tioan, and, you probably need -W and -x too
<tioan> ldapdelete -D "cn=admin,o=bugzone,c=org" "uin=blazor,ou=users,o=bugzone.c=org" -W work
<Antel_afc> tioan... uid=blazor... not uin is my guess.
<tioan> but ldapdelte show delete result : no such object
<Zombie> The bad thing is, I'm using cn=Manager for replication, and User Authing.
<_ranger_> Zombie, what version of OpenLDAP?
<Zombie> 2.2.23
<_ranger_> Zombie, I'd upgrade to 2.3.x and use syncrepl for replication
<tioan> _ranger_: dlapdelte means the uid=blazor,ou=users,o=bugzone,c=org
<tioan> doent exist
<tioan> but ldapadd means that the entry already exist
<_ranger_> Zombie, what release of the distro are you on?
<Zombie> Its not quite availible for 2005LE Yet.
<_ranger_> Zombie, says who?
<Zombie> Has it been Packaged for Contrib yet?
<_ranger_> Zombie, the cooker package will build cleanly
<_ranger_> Zombie, but, let me build packages
<tioan> _ranger_: what i can do now?
<_ranger_> tioan, slapcat -l /tmp/backup.ldif; stop slapd, remove the db files, slapadd -l /tmp/backup.ldif
<Zombie> What about Samba, NSS and PAM?
<_ranger_> that would probably be the quickest
<_ranger_> Zombie, nss==nss_ldap
<_ranger_> pam==pam_krb5
<coca0> HAVE A NICE DAY ;D
Return to ldap
or
Go to some related
logs:
wow
mameox nbz
OLay OLay OLay O Lay
blackmetal
|
|