| |
| |
| |
|
Page: 1 2 3 4 5
<_ranger_> asyd, PLAIN is about the only one you can use if you want to have userP***word encrypted
<asyd> thanks.
<B***> ranger so the ldap plugind will work nice with all mail clients?
<_ranger_> B***, the mail client doesn't have to know anything about it
<_ranger_> only allow postfix to advertise the mechs you know work
<B***> _ranger_, im trying sasl -a ldap
<B***> but i have this error with testsaslauth
<B***> Oct 21 13:31:24 espinete saslauthd[23552]: do_auth : auth failure: [user=b***] [service=imap] [realm=] [mech=ldap] [reason=Unknown]
<B***> _ranger_ my saslauth conf http://pastebin.com/400778
<B***> _ranger_, any idea?
<B***> asyd, sasl works now with ldap :)
<asyd> nice
<B***> so now postfix dont works with sasl
<B***> :P
<asyd> B***: which mech ?
<asyd> ah
<B***> can you help me?
<B***> i tried login and plain
<B***> asyd, http://pastebin.com/400797
<B***> any idea?
<asyd> sniff LDAP queries
<B***> what?
<B***> im an ldap newbie :P
<B***> how can i sniff ldap queries
<B***> ?
<B***> asyd, http://pastebin.com/400808 error logs from login and plain method
<Gagatan> B***: you can "sniff" queries by using loglevel 256 for example.. or you can do ethereal for hardcore sniffing
<xxxAGENTExxx> socorro alguem aqui fala portugues e poderia me ajudar?
<xxxAGENTExxx> estou precisando d+
<xxxAGENTExxx> Help-me PDC + BDC Samba + LDAP Sincronizando ..
<asyd> Enligsh
<B***> thanks gagatan :)
<B***> asyd, i have a problem :(
<B***> http://pastebin.com/400986
<yarihm> hi everyone
<SimonRaven> hi
<yarihm> i'm trying to follow http://deb.riseup.net/mail/buffy/ to set up a ldap-backend for courier. this is what i did so far:
<yarihm> i included gum.schema (http://deb.riseup.net/mail/buffy/introduction/schema/files/gum.schema) in slapd.conf and added these lines:
<yarihm> index uid,cn pres,eq,sub
<yarihm> index request,mailusage,mailquota pres,eq,sub
<yarihm> index status,mailid,maildrop pres,eq
<yarihm> index objectCl*** eq
<yarihm> now what i get when doing slapindex -f /etc/ldap/sldapd.conf is:
<SimonRaven> eh, try not to paste here, use a pastebin if it's gonna be more than that. just a warning
<yarihm> /etc/ldap/slapd.conf: line 64: substr index of attribute "mailusage" disallowed
<yarihm> SimonRaven: sorry
<yarihm> ah, no, that's it ... i thought that these lines were too few to use a paste-site ... but i can repaste of course
<SimonRaven> s'ok. then you remove substr (sub), since it doesn't support that kind of search
<SimonRaven> look at the schema, in that attirbute's definition, it should say what kind of searches (hence what kind of indexes) it dopes support
<yarihm> SimonRaven: ah ... thanks
<yarihm> ok, lemme see ...
<SimonRaven> pardon my typoes
<SimonRaven> ..
<SimonRaven> typos
<SimonRaven> heheh
<SimonRaven> damn, forgot something. bbiab
<yarihm> SimonRaven: well, given that i appreciate your valuable help and am not a too good typer myself, you shall be forgiven :)
<SimonRaven> :)
<yarihm> SimonRaven: what statement inside attributeType ( ... ) does specify the supported searches?
<SimonRaven> *Search
<SimonRaven> IIRC
<yarihm> hmm ... there is no such statement inside the brackets
<SimonRaven> er, Match
<SimonRaven> e.g. EQUALITY caseIgnoreIA5Match
<yarihm> hmm ... Equality is there ...
<yarihm> aha
<SimonRaven> that'd be an eq index
<yarihm> i have EQUALITY integerMatch there ... so what search would that be in the slapd.conf then?
<SimonRaven> index foo eq
<yarihm> ... i don't get it, doesn't "index request,mailusage,mailquota pres,eq,sub" fit then?
<yarihm> i mean (the way i read this) mailusage would use eq ... no?
<yarihm> lemme check whether i'm on the wrong line ... that was embar***ing
<SimonRaven> what you can do is split off the 'mailUsage', and remove the sub for mailUsage, and see if that works (or go look it up)
<yarihm> look up where (and what, sorry, i'm really new to this)
<SimonRaven> in that schema
<SimonRaven> or, browse it in a schema browser
<SimonRaven> like luma's, or phpldapadmin's, or akbkhome.com
<yarihm> SimonRaven: I split mailusage off and put it on the line with the other ones that have only pres,eq and that worked. i'll have a look at the GUIs since i have no feeling for this database yet, it might help me to get one via an interface
<yarihm> SimonRaven: however, thanks a lot so far
<SimonRaven> np
<SimonRaven> the first 2 have projects at sourceforge, fyi, and your distro might have packages
<yarihm> SimonRaven: thanks ... debian tends to have packages for most stuff, i'll check it out
<SimonRaven> yeh, they're both present. though i tend to use the later stuff for luma
<SimonRaven> same for oldap itself. i have a patched 2.3.7 running
<yarihm> SimonRaven: well, i guess i should have proper authentication and SSL if i want to use a remotely running tool, so i guess for now i'll try phpldapadmin since i can run it locally (i have no X on the slapd-host)
<SimonRaven> yeh
<yarihm> SimonRaven: have a good authentication/ssl howto or document at hand? i guess sooner or later i will want to have access to that directory remotely ... or does google turn up good stuff? (i'm big enough to google myself y'know ,)) )
<SimonRaven> @aphroland
<dokbot> good LDAP HOWTO at http://howto.aphroland.org/HOWTO/LDAP
<pfn> [#perl] <ProN00b> how can i nibble swap a byte (one byte skalar) to the left
<pfn> and to the right in an other language operators seem to be byte<<4 and
<pfn> byte>>4 ?
<pfn> oops
<pfn> damn paste
<SimonRaven> woops :)
<SimonRaven> @wb wido
<dokbot> Welcome back wido, o lonely traveller amongst the TCP/IP packets of chaos.
<wido> hey SimonRaven :)
<SimonRaven> hi :)
<SimonRaven> 'new' dokbot. got my bot to join in another name, has a lot of the old factoids, plus what it already had from hanging around in #debian and #debianppc
<SimonRaven> (old factoids == from dokbot)
<grmbl> hi simon
<grmbl> hii wido
<SimonRaven> hi grmbl
<grmbl> dokbot still lives, cool
<dokbot> grmbl: I wish you would RTFM.
<grmbl> <3
<SimonRaven> hehe
<grmbl> he doesnt know his old master :(
<grmbl> i've been too long away
<SimonRaven> different bot
<grmbl> yea
<grmbl> still an infobot?
<SimonRaven> blootbot, next gen. infobot
<grmbl> ah
<grmbl> i used mozbot last
<SimonRaven> ok.
<grmbl> mozilla bot
<grmbl> can read inbot factoids
<SimonRaven> oh cool
<grmbl> infobot even
<SimonRaven> ;)
<grmbl> of course only constructively
<SimonRaven> indeed
<klippo> if i want to add a attribute to a objectcl***.. how difficult is it
<yarihm> SimonRaven: thanks for the howto-pointer
<podzap> hi
<SimonRaven> hey podzap
<podzap> howdy
<SuperPhly> I'm aware that you can have object referrals in ldap, but can I refer a single attribute to a parent tree?
<SimonRaven> as in <entry> -> <some other basedn>, or ?
<SuperPhly> yeah
<podzap> SuperPhly: what is your usecase?
<podzap> chances are you are trying to go about it in the wrong way...
<SuperPhly> Well, let me start from the top i guess, because this is sorta complex...
<podzap> go ahead
<SuperPhly> I work for the College of Liberal Arts. The University has an LDAP server with information on all students, faculty, staff, alumni, etc...
<SuperPhly> The information for each user, such as email address, name, birthday, university id, etc. It's managed by HR and University level offices
<SuperPhly> We, at the college, need to pull in *some* of that information based on filtering of a few attributes, but we need to add a few fields that are college specific, while still having some of hte information from the university's attributes
<SuperPhly> We only need people from the College and not undergraduates (which I can pull a list of just fine)
<podzap> OK, what you need is a penrose :-)
<SuperPhly> If someone at the university level changes something (say the Title or the Last name (in case of marriage)) we need to automatically get those changes
<SuperPhly> podzap: you get my drift here?
<podzap> SuperPhly: yep
<podzap> http://penrose.safehaus.org/
<podzap> check it out
<SuperPhly> opensource?
<podzap> yep
Return to ldap
or
Go to some related
logs:
wow
|
|