Questions tagged as ['slapd']

slapd (Standalone LDAP Daemon) is an LDAP server implementation, part of the OpenLDAP open source project.
Score: 0
Twister avatar
Creating an OpenLdap specific administrator group on LDAP
bm flag

I'am trying to create a simple specific administrator group on my OpenLdap server that is running slapd. There is currently no slapd file, and I have been working with the cn=config format.

I want to create a group with a user in it who can only manage what is in this group or below.

For example:

dn: olcDatabase={1}mdb,cn=config
changetype: modify
replace: olcAccess
olcAccess: to dn.subtree="cn=cry,ou=gr ...
Score: 1
Jose Garcia avatar
LDAP: Why does slapcat truncate my slapd.log file?
cn flag

I have an OpenLDAP 2.4 server running on Ubuntu 18.04 LTS. Everytime I run

# slapcat -l test.ldif

my slapd.log file gets truncated (i. e. previous log messages are deleted and new ones are written at the beginning of the file).

Actually, the first line of slapd.log shows slapcat's output:

# head /var/log/slapd.log
620ca0f1 The first database does not allow slapcat; using the first available one (2)
Score: 0
Migrating OpenLDAP data from 2.4 to 2.5
au flag

I have gone through documentation online and on some forums but I am stuck on importing data from ldap 2.4 to 2.5 (Migrating to a new server as well). Here are the steps I did and the error I am receiving. (There were multiple other errors but that is fixed now

Installation that I performed for 2.5:

sudo ./configure --prefix=/usr --sysconfdir=/etc --disable-static --enable-debug --with-tls=openssl - ...
Score: 0
openldap / slapd return the error : "daemon: listen(ldap://, 5) failed errno=98 (Address already in use)"
cn flag

I am trying to set up a master master replication between two openldap servers. To do so, the first steps make me configure theses two files :

  • /etc/hosts, need to contain the DNS of the baseDN of the servers (itself and the second server) :
  • /etc/default/slapd, need to contain the server own FQDN to match the future serverID to the URI :
  •  ...
Score: 1
Questions about Debian OpenDLAP configuration
in flag

I have the slapd/stable,now 2.4.57+dfsg-3 amd64 Debian 11 package. I read the official OpenLDAP documentation and Debian article.

But I cannot understand the difference between the multiple configuration files.

I know the best practice is to use the dynamic OLC (OpenLDAP Configuration) method over the legacy slapd.conf static file.

I saw the package ships with 2 other static configuration files, the ...

Score: 0
Does the BaseDN need to be different than the olcServerID in openldap/slapd?
cn flag

I am trying to configure a master master replication between two ldap servers. After configuring the olcServerID of slapd I get the following error : daemon: listen(ldap://, 5) failed errno=98 (Address already in use).

The baseDN of the server is and the olcServerID is olcServerID: 1 ldap://

Does the BaseDN and the serverID need to be different ?

Note : To av ...

Score: 0
Does packages security patches are backported to older version?
in flag

I see on that OpenLDAP (slapd) package have plenty of vulnerabilities prior to 2.4.57.

If I want to install OpenLDAP from official repositories on my Debian 10, which version is slapd/oldstable,oldstable 2.4.47+dfsg-3+deb10u6 amd64.

Do the security patches for those CVE are backported to this 2.4.47 version, or do I have to take the latest release (2.6.x) from the offcial website, a ...

Score: 0
How to check ldap password storage policy
cn flag

How do I check how passwords are stored in a local running OpenLDAP server? I would prefer some sort of query that will state the used configuration. Alternatively, accessing the stored passwords to see that they are encrypted would also be acceptable. Just checking the config file is not sufficient.

I have listed the users with their passwords using ldapsearch

ldapsearch -x -b ou=people -H ldap://127 ...
Score: -1
mbdow avatar
in flag

Could someone experienced in open ldap give me answers for these questions please ?

  1. I'm looking into a pre configured two open ldap servers that are in mirror sync. What is the best way to identify that these two are actually in sync?
  2. what are entryCSN and contextCSN in open ldap
Score: 1
mike avatar
OpenLDAP migration from old Debian 4 to current Debian 11
vn flag

I want completely migrate whole database with conf, schema, ( everything ) from very old Debian 4 ( etch ) instance to new Debian 11 ( bullseye ).

Source system is running slapd 2.3.30 and destination slapd 2.4.57

I found few topics how to do it like for example this one: How to migrate LDAP to other computer but this is not working in my case. I got such errors:

> slapcat -n 0 -l schema.backup. ...
Score: 0
Access control list for LDAP OU (Organisational Unit) in OpenLDAP
cn flag

I am new to LDAP (currently using OpenLDAP 2.4) and I am struggling to define a ACL entry using slapd that will manage the various Access Levels for entries that are child entries of an OU.

The structure is as follows:


This is what I currently have, but when implemented, the children of the OU "users" don't have the access leve ...

Score: 2
Chris avatar
OpenLDAP Meta backend to return one result
kg flag

I have configured OpenLDAP to act as a proxy server via meta backend to do remote queries to two different companies' Active Directory servers. Everything works correctly in terms of pulling information from both domains. However... we have a case where two of the same sAMAccountname gets pulled and that causes issues for one of the web application we are using.(The web application requires one search b ...

Score: 0
andreagalle avatar
What are the numbers for in these LDAP commands ? ldap(3), slapd(8), slapd.conf(5), slurpd(8)
ru flag

What do the numbers between parentheses stand for in the above commands, found within the LDAP galaxy?

I really cannot find anything out there, neither on the documentation, nor could I find any rationale for such an odd numbering style!