Questions tagged as ['slapd']
I'am trying to create a simple specific administrator group on my OpenLdap server that is running slapd. There is currently no slapd file, and I have been working with the cn=config format.
I want to create a group with a user in it who can only manage what is in this group or below.
For example:
dn: olcDatabase={1}mdb,cn=config
changetype: modify
replace: olcAccess
olcAccess: to dn.subtree="cn=cry,ou=gr ...
I have an OpenLDAP 2.4 server running on Ubuntu 18.04 LTS. Everytime I run
# slapcat -l test.ldif
my slapd.log file gets truncated (i. e. previous log messages are deleted and new ones are written at the beginning of the file).
Actually, the first line of slapd.log shows slapcat's output:
# head /var/log/slapd.log
620ca0f1 The first database does not allow slapcat; using the first available one (2)
...
I have gone through documentation online and on some forums but I am stuck on importing data from ldap 2.4 to 2.5 (Migrating to a new server as well). Here are the steps I did and the error I am receiving. (There were multiple other errors but that is fixed now
Installation that I performed for 2.5:
sudo ./configure --prefix=/usr --sysconfdir=/etc --disable-static --enable-debug --with-tls=openssl - ...I am trying to set up a master master replication between two openldap servers. To do so, the first steps make me configure theses two files :
/etc/hosts, need to contain the DNS of the baseDN of the servers (itself and the second server) :
192.168.150.1 my.server1.org
192.168.150.2 my.server2.org
/etc/default/slapd, need to contain the server own FQDN to match the future serverID to the URI : ...
I have the slapd/stable,now 2.4.57+dfsg-3 amd64 Debian 11 package. I read the official OpenLDAP documentation and Debian article.
But I cannot understand the difference between the multiple configuration files.
I know the best practice is to use the dynamic OLC (OpenLDAP Configuration) method over the legacy slapd.conf static file.
I saw the package ships with 2 other static configuration files, the ...
I am trying to configure a master master replication between two ldap servers. After configuring the olcServerID of slapd I get the following error : daemon: listen(ldap://my.server1.org, 5) failed errno=98 (Address already in use).
The baseDN of the server is my.server1.org and the olcServerID is olcServerID: 1 ldap://my.server1.org.
Does the BaseDN and the serverID need to be different ?
Note : To av ...
I see on cve.mitre.org that OpenLDAP (slapd) package have plenty of vulnerabilities prior to 2.4.57.
If I want to install OpenLDAP from official repositories on my Debian 10, which version is slapd/oldstable,oldstable 2.4.47+dfsg-3+deb10u6 amd64.
Do the security patches for those CVE are backported to this 2.4.47 version, or do I have to take the latest release (2.6.x) from the offcial website, a ...
How do I check how passwords are stored in a local running OpenLDAP server? I would prefer some sort of query that will state the used configuration. Alternatively, accessing the stored passwords to see that they are encrypted would also be acceptable. Just checking the config file is not sufficient.
I have listed the users with their passwords using ldapsearch
ldapsearch -x -b ou=people -H ldap://127 ...
Could someone experienced in open ldap give me answers for these questions please ?
- I'm looking into a pre configured two open ldap servers that are in mirror sync. What is the best way to identify that these two are actually in sync?
- what are entryCSN and contextCSN in open ldap
I want completely migrate whole database with conf, schema, ( everything ) from very old Debian 4 ( etch ) instance to new Debian 11 ( bullseye ).
Source system is running slapd 2.3.30 and destination slapd 2.4.57
I found few topics how to do it like for example this one: How to migrate LDAP to other computer but this is not working in my case. I got such errors:
> slapcat -n 0 -l schema.backup. ...I am new to LDAP (currently using OpenLDAP 2.4) and I am struggling to define a ACL entry using slapd that will manage the various Access Levels for entries that are child entries of an OU.
The structure is as follows:
cn=user1,ou=users,dc=somedomain,dc=com
cn=user2,ou=users,dc=somedomain,dc=com
This is what I currently have, but when implemented, the children of the OU "users" don't have the access leve ...
I have configured OpenLDAP to act as a proxy server via meta backend to do remote queries to two different companies' Active Directory servers. Everything works correctly in terms of pulling information from both domains. However... we have a case where two of the same sAMAccountname gets pulled and that causes issues for one of the web application we are using.(The web application requires one search b ...
What do the numbers between parentheses stand for in the above commands, found within the LDAP galaxy?
I really cannot find anything out there, neither on the documentation, nor could I find any rationale for such an odd numbering style!