[OpenLDAP Software](http://www.openldap.org/software/) is an [open source](http://www.opensource.org/) implementation of the Lightweight Directory Access Protocol (LDAP).
2
votes
0answers
13 views
openldap Fedora 22 - apple.schema and now for the mount section
Hej there!
how do i make the correct ldif file for mounts ?
i found this old webpage but i get errors trying to create it
i'm useing mac OS X as openldap client and it' not mounting the /home at all
...
3
votes
1answer
13 views
How to provide password in a secure way to LDAP seed?
I am pxe installing Ubuntu over a network, unattended. I want Ldap installed as well, but I need to provide the ldap db root password in the seed:
ldap-auth-config ldap-auth-config/rootbindpw ...
0
votes
0answers
5 views
Is it possible to store the slapd SSL certificate data inside the cn=config directory itself?
Though I like the cn=config style of slapd configuration it seems odd to still have to place the SSL certificate files outside of the directory on the hosts file system.
I'm talking about:
dn: ...
0
votes
1answer
10 views
Use an alternate /etc/ldap.conf with ldap search
I would like to perform ldap queries using an alternate file (which is intended to be used with pam.d and so have the same format as /etc/ldap.conf)
I think of using ldapsearch. In the manual, I ...
0
votes
0answers
16 views
ldappasswd show error Result: No such object (32)
Why I get error No such object when I run ldappasswd command ?
Below is my command to modify password :
ldappasswd -H ldap://localhost -x -D "cn=admin,dc=enjaysun,dc=com" -W -S ...
3
votes
1answer
37 views
getent group working, but sshd_config allowgroups does not retrieve appropriate group
I am trying to setup Kerberos MIT authentication with OpenLdap autorisation on Debian Jessie.
Authentication part is working great, as I can login to SSH using my kerberos account.
I even can create ...
1
vote
0answers
19 views
IP based and FQDN based certificate on same LDAP node
Currently my LDAP server is having self signed FQDN based SSL certificate .I would like to have IP based SSL certificate for the same node.IS that feasible ?
Below certificate issued to FQDN i.e ...
0
votes
0answers
13 views
Unable to add host for user in LDAP
I tried to add hostobject for my user in LDAP setup but after typing in all the information and save, the host was not added to the user.
Command I used:
ldapmodify -x -D ...
0
votes
0answers
22 views
Autofs : Multi LDAP
I prepare the migration NIS to LDAP maps.
I use autofs for mount nfs directory. ( User home & /usr/local/xxx )
To work with 1 ldap server but i would set to backup server. I test this :
cat ...
0
votes
0answers
23 views
OpenLDAP log file ownership changed automatically
Am using OpenLDAP 'openldap-2.4.31' on debian. I have configured syncrepl .Everything work’s normal. But frequently am getting below Error. The log file ownership is getting changed any one of the ...
0
votes
0answers
367 views
pam_pkcs11 - Peer's certificate issuer has been marked as not trusted by the user
Whenever I try to use PAM with a smart card via pam_pkcs11.so I get the following error:
DEBUG:cert_vfy.c:38: Couldn't verify Cert: Peer's ceritifacte issuer has been marked as not trusted by the ...
1
vote
1answer
171 views
Enable anonymous bind in openldap
I have setup ldap server successfully and everything works find. However, i cannot access the server with 'anonymous' bind, which according to every google search it should be.
When I execute;
# ...
1
vote
0answers
18 views
Password Policy on Openldap dont support all attributes
So far, I discovered "pwdminlength" attribute in password policy doesn't work when Openldap use SHA or crypt options as password modification techniques. Though, it does work with clear-text. This is ...
2
votes
2answers
327 views
How can I set up centralized home directories and user authentication using LDAP and NFS?
I am trying to configure my server to authenticate users using LDAP and save their home directories on a NFS-Directory, also located on the server.
i.e.: I share a directory on my server:
/nfsexport ...
0
votes
1answer
52 views
“slapadd: invalid option” when adding entries to ldap database
I am trying to add initial entries to my ldap database (CentOS release 5.11 -- LDAP version 2.3.43-29.el5_11 ) and for some reason i am getting the below error
[root@centos openldap-servers-2.3.43]# ...
1
vote
0answers
217 views
OpenLDAP as a Proxy cache only, no local database
I am trying to get a local LDAP proxy cache running. The idea is this:
Currently a computer (A) is sending all ldap requests to a remote ldap server (L)
Instead of that, there should be a proxy ...
0
votes
2answers
265 views
openldap synchronize with local users and groups
I have a server running openldap 2.4.31 in which I store my user and group posix accounts. How can I automatically copy the user and group accounts on the first login so that if the machine ...
1
vote
0answers
23 views
read-only ldap client setup
I have a Debian Linux box hosted on the cloud that I want to provide mail services with (Postfix/Dovecot). I want it to access my openLDAP server at home for authentication and to provide users email ...
1
vote
0answers
125 views
Unable to run OpenLDAP on freeBSD
I've installed openLDAP on my FreeBSD machine. When I try to run the service, I get the following error.
Unrecognized database type (mdb)
Can someone point me towards what could be wrong?
2
votes
0answers
50 views
Why is my traffic not encrypted when using pam_radius_auth?
I'm experimenting with Freeradius and have configured an ssh gateway to use pam_radius_auth to my ldap servers. In /etc/pam_radius_auth.conf I have:
10.1.1.21 ny3fa4bu7my6ku7 3
10.1.1.22 ...
0
votes
0answers
56 views
SASL fails to with against LDAP
So I am running into a whirlwind of issues with my cyrus install. I am setting up a multi-domain kolab groupware solution. I am on centos 6.7
I am getting this flooding my error logs when I try to ...
2
votes
2answers
424 views
Restarting LDAP client service
I have modified ldap.conf and slapd.conf. I'm wondering how I can restart the ldap/client service, filesystem/autofs and name-service/cache.
OS: Solaris 11 but advice on linux should help too
0
votes
0answers
60 views
LDAP replication issues (duplication)
I initially thought this question might be more appropriate for SO, however as I believe it's more of a configuration problem I have posted it here.
I'm running LDAP 2.4 on RHEL 6.4.
I have 2 LDAP ...
0
votes
2answers
26 views
Why are my OpenSSH keys stored in OpenLDAP returned base64 encoded
I'm doing an experiment on my Ubuntu server and have stored OpenSSH keys in the OpenLDAP server. There are enough examples around how to achieve this. A good source is this one. Somehow my keys are ...
0
votes
1answer
62 views
Kerberos/LDAP login fails - remove Preauth?
Using a Debian system with a Kerberos/LDAP client - login fails on KDE as a user directory isn't being created. SSH is successful (and no directory is created); however, desktop login isn't.
I've ...
0
votes
1answer
36 views
How to automate (copy) LDAP/Kereberos install
I have several machines running Debian that I'm configuring to work with Kerberos and LDAP. I thought I would automate using rsync.
At first I tried a basic rsync clone excluding directories and ...
0
votes
1answer
701 views
OpenLDAP: Invalid syntax error when trying to add LDIF
I keep getting an invalid syntax error when trying to create a user in OpenLDAP (CentOS 7).
This is a new install of OpenLDAP for testing purposes.
So far I've managed to create a group called "Lab ...
0
votes
0answers
45 views
How Can I Set Up DNS Server on Virtual Network w/out Internet?
I'm trying to set up a virtual network populated with 4 CentOS 7 servers for testing purposes. I have successfully configured a Kerberos server and a secondary Kerberos server. However, when it ...
0
votes
3answers
3k views
How to uninstall OpenLDAP in RedHat?
I have installed OpenLDAP with yum, but I have accidentally deleted some of the config files. I am not able to recover them. I want to uninstall it. I tried the following command but it ends with an ...
0
votes
0answers
52 views
OpenLDAP - ACL control - Full access to user
I need to create a ACL that give to user a full write to rootdn.
I tried that:
access to *
by dn="cn=replicator,o=rootdomain" write
But I get the some message.
error 50 "Insufficient ...
0
votes
1answer
452 views
OpenLDAP's cn=config is not getting fully replicated
I've got OpenLDAP 2.4.39 master and a read-only replica, using the cn=config aka "OLC" configuration (as oppose to the older slapd.conf method).
Replication works for data (user accounts, etc) but ...
0
votes
0answers
103 views
How to create two DIT's in the openldap
this is the file my first DIT.
# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
# CRC32 78ca14ea
dn: olcDatabase={1}hdb
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: ...
0
votes
1answer
710 views
What are the other alternative to test a LDAP connection on linux machine
I have Linux machine, Redhat 5.8, that gets data via LDAP. For an unclear reason, I can’t get the data via LDAP. I see that from /var/log/messages and /var/log/secure the problem is that the ...
0
votes
2answers
848 views
what is the right ldapsearch version for my linux red-hat machine
I am little a confused about the following:
I want to install the binary ldapsearch tool on my Linux machine,
in order to use this tool to test LDAP connections with my Linux (Linux version 5.8 , ...
0
votes
2answers
391 views
OpenLDAP: How to add home directory for users?
I am experimenting with an OpenLDAP-Server and I'm not sure how to add /home directories for users. Also where are the files stored?
If a user creates a file on a Windows machine in the domain, where ...
0
votes
0answers
263 views
ldap user on samba share
I have two servers: one is ldap and the other is samba. I have an existing user on the ldap server for an ldap client. Now I want to use this user account with samba to give share access permissions ...
2
votes
0answers
536 views
Force OpenSSH / pam / pam_ldapd to do pam_ldapd(sshd:auth) with public-key authentication
I have working pam_ldap authentication using libpam_ldapd. I'm using slapo-nssov and want to use loginStatus attribute which is added to users ldap entry after opening pam session and deleted when its ...
0
votes
1answer
831 views
Ubuntu Postfix Open LDAP integration - no SASL authentication mechanisms
Ive followed all the steps in https://help.ubuntu.com/community/Postfix/DovecotLDAP
but I am getting a
localhost postfix/smtpd[12520]: fatal: no SASL authentication
mechanisms
in my ...
1
vote
0answers
123 views
How to integrate Request Tracker 4.0 with Open LDAP in Debian?
I want my ldap users to log in to RTand see the tickets. I have gone through RT documentation but it's a bit complicated for me as I'm just a starter.
I do understand that I gotta edit ...
2
votes
1answer
399 views
Existing LDAP object not showing in ldapsearch
I have a couple of LDAP servers, redundant with replication enabled.
I'm having trouble with Apache Directory Studio not being able to fetch the base DN of one of these LDAP servers, showing an ...
0
votes
1answer
275 views
Can't get OpenLDAP and Pam LDAP working at all
Yesterday, I set up an OpenLDAP server and tried to configure it to be useful for SSH. Followed these two guides from DigitalOcean: ...
1
vote
0answers
217 views
How to using Zimbra LDAP authentication to svn
I'm using Zimbra mail with LDAP extension. Now, I want to use Zimbra mail authentication accept to SVN (web server Apache).
eg: config SVN in web server for me:
AuthLDAPURL ...
0
votes
0answers
46 views
OpenLDAP migration across different distros
I have an openldap server running on Xandros I want to move openldap to CentOS.
I am new at Linux (Windows and MAC admin)
Would it be better to backup the current schema to another server and run ...
1
vote
0answers
1k views
LDAP: Local and remote user with same username
I have configured an openLDAP server with LDAP user and group ids beginning at 10000. My client successfully binds to the LDAP server via ldapsearch. Additionally, getent passwd|group returns a full ...
1
vote
0answers
272 views
OpenLdap - restore backup - slapcat/slapadd
Im using slapcat to make backup like this:
slapcat -n 1 > ${BACKUP_PATH}/ldap.domain.com.ldif
Then import using slapadd:
slapadd -F /etc/ldap/slapd.d -n 1 -l ldap.domain.com.ldif
I can't ...
2
votes
0answers
48 views
Is it possible to login to a Linux machine with AD credentials without the machine beeing member of the AD?
I'm asking because as far as I know this is not possible with Windows machines since it's mandatory that a Windows machine is known to the AD in order to login with AD credentials.
Is it possible to ...
3
votes
0answers
2k views
Setup LDAP client on RHEL 6.5
I am preparing for RHCSA exams and trying to setup LDAP client on my RHEL 6.5 box
I am connecting to the online testing LDAP server Here
I don't understand the relationship among following 3 files, ...
2
votes
1answer
178 views
How to disconnect a server from LDAP
I have a Fedora server configured for LDAP. However, the LDAP server is gone, and now I'm unable to SSH into it. I've rebooted the server into single-user mode, brought up eth0 and started sshd, but ...
3
votes
1answer
597 views
Active Directory to OpenLDAP synchronisation
We have a domain controller with Active Directory with a number of basic users with custom attributes. We are looking for a way to synchronise the active directory users to OpenLDAP (currently running ...
0
votes
0answers
69 views
Mirror mode openldap perfromance is slow when either mirrored node fails
I'm managing two openldap servers in mirrored mode. When either server fails ldap performs poorly, 30 seconds to several minutes to authenticate. Affected services include ssh and X11 (XDMCP). A ...
