Questions tagged [openldap]
For questions about OpenLDAP Software, an open source implementation of the Lightweight Directory Access Protocol (LDAP).
204 questions
0
votes
1
answer
25
views
How to solve "Failed to acquire watch file descriptor: Permission denied when starting openldap daemon"
Background info:
Redhat 9.5, openldap-servers.x86_64 2.6.6-3.el9
sudo systemctl status slapd output:
× slapd.service - OpenLDAP Server Daemon
Loaded: loaded (/usr/lib/systemd/system/slapd....
- 11
0
votes
1
answer
28
views
Two OU and without tree
I have the two OU: 1.People 2.newOU . My dc is nodomain. I have the following search and every thing is ok:
root@debian:~/ldif# ldapsearch -c -Y EXTERNAL -H ldapi:/// -b dc=nodomain -D cn=admin,...
- 11.2k
-1
votes
1
answer
38
views
Empty output in ldapsearch
I have the following ldapsearch:
root@debian:~/ldif# ldapsearch -LLLQ -Y EXTERNAL -H ldapi:/// -b dc=nodomain -D cn=admin,dc=nodomain,cn=Pahlevanzadeh,ou=People,uid=mohsen,loginShell=/usr/bin/csh
...
- 11.2k
0
votes
1
answer
30
views
changing password ldap_bind: Invalid credentials (49)
Information:
I installed ldap-utils and slapd, during installation of slapd, with ncurses dialog, I imported password of administrator.
Then I changed it via
ldapmodify -Q -Y EXTERNAL -H ldapi:/// &...
- 11.2k
0
votes
2
answers
66
views
OpenLDAP: How to use backend LDAP server only to authenticate user from frontend ldap?
I have users in OpenLDAP server. They are manually managed.
dn: cn=alice,ou=contoso,dc=combined,dc=internal
mail: [email protected]
dn: cn=bob,ou=fabrikam,dc=combined,dc=internal
mail: bob@fabrikam....
- 141
1
vote
0
answers
44
views
OpenLDAP ppolicy and pwdGraceUseTime: How many grace logins are needed to change the password?
For a test, I created a testing password policy for OpenLDAP 2.4, and when a user with an expired password logs in, they get a message like:
Your password has expired. You have 2 grace login(s) ...
- 1,683
-2
votes
1
answer
337
views
LDAP: What is the most suitable solution for remote home directories today? [closed]
I have created an LDAP (OpenLDAP and LAM) server with a structure, I solved the remote configuration of using sudo. I configured the client stations (will be exclusively Linux Ubuntu) to use LDAP with ...
- 599
0
votes
0
answers
32
views
How to configure access to `olcPPolicyDefault`?
I'm writing a utility (in Perl) that needs access to attribute olcPPolicyDefault that defines the DN of the default password policy in OpenLDAP.
As the utility should not use the Admin or cn=config ...
- 1,683
0
votes
1
answer
2k
views
"no such user" - LDAP authentication with sssd
I am struggling with making sssd use LDAP users to login on my Linux-Server (Oracle Linux 8.9, basically identical to RHEL, but free).
Goal
Using the users (e.g. "John") existing on the LDAP-...
- 3
1
vote
0
answers
79
views
ldapsearch with mTLS (and selective curves)
I have to request a LDAP-server.
It is strictly mutual-TLS secured.
If I try TLS with openssl it works.
But I have to provide -cert, -key and -curves to openssl s_client to make it work.
Without ...
- 811
1
vote
1
answer
940
views
LDAP migrate from BDB to MDB version 2.4 to 2.6
I have ran into two problems with a ldap migration.
As i understand it BDB is not supported on openldap 2.6 so i should move to mdb on my working 2.4 openldap and then migrate to 2.6 (on a new server) ...
- 735
2
votes
0
answers
27
views
add LDAP slave to N-way multimaster system
I have 2 Ubuntu 22.04 LTS servers running Openldap 2.5 in N-way multimaster mode. It works great and has for several years. Now I'd like to add a slave to this system. The two multimaster nodes do ...
- 27
0
votes
1
answer
265
views
Understanding risks of setting nscd positive-time-to-live to a longer duration
as I mentioned in another thread, I have an LDAP system supporting two dozen Linux servers. When LDAP server is down for various reasons (firewall rule changes, power outage etc), my rest of the ...
- 133
0
votes
0
answers
969
views
How to implement MemberOf overlay in OpenLDAP?
I need a step by step guide from start to end on how to implement the memberOf overlay in OpenLDAP (version 2.5.13).
I have read many guides including the official one. Unfortunately none of them work....
2
votes
1
answer
282
views
Can not administering kerberos for a long time brick it?
I have this strange issue where a kerberos/openldap environment has gotten bricked. I can't add new users, computers, or other things to it, as everything I try results in various variations on ...
- 209