Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [openldap]

OpenLDAP Software is a free, open source implementation of the Lightweight Directory Access Protocol (LDAP) developed by the OpenLDAP Project. LDAP is a platform-independent protocol for querying and modifying data using directory services running over TCP/IP.

OpenLDAP Software is a free, open source implementation of the Lightweight Directory Access Protocol (LDAP) developed by the OpenLDAP Project. LDAP is a platform-independent protocol for querying and modifying data using directory services running over TCP/IP.

It is released under its own BSD-style license called the OpenLDAP Public License. The OpenLDAP Project was started in 1998 by Kurt Zeilenga which was initially based on a clone of the LDAP reference implementation from the University of Michigan.

1400 questions
10
votes
5 answers

ldap_add: Constraint violation (19)

I'm having issues importing users with ldapadd and ldif files. The error I'm getting is: ldap_add: Constraint violation (19) additional info: structuralObjectClass: no user modification allowed The users imported are all part of…
Max
  • 3,373
  • 15
  • 51
  • 71
10
votes
2 answers

Slappasswd output randomized

I was expecting slappasswd to produce a fixed hash but it appears that the output is randomized as I never get the same output for the same input password: $ slappasswd -s secret {SSHA}mCXsPZkfgQYZr2mKHpy5Iav+2S2XlVU3 $ slappasswd -s…
Max
  • 3,373
  • 15
  • 51
  • 71
10
votes
5 answers

Does Nginx support LDAP authentication?

Does nginx support ldap authentication? I have just migrated from apache and would like to move all of my authentications which are based on openldap and mod_auth_ldap to nginx. Let me know if that is possible. From this page listing all the modules…
Adam Benayoun
  • 1,138
  • 2
  • 14
  • 26
9
votes
3 answers

Add GSSAPI to OpenLdap in supportedSASLMechanisms

I'm looking how to add the GSSAPI support into my OpenLDAP ? Current setup MIT Kerberos V + OpenLDAP Kerberos bind to openldap Able to issue kerberos tickets to my users (with kinit exampluser) Able to ldapsearch -x uid=exampluser Openldap…
Tolsadus
  • 1,123
  • 11
  • 22
9
votes
2 answers

Does Linux keeps a cache of groups members if on LDAP ? (Difference between groups vs getent group))

Our users and groups LDAP configuration is working. Our server is using LDAP to store users and groups. # /etc/nsswitch.conf : passwd: compat ldap group: compat ldap shadow: compat ldap But today we added a new group in…
db_ch
  • 638
  • 5
  • 14
  • 20
9
votes
2 answers

Can't access cn=config through Apache Directory Studio GUI

I am quite familiar with openldap. The dynamic configuration is quite new to me. So I wanted to make life easier and change openldap configuration through Apache Directory Studio GUI. Openldap is installed on Debian Jessie and Version slapd…
machschev
  • 131
  • 1
  • 7
9
votes
2 answers

OpenLDAP memberOf attribute is not updated after group update

I have an OpenLDAP setup on Debian 7.1, (OpenLDAP 2.4.31), and I am trying to set up the memberof overlay. My configuration is just like I have read at lots of sites throughout the internet, however, it still does not work for me. The issue is that…
Peter B
  • 191
  • 1
  • 4
9
votes
1 answer

ldap export and import

Is it possible to export all the data inside openldap for example using ldapsearch or some other tool to a (ldif?) file and then import everything on another server and put this in a script that would be run every day. So that I could use the other…
Jure1873
  • 3,692
  • 1
  • 21
  • 28
8
votes
0 answers

LDAP: creating a bind user with limited privileges

I need to bind to an OpenLDAP server to authenticate users, but I don't want this low-privileged or "delegated administrator" to be able to see more attributes than strictly necessary. How do I reduce the attributes a bind user can see using a…
lorenzog
  • 2,719
  • 1
  • 18
  • 24
8
votes
6 answers

No Root DSE returned from OpenLDAP

I'm trying to set up an OpenLDAP server on ubuntu 9.10, which uses slapd version 2.4.18. After initializing and populating a new hdb database, everything seems OK, but I can not get the server to return a root DSE. Running ldapsearch -x -W -D…
Magne
8
votes
2 answers

OpenLDAP No such object (32)

I am trying to setup an OpenLDAP server with FusionDirectory as a frontend Following this guide: http://documentation.fusiondirectory.org/en/documentation/admin_installation_redhat_6 http://documentation.fusiondirectory.org/openldap_install_rhel6 I…
mangusbrother
  • 209
  • 1
  • 4
  • 9
8
votes
3 answers

How to disable anonymous access on LDAP

I need to secure my LDAP server and am not quite sure the best way to go about it. I am running Debian "Lenny", and using OpenLDAP (slapd). I notice that if I run: ldapsearch -x -W -b 'dc=example,dc=com' -H 'ldap://127.0.0.1:389/'…
Peter Sankauskas
  • 678
  • 5
  • 11
  • 21
8
votes
3 answers

"wrong attributetype" when using ldapadd

When attempting to load the following configuration dn: olcDatabase={1}hdb,cn=config changetype: modify add: olcMirrorMode olcMirrorMode: TRUE I get the following error: root@box:~# ldapadd -Y EXTERNAL -H ldapi:/// -f mirrormode.ldif…
seb
  • 351
  • 1
  • 2
  • 7
8
votes
2 answers

Unknown LDAP cn=config admin password

When I installed OpenLDAP I was asked to create a password for an admin user but now I realize there's another admin user for cn=config whose password I don't know. Does anyone know how should I proceed to change or get that admin password? I'm on a…
peris
  • 488
  • 2
  • 9
  • 25
8
votes
2 answers

Can't query AD using Kerberos from Linux host

ldapsearch -H -b -s sub -D -x -w works fine kinit @ ldapsearch -H -b -s sub fails with: text: 000004DC: LdapErr: DSID-0C0906E8, comment: In order to perform this operation a successful bind must…
No One in Particular
  • 181
  • 1
  • 1
  • 3
1 2
3
93 94