Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [openldap]

OpenLDAP Software is a free, open source implementation of the Lightweight Directory Access Protocol (LDAP) developed by the OpenLDAP Project. LDAP is a platform-independent protocol for querying and modifying data using directory services running over TCP/IP.

OpenLDAP Software is a free, open source implementation of the Lightweight Directory Access Protocol (LDAP) developed by the OpenLDAP Project. LDAP is a platform-independent protocol for querying and modifying data using directory services running over TCP/IP.

It is released under its own BSD-style license called the OpenLDAP Public License. The OpenLDAP Project was started in 1998 by Kurt Zeilenga which was initially based on a clone of the LDAP reference implementation from the University of Michigan.

1400 questions
8
votes
1 answer

How to correctly ldapmodify replace olcAccess lines?

This is a part from olcDatabase={1}hdb.ldif olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by anonymous auth by dn="cn=admin,dc=somesite,dc=com" write by * none olcAccess: {1}to dn.base="" by * read olcAccess: {2}to * by…
Terence
  • 271
  • 1
  • 2
  • 6
8
votes
1 answer

Starting openLDAP

I work as a sysadmin in a company and i am required to Deploy openLDAP. I have read a lot of materials but i really can't figure out where to start. First about the company: Services: Email: every user gets an email account such as…
Shoaibi
  • 789
  • 1
  • 9
  • 28
8
votes
2 answers

ldap_add error (80) handler exited with 1

I'm trying to follow this tutorial to setup a basic LDAD server (OpenLDAP) for cleint authentication, but I am stuck on the step where I add the back-end configuration. I've created my backend.ldif file as specified, and I'm attempting to add it…
Nick
  • 4,433
  • 29
  • 67
  • 95
8
votes
4 answers

Active Directory and OpenLDAP synchronization

I have been digging holes on google to find out the best way to synchronize the user database between AD and OpenLDAP. What i want to achieve is, have user database in AD and then propagate these users to OpenLDAP so these users can access all my…
linuxcraft
8
votes
2 answers

How do I use ldapdelete to delete an improperly set up olc database?

I've been walking through this tutorial and kept getting errors -- likely because I was typing it in manually -- so I retried, executing it after entering in # Load dynamic backend modules dn: cn=module,cn=config objectClass: olcModuleList cn:…
user29600
  • 399
  • 5
  • 16
  • 29
8
votes
3 answers

How to disable an LDAP account?

The LDAP uses the posixAccount schema and related attributes and I wonder if there's a standardized way to disable an account. Re-enabling the account should obviously re-enable the former password. I know that passwd --lock adds an exclamation mark…
Raphaël Hertzog
  • 706
  • 1
  • 5
  • 11
7
votes
1 answer

how to configure open ldap to work on localhost

From the documentation: Use your favorite editor to edit the provided slapd.conf(5) example (usually installed as /usr/local/etc/openldap/slapd.conf) to contain a BDB database definition of the form: database bdb suffix…
Itay Moav -Malimovka
  • 233
  • 1
  • 4
  • 17
7
votes
1 answer

When is ldapi:// -Y EXTERNAL needed? Apparently, cosine.ldif breaks without it

I'm new to OpenLDAP (but not Microsoft Active Directory) and reading zytrax's openldap guide. I'm using OpenLDAP 2.4.44 on CentOS 7.4, as shown here: @(#) $OpenLDAP: slapd 2.4.44 (Aug 4 2017 14:23:27) $ …
mellow-yellow
  • 431
  • 5
  • 14
7
votes
9 answers

Using Lets Encrypt certificates with openLDAP

I've been running an openLDAP server for several months now and we use it to authenticate for a number of applications. A previous staff member set up the server and it doesn't seem to be a standard installation but it's pretty…
shaneoh
  • 404
  • 3
  • 7
  • 18
7
votes
1 answer

How do you set password-hash for OpenLDAP?

I have the following version on Ubuntu 12.04: OpenLDAP: slapd (Sep 19 2013 22:49:31) $ buildd@batsu:/build/buildd/openldap-2.4.28/debian/build/servers/slapd OpenLDAP now offers SSHA as the default hash. I want to use a different hash. Yet, old…
CppLearner
  • 767
  • 3
  • 10
  • 24
7
votes
4 answers

How to add new attribute to an existing LDAP user objects

I want to add mail attribute to the existing ldap users. I think, its possible with using ldapmodify but not sure how. I have done that using phpldapadmin web GUI manually, but I have like more than 100 users and dont want to do that manually for…
Ramesh Kumar
  • 1,690
  • 5
  • 18
  • 29
7
votes
1 answer

How to add a new attribute to an existing LDAP objectclass?

I created a custom LDAP objectClass, but forgot a couple attributes before I added it to my OpenLDAP server. I followed the instructions on this Ubuntu doc page: https://help.ubuntu.com/12.04/serverguide/openldap-server.html I am running Ubuntu…
David R.
  • 607
  • 3
  • 6
  • 18
7
votes
2 answers

Saslauth with ldapdb on debian

I'm trying to get saslauthd working with openldap. ldapsearch and every service connected to openldap works fine. sasldblistusers2 doesn't work - and ldapwhoami does not work either. getent passwd works fine too. sasldblistusers2 produces this log…
Andreas Rehm
  • 841
  • 6
  • 11
7
votes
1 answer

CentOS 6.2 there is no slapd.conf after installating openldap

I have just installed fresh Centos 6.2 with openldap and samba with yum command. I'm having a bit of issue with finding the slapd.conf file. There is a folder for slap.d/ but no conf file in it by default. I can see folders cacerts…
garden air
  • 147
  • 2
  • 3
  • 9
7
votes
3 answers

How do I update the memberOf attributes of existing objects after adding the OpenLDAP Reverse Group Membership Maintenance overlay?

This is a follow-up to this question: I added the memberof overlay to an existing OpenLDAP 2.4 server. Now I want to update the existing user objects. For new group memberships, the memberOf attribute is updated correctly. But I have a bunch of…
mss
  • 435
  • 1
  • 6
  • 16
1 2 3
93 94