Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [openldap]

OpenLDAP Software is a free, open source implementation of the Lightweight Directory Access Protocol (LDAP) developed by the OpenLDAP Project. LDAP is a platform-independent protocol for querying and modifying data using directory services running over TCP/IP.

OpenLDAP Software is a free, open source implementation of the Lightweight Directory Access Protocol (LDAP) developed by the OpenLDAP Project. LDAP is a platform-independent protocol for querying and modifying data using directory services running over TCP/IP.

It is released under its own BSD-style license called the OpenLDAP Public License. The OpenLDAP Project was started in 1998 by Kurt Zeilenga which was initially based on a clone of the LDAP reference implementation from the University of Michigan.

1452 questions
10
votes
1 answer

OpenLdap TLS authentication setup

I am trying to setup openldap on ubuntu 12.04 by following this guide https://help.ubuntu.com/12.04/serverguide/openldap-server.html When I tried to enable TLS on the server by creating a self signed crtificate as decribed in the guide above, I got…
CrazycodeMonkey
  • 111
  • 1
  • 2
  • 4
10
votes
2 answers

Active Directory Authentication with LDAP proxy

We have a services in a isolated network. These services need to authenticate users against the Active Directory server. However the Active Directory server is not directly available so I have to setup a LDAP proxy in the isolated network. The LDAP…
SamK
  • 1,356
  • 3
  • 14
  • 28
10
votes
3 answers

Disallow global anonymous bind with cn=config

With slapd.conf you could globally disable anonymous binding and require authentication with the following static directives: disallow bind_anon require authc How can I achieve the same global settings, but using the new cn=config live…
Michael P
  • 297
  • 2
  • 3
  • 10
10
votes
5 answers

ldap_add: Constraint violation (19)

I'm having issues importing users with ldapadd and ldif files. The error I'm getting is: ldap_add: Constraint violation (19) additional info: structuralObjectClass: no user modification allowed The users imported are all part of…
Max
  • 3,523
  • 16
  • 53
  • 71
10
votes
5 answers

Does Nginx support LDAP authentication?

Does nginx support ldap authentication? I have just migrated from apache and would like to move all of my authentications which are based on openldap and mod_auth_ldap to nginx. Let me know if that is possible. From this page listing all the modules…
Adam Benayoun
  • 1,138
  • 2
  • 14
  • 26
9
votes
0 answers

LDAP: creating a bind user with limited privileges

I need to bind to an OpenLDAP server to authenticate users, but I don't want this low-privileged or "delegated administrator" to be able to see more attributes than strictly necessary. How do I reduce the attributes a bind user can see using a…
lorenzog
  • 2,799
  • 3
  • 20
  • 24
9
votes
3 answers

Add GSSAPI to OpenLdap in supportedSASLMechanisms

I'm looking how to add the GSSAPI support into my OpenLDAP ? Current setup MIT Kerberos V + OpenLDAP Kerberos bind to openldap Able to issue kerberos tickets to my users (with kinit exampluser) Able to ldapsearch -x uid=exampluser Openldap…
Tolsadus
  • 1,183
  • 11
  • 23
9
votes
2 answers

OpenLDAP No such object (32)

I am trying to setup an OpenLDAP server with FusionDirectory as a frontend Following this guide: http://documentation.fusiondirectory.org/en/documentation/admin_installation_redhat_6 http://documentation.fusiondirectory.org/openldap_install_rhel6 I…
mangusbrother
  • 219
  • 1
  • 4
  • 9
9
votes
3 answers

How to disable anonymous access on LDAP

I need to secure my LDAP server and am not quite sure the best way to go about it. I am running Debian "Lenny", and using OpenLDAP (slapd). I notice that if I run: ldapsearch -x -W -b 'dc=example,dc=com' -H 'ldap://127.0.0.1:389/'…
Peter Sankauskas
  • 698
  • 6
  • 11
  • 21
9
votes
1 answer

How to correctly ldapmodify replace olcAccess lines?

This is a part from olcDatabase={1}hdb.ldif olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by anonymous auth by dn="cn=admin,dc=somesite,dc=com" write by * none olcAccess: {1}to dn.base="" by * read olcAccess: {2}to * by…
Terence
  • 281
  • 1
  • 2
  • 6
9
votes
2 answers

OpenLDAP memberOf attribute is not updated after group update

I have an OpenLDAP setup on Debian 7.1, (OpenLDAP 2.4.31), and I am trying to set up the memberof overlay. My configuration is just like I have read at lots of sites throughout the internet, however, it still does not work for me. The issue is that…
Peter B
  • 191
  • 1
  • 4
9
votes
1 answer

ldap export and import

Is it possible to export all the data inside openldap for example using ldapsearch or some other tool to a (ldif?) file and then import everything on another server and put this in a script that would be run every day. So that I could use the other…
Jure1873
  • 3,702
  • 1
  • 22
  • 28
9
votes
4 answers

How to disable an LDAP account?

The LDAP uses the posixAccount schema and related attributes and I wonder if there's a standardized way to disable an account. Re-enabling the account should obviously re-enable the former password. I know that passwd --lock adds an exclamation mark…
Raphaël Hertzog
  • 736
  • 1
  • 5
  • 12
8
votes
6 answers

No Root DSE returned from OpenLDAP

I'm trying to set up an OpenLDAP server on ubuntu 9.10, which uses slapd version 2.4.18. After initializing and populating a new hdb database, everything seems OK, but I can not get the server to return a root DSE. Running ldapsearch -x -W -D…
Magne
8
votes
10 answers

Using Lets Encrypt certificates with openLDAP

I've been running an openLDAP server for several months now and we use it to authenticate for a number of applications. A previous staff member set up the server and it doesn't seem to be a standard installation but it's pretty…
shaneoh
  • 414
  • 3
  • 7
  • 19
1 2
3
96 97