Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [openldap]

OpenLDAP Software is a free, open source implementation of the Lightweight Directory Access Protocol (LDAP) developed by the OpenLDAP Project. LDAP is a platform-independent protocol for querying and modifying data using directory services running over TCP/IP.

OpenLDAP Software is a free, open source implementation of the Lightweight Directory Access Protocol (LDAP) developed by the OpenLDAP Project. LDAP is a platform-independent protocol for querying and modifying data using directory services running over TCP/IP.

It is released under its own BSD-style license called the OpenLDAP Public License. The OpenLDAP Project was started in 1998 by Kurt Zeilenga which was initially based on a clone of the LDAP reference implementation from the University of Michigan.

1452 questions
5
votes
2 answers

How to connect postgresql with LDAP user?

I have a server with postgresql-9.4 fresh install and I have another server with LDAP already installed. I want to connect postgresql with LDAP user that already exists. What's the basic configuration that I should change in…
user1070579
  • 141
  • 1
  • 3
  • 7
5
votes
2 answers

OpenLDAP/SSSD Automatically Add User to Local Group

I've got a host of servers running various flavors of Linux all setup as OpenLDAP clients via SSSD. I added an LDAP group (sysadmins). I also added a sysadmins group on all of my servers. The members of the sysadmins group will change over time. How…
Ken J
  • 201
  • 1
  • 4
  • 11
5
votes
4 answers

Kerberos with OpenLDAP backend: Password Sync HowTo

The basic setup is an OpenLDAP server. The users are provisioned and the passwords are set. Now we decided to add an MIT KDC for being able to use Kerberos. We configured the MIT KDC to utilize the LDAP as a backend for the KDC database. We create…
Condla
  • 51
  • 1
  • 4
5
votes
1 answer

ldap_add: Protocol error (2) additional info: no attributes provided

I'm following this guide to migrate existing users in /etc/passwd and /etc/group on a RHEL6 machine to a new, external OpenLDAP server. I'm trying to apply this file: # cat people_group.ldif dn: ou=People, dc=my_domain, dc=com ou: People …
Leo
  • 983
  • 7
  • 21
  • 39
5
votes
0 answers

Samba authentication and LDAP

I have an OpenLDAP server that I use for authentication and authorization for various services. All users are of object type inetOrgPerson and my groups are groupOfNames. Now I want to configure Samba to authenticate against LDAP as well (with group…
Chris
  • 193
  • 1
  • 6
5
votes
0 answers

LDAP with TLS: connect error(-11)

I configured OpenLDAP and today I've configured the TLS for more security following these guide lines: Configure OpenLDAP with TLS=required Modifying the cn=config.ldif with config file: dn: cn=config changetype: modify add:…
Neil
  • 355
  • 3
  • 9
  • 16
5
votes
1 answer

can't get “memberof” to work in my OpenLDAP config

I'm trying to set up OpenLDAP on a Debian 7.7 server. While basic auth seems to work, I can't get the "memberof" overlay to work. Being new to LDAP, all that memberof config seems overly complex to me - despite having read numerous tutorials... In…
Udo G
  • 443
  • 4
  • 9
  • 20
5
votes
2 answers

Apache/PHP ldap stops working. Requires restart of apache

I currently have a setup where users log in to a website using LDAP credentials. It's all internal so I don't really care a ton about certificates. So, in my /etc/openldap/ldap.conf file I have TLS_REQCERT never. Before adding that to the file I…
LoneWolfPR
  • 275
  • 1
  • 3
  • 17
5
votes
2 answers

How do I migrate user-accounts from OpenLDAP to Active-Directory?

We want to migrate our user-accounts from OpenLDAP to Active-Directory without changing the passwords and such. The users shouldn't notice the difference against which server they're authenticating…
ppuschmann
  • 610
  • 1
  • 6
  • 16
5
votes
4 answers

Can't use EXTERNAL authentication after enabling TLS in ldap-2.4

I used the following LDIF file to activate the TLS support for the LDAP server: dn: cn=config changetype: modify add: olcTLSCipherSuite olcTLSCipherSuite: NORMAL - add: olcTLSCRLCheck olcTLSCRLCheck: none - add:…
user202
  • 53
  • 1
  • 1
  • 3
5
votes
5 answers

view all possible attributes of an objectClass for LDAP

I'm scripting some ldap automation and have reached a slight hangup. Basically, I want to check if an attribute being added to an entry actually exists within a given objectClass before I try to add it. So far the best idea I have for this is…
Rooster
  • 495
  • 2
  • 7
  • 21
5
votes
2 answers

Is it generally acceptable to expose LDAP in read only mode to the Internet?

I need to support Mac clients who need to access a LDAP server to locate SMIME keys. Since the keys are already in AD, and it's easy for me to create a RODC or read only forest where I push the certificates to, is it acceptable to expose…
makerofthings7
  • 8,911
  • 34
  • 121
  • 197
5
votes
1 answer

How do you enable the storing of GPG / PGP keys in OpenLDAP

I've searched high and low trying to find a method that allows me to store GPG keys for existing users in an OpenLDAP server. The only relevant how-to I've found is this. However, I'm unable to get this method to work with the existing OpenLDAP…
zymhan
  • 1,371
  • 1
  • 17
  • 30
5
votes
1 answer

How Do I Configure OpenLDAP to use MySQL (Ubuntu 9.04)?

My intention is to make a MySQL table of Customer Contact Information available to Outlook/Thunderbird clients as an Address Book (via LDAP). I'm aware that OpenLDAP has a MySQL backend option, but I haven't been able to find any clear, solid…
Nick
  • 4,503
  • 29
  • 69
  • 97
5
votes
1 answer

What are best practices to store delegated permissions in OpenLDAP?

My network's core user database is managed by OpenLDAP. Recently we need to introduce a possibility for one user to act on second user's behalf. As all application-related rights and permissions are stored in the LDAP we also want to store the new…
hegemon
  • 165
  • 1
  • 6
1 2 3
96 97