Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [openldap]

OpenLDAP Software is a free, open source implementation of the Lightweight Directory Access Protocol (LDAP) developed by the OpenLDAP Project. LDAP is a platform-independent protocol for querying and modifying data using directory services running over TCP/IP.

OpenLDAP Software is a free, open source implementation of the Lightweight Directory Access Protocol (LDAP) developed by the OpenLDAP Project. LDAP is a platform-independent protocol for querying and modifying data using directory services running over TCP/IP.

It is released under its own BSD-style license called the OpenLDAP Public License. The OpenLDAP Project was started in 1998 by Kurt Zeilenga which was initially based on a clone of the LDAP reference implementation from the University of Michigan.

1452 questions
5
votes
2 answers

Using Linux & Open LDAP for a Mac Network

I'm looking for resources/suggestions/experience on administering a medium sized network of Macs (300ish) using Open LDAP on Linux rather than using Open or Active Directory. Would like the following features: Network accounts Network home…
Jon Rhoades
  • 4,987
  • 3
  • 31
  • 48
5
votes
2 answers

FreeRADIUS2 and LDAP Authentication

I am currently running a CentOS 5.5 box with FreeRADIUS2 on it. I have the simple authentication turned on right now (username and pass is set via /etc/raddb/users). I want to have FreeRADIUS authenticate users via my current OpenLDAP server. Can…
arukaen
  • 73
  • 2
  • 4
5
votes
2 answers

Unable to modify schema in OpenLDAP using run-time configuration cn=config

I'm having trouble modifying the schema of an OpenLDAP installation using the run-time configuration (cn=config). What I'm trying to do is modify existing attributes and add new ones to a custom schema. The error I'm getting when I try to apply the…
theJoe
  • 65
  • 1
  • 2
  • 6
5
votes
3 answers

When setting up OpenLDAP for the first time, what are some things to keep in mind?

I'm in the process of reading up on documentation and setting up OpenLDAP to handle authentication throughout my network, for email, web services, user accounts, any anything else that I could throw at it. It's not going to be anything SUPER big,…
Chiggins
  • 811
  • 8
  • 21
  • 37
5
votes
3 answers

Ubuntu OpenLDAP: TLS init def ctx failed: -1

I had a working OpenLDAP but broke it while trying to configure SSL using the instructions here: https://help.ubuntu.com/10.04/serverguide/C/openldap-server.html. Now I'm getting the following error when I try to start ldap with -d -1: TLS: only one…
pandoh
  • 83
  • 1
  • 1
  • 6
5
votes
2 answers

Logging authentication failure on OpenLDAP

I need to log authentication failure on OpenLDAP. What is the proper log level bit for that? Or is there another configuration for such a thing?
Daniel C. Sobral
  • 5,713
  • 6
  • 34
  • 48
5
votes
2 answers

VsFTPd - LDAP - PAM

I am trying to configure a VsFTPd server to authenticate agains an LDAP server. It may be easy, but since it is the first time that I am using both LDAP and PAM, I have some difficulties. VsFTPd runs on an Ubuntu Server 11.04 and the LDAP is…
Totor
  • 95
  • 1
  • 3
  • 9
5
votes
2 answers

dn-based linux groups from ldap

Is there any way to use one of LDAP's DN-based groups for linux groups instead of using the uid-based posixGroup objectclass? More broadly, is there any way I can avoid having one set of groups for supporting linux accounts and a parallel set of…
Brad Mace
  • 1,024
  • 3
  • 17
  • 32
5
votes
1 answer

OpenLDAP ACL to allow users to change their password

What ACL should be added slapd.conf to allow users to change their password. We are now having the default ACL allowing only rootdn the rights to modify while allowing reading by everyone including anonymous.
nitins
  • 2,579
  • 15
  • 44
  • 68
5
votes
1 answer

Replication from OSX OpenDirectory to OpenLDAP

I have an OpenDirectory server running on an OSX Server machine, and I'd like to increase the reliability of the service by having a slave server. The problem is, I only have 1 OSX Server but I have plenty of Linux servers available. I'm happy with…
natacado
  • 3,367
  • 29
  • 27
5
votes
2 answers

How to configure OpenLDAP 2.4 with bdb backend?

It seems like OpenLDAP will prefer to using slapd-config(5) instead of slapd.conf(5). But I don't know how to start with slapd-config(5) because I don't know how to set a root password for it. So I'm back using slapd.conf(5), with the following…
Lenik
  • 792
  • 8
  • 13
  • 27
5
votes
2 answers

Access control to 100's of LAMP box via LDAP

This is every SysAdmin's nightmare of things to do. Basically we want to control who has access to which hosts. As simple it may sound, the problem is to find a scalable and low maintenance(mgmt. overhead) solution. We use bcfg2 for Config Mgmt much…
Prashanth Sundaram
  • 451
  • 4
  • 10
5
votes
2 answers

How to handle nested groups in LDAP

I am total LDAP newbie and I am just researching if I can use it for my next project or better stay away from it. The project will depend heavily on the concept of nested groups and I frequently need to know in which groups a user is (also in which…
user36497
4
votes
1 answer

LDIF file -- why should I not edit it directly?

(Downvote me for this question if you must. But I've been googling this and trying to follow tutorials for 2+ days now. I'll take the downvotes if it means hopefully getting this solved.) I'm struggling with the basics of OpenLDAP on a CentOS Linux…
Casey Crookston
  • 363
  • 1
  • 3
  • 15
4
votes
1 answer

How to set an olcAccess attribute so gidNumber=0+uidNumber=0 works like olcRootDN?

I'm upgrading a Ubuntu 14.04 OpenLDAP server to 16.04 and running into a snag. There is an (localhost) import script which uses uses ldapdelete -r -Y EXTERNAL -H ldapi:///... to remove some OUs and then re-populate them with new information. This is…
Server Fault
  • 3,714
  • 12
  • 54
  • 89
1 2 3
96 97