OpenLDAP

How to test ldap ppolicy enforcement

梦想与她 提交于 2020-01-02 22:05:36
问题 I am using openldap 2.4. I have configured it with following configuration. include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/nis.schema include /etc/ldap/schema/inetorgperson.schema include /etc/ldap/schema/HFSchema.schema include /etc/ldap/schema/ppolicy.schema pidfile /var/run/slapd/slapd.pid modulepath /usr/lib/ldap moduleload back_hdb.la moduleload ppolicy.la database hdb suffix "dc=example,dc=com" rootdn "cn=admin,dc=example,dc=com"

How to use LDAP Authentication with Grafana and Wamp for Single Sign On?

会有一股神秘感。 提交于 2020-01-02 09:20:07
问题 I am trying to add single sign on for grafana using LDAP, I have come across Grafana documentation for LDAP but I did not understand. Can I get Single Sign On feature using LDAP? If yes, Can somebody give me a step by step procedure to follow to setup single sign on using ldap and grafana. Grafana Version : 5.2.1 OS: WINDOWS Update 1 I have been able to configure LDAP with grafana. Now I'm trying to integrate LDAP with wamp for SSO. In apache error log file I'm getting this error auth_ldap

How do I manually install an old cygwin package?

雨燕双飞 提交于 2020-01-01 04:33:06
问题 A project I am working on requires an old version of SLAPD (the LDAP server) and must run on Windows, hence I am using cygwin packages: I've found a binary package of slapd version I need 2.2.x here: http://www.mirrorservice.org/sites/sourceware.org/pub/cygwin/release/... How do I manually install it in cygwin? It does not seem to be a package-manager file format (like an RPM or a Deb), but is there a tool to install it for me? FYI, I'm operating behind a corporate firewall that prevents me

How to find all the groups the user is a member? (LDAP)

放肆的年华 提交于 2020-01-01 03:49:08
问题 I am trying to get all the groups that a certain user is a member of. I have the following structures in ldap: o=myOrganization ou=unit1 cn=admin cn=guess and ou=users cn=ann cn=bob cn=carla myOrganization is an instance of Organization unit1 is an instance of OrganizationUnit admin and guess are both GroupOfNames and have everyone as a member ann , bob , and carla are instances of Person Currently, I am using the ldap module on python and this is what I have: import ldap l = ldap.initialize(

no version information available

与世无争的帅哥 提交于 2019-12-29 17:52:46
问题 I'm using Ubuntu 12.04 - server and consistently getting: /usr/lib/libcrypto.so.1.0.0: no version information available (required by /usr/lib/libpython2.7.so.1.0) and /usr/lib/libssl.so.1.0.0: no version information available (required by /usr/lib/libpython2.7.so.1.0) error messages without any pattern for why. It can be something as simple as running vi.The files are there and they are not links. This started happening a little after compiling and installing OpenLDAP, using the instructions

Kerberos+LDAP+NFSv4 实现单点登录(下)

耗尽温柔 提交于 2019-12-26 15:10:37
Kerberos+LDAP+NFSv4 实现单点登录(下) 六.nfs客户机的安装 nfs客户机也即SSSD客户机,需安装sssd和nfs-common 1.安装sssd 会自动安装libsasl2-modules-gssapi-mit(非依赖) libsasl2-modules-gssapi-mit和libsasl2-modules-gssapi-heimdal两者冲突,安装libsasl2-modules-gssapi-heimdal也可以 root@debian:~# apt-get install sssd sssd-krb5 sssd-ldap libsasl2-modules-gssapi-heimdal 安装后的sssd.conf是空白文件,nsswitch.conf没改变 root@debian:~# ls -l /etc/sssd/sssd.conf -rw------- 1 root root 1938 Jun 10 11:18 /etc/sssd/sssd.conf 仅拥有者可读(SSSD文档要求sssd.conf仅root根用户可读写,否则无法启动sssd) 修改配置文件sssd.conf、nsswitch.conf 1)查看sssd.conf root@debian:~# cat /etc/sssd/sssd.conf [sssd] config_file

Kerberos+LDAP+NFSv4 实现单点登录(上)

不打扰是莪最后的温柔 提交于 2019-12-26 15:10:30
Kerberos+LDAP+NFSv4 实现单点登录(上) Kerberos : 身份认证 LDAP : 目录信息服务 NFSv4 : 网络共享 实验环境 : debian 9 三台主机: nfs服务器 : 192.168.1.103 nfs客户机 : 192.168.1.102 即SSSD客户端+NFS客户端 kdc服务器 : 192.168.1.101 即Kerberos+LDAP 以下 root@debian:~# 表示以root根用户运行命令 一.安装NTP时间同步 要使用Kerberos提供身份认证,各主机需时间同步 在一台主机上安装时间同步服务器 root@debian:~# apt-get install ntp 在其它主机上安装时间同步客户端 root@debian:~# apt-get install ntpdate 二.配置本地域 假定域是ctp.net 安装Kerberos、LDAP过程都会用到域,NFSv4认证需要到域 以上三台主机的/etc/hosts文件内容都配置如下: 127.0.0.1 localhost 127.0.1.1 debian.ctp.net debian 192.168.1.103 srvnf.ctp.net srvnf 192.168.1.102 clnf.ctp.net clnf 注意:127.0.1.1一定要xxx.ctp

How to get distinguishname for OpenLDAP sever

杀马特。学长 韩版系。学妹 提交于 2019-12-25 03:37:49
问题 I know to get the distinguish name for Active directory server: DirectoryEntry nRoot = new DirectoryEntry("LDAP://localhost:389");//this for OpenLDAP string dnPath = nRoot.Properties["distinguishedName"].Value.ToString(); I am getting an error that 'An invalid dn syntax has been specified' though if try the same code with AD server IP instead of localhost:389 it runs perfectly. Any idea? Thanks! 回答1: I'm not sure I follow what you mean by the "distinguishedName of an Active Directory server".

OpenLDAP - Add open-ldap defined attributes to custom class

不想你离开。 提交于 2019-12-24 18:43:34
问题 I want to create an object class called request , it would have fields like requestID , requestType and timestamp (among others). requestType is string, created like this: attributetype ( <some oid> NAME 'requestType' DESC 'the type of the request' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{250} ) instead of defining custom attributes requestID and timestamp I want to use the attributes defined by openldap like entryUUID and createTimestamp, so that I don't have to deal with

OpenLDAP - Add open-ldap defined attributes to custom class

故事扮演 提交于 2019-12-24 18:42:10
问题 I want to create an object class called request , it would have fields like requestID , requestType and timestamp (among others). requestType is string, created like this: attributetype ( <some oid> NAME 'requestType' DESC 'the type of the request' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{250} ) instead of defining custom attributes requestID and timestamp I want to use the attributes defined by openldap like entryUUID and createTimestamp, so that I don't have to deal with
订阅 OpenLDAP