OpenLDAP

问题 I am newbie in LDAP and trying to add extra attribute s & ObjectClass to OpenLDAP (2.4.40) schema, so it could compatible with the java code that is working with Active Directory I did quite a lot of research online and finally come to this .ldif file, but can't quite figure out what is the dn that I should put in there for the target schema. The cn=ldapadm,dc=myapp,dc=local is the DN I created for current project, but I guess that shouldn't be the place to whole these global attributes and

问题 I am trying to get Jenkins to authenticate against a local OpenLDAP service, I can't seem to get users authenticated, even though I can successfully authenticate any user as the manager DN. I have follow this deprecated tutorial: DigitalOcean LDAP tutorial. Although this is meant for Ubuntu 12.04 which is deprecated, it seems to still be allright for the biggest part. What am I missing here? 回答1: In my case, I changed user search filter to mail{0} instead of uid{0} . Then use email address to

问题 Is there any way to perform a LDAP search and save the results into a table format (e.g. csv)? Cheers Jorge 回答1: Just in case someone else has to do this: Based on the answer provided in Filter ldapsearch with awk/bash this will output the LDAP info into a csv format: $ ldapsearch -x -D "cn=something" | awk -v OFS=',' '{split($0,a,": ")} /^mail:/{mail=a[2]} /^uidNumber:/{uidNumber=a[2]} /^uid:/{uid=a[2]} /^cn/{cn=a[2]; print uid, uidNumber,cn , mail}' > ldap_dump.csv NOTE You need to be

问题 I have couple of applications developed in asp.net with authentication from Open LDAP. The applications are working fine and I am having no problem with authentication. The main problem is to manage user roles and responsibilities and the requirements change quite frequently. Can any one suggest an open source framework to manage user roles or any other ways to manage user roles i.e. within open LDAP etc... I have studied few commercial solutions like Visual Guard but am looking for open

问题 I am using Dex as our Identity provider and connecting it to LDAP. Below is my ldap config in Dex: connectors: - type: ldap id: ldap name: LDAP config: host: myhost.staging.com:636 insecureNoSSL: false insecureSkipVerify: false bindDN: cn=prometheus-proxy,ou=serviceaccounts,dc=staging,dc=comp,dc=com bindPW: 'prometheus' rootCA: /etc/dex/ldap/ca-bundle.pem userSearch: baseDN: ou=people,dc=staging,dc=comp,dc=com filter: "(objectClass=person)" username: uid idAttr: uid emailAttr: mail nameAttr:

问题 I can retrieve the logged in user name using NSUserName(), but how do I get the Open Directory "directory domain name" or other domain he is a member of? i.e. similar to the notion in Windows where a logged-in user is DOMAIN\USERNAME, where DOMAIN is his local machine, workgroup or Active Directory domain. 回答1: You may be able to do this with Directory Services. Alternatively, check out the new Open Directory APIs introduced in 10.6; you have a choice between a Core-Foundation-based API and a

问题 I am trying to add a custom attributes object class, because one of my applications only works with sAMAccountName. I found out, that it needs the following schema to add it to LDAP. olcAttributeTypes: ( 1.2.840.113556.1.4.221 NAME 'sAMAccountName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) I created a ldif file with this content and sAMAccountName appeared in Apache Directory Studio dn: cn=custom-attributes,cn=schema,cn=config objectClass: olcSchemaConfig cn: custom-attributes

问题 after a couple of days searching in google I have to resign and ask :/ We're using a debian server with openldap and radius installed. When I connect to the radius using radtest everything is fine, but when I use an accesspoint (and the connection goes through the tunnel) I get the folloing result. The inner-tunnel looks like this: authorize { update control { Proxy-To-Realm := LOCAL } eap { ok = return } files ldap { ok = return } expiration logintime pap } authenticate { Auth-Type PAP { pap

问题 I have an application in Java, using Spring LDAP and Java Naming. The problem is when I delete a branch that contains entries. example: root | |----A | | | |--A1 | | | |----A2 | | | |---A3 | | |-----B When I try to delete the branch A, sends me the following exception: [LDAP: error code 66 - subordinate objects must be deleted first] Please help me! thank you! Greetings.! 回答1: If you are using Spring LDAP, you should be able to accomplish this using LdapTemplate#unbind method that takes

问题 I can't seem to change a users password using the ldap3 python module against an OpenLDAP server. A similar question has been asked before but that's specific to Active Directory. What I've tried: from ldap3.extend.standard.modifyPassword import ModifyPassword from ldap3.utils.hashed import hashed password = hashed(HASHED_SALTED_SHA, password) # or.. password = '{SASL}theuser@domain.com' modify = ModifyPassword( connection, user.entry_get_dn(), new_password=password) resp = modify.send()