[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#7963) Client paged results directive fails
Full_Name: Bastien Bonnefon
Version: 2.4.39
OS: CentOS 7
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (194.2.202.93)
Hi,
I have installed openldap as meta directory to request multiple Active
Directory.
I have managed to install and make it work with dynamic configuration or
slapd.conf.
But one of the applications accessing the directory needs paged results due to
the large amount of entries returned.
So I've searched and found the directive "client-pr", which seems to have been
enabled since this case :
http://www.openldap.org/its/index.cgi/Software%20Enhancements?id=6664;page=4
The directive is also dcribibed in the slapd-meta man page :
http://www.openldap.org/software/man.cgi?query=slapd-meta&apropos=0&sektion=0&manpath=OpenLDAP+2.4-Release&format=html
However, enabling the feature in slapd.conf (I just can't in olc format) doesn't
work. Syslog shows this :
"unknown directive <client-pr> inside backend database definition"
I've started testing with CentOS 7 and package openldap 2.4.39
I've then tried with Debian Wheezy and Ubuntu 14.04 (package slapd 2.4.31)
I've also tried installing openldap from the source with the version 2.4.24
(client-pr should have been enabled in this version due to ITS#6664) => no way
:/
I think I've declared the directive as specified in the man page but maybe I
miss something. I have not found any other report on the web on how to use
"client-pr".
Thank you for your help.
Here is my slapd.conf
# Include
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/nis.schema
pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args
# Modules
moduleload back_ldap.la
moduleload back_meta.la
# Database meta
database meta
suffix "dc=meta,dc=local"
rootdn "cn=Manager,dc=meta,dc=local"
rootpw secret_password1
# First directory
uri "ldap://192.168.0.1/ou=test1,dc=meta,dc=local"
client-pr accept-unsolicited
lastmod off
suffixmassage "ou=test1,dc=meta,dc=local" "dc=test1,dc=local"
idassert-bind bimemethod=simple
binddn="cn=openldap,OU=users,OU=TEST,dc=test1,dc=local"
credentials="secret_password2"
mode=none
flags=non-prescriptive
idassert-authzFrom "dn.exact:cn=Manager,dc=meta,dc=local"
chase-referrals no
acl-authcDN cn=openldap,OU=users,OU=TEST,dc=test1,dc=local
acl-passwd secret_password2
# Second Directory
uri "ldap://192.168.0.2/ou=test2,dc=meta,dc=local"
client-pr accept-unsolicited
lastmod off
suffixmassage "ou=test2,dc=meta,dc=local" ,%c=test2,dc=local"
idassert-bind bindmethod=simple
binddn="cn=openldap,OU=users,OU=TEST,dc=test2,dc=local"
credentials="secret_password3"
mode=none
flags=non-prescriptive
idassert-authzFrom "dn.exact:cn=Manager,dc=meta,dc=local"
chase-referrals no
acl-authcDN "cn=openldap,OU=users,OU=TEST,dc=test2,dc=local"
acl-passwd secret_password3
idletimeout 1800