[Date Prev][Date Next] [Chronological] [Thread] [Top]

SV: Drowning in a sea of ignorance as to versions of openldap



I have been learning/testing openldap with version 1.2.11 on three servers in different physical locations.  I have tested with commandline searches,

modifications, etc.  I have tested applications such as proftpd, courier,

addressbooks, even netscape directories and have had no real problems.

I have kept schema checking on during all this and have had to copy schemas

that were for 2.0.?? because I wasn't able to find - didn't spend a lot of

time looking - any for 1.2.11 and they have all worked, as far as I can tell.  (If you have the above applications or similar working in 2.0.11

any tips will be appreciated.)


I have been reading the list and the recommendations for 2.0.11 and schema

availability so I changed one machine over to 2.0.11 and it works fine until

I try to access the other two machines with a simple ldapsearch.  I can

access the 2.0.11 from 1.2.11 with no problem.  Netscape directory still

works.  I can't even get courier to compile with the .2 libraries, I haven't

been able to get mod_ldap.c in proftpd to work either.


I need some suggestions from folks who have more experience than I, probably

99% of you.


   o- Are the problems getting 2.0.11 to interface with imap, pop, smtp,

      apache, ftp, and friend too complex to make it worthwhile for

      for someone who wants to get a little work done as well as learn?


   o- Is just copying schemas to slapd.oc.conf in 1.2.11, as posixGroup

      added below, acceptable or will it haunt me later when I move this

      to production?  I really don't have much confidence because I don't

      see how it can possibly know what each variable is for searching,

      indexing, comparing, etc.  If there is correct way, please point

      me in the right direction.

      <cut and past from my slapd.oc.conf>

              objectclass posixGroup











As far as I have seen, you must have it like:

            objectclass ( <version> NAME 'posixGroup SUP/SYNTAX

                         MUST ( objectClass $ cn $ gidNumber )

                         MAY ( userPassword $ memberUid $ description ) )


    o- Suggestion as to why the following from 2.0.11 to 1.2.11 fails

       and that will maybe help me understand why a simple php bind

       also fails on 2.0.11 but works flawlessly with 1.2.11 without x.

       I have also tried -H rather than -h and ' rather than ".


# ldapsearch -h server-1.2.11.domain.com -L -x -b "dc=domain, dc=com" "(objectclass=*)"

ldap_bind: Protocol error

        additional info: version not supported


Thanks for you help and suggestions.




        The illiterate of the 21st century will not be

              those who cannot read and write,

        but those who cannot learn, unlearn and relearn.

                                                 --Alvin Toffler