I have been learning/testing openldap with version 1.2.11 on three servers in different physical locations. I have tested with commandline searches,
modifications, etc. I have tested applications such as proftpd, courier,
addressbooks, even netscape directories and have had no real problems.
I have kept schema checking on during all this and have had to copy schemas
that were for 2.0.?? because I wasn't able to find - didn't spend a lot of
time looking - any for 1.2.11 and they have all worked, as far as I can tell. (If you have the above applications or similar working in 2.0.11
any tips will be appreciated.)
I have been reading the list and the recommendations for 2.0.11 and schema
availability so I changed one machine over to 2.0.11 and it works fine until
I try to access the other two machines with a simple ldapsearch. I can
access the 2.0.11 from 1.2.11 with no problem. Netscape directory still
works. I can't even get courier to compile with the .2 libraries, I haven't
been able to get mod_ldap.c in proftpd to work either.
I need some suggestions from folks who have more experience than I, probably
99% of you.
o- Are the problems getting 2.0.11 to interface with imap, pop, smtp,
apache, ftp, and friend too complex to make it worthwhile for
for someone who wants to get a little work done as well as learn?
o- Is just copying schemas to slapd.oc.conf in 1.2.11, as posixGroup
added below, acceptable or will it haunt me later when I move this
to production? I really don't have much confidence because I don't
see how it can possibly know what each variable is for searching,
indexing, comparing, etc. If there is correct way, please point
me in the right direction.
<cut and past from my slapd.oc.conf>
As far as I have seen, you must have it like:
objectclass ( <version> NAME 'posixGroup SUP/SYNTAX
MUST ( objectClass $ cn $ gidNumber )
MAY ( userPassword $ memberUid $ description ) )
o- Suggestion as to why the following from 2.0.11 to 1.2.11 fails
and that will maybe help me understand why a simple php bind
also fails on 2.0.11 but works flawlessly with 1.2.11 without x.
I have also tried -H rather than -h and ' rather than ".
# ldapsearch -h server-1.2.11.domain.com -L -x -b "dc=domain, dc=com" "(objectclass=*)"
ldap_bind: Protocol error
additional info: version not supported
Thanks for you help and suggestions.
The illiterate of the 21st century will not be
those who cannot read and write,
but those who cannot learn, unlearn and relearn.