[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: what am I missing

To: "Mark Yarbrough" <myarbrough@drgm.com>, "Openldap-Software" <openldap-software@OpenLDAP.org>
Subject: Re: what am I missing
From: "Alexei Monastyrnyi" <alexeim@orcsoftware.com>
Date: Tue, 10 Jun 2003 09:09:16 +0200
References: <001701c32ecb$8a6c0680$c301a8c0@drgm.com>

IMO there is no way do fix that on LDAP server side.
It is posible If your LDAP clients have some kind of shared/network
configuration. Or one can try OS related tools to fix that (strongly depends
on sort of client).

----- Original Message -----
From: "Mark Yarbrough" <myarbrough@drgm.com>
To: "Openldap-Software" <openldap-software@OpenLDAP.org>
Sent: Monday, June 09, 2003 11:10 PM
Subject: what am I missing


> I don't know how to ask the question so searching on this has been
> difficult.  If some one can point me in the right direction I would
> really appreciate it.
>
> I have set my default ldap.conf file to read as follows.
>
> -- begin --
> BASE    dc=company, dc=dom
> URI     ldap://ldap.company.dom
>
> SIZELIMIT       12
> TIMELIMIT       15
> DEREF           never
>
> -- end --
>
> and when I run
>
> ldapsearch -x "(objectclass=*)"
>
> I get the expected result.  The whole directory is dumped on the screen.
>
> Now comes the question.  Using any Ldap enabled client V2 or V3 how can
> set the default search base from the server so I don't have to set
> dc=company,dc=dom on every single machine's ldap settings?  The machines
> will be either OS9, OSX, or Windows 9x,2K,XP.  I have pasted my
> slapd.conf just because.
>
> -- begin --
> # $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24
> 23:19:14 kurt Exp $ # # See slapd.conf(5) for details on configuration
> options. # This file should NOT be world readable. #
> include         /usr/local/etc/openldap/schema/core.schema
> include         /usr/local/etc/openldap/schema/cosine.schema
> include         /usr/local/etc/openldap/schema/inetorgperson.schema
>
>
> # Define global ACLs to disable default read access.
>
> # Do not enable referrals until AFTER you have a working directory #
> service AND an understanding of referrals.
> #referral       ldap://root.openldap.org
>
> loglevel        296
> pidfile         /usr/local/var/slapd.pid
> argsfile        /usr/local/var/slapd.args
>
> # Load dynamic backend modules:
> # modulepath    /usr/local/libexec/openldap
> # moduleload    back_bdb.la
> # moduleload    back_ldap.la
> # moduleload    back_ldbm.la
> # moduleload    back_passwd.la
> # moduleload    back_shell.la
>
> # Sample security restrictions
> #       Require integrity protection (prevent hijacking)
> #       Require 112-bit (3DES or better) encryption for updates
> #       Require 63-bit encryption for simple bind
> # security ssf=1 update_ssf=112 simple_bind=64
>
> # Sample access control policy:
> #       Root DSE: allow anyone to read it
> #       Subschema (sub)entry DSE: allow anyone to read it
> #       Other DSEs:
> #               Allow self write access
> #               Allow authenticated users read access
> #               Allow anonymous users to authenticate
> #       Directives needed to implement policy:
> # access to dn.base="" by * read
> # access to dn.base="cn=Subschema" by * read
> # access to *
> #       by self write
> #       by users read
> #       by anonymous auth
> #
> # if no access controls are present, the default policy is:
> #       Allow read by all
> #
> # rootdn can always write!
> ## Allow the binding of version 2 for ldap
> allow bind_v2
>
>
> #######################################################################
> # ldbm database definitions
> #######################################################################
>
> database        bdb
> suffix          "dc=company,dc=dom"
> rootdn          "cn=Manager,dc=company,dc=dom"
> # Cleartext passwords, especially for the rootdn, should
> # be avoid.  See slappasswd(8) and slapd.conf(5) for details.
> # Use of strong authentication encouraged.
> rootpw          secret
> # The database directory MUST exist prior to running slapd AND # should
> only be accessible by the slapd and slap tools. # Mode 700 recommended.
> directory       /var/ldap/drgm.com
>
> ## Files should be created rw for teh owner **only**
> mode            0600
> # Indices to maintain
> index   objectClass             eq
> index   cn,sn,mail              eq,sub
> index   departmentNumber        eq
>
> ## db tuning parameters; cache 2,000 entries in memory
> cachesize               2000
> -- end --
>
> Any help is appreciated.
> Thank you,
> Mark Yarbrough
> DRGM Advertising
> 775.686.7769
> myarbrough@drgm.com
>
>
>
> Thank you,
> Mark Yarbrough
> DRGM Advertising
> 775.686.7769
> myarbrough@drgm.com
>
>
>

References:
- what am I missing
  - From: "Mark Yarbrough" <myarbrough@drgm.com>

Prev by Date: Newbie: odd question of ldapsearch :(
Next by Date: Re: International characters (OpenLDAP v2.0, PHP 4)
Index(es):
- Chronological
- Thread