[Date Prev][Date Next]
Re: Back-ldap configuration and id-assertion.
On Wed, Sep 1, 2010 at 12:11 AM, Mustafa A. Hashmi <firstname.lastname@example.org> wrote:
> On Tue, Aug 31, 2010 at 9:31 PM, <email@example.com> wrote:
>>> Hi all,
>>> I am wondering if I am going about my setup the right way and am
>>> hoping someone can give me a bit of input.
>>> Using openldap-2.4.23 on Debian Linux, I have nssov configured to
>>> retrieve host, user and group information on my primary server, with
>>> back-ldap and nssov configured on a secondary machine doing the same.
>>> The back-ldap configuration is as follows:
>>> database ldap
>>> suffix dc=zivios,dc=net
>>> uri "ldap://dev03.zivios.net"
>>> acl-bind bindmethod=simple binddn="" credentials=""
>>> idassert-authzFrom "dn.regex:.*"
>> Hi, I can't speak for the nssov, but the back-ldap configuration looks
>> fine to me. I'm very interested in addressing the issue you note. I have
>> recently committed some fixes to address something that might be related,
>> could you try HEAD code? Also, since you find the issue so easily
>> reproducible, could you send detailed logs of the server too?
>> stats,trace,args should be best. If they get pretty big, could you please
>> upload them to ftp://ftp.openldap.org following guidelines here
> Will do first thing tomorrow. Many thanks.
I've uploaded the log file named:
mustafa-hashmi-20110901-slapd-backldap-log.txt to the incoming folder.
Please let me know if you need additional information.
I am going to give the code in HEAD a shot and report back (hopefully
within a few hours).