[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Novice problem


On 06/06/11 05:01 AM, Aurélien Lafranchise wrote:


	Aurélien Lafranchise | Consultant
Tél. : +33 (0)1 75 43 55 12 | Fax : +33 (0)1 75 43 55 11
www.snype-consulting.com <http://www.snype-consulting.com/>

2011/6/4 Christopher Wood <christopher_wood@pobox.com


    On 01/06/11 05:46 AM, Aurélien Lafranchise wrote:

        Hi all,

        I am a very novice (less than a week) with OpenLDAP and I have some
        basics problems.

        First, I have the 2.4.25 version and I downloaded the Admin
        Guide as a

        I understood that the way to configure the server change from
        to cn=config and this change is not clear by reading the

        My question is simple, how to create my own DIT without
        interfering with
        the default configuration ?

    I took the (quick, lazy) path of making a slapd.conf and using
    slaptest to convert to the cn=config format. The slapd.conf was
    basic enough to have database locations and indexing, and I added
    replication later via ldapmodifies to cn=config.

    It also helped that I could look at the entries under cn=config and
    compare them to my slapd.conf.

Ok, thanks it is not the best but very efficient !

I'm still learning myself, so I figured that the provided tools will be better than me at making cn=config setups.

        The end goal of this server is to have a radius server
        interrogating the
        LDAP one to deliver IP address to a GGSN (GPRS équipement).

    So far I've found that the configuration with the fewest points of
    failure is when the ldap directory is on the same host as the radius
    daemon. Also, perhaps look into the FreeRADIUS schema for OpenLDAP
    as a convenient way to get started storing your radius information
    in the directory.

Why do you have a problem by having freeradius and openldap on the same
server ?

I meant that the configuration with the least problems was when they were on the same server. I've tried the (radius -> firewall -> load balancer -> ldap) configuration before and at times it wasn't the best it could be.

I found the freeradius schema and I have to modify it so it take more time.

Do you have an idea about what is a collective attribute ?

I have no idea, but the IETF has all the RFCs:


        Thanks for the help provided.

                Aurélien Lafranchise | Consultant
        Tél. : +33 (0)1 75 43 55 12 | Fax : +33 (0)1 75 43 55 11
        www.snype-consulting.com <http://www.snype-consulting.com>