Darren Holloway

Categories
- adsc (1)
- Anime (6)
- AWS (1)
- Clojure (8)
- Conservative Fairy Tales (1)
- Cosplay (1)
- dance (4)
- dreams (9)
- Efficiency (1)
- Experiments (1)
- funny (9)
- googlefood (20)
- Howto (3)
- Japan (26)
- Learning Japanese (2)
- lindy hop (5)
- Link (2)
- Linux (2)
- Me (40)
- Odd (3)
- Photography (2)
- pictures (36)
- Quotes (2)
- Rage (1)
- Rant (2)
- Shell Scripting (2)
- Software (3)
- Thoughts (1)
- Travel (20)
- Uncategorized (18)
- work (1)
- World of Warcraft (1)
April 2024

S M T W T F S

1 2 3 4 5 6

7 8 9 10 11 12 13

14 15 16 17 18 19 20

21 22 23 24 25 26 27

28 29 30

« Sep

April 2024
S	M	T	W	T	F	S
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30

OpenLDAP 2.4: Adding overlays

Mostly googlefood, since I spent way too long looking for this.

I wanted to load the unique plugin into my openLDAP 2.4 installation, and had a hell of a time, since so much of the documentation out there is for 2.2. Here’s what I did.

First, I told LDAP to load the plugin (forgetting this caused no end of grief):

root@ldap# cat /tmp/unique.1.ldif dn: cn=module{0},cn=config cn: module{0} objectClass: olcModuleList olcModulePath: /usr/lib64/openldap/ olcModuleLoad: unique.la structuralObjectClass: olcModuleList

root@ldap# ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/unique.1.ldif

Then after that, loading in the configuration for the module itself.
root@ldap# cat /tmp/unique.2.ldif dn: olcOverlay=unique,olcDatabase={2}bdb,cn=config objectClass: olcOverlayConfig objectClass: olcUniqueConfig olcOverlay: unique olcUniqueUri: ldap:///ou=people,dc=example,dc=com?uid?sub olcUniqueUri: ldap:///ou=people,dc=example,dc=com?mail?sub olcUniqueUri: ldap:///ou=people,dc=example,dc=com?uidNumber?sub olcUniqueUri: ldap:///ou=groups,dc=example,dc=com?gidNumber?sub olcUniqueUri: ldap:///ou=groups,dc=example,dc=com?cn?sub

root@ldap# ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/unique.2.ldif

This entry was posted on Sunday, June 2nd, 2013 at 12:41 pm and is filed under googlefood, Howto. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

5 Responses to “OpenLDAP 2.4: Adding overlays”

Van Says:
May 23rd, 2014 at 3:24 am
Darren, you are the man! I was looking for solution for uidNext + uidNumber junction. And finally, thanks to your post, I’ve done it. Thanks a lot!
osee Says:
July 23rd, 2014 at 2:59 am
I must agree with Van.
This was indeed a lifesaver.
cyril Says:
November 11th, 2014 at 9:35 am
Thx a lot man !
Ron McLeod Says:
March 13th, 2017 at 11:50 am
I found with OpenLDAP 2.4.40, that I had to remove the structuralObjectClass attribute, otherwise it would fail:

ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/unique.1.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry “cn=module{0},cn=config”
ldap_add: Constraint violation (19)
additional info: structuralObjectClass: no user modification allowed
airween Says:
August 8th, 2018 at 2:10 am
@Ron McLeod: remove the “structuralObjectClass” line from the file, that couldn’t be there.

Categories

OpenLDAP 2.4: Adding overlays

5 Responses to “OpenLDAP 2.4: Adding overlays”

Leave a Reply