Search Results

Search found 29935 results on 1198 pages for 'open ldap'.

Page 35/1198 | < Previous Page | 31 32 33 34 35 36 37 38 39 40 41 42  | Next Page >

• Guide on writing my first open source software ?

  - by Kim Jong Woo

  Hello Stackoverflow, Since last August 2009, I have been working on project but then decided to release it as an open source project. The purpose of this project is to provide an alternative to existing commercial & expensive solution. So my question is, how can I get started ? The prototype has been ready since May and now being rewritten in Java. Which license type do I need to pursue ? LGPL? MIT? Thank you, John.

  Read the article

• Open source alternative to Sharepoint lists

  - by Thomas

  Sharepoint's lists functionality is powerful. Because I don't want all the other functionality of Sharepoint, I have been looking for an alternative (preferrable open source) without much success. Basically I want to have a platform or web application that: allows us to define custom datatypes (for different kinds of customer products) has the possibility to create views or forms to present to the user for reading, creating or updating the information of the items of a given datatype a ui to setup this configuration is not required but would be nice to have In an ideal scenario there is an API to get the data out afterwards for further processing.

  Read the article

• open source flash or ajax sketchpad?

  - by Fh

  For a non-profit (charity) site I need a simple sketchpad (drawing) component. It should be able to: Let the user draw a simple black on white sketch. Save to server the full drawing steps. Save to server the final image. Re-play the drawing steps to future users. http://www.sketchswap.com/ has a similar component. Do you know where I could find an open source component to use in this project? Thanks,

  Read the article

• C++ open() fails for no apparant reason

  - by jondoe

  The following code: char filename[64]; ifstream input; cout << "Please enter the filename: " << endl; cin >> filename; input.open(filename); if (!input.is_open()) { cout << "Opening file " << filename << " failed." << endl; exit(1); } fails, it enters the if() and exits. What could possibly be the cause for this? I'm using Microsoft Visual C++. When I hardcoded the filename as a constant it instead ended up garbled: http://pici.se/pictures/CNQEnwhgo.png Suggestions?

  Read the article

• Open source GIS tools

  - by TRV_SQL

  Hi I’ve been looking at Open Source GIS tools. In particular MapServer and GeoServer. The problem I’m seeing is that to actually deploy these to the public you can’t use a regular $5/ month (or free) hosting service because you have to install these services on the server in ways that are not accessible in the average hosting scheme. So you either have to use a host that has MapServer installed (many of which look unreliable) or have a dedicated server or VPS. All of these options have a significant cost barrier ($30 - $200/month). I’m just doing this for fun. Are there any free or inexpensive ways to have your GIS services hosted? Or are there any products that install in a way that you don’t need to access the root structure of the server? I have tried OpenLayers and GeoExt but I don’t think a client side option will work for me because of the size of the datasets I am using. My base data will be vector data not WMS data (or something similar). I haven’t tried Google maps yet, but I will be looking into it. Also, any thought on using SVG for GIS purposes? Thanks

  Read the article

• open flash chart rails x-axis issue

  - by Jimmy

  Hey guys, I am using open flash chart 2 in my rails application. Everything is looking smooth except for the range on my x axis. I am creating a line to represent cell phone plan cost over a specific amount of usage and I'm generate 8 values, 1-5 are below the allowed usage while 6-8 are demonstrations of the cost for usage over the limit. The problem I'm encountering is how to set the range of the X axis in ruby on rails to something specific to the data. Right now the values being displayed are the indexes of the array that I'm giving. When I try to hand a hash to the values the chart doesn't even load at all. So basically I need help getting a way to set the data for my line properly so that it displays correctly, right now it is treating every value as if it represents the x value of the index of the array. Here is a screen shot which may be a better description than what I am saying: http://i163.photobucket.com/albums/t286/Xeno56/Screenshot.png Note that those values are correct just the range on the x-axis is incorrect, it should be something like 100, 200, 300, 400, 500, 600, 700 Code: y = YAxis.new y.set_range(0,100, 20) x_legend = XLegend.new("Usage") x_legend.set_style('{font-size: 20px; color: #778877}') y_legend = YLegend.new("Cost") y_legend.set_style('{font-size: 20px; color: #770077}') chart =OpenFlashChart.new chart.set_x_legend(x_legend) chart.set_y_legend(y_legend) chart.y_axis = y line = Line.new line.text = plan.name line.width = 2 line.color = '#006633' line.dot_size = 2 line.values = generate_data(plan) chart.add_element(line) def generate_data(plan) values = [] #generate below threshold numbers 5.times do |x| usage = plan.usage / 5 * x cost = plan.cost * 10 values << cost end #generate above threshold numbers 3.times do |x| usage = plan.usage + ((plan.usage / 5) * x) cost = plan.cost + (usage * plan.overage) values << cost end return values end

  Read the article

• Best Practices for Setup and Management of an Open Source Project

  - by VirtuosiMedia

  Later this year I want to release a PHP framework that I've been working on as open source. I do use source control (SVN), but it's on an extremely limited basis. I'm self-taught, I develop by myself and don't have the experience of working with large teams. I have some ideas about what can help make a project successful, but I'm fuzzy on some of the details. Since it's not yet released, I want to do everything I can to set up the right infrastructure from the beginning. What do I need to know in order to setup and manage a successful project? Some ideas that I have to make it successful (beyond marketing it): Good documentation and tutorials Automated unit tests and builds to push update to the website A clear roadmap Bug Tracking integrated with the source control A style guide to keep the code consistent along with clear A forum for the community to get support, share ideas, etc. A good example application built with the framework A blog to keep the community informed Maintaining backwards compatibility wherever possible Some of my questions: How do I setup and automate a one step submit-test-commit-generate API docs-push update to website process? How do I handle (technically) submissions from other users? How can I ensure that those submissions must be approved before being integrated? What are some of the pitfalls that can be avoided in terms of the project community? I'd prefer to have it be as friendly and helpful as possible without a lot of drama. I'd love to learn from your experience on any of these points. If you think I'm missing anything big, please share that as well. Any resources (preferably geared toward a beginner) that you could point me towards would also be greatly appreciated.

  Read the article

• How to configure Spring Security PasswordComparisonAuthenticator

  - by denlab

  I can bind to an embedded ldap server on my local machine with the following bean: <b:bean id="secondLdapProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider"> <b:constructor-arg> <b:bean class="org.springframework.security.ldap.authentication.BindAuthenticator"> <b:constructor-arg ref="contextSource" /> <b:property name="userSearch"> <b:bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch"> <b:constructor-arg index="0" value="ou=people"/> <b:constructor-arg index="1" value="(uid={0})"/> <b:constructor-arg index="2" ref="contextSource" /> </b:bean> </b:property> </b:bean> </b:constructor-arg> <b:constructor-arg> <b:bean class="com.company.security.ldap.BookinLdapAuthoritiesPopulator"> </b:bean> </b:constructor-arg> </b:bean> however, when I try to authenticate with a PasswordComparisonAuthenticator it repeatedly fails on a bad credentials event: <b:bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider"> <b:constructor-arg> <b:bean class="org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator"> <b:constructor-arg ref="contextSource" /> <b:property name="userDnPatterns"> <b:list> <b:value>uid={0},ou=people</b:value> </b:list> </b:property> </b:bean> </b:constructor-arg> <b:constructor-arg> <b:bean class="com.company.security.ldap.BookinLdapAuthoritiesPopulator"> </b:bean> </b:constructor-arg> </b:bean> Through debugging, I can see that the authenticate method picks up the DN from the ldif file, but then tries to compare the passwords, however, it's using the LdapShaPasswordEncoder (the default one) where the password is stored in plaintext in the file, and this is where the authentication fails. Here's the authentication manager bean referencing the preferred authentication bean: <authentication-manager> <authentication-provider ref="ldapAuthProvider"/> <authentication-provider user-service-ref="userDetailsService"> <password-encoder hash="md5" base64="true"> <salt-source system-wide="secret"/> </password-encoder> </authentication-provider> </authentication-manager> On a side note, whether I set the password-encoder on ldapAuthProvider to plaintext or just leave it blank, doesn't seem to make a difference. Any help would be greatly appreciated. Thanks

  Read the article

• Open source gravatar-like implementations?

  - by Tauren

  I'm already using gravatar icons for the users of my web service. However, I'm finding several problems with this approach: Only a small percentage of the users take the time to set up a gravatar profile. My users are not tech-savvy, but would be likely to add a dedicated photo to my site. Users of my service are encouraged to use images that depict them in proper uniform for the industry my service relates to. They wouldn't want that same picture to be used for personal purposes throughout the internet. They would not take the time or effort to manage a separate email address and gravatar account just to have an "in-uniform" profile photo for my service. Before I implement my own profile image feature, I was wondering if there are any open-source solutions that I could leverage with similar features to gravatar. Specifically: The ability to display any size thumbnail (up to 512px would be fine) Takes care of caching different sized thumbnails Has support for something like identicons, preferably pluggable with different style algorithms (monsters, etc.), even better if I can customize these Ability to fall-back to gravatar if no photo found Does anything like this exist? I haven't found it yet if it does.

  Read the article

• Getting Recognition for Open-Source Computer Language Projects

  - by Jon Purdy

  I like language a lot, so I write a lot of language-based solutions for programming, automation, and data definition. I'm very much a believer in open-source software, so lately I've started to push these projects to Sourceforge when I start them. I feel that these tools could be quite valuable in the right hands, and that they fill niches that otherwise go unfilled. The trouble, for me, is gaining recognition. No matter how useful the software I write, after a certain point I can no longer come up with anything to add or improve. Basically no one but me uses it, so it's not being attacked from enough angles to discover any new weaknesses. I cannot work on a project that doesn't have anything to do, but I won't have anything to do unless I gain recognition by working on it! This is greatly discouraging. It's like giving what you think is a really thoughtful gift to someone who just isn't paying attention. So I'm looking for advice on how to network and disseminate information about my projects so that they don't fizzle out like this. Are there any sites, newsgroups, or mailing lists that I've been completely missing?

  Read the article

• Where to post code for open source usage?

  - by Douglas

  I've been working for a few weeks now with the Google Maps API v3, and have done a good bit of development for the map I've been creating. Some of the things I've done have had to be done to add usability where there previously was not any, at least not that I could find online. Essentially, I made a list of what had to be done, searched all over the web for the ways to do what I needed, and found that some were not(at the time) possible(in the "grab an example off the web" sense). Thus, in my working on this map, I have created a number of very useful tools, which I would like to share with the development community. Is there anywhere I could use as a hub, apart from my portfolio ( http://dougglover.com ), to allow people to view and recycle my work? I know how hard it can be to need to do something, and be unable to find the solution elsewhere, and I don't think that if something has been done before, it should necessarily need to be written again and again. Hence open source code, right? Firstly, I was considering coming on here and asking a question, and then just answering it. Problem there is I assume that would just look like a big reputation grab. If not, please let me know and I'll go ahead and do that so people here can see it. Other suggestions appreciated. Some stuff I've made: A (new and improved) LatLng generator Works quicker, generates LatLng based on position of a draggable marker Allows searching for an address to place the marker on/near the desired location(much better than having to scroll to your location all the way from Siberia) Since it's a draggable marker, double-clicking zooms in, instead of creating a new LatLng marker like the one I was originally using The ability to create entirely custom "Smart Paths" Plot LatLng points on the map which connect to each other just like they do using the actual Google Maps Using Dijkstra's algorithm with Javascript, the routing is intelligent and always gives the shortest possible route, using the points provided Simple, easy to read multi-dimensional array system allows for easily adding new points to the grid Any suggestions, etc. appreciated.

  Read the article

• Small Open source and free java applications

  - by user1089770

  I am a Perl Developer who has just stepped into the Java world and I want to be very proficient in Java EE development. However, I have found that, being a Perl guy, I have very high MTI(Mother Tongue Influence). Indians will know what MTI is. For others, it can be defined as an influence of your "main" language whenever you "speak" your new language. In other words, our mind converts/translates what we want to "say" in the new language based on the "main" language, which can be quite absurd or meaning less in the "new" language. Coming back to the point, as a result of this MTI, many lines of my code has this Perl influence and it is absurd and useless for production. Hence, I'd like to see or better do some research on existing small to medium open source java applications, so that I will know how I can "speak" in the native way of the "new" language. Some examples in PHP will be : WordPress, Zend etc. So I'd really appreciate if you guys could suggest any such apps. Apps that have a great commercial value are highly preferred

  Read the article

• Open Source Licenses, which one?

  - by sam

  recently I created a java class " Custom Layout Manager ", which I want to make it open-source and distribute it. So it's not really a "product", nor a "complete program". Here's the list of permissions and specifications: You are free to use and modify with some limitations (packages and classes names, should remain the same, if you want another name, extend this class. - The .jar file, project name is ok to change). You don't need to share your modifications. You can't modify and then sell it to others. You can use it as part of your commercial software (For example: It's OK if: you created an instant messaging program, that uses my "Layout", since your "core bussiness" isn't the "Layout", but the msg program. It's NOT OK if: you created another "Layout" by extending it, added some features and sell it.) You can't remove the author's name nor the author's website address. You are free to donate. :D Basically, it's free and it's Ok as you give me credits and don't make money with it. I guess it might be a little bit complex, since you use it "commercially" but cannot sell it separately. I have seeked almost all the licenses, and the closest one was MIT license, but it says that you can sell it, so I don't really want to use this one. Is there any license that fits all these permissions I stated? Thanks.

  Read the article

• Failed Administrator login on WSO2 IS with external OpenLDAP

  - by Marco Rivadeneyra

  I have an installation of WSO2 Identity Server and I'm trying to make it work with an external OpenLDAP instance I have followed this guide: http://wso2.org/project/solutions/identity/3.2.3/docs/user-core/admin_guide.html#LDAP For the read-only mode. But when I try to log-in I get a failed login and the following error on the console: TID: [0] [WSO2 Identity Server] [2012-08-10 17:10:25,493] WARN {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - Failed Administrator login attempt 'john[0]' at [2012-08-10 17:10:25,0493] from IP address 127.0.0.1 {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} Full log: http://pastebin.com/pHUGXBqv My configuration file looks as follows: <UserManager> <Realm> <Configuration> <AdminRole>admin</AdminRole> <AdminUser> <UserName>john</UserName> <Password>johnldap</Password> </AdminUser> <EveryOneRoleName>everyone</EveryOneRoleName> <!-- By default users in this role sees the registry root --> <ReadOnly>true</ReadOnly> <MaxUserNameListLength>500</MaxUserNameListLength> <Property name="url">jdbc:h2:repository/database/WSO2CARBON_DB</Property> <Property name="userName">wso2carbon</Property> <Property name="password">wso2carbon</Property> <Property name="driverName">org.h2.Driver</Property> <Property name="maxActive">50</Property> <Property name="maxWait">60000</Property> <Property name="minIdle">5</Property> </Configuration> <UserStoreManager class="org.wso2.carbon.user.core.ldap.LDAPUserStoreManager"> <Property name="ReadOnly">true</Property> <Property name="MaxUserNameListLength">100</Property> <Property name="ConnectionURL">ldap://192.168.81.144:389</Property> <Property name="ConnectionName">cn=admin,dc=example,dc=com</Property> <Property name="ConnectionPassword">admin</Property> <Property name="UserSearchBase">ou=People,dc=example,dc=com</Property> <Property name="UserNameListFilter">(objectClass=inetOrgPerson)</Property> <Property name="UserNameAttribute">uid</Property> <Property name="ReadLDAPGroups">false</Property> <Property name="GroupSearchBase">ou=Groups,dc=example,dc=com</Property> <Property name="GroupSearchFilter">(objectClass=groupOfNames)</Property> <Property name="GroupNameAttribute">uid</Property> <Property name="MembershipAttribute">member</Property> </UserStoreManager> <AuthorizationManager class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager"></AuthorizationManager> </Realm> I followed this guide to configure my LDAP server up to Loggging: https://help.ubuntu.com/12.04/serverguide/openldap-server.html Could you suggest what might be wrong? The LDAP log is available at: http://pastebin.com/T9rFYEAW

  Read the article

• "Unable to open file", when the program tries to open file in /proc

  - by tristartom

  Hi, I try to read file /proc/'pid'/status, using c program. The code is as follows, and even I use sudo to run it, the prompt still keeps throwing "Unable to open file". Please let me know if you have any ideas on how to fix this. thanks Richard ... int main (int argc, char* argv[]) { string line; char* fileLoc; if(argc != 2) { cout << "a.out file_path" << endl; fileLoc = "/proc/net/dev"; } else { sprintf(fileLoc, "/proc/%d/status", atoi(argv[1])); } cout<< fileLoc << endl; ifstream myfile (fileLoc); if (myfile.is_open()) { while (! myfile.eof() ) { getline (myfile,line); cout << line << endl; } myfile.close(); } else cout << "Unable to open file"; return 0; }

  Read the article

• Open an Emacs buffer when a command tries to open an editor in shell-mode

  - by Chris Conway

  I like to use Emacs' shell mode, but it has a few deficiencies. One of those is that it's not smart enough to open a new buffer when a shell command tries to invoke an editor. For example with the environment variable VISUAL set to vim I get the following from svn propedit: $ svn propedit svn:externals . "svn-prop.tmp" 2L, 149C[1;1H ~ [4;1H~ [5;1H~ [6;1H~ [7;1H~ ... (It may be hard to tell from the representation, but it's a horrible, ugly mess.) With VISUAL set to "emacs -nw", I get $ svn propedit svn:externals . emacs: Terminal type "dumb" is not powerful enough to run Emacs. It lacks the ability to position the cursor. If that is not the actual type of terminal you have, use the Bourne shell command `TERM=... export TERM' (C-shell: `setenv TERM ...') to specify the correct type. It may be necessary to do `unset TERMINFO' (C-shell: `unsetenv TERMINFO') as well.svn: system('emacs -nw svn-prop.tmp') returned 256 (It works with VISUAL set to just emacs, but only from inside an Emacs X window, not inside a terminal session.) Is there a way to get shell mode to do the right thing here and open up a new buffer on behalf of the command line process?

  Read the article

• BonitaSoft sort Bonita Open Solution 5.6 et propose de tester gratuitement sa solution de gestion des processus métier open-source

  BonitaSoft sort Bonita Open Solution 5.6 Et propose de tester gratuitement sa solution de gestion des processus métier open-source BonitaSoft, un des leaders de la gestion des processus métier (BPM) open source, a annoncé la sortie de Bonita Open Solution 5.6. Cette nouvelle version intègre des mises à niveau importantes proposées au sein d'une nouvelle gamme de solutions BPM pour « maximiser la productivité, accélérer la mise en production d'applications basées sur des processus métier, et de sécuriser les déploiements critiques ». La suite Bonita Open Solution est conçue pour répondre aux besoins évolutifs de projets BPM qui requièrent davantage de collaboration entre les utilisa...

  Read the article

• Bonita Open Solution 5.4 : le gestionnaire de processus métiers Open Source simplifie son déploiement et améliore son ergonomie

  Sortie de Bonita Open Solution 5.4 Le gestionnaire des processus métiers Open Source simplifie son déploiement et améliore son ergonomie BonitaSoft, un des leaders du marché des solutions BPM en Open Source, annonce aujourd'hui la sortie de la version 5.4 de Bonita Open Solution, sa suite logicielle de gestion des processus métier. Cette version propose de nombreuses évolutions dans l'architecture « cloud-ready » introduite dans la version 5.3, en permettant aux utilisateurs de déployer l'application en quelques clics. Bonita Open Solution 5.4 apporte également un ensemble d'améliorations dans le domaine de la modélisation de processus, rendant cette étape « plus s...

  Read the article

• LDAP SSL connect problem

  - by juergen

  I set up a test domain for my LDAP SSL tests and it is not working. I am using Windows Server 2008 R2 SP 1. I came so far: 1. i generated and installed my self signed certificate on the test domain controller 2. on the server i can log into ldap over SSL with the MS ldp.exe tool. 3. using ldp.exe on a client that is no in this domain the login fails with error 0x51 = "failed to connect". (i don't have a client computer that is in this domain right now) 4. I testet the certificate by using it in the IIS on the test server and I can reach the default page of the test server over SSL. (from the client that is not in the domain) 5. analysing the traffic between client and server I can see that the server is sending a certificate to the client. why isn't this working on my client computer?

  Read the article

• Error: Only LDAP Connection Strings are Supported against Active Directory

  - by Brent Pabst

  I have the following ASP.NET Membership section defined in the Web.config file: <membership defaultProvider="AspNetActiveDirectoryMembershipProvider"> <providers> <clear/> <add connectionStringName="ADService" connectionUsername="umanage" connectionPassword="letmein" enablePasswordReset="true" enableSearchMethods="true" applicationName="uManage" clientSearchTimeout="30" serverSearchTimeout="30" name="AspNetActiveDirectoryMembershipProvider" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </membership> The Connection string looks like this: <add name="ADService" connectionString="ldap://familynet.local" /> Whenever I call the following code: Membership.GetAllUsers(); I get the following error: Configuration Error Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately. Parser Error Message: Only LDAP connection strings are supported against Active Directory and ADAM. I don't understand why the system is claiming the LDAP connection string is bad because it is in fact a valid LDAP string as specified by the MSDN documentation. http://msdn.microsoft.com/en-us/library/system.web.security.activedirectorymembershipprovider.aspx Any ideas?

  Read the article

• XServe won't let me log in

  - by niklassaers

  Hi guys, After a power-failure, my Xserve won't let me log in on the login screen. I can still SSH into the box and access its other services, but the login box just shakes when I write either a local username and password or an ldap based username and password (this server is the LDAP server). Any suggestions on how I can go about solving this problem? Cheers Nik

  Read the article

• Persuading openldap to work with SSL on Ubuntu with cn=config

  - by Roger

  I simply cannot get this (TLS connection to openldap) to work and would appreciate some assistance. I have a working openldap server on ubuntu 10.04 LTS, it is configured to use cn=config and most of the info I can find for TLS seems to use the older slapd.conf file :-( I've been largely following the instructions here https://help.ubuntu.com/10.04/serverguide/C/openldap-server.html plus stuff I've read here and elsewhere - which of course could be part of the problem as I don't totally understand all of this yet! I have created an ssl.ldif file as follows; dn:cn=config add: olcTLSCipherSuite olcTLSCipherSuite: TLSV1+RSA:!NULL add: olcTLSCRLCheck olcTLSCRLCheck: none add: olcTLSVerifyClient olcTLSVerifyClient: never add: olcTLSCACertificateFile olcTLSCACertificateFile: /etc/ssl/certs/ldap_cacert.pem add: olcTLSCertificateFile olcTLSCertificateFile: /etc/ssl/certs/my.domain.com_slapd_cert.pem add: olcTLSCertificateKeyFile olcTLSCertificateKeyFile: /etc/ssl/private/my.domain.com_slapd_key.pem and I import it using the following command line ldapmodify -x -D cn=admin,dc=mydomain,dc=com -W -f ssl.ldif I have edited /etc/default/slapd so that it has the following services line; SLAPD_SERVICES="ldap:/// ldapi:/// ldaps:///" And everytime I'm making a change, I'm restarting slapd with /etc/init.d/slapd restart The following command line to test out the non TLS connection works fine; ldapsearch -d 9 -D cn=admin,dc=mydomain,dc=com -w mypassword \ -b dc=mydomain,dc=com -H "ldap://mydomain.com" "cn=roger*" But when I switch to ldaps using this command line; ldapsearch -d 9 -D cn=admin,dc=mydomain,dc=com -w mypassword \ -b dc=mydomain,dc=com -H "ldaps://mydomain.com" "cn=roger*" This is what I get; ldap_url_parse_ext(ldaps://mydomain.com) ldap_create ldap_url_parse_ext(ldaps://mydomain.com:636/??base) ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP mydomain.com:636 ldap_new_socket: 3 ldap_prepare_socket: 3 ldap_connect_to_host: Trying 127.0.0.1:636 ldap_pvt_connect: fd: 3 tm: -1 async: 0 TLS: can't connect: A TLS packet with unexpected length was received.. ldap_err2string ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) Now if I check netstat -al I can see; tcp 0 0 *:www *:* LISTEN tcp 0 0 *:ssh *:* LISTEN tcp 0 0 *:https *:* LISTEN tcp 0 0 *:ldaps *:* LISTEN tcp 0 0 *:ldap *:* LISTEN I'm not sure if this is significant as well ... I suspect it is; openssl s_client -connect mydomain.com:636 -showcerts CONNECTED(00000003) 916:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188: I think I've made all my certificates etc OK and here are the results of some checks; If I do this; certtool -e --infile /etc/ssl/certs/ldap_cacert.pem I get Chain verification output: Verified. certtool -e --infile /etc/ssl/certs/mydomain.com_slapd_cert.pem Gives "certtool: the last certificate is not self signed" but it otherwise seems OK? Where have I gone wrong? Surely getting openldap to run securely on ubuntu should be easy and not require a degree in rocket science! Any ideas?

  Read the article

• LdapErr: DSID-0C0903AA, data 52e: authenticating against AD '08 with pam_ldap

  - by Stefan M

  I have full admin access to the AD '08 server I'm trying to authenticate towards. The error code means invalid credentials, but I wish this was as simple as me typing in the wrong password. First of all, I have a working Apache mod_ldap configuration against the same domain. AuthType basic AuthName "MYDOMAIN" AuthBasicProvider ldap AuthLDAPUrl "ldap://10.220.100.10/OU=Companies,MYCOMPANY,DC=southit,DC=inet?sAMAccountName?sub?(objectClass=user)" AuthLDAPBindDN svc_webaccess_auth AuthLDAPBindPassword mySvcWebAccessPassword Require ldap-group CN=Service_WebAccess,OU=Groups,OU=MYCOMPANY,DC=southit,DC=inet I'm showing this because it works without the use of any Kerberos, as so many other guides out there recommend for system authentication to AD. Now I want to translate this into pam_ldap.conf for use with OpenSSH. The /etc/pam.d/common-auth part is simple. auth sufficient pam_ldap.so debug This line is processed before any other. I believe the real issue is configuring pam_ldap.conf. host 10.220.100.10 base OU=Companies,MYCOMPANY,DC=southit,DC=inet ldap_version 3 binddn svc_webaccess_auth bindpw mySvcWebAccessPassword scope sub timelimit 30 pam_filter objectclass=User nss_map_attribute uid sAMAccountName pam_login_attribute sAMAccountName pam_password ad Now I've been monitoring ldap traffic on the AD host using wireshark. I've captured a successful session from Apache's mod_ldap and compared it to a failed session from pam_ldap. The first bindrequest is a success using the svc_webaccess_auth account, the searchrequest is a success and returns a result of 1. The last bindrequest using my user is a failure and returns the above error code. Everything looks identical except for this one line in the filter for the searchrequest, here showing mod_ldap. Filter: (&(objectClass=user)(sAMAccountName=ivasta)) The second one is pam_ldap. Filter: (&(&(objectclass=User)(objectclass=User))(sAMAccountName=ivasta)) My user is named ivasta. However, the searchrequest does not return failure, it does return 1 result. I've also tried this with ldapsearch on the cli. It's the bindrequest that follows the searchrequest that fails with the above error code 52e. Here is the failure message of the final bindrequest. resultcode: invalidcredentials (49) 80090308: LdapErr: DSID-0C0903AA, comment: AcceptSecurityContext error, data 52e, v1772 This should mean invalid password but I've tried with other users and with very simple passwords. Does anyone recognize this from their own struggles with pam_ldap and AD? Edit: Worth noting is that I've also tried pam_password crypt, and pam_filter sAMAccountName=User because this worked when using ldapsearch. ldapsearch -LLL -h 10.220.100.10 -x -b "ou=Users,ou=mycompany,dc=southit,dc=inet" -v -s sub -D svc_webaccess_auth -W '(sAMAccountName=ivasta)' This works using the svc_webaccess_auth account password. This account has scan access to that OU for use with apache's mod_ldap.

  Read the article

• openldap-servers-2.2.13-12.el4_8.2 RHEL 4 err=6

  - by coderwhiz

  I have been seeing these following error codes on our LDAP server: zgrep -o err=[0-9]* ldap.log.1.gz | sort | uniq -c 106664 err=0 146 err=16 288 err=4 29 err=49 8106 err=6 Can someone explain what err=6 is exactly and if its a big problem? I have been seeing lately some failures to authenticate and wonder if it is related to these errors? I have seen a possible timeout problem in the 2.2 Code base and not sure if theres a patch or if I would have to upgrade to the latest openldap version? thanks kosta

  Read the article

• How do I configure Reverse Group Membership Maintenance on an openldap server? (memberOf)

  - by emills

  I am currently working on integrating LDAP authentication into a system and I would like to restrict access based on LDAP group. The only way to do this is via a search filter and therefore I believe my only option to be the use of the "memberOf" attribute in my search filter. It is my understanding that the "memberOf" attribute is an operational attribute which can be created by the server for me anytime a new "member" attribute is created for any "groupOfNames" entry on the server. My main goal is to be able to add a "member" attribute to an existing "groupOfNames" entry and have a matching "memberOf" attribute be added to the DN I provide. What I have managed to achieve so far: I'm still pretty new to LDAP administration but based on what I found in the openldap admin's guide, it looks like Reverse Group Membership Maintence aka "memberof overlay" would achieve exactly the effect I am looking for. My server is currently running a package installation (slapd on ubuntu) of openldap 2.4.15 which uses "cn=config" style runtime configuration. Most of the examples I have found still reference the older "slapd.conf" method of static configuration and I have tried my best to adapt the configurations to the new directory based model. I have added the following entries to enable the memberof overlay module: Enable the module with olcModuleLoad cn=config/cn\=module\{0\}.ldif dn: cn=module{0} objectClass: olcModuleList cn: module{0} olcModulePath: /usr/lib/ldap olcModuleLoad: {0}back_hdb olcModuleLoad: {1}memberof.la structuralObjectClass: olcModuleList entryUUID: a410ce98-3fdf-102e-82cf-59ccb6b4d60d creatorsName: cn=config createTimestamp: 20090927183056Z entryCSN: 20091009174548.503911Z#000000#000#000000 modifiersName: cn=admin,cn=config modifyTimestamp: 20091009174548Z Enabled the overlay for the database and allowed it to use it's default settings (groupOfNames,member,memberOf,etc) cn=config/olcDatabase={1}hdb/olcOverlay\=\{0\}memberof dn: olcOverlay={0}memberof objectClass: olcMemberOf objectClass: olcOverlayConfig objectClass: olcConfig objectClass: top olcOverlay: {0}memberof structuralObjectClass: olcMemberOf entryUUID: 6d599084-490c-102e-80f6-f1a5d50be388 creatorsName: cn=admin,cn=config createTimestamp: 20091009104412Z olcMemberOfRefInt: TRUE entryCSN: 20091009173500.139380Z#000000#000#000000 modifiersName: cn=admin,cn=config modifyTimestamp: 20091009173500Z My current result: By using the above configuration, I am able to add a NEW "groupOfNames" with any number of "member" entries and have all the involved DNs updated with a "memberOf" attribute. This is part of the behavior I would expect. While I believe the following should have been accomplished with the memberof overlay, I still do not know how to do the following and I would gladly welcome any advice: Add a "member" attribute to an EXISTING "groupOfNames" and have a corresponding "memberOf" attribute be created automatically. Remove a "member" attribute and have the corresponding "memberOf" attribute" be removed automatically.

  Read the article

< Previous Page | 31 32 33 34 35 36 37 38 39 40 41 42  | Next Page >