search for: onelevel

On 10/06/2019 16:04, vincent at cojot.name wrote: > > There is probably some amount of redtape on this but AFAIK it works > fine for me: My RHEL7.6 hypervisors are joined to my AD DC 4.10.4 VMs > through use of realm '(and thus sssd): > > Here's a RHEL7.6 client: > # realm list > ad.lasthome.solace.krynn > ? type: kerberos > ? realm-name:

...:09 f42252se dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=smtp#011nologin#011lip=192.168.110.150#011rip=192.168.110.165#011secured#011resp=<hidden> Jan 7 19:43:09 f42252se dovecot: auth: Debug: ldap(avadmin,192.168.110.165): pass search: base=ou=user,dc=averlon,dc=loc scope=onelevel filter=(&(objectClass=posixAccount)(uid=avadmin)) fields=uid,userPassword Jan 7 19:43:09 f42252se dovecot: auth: Debug: ldap(avadmin,192.168.110.165): result: uid(user)=avadmin userPassword(password)=<hidden> Jan 7 19:43:09 f42252se dovecot: auth: Debug: client out: OK#0111#011user=avad...

...a) OpenLDAP 2.3.38 Dovecot 1.0.12 SHORT VERSION ----- ------- Here is my dovecot-ldap.conf: hosts = ldap.lrtz dn = cn=varmail,ou=users,dc=lorentz,dc=com dnpass = ********* ldap_version = 3 auth_bind = yes pass_filter = (&(objectClass=inetOrgPerson)(mail=%Lu)) base = ou=users, dc=%Dd scope = onelevel I have tested using the above information with ldapsearch, and it works fine. However, when dovecot tries to authenticate the user, the LDAP server receives the query and responds to it (according to the LDAP log file), but dovecot just hangs there. 180 seconds later, it drops the IMAP client....

...own LDAP subtree. Each user has an entry in the ou=users subtree of the domain subtree, and has a mail: field (inetOrgPerson) listing their email address/login name. I am trying to use auth_bind: when I login with jackmc at lorentz.com, dovecot should search for mail=jackmc at lorentz.com in the onelevel below ou=users,dc=lorentz,dc=com and find me as "cn=Jack McKinney,ou=users,dc=lorentz,dc=com". I have created an entry in LDAP (varmail) that should be able to do this query. Indeed, from the command line, it works: ldapsearch -h ldap.lrtz -b 'ou=users, dc=lorentz, dc=com' -D &...

...urations are centalized, erratically and often require hand-tuning, in the sssd.conf settings. It also has a *nasty* behavior with AD or SSSD: it pre-caches *everything* from the LDAP directories it is pointed to, and I mean *everything*. Its configuration supports structures that only search "onelevel" in an LDAP directory, but when designating this it precaches the entire LDAP directory containing the "onelevel" objects at startup time, with no way I ever found to turn off this misfeature. Hilarity ensues if if your LDAP server, whether Samba or AD, are not close enough to the cl...

...128.el5 x86_64 RPM on CentOS 5.7. All accounts are virtual, hosted on LDAP Server. My problem is that the command: doveadm quota get -A stopped listing all accounts. I think this problem started after I changed in LDAP lookup configuration from "scope = subtree" to "scope = onelevel", because it did not occur before (I did no other changes). Now, the above command only lists 12 accounts. If I query for a particular user: doveadm quota get -u userx this works fine, but userx (and all users except those 12) is NOT listed when trying to display all users. How can I...

...ount names a bit): > > ldapsearch -D username at internal.xxx.yy -w password -H ldaps://<samba DC> > -s one -b ou=business,dc=internal,dc=xxx,dc=yy samaccountname=testadmin > # extended LDIF > # > # LDAPv3 > # base <ou=business,dc=internal,dc=xxx,dc=yy> with scope oneLevel > # filter: samaccountname=testadmin > # requesting: ALL > # This is a worry. Can you file a bug? I've sent you an invite to our bugzilla. It seems we have an issue here applying the 'onelevel' restriction. There have been some pretty major changes (which allowed Samba'...

...psearch -D username at internal.xxx.yy -w password -H ldaps://192.168.1.1 -s one -b ou=business,dc=internal,dc=xxx,dc=yy "(&(objectCategory=person)(objectClass=user)(sAMAccountName=testadmin))" # extended LDIF # # LDAPv3 # base <ou=business,dc=internal,dc=xxx,dc=yy> with scope oneLevel # filter: (&(objectCategory=person)(objectClass=user)(sAMAccountName=testadmin)) # requesting: ALL # # Test Admin, Test, internal.xxx.yy dn: CN=Test Admin,OU=Test,DC=internal,DC=xxx,DC=yy objectClass: top objectClass: person objectClass: organizationalPerson objectClass: user <snip> dis...

...some detective work here, stepping through all the versions from the old 4.9.4 database onwards, building them from source on an isolated system and doing ldapsearch against them. It is the change from 4.10.13 to 4.11.0 (or maybe in general from pre-4.11 to 4.11?) that breaks it; after that the onelevel scope is not applied correctly. Ldbsearch also returns wrong results when used with your commands (it took me a while to figure out that I needed "tls verify peer = no_check" and "ldap server require strong auth = no" to be able to run the query): samba-4.11.0$ /usr/local/sa...

Dear Expert, Can i specify multiple Base DN for user lookup in dovecot like :- dc=abc,dc=com dc=abc,dc=net dc=xzy,dc=com dc=xyz,dc=net Thanks

...xample,dc=com # LDAP protocol version to use. Likely 2 or 3. ldap_version = 3 # LDAP base. %variables can be used here. # For example: dc=mail, dc=example, dc=org base = cn=users,cn=accounts,dc=example,dc=com # Dereference: never, searching, finding, always #deref = never # Search scope: base, onelevel, subtree scope = subtree #scope = onelevel # User attributes are given in LDAP-name=dovecot-internal-name list. The # internal names are: # uid - System UID # gid - System GID # home - Home directory # mail - Mail location # # There are also other special fields which can be returned, see...

...1 mail: test at gmail.com dn: uid=test2, ou=People, o=somethingelse.com mail: test at yahoo.com uid: test2 The users login to IMAP as: test1 at examle.com and test2 at somethingelse.com. Here's an (excerpt) of the dovecot.conf file I am using: auth_bind = yes base = ou=People,o=%d scope = onelevel pass_attrs = mail=user pass_filter = (uid=%n) userdb static { args = uid=vmail gid=vmail home=/var/mail/apps/%d/%n } The problem I am seeing when the user logs in, the home dir is getting created incorrectly: Jan 3 14:08:12 vds5 dovecot: [ID 107833 mail.info] imap-login: Login: user=<tes...

...l.xxx.yy -w password -H > ldaps://192.168.1.1 -s one -b ou=business,dc=internal,dc=xxx,dc=yy > "(&(objectCategory=person)(objectClass=user)(sAMAccountName=testadmin))" > # extended LDIF > # > # LDAPv3 > # base <ou=business,dc=internal,dc=xxx,dc=yy> with scope oneLevel > # filter: > (&(objectCategory=person)(objectClass=user)(sAMAccountName=testadmin)) > # requesting: ALL > # > > # Test Admin, Test, internal.xxx.yy > dn: CN=Test Admin,OU=Test,DC=internal,DC=xxx,DC=yy > objectClass: top > objectClass: person > objectClass: organi...

...ogin to the LDAP server dn = cn=oh,cn=Users,dc=foo,dc=bar # Password for LDAP server dnpass = password # LDAP protocol version to use. Likely 2 or 3. ldap_version = 3 # LDAP base base = cn=Users,dc=foo,dc=bar # Dereference: never, searching, finding, always #deref = never # Search scope: base, onelevel, subtree scope = subtree # User attributes in order: user_attrs = uid,homeDirectory,,,uidNumber,gidNumber # Filter for user lookup. Some variables can be used: #user_filter = (&(objectClass=posixAccount)(uid=%u)) # Password checking attributes in order: pass_attrs = uid,userPassword # Filte...

..._key = </etc/pki/tls/private/star_noa_gr-1243437.key ssl_protocols = !SSLv2 !SSLv3 syslog_facility = local1 ----------------------------- CONFIG END -------------------------------- FILE: /etc/dovecot/dovecot-usrdb-ldap.conf hosts = localhost tls = no base = ou=people, dc=noa, dc=gr scope = onelevel ldap_version = 3 dn = uid=auth,ou=Sys,dc=noa,dc=gr dnpass = secret auth_bind = yes user_filter = (uid=%u) pass_filter = (uid=%u) pass_attrs = uid=user,userPassword=password auth_bind_userdn = uid=%u,ou=people,dc=noa,dc=gr user_attrs = roomNumber=quota_rule=*:bytes=%$,uid=home=/home/vmail/%u iterate...

...ldapsearch -D username at internal.xxx.yy -w password -H ldaps://<samba >> DC> -s one -b ou=business,dc=internal,dc=xxx,dc=yy >> samaccountname=testadmin >> # extended LDIF >> # >> # LDAPv3 >> # base <ou=business,dc=internal,dc=xxx,dc=yy> with scope oneLevel >> # filter: samaccountname=testadmin >> # requesting: ALL >> # >> >> # Test Admin, Test, internal.xxx.yy >> dn: CN=Test Admin,OU=Test,DC=internal,DC=xxx,DC=yy >> objectClass: top >> objectClass: person >> objectClass: organizationalPerson >...

...gh all the versions > from > the old 4.9.4 database onwards, building them from source on an > isolated > system and doing ldapsearch against them. It is the change from > 4.10.13 > to 4.11.0 (or maybe in general from pre-4.11 to 4.11?) that breaks > it; > after that the onelevel scope is not applied correctly. Thanks. That is where I would expect the issue to have come up. We did some pretty big changes to LDB and and LDAP server during that period. If you have the time, moving to git bisect as the tool and running between samba-4.10.0rc1 and samba-4.11.0 would be awes...

...ode: 432 | user: postfix | group: postfix | master: | path: /var/run/dovecot/auth-master | mode: 384 | user: vmail `-------- dovecot-ldap.conf: ,-------- | hosts = 192.168.100.20:389 | ldap_version = 3 | base = ou=People,dc=example,dc=com | deref = never | scope = onelevel | auth_bind = yes | auth_bind_userdn = uid=%n,ou=People,dc=example,dc=com `--------

Hi, Working on a report that is going to have a large number of graphs and summaries. We have 80 "groups" with 20 variables each. Ideally, I'd like to produce ONE page for each group. It would have two columns of 10 graphs and then the 5 number summary of the variables at the bottom. So, perhaps the top 2/3 of the page has the graphs and the bottom third has 20 rows of data

...default DN before each user lookup. > # > # For example: > # auth_bind_userdn = cn=%u,ou=people,o=org > # > auth_bind_userdn = uid=%n,cn=users,cn=accounts,dc=example,dc=com That one looks strange, you really have an account (uid=office at examle.com) ? > # Search scope: base, onelevel, subtree > scope = subtree > #scope = onelevel > > # User attributes are given in LDAP-name=dovecot-internal-name list. The > # internal names are: > # uid - System UID > # gid - System GID > # home - Home directory > # mail - Mail location > # > # There are...