I'm using openldap-stable-20100219.tgz build. When I look at
cn=Monitor with browsing tools (like Softerra LDAP browser) I do see entries
for monitorOpInitiated and monitorOpCompleted in DN cn=Operations,cn=Monitor. When I look at cn=SubSchema, I do not see any definitions of these two
attributes. Using (unfortunately) Microsoft's _vbscript_, ADODB, and ADsDSOOBJECT to
access to access cn=Monitor, I can access everything that is defined in the
subschema (entryDN, modifyTimestamp, etc); however, I cannot access
MonitorOpInitiated and such. Looking at the logs, It looks like the query
never gets to the ldap server because MS checks it against the cn=subschema. I saw ITS#4947 and ITS#5576 which sounds like what my problem is
(attributes not published). Is there a fix for this and what would that
fix be? My OS for the ldap server is Redhat Enterprise 5.4. At the end of this email is my redacted slapd.conf file. ---Thanks Mike Cannady Information Services Horry Telephone Cooperative (HTC) Phone: (843)369-8212 Email: Mike.Cannady@htcinc.net [root@vmLDAPdev2 openldap]# cat
slapd.conf # # See slapd.conf(5) for details on
configuration options. # This file should NOT be world
readable. # include
/usr/local/etc/openldap/schema/core.schema include
/usr/local/etc/openldap/schema/cosine.schema include
/usr/local/etc/openldap/schema/inetorgperson.schema include
/usr/local/etc/openldap/schema/nis.schema include
/usr/local/etc/openldap/HTC/iaaa-radius.schema include
/usr/local/etc/openldap/HTC/radius.schema include
/usr/local/etc/openldap/HTC/users.schema # Allow LDAPv2 client
connections. This is NOT the default. allow bind_v2 loglevel 0x100 #loglevel any sizelimit unlimited # Do not enable referrals until
AFTER you have a working directory # service AND an understanding of
referrals. #referral
ldap://root.openldap.org ServerID 002 pidfile
/usr/local/var/run/slapd.pid argsfile
/usr/local/var/run/slapd.args access to *
by dn. read
by * break access to
dn.subtree="dc=htc,dc=com"
by dn. manage
by self write
by anonymous auth access to *
by self write
by users read
by anonymous auth ####################################################################### # database definitions ####################################################################### database
bdb suffix
"dc=htc,dc=com" rootdn
"cn=Manager,dc=htc,dc=com" # Cleartext passwords, especially
for the rootdn, should # be avoided. See
slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication
encouraged. #
rootpw
secret #
rootpw
{crypt}ijFYNcSNctBYg rootpw
{xxxxxxx}xxxxxxxxxxxxxxxxxxxxxxxxxx # The database directory MUST exist
prior to running slapd AND # should only be accessible by the
slapd and slap tools. # Mode 700 recommended. directory
/usr/local/var/openldap-data cachesize 50000 dncachesize 50000 idlcachesize 150000 checkpoint 1024 5 # Indices to maintain for this
database index
objectClass
eq,pres index
ou,cn,mail,surname,givenname eq,pres,sub index
uidNumber,gidNumber,loginShell eq,pres index
uid,memberUid
eq,pres,sub index nisMapName,nisMapEntry
eq,pres,sub index
entryCSN
eq index
entryUUID
eq # Replicas of this database syncrepl rid=001
provider=ldap://vmldapdev1.htc.external:389
type=refreshAndPersist
retry="5 5 300 +"
searchbase="dc=htc,dc=com"
attrs="*,+"
bindmethod=simple
binddn="uid=vmldapdev2,ou=replicants,ou=admin,dc=htc,dc=com"
credentials=atest2 mirrormode TRUE overlay syncprov syncprov-checkpoint 1000 1 database monitor [root@vmLDAPdev2 openldap] ********************************************************************** HTC Disclaimer: The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you. **********************************************************************
|