SV: Drowning in a sea of ignorance as to versions of openldap

["Nomego" <nomego@home.se>]

 

 

I have been learning/testing openldap with version 1.2.11 on three servers in different physical locations.  I have tested with commandline searches,

modifications, etc.  I have tested applications such as proftpd, courier,

addressbooks, even netscape directories and have had no real problems.

I have kept schema checking on during all this and have had to copy schemas

that were for 2.0.?? because I wasn't able to find - didn't spend a lot of

time looking - any for 1.2.11 and they have all worked, as far as I can tell.  (If you have the above applications or similar working in 2.0.11

any tips will be appreciated.)

 

I have been reading the list and the recommendations for 2.0.11 and schema

availability so I changed one machine over to 2.0.11 and it works fine until

I try to access the other two machines with a simple ldapsearch.  I can

access the 2.0.11 from 1.2.11 with no problem.  Netscape directory still

works.  I can't even get courier to compile with the .2 libraries, I haven't

been able to get mod_ldap.c in proftpd to work either.

 

I need some suggestions from folks who have more experience than I, probably

99% of you.

 

   o- Are the problems getting 2.0.11 to interface with imap, pop, smtp,

      apache, ftp, and friend too complex to make it worthwhile for

      for someone who wants to get a little work done as well as learn?

 

   o- Is just copying schemas to slapd.oc.conf in 1.2.11, as posixGroup

      added below, acceptable or will it haunt me later when I move this

      to production?  I really don't have much confidence because I don't

      see how it can possibly know what each variable is for searching,

      indexing, comparing, etc.  If there is correct way, please point

      me in the right direction.

      <cut and past from my slapd.oc.conf>

              objectclass posixGroup

                  requires

                     objectClass,

                     cn,

                     gidNumber

               allows

                     userPassword,

                     memberUid,

                     description

        </cut>

 

As far as I have seen, you must have it like:

            objectclass ( <version> NAME 'posixGroup SUP/SYNTAX

                         MUST ( objectClass $ cn $ gidNumber )

                         MAY ( userPassword $ memberUid $ description ) )

 

    o- Suggestion as to why the following from 2.0.11 to 1.2.11 fails

       and that will maybe help me understand why a simple php bind

       also fails on 2.0.11 but works flawlessly with 1.2.11 without x.

       I have also tried -H rather than -h and ' rather than ".

 

# ldapsearch -h server-1.2.11.domain.com -L -x -b "dc=domain, dc=com" "(objectclass=*)"

ldap_bind: Protocol error

        additional info: version not supported

 

Thanks for you help and suggestions.

 

ed

 -----------------------------------------------------------------------

        The illiterate of the 21st century will not be

              those who cannot read and write,

        but those who cannot learn, unlearn and relearn.

                                                 --Alvin Toffler