[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: How to find out whether overlay module is loaded to openldap
On Fri, 2005-11-25 at 14:22 +0530, sandeep wrote:
> Pierangelo Masarati wrote:
> I added "database monitor" directive to slapd.conf.
should help.
>
> Then the result are follows:
> [root@ncins1 openldap]# ldapsearch -x -H ldap://:6666 -b
> cn=Overlays,cn=Monitor
> # extended LDIF
> #
> # LDAPv3
> # base <cn=Overlays,cn=Monitor> with scope subtree
> # filter: (objectclass=*)
> # requesting: ALL
> #
>
> # Overlays, Monitor
> dn: cn=Overlays,cn=Monitor
> objectClass: monitorContainer
> cn: Overlays
> description: This subsystem contains information about available overlays.
>
> # Overlay 0, Overlays, Monitor
> dn: cn=Overlay 0,cn=Overlays,cn=Monitor
> objectClass: monitoredObject
> cn: Overlay 0
>
> # Overlay 1, Overlays, Monitor
> dn: cn=Overlay 1,cn=Overlays,cn=Monitor
> objectClass: monitoredObject
> cn: Overlay 1
>
> # Overlay 2, Overlays, Monitor
> dn: cn=Overlay 2,cn=Overlays,cn=Monitor
> objectClass: monitoredObject
> cn: Overlay 2
>
> # Overlay 3, Overlays, Monitor
> dn: cn=Overlay 3,cn=Overlays,cn=Monitor
> objectClass: monitoredObject
> cn: Overlay 3
>
> # Overlay 4, Overlays, Monitor
> dn: cn=Overlay 4,cn=Overlays,cn=Monitor
> objectClass: monitoredObject
> cn: Overlay 4
>
> # Overlay 5, Overlays, Monitor
> dn: cn=Overlay 5,cn=Overlays,cn=Monitor
> objectClass: monitoredObject
> cn: Overlay 5
>
> # Overlay 6, Overlays, Monitor
> dn: cn=Overlay 6,cn=Overlays,cn=Monitor
> objectClass: monitoredObject
> cn: Overlay 6
>
> # Overlay 7, Overlays, Monitor
> dn: cn=Overlay 7,cn=Overlays,cn=Monitor
> objectClass: monitoredObject
> cn: Overlay 7
>
> # Overlay 8, Overlays, Monitor
> dn: cn=Overlay 8,cn=Overlays,cn=Monitor
> objectClass: monitoredObject
> cn: Overlay 8
>
> # Overlay 9, Overlays, Monitor
> dn: cn=Overlay 9,cn=Overlays,cn=Monitor
> objectClass: monitoredObject
> cn: Overlay 9
>
> # Overlay 10, Overlays, Monitor
> dn: cn=Overlay 10,cn=Overlays,cn=Monitor
> objectClass: monitoredObject
> cn: Overlay 10
>
> # Overlay 11, Overlays, Monitor
> dn: cn=Overlay 11,cn=Overlays,cn=Monitor
> objectClass: monitoredObject
> cn: Overlay 11
>
> # Overlay 12, Overlays, Monitor
> dn: cn=Overlay 12,cn=Overlays,cn=Monitor
> objectClass: monitoredObject
> cn: Overlay 12
>
> # Overlay 13, Overlays, Monitor
> dn: cn=Overlay 13,cn=Overlays,cn=Monitor
> objectClass: monitoredObject
> cn: Overlay 13
>
> # Overlay 14, Overlays, Monitor
> dn: cn=Overlay 14,cn=Overlays,cn=Monitor
> objectClass: monitoredObject
> cn: Overlay 14
>
> # Overlay 15, Overlays, Monitor
> dn: cn=Overlay 15,cn=Overlays,cn=Monitor
> objectClass: monitoredObject
> cn: Overlay 15
>
> # search result
> search: 2
> result: 0 Success
>
> &
>
> [root@ncins1 openldap]# ldapsearch -x -H ldap://:6666 -b
> cn=Databases,cn=Monitor '(monitorOverlay=ppolicy)' '*' '+'
> # extended LDIF
> #
> # LDAPv3
> # base <cn=Databases,cn=Monitor> with scope subtree
> # filter: (monitorOverlay=ppolicy)
> # requesting: * +
> #
>
> # search result
> search: 2
> result: 0 Success
>
> Why there is a difference between your output and mine.
are you sure you ran the same command I suggested you? Please go back
and re-read my message; make sure you pass ldapsearch the same options I
suggested. Different options are generally supposed to produce
different behavior, otherwise there would be no need for command line
options at all.
> Can I assume that ppolicy overlay is loaded fine.
I woulnd't make assumptions that I'm not sure I can prove somehow.
> But still if I put the line moduleload ppolicy.la in the slapd.conf
> it says file not found and stoping slapd.
> My compile options are below:
> configure
> --enable-syslog \
> --enable-crypt \
> --enable-modules \
> --enable-rewrite \
> --enable-wrapers \
^^ this looks definitely mistyped
> --enable-backends \
> --enable-overlays \
^^^ this line __should__ enable all available overlays (I mean: among
those configure knows about).
> --enable-slurpd
>
> Also I put a password length or 6 characters
> Still I am able to change password to 3 charactors.
That's out of my knowledge of the functionality of the overlay. My bet
is that you need to fill the policy somehow to yield the desired
response, but I suggest you go for the man page for more authoritative
help; in case, make sure you read the <draft-behera-ldap-password-
policy> to clearly understand what's the behavior and what's required by
the user.
p.
Ing. Pierangelo Masarati
Responsabile Open Solution
SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office: +39.02.23998309
Mobile: +39.333.4963172
Email: pierangelo.masarati@sys-net.it
------------------------------------------