top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

Apache: Indexing in openldap

+1 vote
354 views

I want information regarding adding index on an ldap attribute.

My directory structure is like:

ObjectClass Hierarchy: Company=>Department (In dc=example,dc=com)

Inside ObjectClass"Company", One of the attributes "UserID" to be indexed. I have added index on the same as per following in slapd.conf:

index UserID eq

Kindly let me know whether it is the correct syntax of defining an index.

posted Feb 17, 2015 by anonymous

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button

1 Answer

0 votes

looks OK to me. In order to have slapd take notice of that you have to write it into olcDatabase={n}{type}, cn=config as attribute olcDbIndex.

with n being the running number of the Database (such as 2), and type being the type (such as bdb) of the Database.

answer Feb 18, 2015 by Vijay Shukla
Similar Questions
+3 votes

We have integrated apache web server with our internal LDAP and we have requirement to provision role based access to the folders in the docroot. We have earlier used SVN and we were using AuthzSVNAccessFile to meet this requirement. Contents of the file will look like this.

[groups]
users = usera
admins = usera, userb
[/]
users = r

[/folderA]
admins= r

Now we are looking for something similar with the apache directives, is it possible? if not, can you please give us an alternate?

I have tried "Require ", it doesn’t solve our requirement.

0 votes

If LDAPVerifyServerCert is enabled in SSL , authentication fails with Message simple bind failed. If LDAPVerifyServerCert is disabled in SSL there is no issue.

LDAP server is OpenLdap.

What configuration w.r.t LDAP/SSL I need to check so that authentication succeeds with LDAPVerifyServerCertflag ON.

0 votes

I have the following modules installed on my linux computer:

openldap-2.2.13-12.el4_8.2 
nss_ldap-253-7.el4 

According to the documentation Apache can work with more than one LDAP module:
https://httpd.apache.org/docs/current/mod/mod_authnz_ldap.html [1]

How can I ensure Apache HTTPD server works with OpenLDap installed on my computer? Where I configure it?

0 votes

Does anyone know is there an Option for Global User Management?
So it means I wanted to be able to have a Database (sql/LDAP) and wanted to connect all my Servers to that Database. (All Users in a specific group are able to login via ssh on any Server.)

0 votes

I am writing a command line tool in python to generate one time passwords/tokens. The command line tool will have certain sub-commands like --generate-token and --list-all-tokens for example. I want to restrict access to certain sub-commands. In this case, when user tries to generate a new token, I want him/her to authenticate against AD server first.

I have looked at python-ldap and I am even able to bind to the AD server. In my application I have a function

 def authenticate_user(username, password): pass

which gets username and plain-text password. How do I use the LDAPObject instance to validate these credentials?

...