OPENLDAP - not able to download profile from master Post: 303030736

Sponsored Content

Operating Systems Linux OPENLDAP - not able to download profile from master Post 303030736 by solaris_1977 on Thursday 14th of February 2019 05:19:42 PM

02-14-2019

Registered User

I ran this on LDAP Master side, if I got your question correctly

Code:

[root@master-wks3 ~]# ldapadd -v -x -D cn=ldapadm,dc=ng522,dc=state,dc=ia,dc=us -W -H ldapi:/// -f newhost_add.ldif

And

[root@master-wks3 ~]# cat /root/openldap/newhost_add.ldif
dn: cn=ia-client01,ou=profile,dc=ng522,dc=state,dc=ia,dc=us
objectClass: top
objectClass: DUAConfigProfile
defaultSearchBase: dc=ng522,dc=state,dc=ia,dc=us
preferredServerList: master-wks3-data.ng522.state.ia.us,master-wks3-data.ng522.state.ia.us
cn: ia-client01
searchTimeLimit: 30
bindTimeLimit: 10
defaultSearchScope: one
followReferrals: TRUE
serviceSearchDescriptor: group:ou=Group,?one?
serviceSearchDescriptor: shadow:ou=People,?one?
serviceSearchDescriptor: netgroup:ou=netgroup,?one?
serviceSearchDescriptor: sudoers:ou=SUDOers,?one?
serviceSearchDescriptor: passwd:ou=People,?one?isMemberOf=cn=ia-client01,ou=Hosts,dc=ng522,dc=state,dc=ia,dc=us
serviceSearchDescriptor: user_attr:ou=People,?one?isMemberOf=cn=ia-client01,ou=Hosts,dc=ng522,dc=state,dc=ia,dc=us
authenticationMethod: tls:simple
profileTTL: 43200
credentialLevel: proxy

dn: cn=ia-client01,ou=Hosts,dc=ng522,dc=state,dc=ia,dc=us
objectClass: groupOfNames
objectClass: top
objectClass: simpleSecurityObject
cn: ia-client01
member: cn=IDS-SA,ou=access,dc=ng522,dc=state,dc=ia,dc=us
member: cn=NE,ou=access,dc=ng522,dc=state,dc=ia,dc=us
member: cn=NSS,ou=access,dc=ng522,dc=state,dc=ia,dc=us
member: cn=WTA,ou=access,dc=ng522,dc=state,dc=ia,dc=us
userPassword: {SSHA}xxxxxxxxxxxxxxxxxx
[root@master-wks3 ~]#

Quote:

Originally Posted by Scrutinizer

Instead of init you can use ldapclient -v manual and simply specify the ldapclient configuration on the command line..

I missed your suggestion in above quote ? What command I should on client? Please suggest. Probably this ?

Code:

/usr/sbin/ldapclient -v manual -a proxyDN=cn=`hostname`,ou=hosts,dc=ng522,dc=state,dc=ia,dc=us -y /etc/ldap.secret -a domainName=ng522.state.ia.us -a profileName=`hostname` master-wks3-data
Parsing proxyDN=cn=ia-client01,ou=hosts,dc=ng522,dc=state,dc=ia,dc=us
Parsing domainName=ng522.state.ia.us
Parsing profileName=ia-client01
Arguments parsed:
        domainName: ng522.state.ia.us
        proxyDN: cn=ia-client01,ou=hosts,dc=ng522,dc=state,dc=ia,dc=us
        profileName: ia-client01
        proxyPassword: xxxxxxxxxxxxxxxxxx
        defaultServerList: master-wks3-data
Handling manual option
Manual failed: Missing required defaultSearchBase attribute.
-bash-3.2#

Last edited by Scrutinizer; 02-15-2019 at 01:53 AM.. Reason: Removed password / hash

solaris_1977

View Public Profile for solaris_1977

Find all posts by solaris_1977

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

changed .profile but didnt ./.profile, yet reflected changes

hi , i added ls -F to .profile. and i need to do ./.profile for the effect to take effect BUT i didnt and YET the next day when i came to work and log in, the changes took effect. i am on aix. please explain.. thanks

2. SCO

Difference between .profile and .~/.profile

what is the difference between these two lines, if we use it in korn shell script: .profile .~/.profile

3. AIX

openLDAP with Aix

hello I have a P570 with 3 partitions. These partitions are available, since 1 year. So there are a lot of users, files, etc, on these partition I must now install an openldap with Debian to manage all these users. But several pb: on LDAP, we are 1 iud for user and one home directory, 1 gid...

4. UNIX for Dummies Questions & Answers

difference between /etc/profile and .profile?

What is the difference between /etc/profile and .profile?

5. Red Hat

Need OpenLDAP Help

Hi, all: I'm studying for the RHCE and have hit the section on configuring an OpenLDAP client. I'd like to practice this, but I can't get an OpenLDAP server set up. I followed the directions in RedHat's Deployment Guide, and it looks like the server is up and running, but I can't get the...

6. Infrastructure Monitoring

trap in etc/profile and user .profile

Hello I really wonder what's trap in etc/profile and in each user .profile. I try to google for it but I think I have no luck. Mostly hit is SNMP traps which I think it is not the same thing. I want to know ... 1. What's a "trap 2 3" means and are there any other value I can set...

7. Solaris

OpenLDAP setup

At work I'm been givin the task to move are backend servers from NIS to LDAP. We have mostly Solaris 10 servers, as well as a few Redhat servers. I am going to use openLDAP as the LDAP server. I'm looking for a good how to guide on setting up the openLDAP server. Most of the docs I have found seem...

8. Solaris

Openldap configuration

I m using Intel solaris 10 version . I m trying to install openldap and used several documents and package versions . But every time I got CC PATH error and while I solved the CC issue , I got Barkley DB error . :wall: Is there any perticular site from where I can install and configure...

9. UNIX Desktop Questions & Answers

How can I replicate master master and master master MySQL databse replication and HA?

I have an application desigend in PHP and MySQl running on apache web server that I is running on a Amazon EC2 server Centos. I want to implement the master-master and master slave replication and high availability disaster recovery on this application database. For this I have created two...

LEARN ABOUT DEBIAN

zsync

zsync(1)							   File Transfer							  zsync(1)

NAME

       zsync - Partial/differential file download client over HTTP

SYNTAX

       zsync [ -u url ] [ -i inputfile ] [ -o outputfile ] [ { -s | -q } ] [ -k file.zsync ] [ -A hostname=username:password ] { filename | url }

       zsync -V

DESCRIPTION

       Downloads  a file over HTTP. zsync uses a control file to determine whether any blocks in the file are already known to the downloader, and
       only downloads the new blocks.

       Either a filename or a URL can be given on the command line - this is the path of the control file for the download, which normally has the
       name  of  the actual file to downlaod with .zsync appended. (To create this .zsync file you have to have a copy of the target file, so this
       file should be generated by the person providing the download).

       zsync downloads to your current directory. It looks for any file in the directory of the same name as the file to  download.  If  it  finds
       one,  it  assumes that this is an earlier or incomplete version of the new file to download, and scans this file for any blocks that it can
       use to build the target file. (It also looks for a file of the same name with .part appended, so  it  will  automatically  find	previously
       interrupted  zsync  downloads  and reuse the data already downloaded. If you know that the local file to use as input has a different name,
       you must use -i)

       zsync retrieves the rest of the target file over HTTP. Once the download is finished, the old version (if the new file wants the same name)
       is  moved  aside  (a  .zs-old extension is appended). The modification time of the file is set to be the same as the remote source file (if
       specified in the .zsync).

OPTIONS

       -A hostname=username:password
	      Specifies a username and password to be used with the given hostname. -A can be used multiple times (with different  hostnames),	in
	      cases where e.g. the
	       .zsync  file  is  on  a	different  server from the download, or there are multiple download servers (there could be different auth
	      details for different servers - and zsync never assumes that your password should be sent to a server other than	the  one  named  -
	      otherwise redirects would be dangerous!).

       -i inputfile
	      Specifies  (extra)  input  files.  inputfile  is scanned to identify blocks in common with the target file and zsync uses any blocks
	      found. Can be used multiple times.

       -k file.zsync
	      Indicates that zsync should save the zsync file that it downloads, with the given filename. If that file already exists, then  zsync
	      will  make  a  conditional  request to the web server, such that it will only download it again if the server's copy is newer. zsync
	      will append .part to the filename for storing it while it is downloading, and will only overwrite the main file once the download is
	      done - and if the download is interrupted, it will resume using the data in the .part file.

       -o outputfile
	      Override the default output file name.

       -q     Suppress the progress bar, download rate and ETA display.

       -s     Deprecated synonym for -q.

       -u url This  specifies  the  referring  URL.   If  you have a .zsync file locally (if you downloaded it separately, with wget, say) and the
	      .zsync file contains a relative URL, you need to specify where you got the .zsync file from so that zsync  knows	which  server  and
	      path to use for the rest of the download (this is analogous to adding a <base href="..."> to a downloaded web page to make the links
	      work).

       -V     Prints the version of zsync.

FILES

ENVIRONMENT VARIABLES

       http_proxy
	      Should be the [http://]hostname:port for your web proxy, if one is required to access the target web server(s).

EXAMPLES

       zsync -i /var/lib/apt/lists/server.debian.org_debian_dists_etch_main_binary-i386_Packages http://zsync.moria.org.uk/s/etch/Packages.zsync

AUTHORS

       Colin Phipps <cph@moria.org.uk>

SEE ALSO

       zsyncmake(1)

Colin Phipps							       0.6.2								  zsync(1)