peercred

I have a working OpenLDAP installation initialized with LDIF. I want to populate the same data in osixia/docker-openldap. Data are loaded but only admin can see them. The users from LDIF cannot see their own branch.

extend-osixia-openldap\environment\my-env.startup.yaml

I'm using CentOs 7.x 64 bit version to set up openLdap. I want to use the memberof overlay to show on a user what groups they are members of. My understanding was that with memberof and refint overlays active the Openldap server automatically maintains the memberof property on users and ensures it is consistent with actual memberships. However, it is not doing this at all. I can set the memberof property manually but it does not have to be consistent and it is not being maintained automatically.

Question is: Am I right in my understanding of how it should work and how do I get it working?

My main requirement is it shows the memberships accurately. if I could manipulate the memberships via memberof that would be good, but it's not essential.

Details

I did it in the following steps:

1. Create a person in the people group, with objectClass 'inetOrgPerson' and 'person'. And named 'Joe'
2. Create a group that is 'groupOfNames', named 'agent'. And with member attribute with value 'uid=joe,ou=people,dc=company,dc=com'

Now when I looked into person 'Joe', I couldn't find the 'memberOf' attribute with 'showing organisational attribute' enabled in Apache ldap studio. And with the following command line searching, also can't find the group.

I followed RHEL7: Configure a LDAP directory service for user connection to configure openldap on CentOS Linux release 7.

First I create the /etc/openldap/changes.ldif file and paste the content with replacing the password of course with the previously created password.

Then I get to send the new configuration to the slapd server using the command

I'm new to LDAP's, but have an openLDAP config which I have moved to using olc instead of the slapd.conf.

When I run the command

ldapsearch -H ldap:// -x -s base -b "" -LLL "configContexts"

I get the empty result dn:

Does this suggest the config isn't working? I was unable to use the -H to authenticate until I imported an ldif setting {1}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break into olcDatabase={0}config under olcAccess, so I think that was done correctly. But now that I add other ACL's, none of them seem to take.

Is the empty result from the configContexts command a concern?

This is all to get something like the following to work so I can set admins over the LDAP.

{3}to * by dn.exact=uid=myadminaccount,dc=domain,dc=com manage by * break

I am trying to add ssl certificates in olcTLSCertificateFile.

I have a LDAP database, imported from this LDIF:

I am new at LDAP and searched for adding simple objectClass and Attributes but still getting an error, I would like to have an object 'adminFunc' with a simple string attribute 'functionId' so I copied adminFunc.schema and adminFunc.ldif to the schema folder:

adminFunc.schema:

I have succesfully replicated Zimbra LDAP server to standalone OpenLDAP server. I plan to use the replicated server as central LDAP server for our internal application authentication service.

Steps that I follow to replicate Zimbra LDAP are: 1. Install new OpenLDAP server. 2. Copy all schema definition from Zimbra to new server 3. Add new database with olcSuffix: "" and add replication and other configs:

I have been trying to apply this dlif to my openldap server: