Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # grep -ir "ssf" /etc/openldap/
- /etc/openldap/slapd.d/cn=config.ldif:olcLocalSSF: 71
- /etc/openldap/slapd.d/cn=config/cn=schema.ldif:olcAttributeTypes: ( OLcfgGlAt:26 NAME 'olcLocalSSF' SYNTAX OMsInteger SINGLE-
- /etc/openldap/slapd.d/cn=config/cn=schema.ldif: peername, or ssf' EQUALITY caseIgnoreMatch SYNTAX OMsDirectoryString )
- /etc/openldap/slapd.d/cn=config/cn=schema.ldif: p $ olcIndexIntLen $ olcLocalSSF $ olcLogFile $ olcLogLevel $ olcPasswordCryp
- /etc/openldap/schema/ppolicy.schema:# successful authentication occurred.
- /etc/openldap/schema/ppolicy.schema:# counter is only reset by a successful authentication.
- /etc/openldap/ldap.conf:nss_map_attribute homeDirectory msSFU30HomeDirectory
- # grep -ir "tlscipher" /etc/openldap/
- /etc/openldap/slapd.d/cn=config/cn=schema.ldif:olcAttributeTypes: ( OLcfgGlAt:72 NAME 'olcTLSCipherSuite' SYNTAX OMsDirectory
- /etc/openldap/slapd.d/cn=config/cn=schema.ldif: teKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ olcTLSRandFile $ olcTLSVerif
- # ldd /usr/bin/ldapsearch
- linux-vdso.so.1 => (0x00007fff0571b000)
- libldap-2.4.so.2 => /lib64/libldap-2.4.so.2 (0x00000033b0200000)
- liblber-2.4.so.2 => /lib64/liblber-2.4.so.2 (0x00000033b0e00000)
- libsasl2.so.2 => /usr/lib64/libsasl2.so.2 (0x0000003296200000)
- libcrypt.so.1 => /lib64/libcrypt.so.1 (0x0000003291a00000)
- libresolv.so.2 => /lib64/libresolv.so.2 (0x0000003286e00000)
- libssl3.so => /usr/lib64/libssl3.so (0x0000003294a00000)
- libsmime3.so => /usr/lib64/libsmime3.so (0x00000033b0a00000)
- libnss3.so => /usr/lib64/libnss3.so (0x0000003292e00000)
- libnssutil3.so => /usr/lib64/libnssutil3.so (0x0000003293a00000)
- libplds4.so => /lib64/libplds4.so (0x0000003293200000)
- libplc4.so => /lib64/libplc4.so (0x0000003293600000)
- libnspr4.so => /lib64/libnspr4.so (0x0000003293e00000)
- libc.so.6 => /lib64/libc.so.6 (0x0000003284e00000)
- libdl.so.2 => /lib64/libdl.so.2 (0x0000003285600000)
- libfreebl3.so => /lib64/libfreebl3.so (0x0000003290600000)
- libpthread.so.0 => /lib64/libpthread.so.0 (0x0000003285a00000)
- libz.so.1 => /lib64/libz.so.1 (0x0000003285e00000)
- /lib64/ld-linux-x86-64.so.2 (0x0000003284a00000)
- # ldd /usr/sbin/slapd
- linux-vdso.so.1 => (0x00007fff45b18000)
- libltdl.so.7 => /usr/lib64/libltdl.so.7 (0x00007f72f5dc7000)
- libdb-4.7.so => /lib64/libdb-4.7.so (0x00007f72f5a53000)
- libsasl2.so.2 => /usr/lib64/libsasl2.so.2 (0x00007f72f5838000)
- libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007f72f5601000)
- libresolv.so.2 => /lib64/libresolv.so.2 (0x00007f72f53e7000)
- libssl3.so => /usr/lib64/libssl3.so (0x00007f72f51aa000)
- libsmime3.so => /usr/lib64/libsmime3.so (0x00007f72f4f7e000)
- libnss3.so => /usr/lib64/libnss3.so (0x00007f72f4c43000)
- libnssutil3.so => /usr/lib64/libnssutil3.so (0x00007f72f4a1c000)
- libplds4.so => /lib64/libplds4.so (0x00007f72f4818000)
- libplc4.so => /lib64/libplc4.so (0x00007f72f4613000)
- libnspr4.so => /lib64/libnspr4.so (0x00007f72f43d5000)
- libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f72f41b8000)
- libwrap.so.0 => /lib64/libwrap.so.0 (0x00007f72f3fad000)
- libc.so.6 => /lib64/libc.so.6 (0x00007f72f3c1a000)
- libdl.so.2 => /lib64/libdl.so.2 (0x00007f72f3a16000)
- libfreebl3.so => /lib64/libfreebl3.so (0x00007f72f37b4000)
- libz.so.1 => /lib64/libz.so.1 (0x00007f72f359d000)
- /lib64/ld-linux-x86-64.so.2 (0x0000003284a00000)
- libnsl.so.1 => /lib64/libnsl.so.1 (0x00007f72f3384000)
- # cat /etc/openldap/ldap.conf
- base dc=my,dc=domain
- timelimit 120
- bind_timelimit 120
- idle_timelimit 3600
- nss_base_passwd ou=comptes,dc=my,dc=domain
- nss_base_group ou=comptes,dc=my,dc=domain
- nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman
- nss_map_objectclass posixAccount User
- nss_map_attribute homeDirectory msSFU30HomeDirectory
- nss_map_objectclass posixGroup Group
- scope sub
- suffix "dc=my,dc=domain"
- ssl no # I also tried "yes"
- URI ldaps://master:636
- BASE dc=nomeris,dc=int
- tls_cacertdir /etc/openldap/certs
- TLS_REQCERT allow
Add Comment
Please, Sign In to add comment