This is my first time at LDAP . I have setup an openldap on ubuntu machine and an ldap browser (phpldapadmin) on the remote system .I 'm trying to add two custom attributes to the cn=config and i get a successful message but if i see the attributes or the schema in the ldap browser its no where visible , please let me know where i'm going wrong . Below are the steps i have taken
1)Creating custom.schema file
#file to add custom schemas to the ldap
attributetype ( 1.7.11.1.1
NAME 'studentid'
DESC 'unique id given to each student of the college'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
attributetype ( 1.7.11.1.2
NAME 'pexpiry'
DESC 'indicated the date of password expiry'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
objectClass ( 1.7.11.1.1.100
NAME 'Studentinfo'
DESC 'Studentinfo object classes '
SUP top
AUXILIARY
MUST ( studentid $ pexpiry $
)
)
2)Create an ldif file
#ldif file containing the custom schema
dn: cn=custom,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: custom
olcAttributeTypes: ( 1.7.11.1.1
NAME 'studentid'
DESC 'unique id given to each student of the college'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
olcAttributeTypes: ( 1.7.11.1.2
NAME 'pexpiry'
DESC 'indicated the date of password expiry'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE )
olcObjectClasses: ( 1.7.11.1.1.100
NAME 'Studentinfo'
DESC 'Studentinfo object class '
SUP top
AUXILIARY
MUST ( studentid $ pexpiry $
)
)
3)Add the ldif file to the cn=config using the below command
ldapadd -x -h 192.168.2.3 -D "cn=admin,cn=config" -W -f ./custom.ldif
It first asks for password , i enter the password and i get the message as
Adding entry "cn=custom,cn=schema,cn=config"
But when i goto browser i don't see the schema nor the attributes there .I tried to add an user it said invalid attributes .
1] Add custom schema in slapd.conf and restart LDAP service.If Everything is ok service will start properly otherwise it will give error.
2] After this if possible use Apache Studio for browsing,i was also not able to see the custom object in other browsers.
Related
Bash script find a a tags in ECR repo:
aws ecr describe-images --repository-name laplacelab-backend-repo
\ --query 'sort_by(imageDetails,& imagePushedAt)[*]'
\--output json | jq -r '.[].imageTags'
Output:
[
"v1",
"sometag",
...
]
How I can extract the version number? v<number> can contain the only version tag. I need to get a number and increment version for the set to var. If output of sort_by(imageDetails,& imagePushedAt)[*] is empty JSON arr instead
[
{
"registryId": "057296704062",
"repositoryName": "laplacelab-backend-repo",
"imageDigest": "sha256:c14685cf0be7bf7ab1b42f529ca13fe2e9ce00030427d8122928bf2d46063bb7",
"imageTags": [
"v1"
],
"imageSizeInBytes": 351676915,
"imagePushedAt": 1593514683.0
}
]
Set 2
No one repo sort_by(imageDetails,& imagePushedAt)[*] return [] set 1.
As a result, I try to get var VERSION with next version for an update or 1 if the repo is empty.
You could use the select() function on the imageTags array and get only the tag starting with v and increment it.
jq '( .[].imageTags[] | select(startswith("v")) | ltrimstr("v") | tonumber | .+1 ) // 1'
For other cases like the tags array being empty or containing null strings (error case), the value defaults to 1
For storing into the variable e.g. say version (avoid using uppercase variable names from a user scripts), use command substitution. See How do I set a variable to the output of a command in Bash?
version=$( <your-pipeline> )
Note: This does not work well with version strings following Semantic versioning RFC, e.g. as v1.2.1 as jq does not have a library to parse them.
I'm installed OpenLDAP 2.4 to CentOS 6 server.
Added custom attributes and schema 'myUser':
dn: cn=my,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: my
objectClass: top
olcAttributeTypes: ( 331.332.333.1 NAME 'firstName' DESC 'First name of a person' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
olcAttributeTypes: ( 331.332.333.2 NAME 'privateEmail' DESC 'Private email of a person' SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 X-ORIGIN 'user defined' )
olcAttributeTypes: ( 331.332.333.3 NAME 'userOid' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
olcAttributeTypes: ( 331.332.339.4 NAME 'isTrusted' DESC 'Determines if user is trusted' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE X-ORIGIN 'user defined' )
olcAttributeTypes: ( 331.332.333.6 NAME 'gender' DESC 'Person gender (M,F or U)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
olcAttributeTypes: ( 331.332.333.8 NAME 'privatePhone' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
olcAttributeTypes: ( 331.332.333.9 NAME 'otpContact' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
olcAttributeTypes: ( 331.332.333.10 NAME 'otpAuthnFlag' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
olcAttributeTypes: ( 331.332.333.11 NAME 'lastName' DESC 'Last name of a person' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
olcAttributeTypes: ( 2.16.840.1.113730.3.1.610 NAME 'nsAccountLock' DESC 'Operational attribute for Account Inactivation' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
olcObjectClasses: ( 331.332.333.12 NAME 'myUser' DESC 'user for my entity' SUP top STRUCTURAL MUST ( uid $ isTrusted $ nsAccountLock $ firstName ) MAY ( lastName $ userPassword $ privateEmail $ otpContact $ otpAuthnFlag $ privatePhone $ userOid ) X-ORIGIN 'user defined' )
Trying to add the index and get the error:
# ldapadd -x -W -D cn=config -f /opt/index.ldif
Enter LDAP Password:
modifying entry "olcDatabase={2}bdb, cn=config"
ldap_modify: Other (e.g., implementation specific) error (80)
additional info: equality index of attribute "privateEmail" disallowed
My index.ldif:
dn: olcDatabase={2}bdb, cn=config
changetype: modify
add: olcDbIndex
olcDbIndex: privateEmail eq
olcDbIndex: privatePhone eq
You're using the wrong syntax OID for privateEmail. The one you're using is for Postal Addresses, and it doesn't support indexing. See RFC 4517.
You should be using 1.3.6.1.4.1.1466.115.121.1.26 as per RFC 2798. Check the others for sanity as well.
I' following a symfony2 tutorial and I've problems with one step.
Tutorial link: http://intelligentbee.com/blog/2013/08/12/symfony2-jobeet-day-6-more-with-the-model/
I'm in 'Refactoring' step. I've one this 3 steps:
1- I've correctly modified /src/Ibw/JobeetBundle/Resources/config/doctrine/Job.orm.yml file specifiying the repository
2- I've run the command: php app/console doctrine:generate:entities IbwJobeetBundle
3- And I've added the specified tutorial function por JobRepository.php
$qb = $this->createQueryBuilder('j')
->where('j.expires_at > :date')
->setParameter('date', date('Y-m-d H:i:s', time()))
->orderBy('j.expires_at', 'DESC');
BUT when I refresh my code I get this error:
An exception occurred while executing 'SELECT j0_.id AS id0, j0_.type
AS type1, j0_.company AS company2, j0_.logo AS logo3, j0_.url AS url4,
j0_.position AS position5, j0_.location AS location6, j0_.description
AS description7, j0_.how_to_apply AS how_to_apply8, j0_.token AS
token9, j0_.is_public AS is_public10, j0_.is_activated AS
is_activated11, j0_.email AS email12, j0_.expires_at AS expires_at13,
j0_.created_at AS created_at14, j0_.updated_at AS updated_at15,
j0_.category_id AS category_id16 FROM Job j0_ WHERE j0_.expires_at > ?
ORDER BY j0_.expires_at DESC' with params ["2016-03-17 15:47:19"]:
SQLSTATE[42S02]: Base table or view not found: 1146 Table 'jobeet.Job'
doesn't exist
In the symfony profiler I can see the full query:
SELECT j0_.id AS id0, j0_.type AS type1, j0_.company AS company2,
j0_.logo AS logo3, j0_.url AS url4, j0_.position AS position5,
j0_.location AS location6, j0_.description AS description7,
j0_.how_to_apply AS how_to_apply8, j0_.token AS token9, j0_.is_public
AS is_public10, j0_.is_activated AS is_activated11, j0_.email AS
email12, j0_.expires_at AS expires_at13, j0_.created_at AS
created_at14, j0_.updated_at AS updated_at15, j0_.category_id AS
category_id16 FROM Job j0_ WHERE j0_.expires_at > '2016-03-17
15:47:19' ORDER BY j0_.expires_at DESC
the table name it's in uppercase! 'Job', not 'job'
Any can help me, please?
You can try by modifying the entity definition in Job.orm.yml by adding the table attribute:
IbwJobeetBundleEntityJob:
type: entity
table: job
repositoryClass: IbwJobeetBundleRepositoryJobRepository
Working with Riak 1.4.7
I have a document that has a property that is an array of embedded documents. Here is a sample of the document:
{"prospect":true, "name":"HzNUeioPYynsGdXL6iSFvQ",
"contact_email":"contact#HzNUeioPYynsGdXL6iSFvQ.gr",
"e_shops":[{"store_url":"www.store.url.com","display_name":"hello there"},
{"store_url":"www.store2.url.com","display_name":"hello2 there"}]
}
The corresponding bucket has index enabled and works fine. For example, the following search command locate the object without problem:
search-cmd search index_name contact_email:contact#HzNUeioPYynsGdXL6iSFvQ.gr
The question here is how can I search by the store_url for example.
store_url is a property of an embedded document which, in turn, is an element of an array property of the main document.
1) Do I have to specify a custom schema file in order for the index to index these properties?
2) Do I have to query using some kind of special syntax?
The default JSON extractor should handle that case by joining all of the values in the array in a space separated list. Nested names are handled by joining them with an underscore. So in this case, the field e_shops_store_url would contain www.store.url.com www.store2.url.com. You can query that field normally.
I ran a quick example to demonstrate:
root#node1:~# search-cmd install searchtest
:: Installing Riak Search <--> KV hook on bucket 'searchtest'.
root#node1:~# curl 172.31.0.1:8098/buckets/searchtest/keys/test1 \
-XPUT -H"content-type:application/json" \
-d '{"prospect":true, "name":"HzNUeioPYynsGdXL6iSFvQ",
> "contact_email":"contact#HzNUeioPYynsGdXL6iSFvQ.gr",
> "e_shops":[{"store_url":"www.store.url.com","display_name":"hello there"},
> {"store_url":"www.store2.url.com","display_name":"hello2 there"}]
> }'
root#node1:~# curl 172.31.0.1:8098/buckets/searchtest/keys/test2 \
-XPUT -H"content-type:application/json" \
-d '{"prospect":true, "name":"-HzNUeioPYynsGdXL6iSFvQ",
>"contact_email":"contact#-HzNUeioPYynsGdXL6iSFvQ.gr",
>"e_shops":[{"store_url":"www.store.url.com","display_name":"hello there"},
> {"store_url":"www.store3.url.com","display_name":"hello3 there"}]
>}'
root#node1:~# search-cmd search-doc searchtest e_shops_store_url:www.store.url.com
:: Searching for 'e_shops_store_url:www.store.url.com' / '' in searchtest...
------------------------------
index/id: searchtest/test1
<<"contact_email">> => <<"contact#HzNUeioPYynsGdXL6iSFvQ.gr">>
<<"e_shops_display_name">> => <<"hello there hello2 there">>
<<"e_shops_store_url">> => <<"www.store.url.com www.store2.url.com">>
<<"name">> => <<"HzNUeioPYynsGdXL6iSFvQ">>
<<"prospect">> => <<"true">>
------------------------------
index/id: searchtest/test2
<<"contact_email">> => <<"contact#-HzNUeioPYynsGdXL6iSFvQ.gr">>
<<"e_shops_display_name">> => <<"hello there hello3 there">>
<<"e_shops_store_url">> => <<"www.store.url.com www.store3.url.com">>
<<"name">> => <<"-HzNUeioPYynsGdXL6iSFvQ">>
<<"prospect">> => <<"true">>
------------------------------
:: Found 2 results.
:: Maximum score "0.353553".
When I try to add a user on OpenLDAP 2.4.32 using ldapmodify which has a german umlaut I get a ldap syntax error
ldapmodify.exe" -a -x -H ldap://localhost -D %LDAP_ROOT% -w %LDAP_SECRET%
dn:uid=aöich,ou=Users,dc=cricbox,dc=in
changetype: add
objectClass:person
objectClass:inetOrgPerson
objectClass:organizationalPerson
uid:aöich
cn:aöich
sn:aöich
ldap_add: Invalid DN syntax (34)
additional info: invalid DN
How to add a user with german mmlaut character on OpenLDAP server ?
Check if your databank schema supports Unicode. Check LDAP documentation here:
attributeType ( 2.5.4.41 NAME 'name'
DESC 'name(s) associated with the object'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
attributeType ( 2.5.4.3 NAME ( 'cn' 'commonName' )
DESC 'common name(s) assciated with the object'
SUP name )
Your attributes should contain:
directoryString 1.3.6.1.4.1.1466.115.121.1.15 Unicode (UTF-8) string