There are new versions of openldap-2.3.27-4.el4.centos in the testing repository for i386 and x86_64. http://wiki.centos.org/Repositories (for info on the testing repository) This version of openldap is the current version in RHEL5B2 and Fedora Core 6. The purpose of this build is that I modified openldap to produce the smbk5pwd overlay from the contrib directory in the openldap source. smbk5pwd is an openldap module/overlay that keeps a Samba PDC's LDAP passwords in sync regardless of if the change is made via LDAP (ldappasswd), windows (usually smbpasswd), or Unix (passwd). If any of the 3 LDAP passwords are modified, the overlay modifies all three ... keeping them in sync. I have tested this version on 3 servers in a test environment on i386. Instructions on how to setup the slapd.conf file are included in /usr/share/doc/openldap-servers-xxxx/README.smbk5pwd This version requires you to upgrade your databases if you are using a bdb backend ... you need to save your data before you upgrade .. something like this: cd service ldap stop slapcat > slapcat.out upgrade RPMS cd /var/lib/ldap remove all old databases make sure you have a DB_CONFIG file in /var/lib/ldap modify your /etc/openldap/slapd.conf file to point to these (they used to be in /var/run with no openldap dir): pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.args also add this index to slap.conf: index uniqueMember pres see the above listed README file if you want to add smbk5pwd slapadd ~/slapcat.out chown -R ldap.ldap /var/lib/ldap slaptest slapindex -v service ldap start ------------------------------------ Thanks, Johnny Hughes -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20061225/0e2aebc3/attachment-0006.sig>