[Date Prev][Date Next] [Chronological] [Thread] [Top]

Problem with ldapadd, SASL, KRB using LDAPv3 from Turbo Fredrikson



  Hello !

     My Platform : RHat 7.2 (with updated SASL...)

	I followed Turbo's howto about LDAP/SSL/KRB... (thanx a lot and
congratulation to him)

	I've done a fresh install on a new server with no entries into LDAP
directory.
	All the tests described in this howto were successful (with ldapsearch...)

	The problem i have is to insert entries into LDAP.

	when i do:
				 kinit ldapadm
						...
				 ldapadd -I -f ldif_base.txt

	the answer is :


			SASL/GSSAPI authentication started
			SASL Interaction
			Please enter your authorization name: [ENTER]
			SASL SSF: 56
			SASL installing layers
			adding new entry "dc=voie,dc=lactee"
			ldap_add: Insufficient access

			ldif_record() = 50

____________________________________________________________
MY SLAPD.CONF file

# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.7 2001/09/27 20:00:31
kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include		/etc/openldap/schema/core.schema
include		/etc/openldap/schema/cosine.schema
include		/etc/openldap/schema/inetorgperson.schema
include		/etc/openldap/schema/nis.schema
include		/etc/openldap/schema/redhat/rfc822-MailMember.schema
include		/etc/openldap/schema/redhat/autofs.schema
include		/etc/openldap/schema/redhat/kerberosobject.schema
include		/etc/openldap/schema/krb5-kdc.schema

schemacheck on

TLSCertificateFile	/etc/openldap/server.pem
TLSCertificateKeyFile	/etc/openldap/server.pem
TLSCACertificateFile	/etc/openldap/server.pem

sasl-realm	VOIE.LACTEE
sasl-host	kerberos.voie.lactee


#######################################################################
# ldbm database definitions
#######################################################################

database	ldbm
suffix		"dc=voie, dc=lactee"
directory	"/var/lib/ldap/voielactee"

# sauvegarde de l'heure à laquelle les entrées sont modifiées
lastmod		on

# Indexes
index		default pres,eq
index		objectClass,uid,uidnumber,gidnumber,cn
index		mail eq
# Gestion des droits d'accès dans un fichier à part...

include         "/etc/openldap/slapd.access"

____________________________________________________________________________
_
My SLAPD.ACCESS (i know, very simple but i'm trying to find the answer)

# Fichier de configuration des ACL
# sur les entrées de l'annuaire LDAP

# The admin dn has full write access
access to *
        by dn="uid=ldapadm.+\+realm=VOIE.LACTEE" write
        by * read


___________________________________________________________________
My LDIF_BASE.LDIF file   (very simple also....)

dn: dc=voie,dc=lactee
objectClass: organization
objectClass: dcObject
o: voie lactee
dc: voie


Thanx for your support !