[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Are my ldapadd and ldapsearch accessing the DB ?



My excellent friend Peter,

I don't know how to thank you !! It worked !! I couldn't ever imagine that the "referrral" line was creating all the problem. We were running an earlier version of ldap and we had the referral value specified and we had no problems. I think the latest version has these restrictions.

I finally saw the comments in the slapd.conf file above where the referral is specified and they say that the option should not be used unless it is required and the user understands how it works. That should have been enough hint, but...

Anyways, thanks a million.
~suraj

----Original Message Follows----
From: Peter Marschall <peter.marschall@mayn.de>
To: "dyood ." <dyood@hotmail.com>
CC: OpenLDAP-software@OpenLDAP.org
Subject: Re: Are my ldapadd and ldapsearch accessing the DB ?
Date: Mon, 15 Jul 2002 22:00:58 +0200

Hi,

I would assume the entries aren't there if an ldapsearch cannot find them

I don't know exactly the reason, but maybe I have a few hints:
* Leave out the spaces from the suffixes in the slapd.conf file
  (i.e. "o=dsm.ics.uci.edu,c=US" instead of "o=dsm.ics.uci.edu, c=US")
* Leave out the refferal statement until you need it
  (I haven't used referrals yet)
* Try to add the first few entries using slapadd.
  (This is what I did with my DB)

Yours
Peter

On Monday 15 July 2002 21:16, you wrote:
> Hi Peter,
>
> I have specified the suffix in the configuration file, so when the
> application makes the call, it should be for adding the entry below the
> suffix node.
>
> **********************************************************************
> The important question though is.....on giving the ldapadd command, I get
> to see the lines "ldap_add: Referral" & "ldif_record() = 10" in the output.
> WHAT DO THESE TWO LINES INDICATE ? Is it a successful add ?? The subsequent
> ldapsearch command (details below) doesn't output the entries specified in
> the ldif file. WHERE AND WHAT MIGHT BE THE PROBLEM ?
> **********************************************************************
>
> I used ldapadd to add entries from a ldif file. The ldif file is :
> _______________________________________________________________________
> dn: o=dsm.ics.uci.edu,c=US
> objectclass: dcObject
> objectclass: organization
> dc: dsm.ics.uci.edu
> o: dsm.ics.uci.edu
> description: DSM Group
>
> dn: cn=Manager,o=dsm.ics.uci.edu,c=US
> objectclass: organizationalRole
> cn: Manager
> description: Directory Manager
> _______________________________________________________________________
>
> And here is the result from the ldapadd and sunsequent ldap search
> commands.
> _______________________________________________________________________
> dsm-surajn@agastya% ./ldapadd -h agastya.ics.uci.edu -p 3089 -f
> composeldif.ldif -x -D "cn=Manager,o=dsm.ics.uci.edu,c=US" -w secret
> adding new entry "o=dsm.ics.uci.edu,c=US"
> ldap_add: Referral
>
> ldif_record() = 10
> dsm-surajn@agastya% ./ldapsearch -h agastya.ics.uci.edu -p 3089 -x -b
> 'o=dsm.ics.uci.edu,c=US' '(objectclass=*)'
> version: 2
>
> #
> # filter: (objectclass=*)
> # requesting: ALL
> #
>
> # search result
> search: 2
> result: 10 Referral
> ref: ldap://oops.i.did.it.again
>
> # numResponses: 1
> dsm-surajn@agastya%
> _______________________________________________________________________
>
> Any kind of help on this would be highly appreciated. Thanks,
> ~suraj
>
> ----Original Message Follows----
> From: Peter Marschall <peter.marschall@mayn.de>
> To: "dyood ." <dyood@hotmail.com>
> CC: OpenLDAP-software@OpenLDAP.org
> Subject: Re: Are my ldapadd and ldapsearch accessing the DB ?
> Date: Sat, 13 Jul 2002 12:46:54 +0200
>
> Hi,
>
> does the application create the objects below the suffix you gave in
> your database definition.
> If this is not the case, the server tells the client to whom to refer to
> if a referral clause is given.
> Have you tried adding objects by hand using LDIF ?
> Did this work ?
>
> Yours
> PEter
>
> On Friday 12 July 2002 20:40, you wrote:
> > Hi again..here is some more information that might be of help.
> >
> > After installing and setting up the openldap server, I ran a application
> > program (Directory.java) that creates actor objects and registers them
> > (their actor ids and actor attributes) at the ldap server. The error
> > message I get is that the attributes are not being added to the ldap
> > server. The exact error message is as below
> > ______________________________________________________________________
> > Directory: AddActor Error : netscape.ldap.LDAPReferralException:
> > referral (9); Referral:
> > ldap://oops.i.did.it.again; Partial results and referral received
> > ______________________________________________________________________
> >
> > I have re-installed the Berkeley DB several times and the same goes with
> > the openldap software. Each time following the respective quick start
> > guides to the letter !! But with this referral error, I'm quite lost. I
> > can't figure out where to start to look from coz all I want is a stand
> > alone ldap server and thatz what I have (I think) specified in the
> > slapd.conf file.
> >
> > So, even if anybody can hint/suggest where the possible error might be,
> > I can atleast explore all possibilities. Right now, I don't know where
> > to begin with. So, please let me know .... would be pretty grateful.
> >
> > herez my slapd.conf file once again :
> > ______________________________________________________________________
> > # $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.7 2001/09/27
> > 20:00:31 kurt Exp $
> > #
> > # See slapd.conf(5) for details on configuration options.
> > # This file should NOT be world readable.
> > #
> > include /extra/mayur0/sw/pub/openldap/etc/openldap/schema/core.schema
> > include /extra/mayur0/sw/pub/openldap/etc/openldap/schema/local.schema
> > schemacheck off
> > # Do not enable referrals until AFTER you have a working directory
> > # service AND an understanding of referrals.
> > referral ldap://oops.i.did.it.again
> > pidfile /extra/mayur0/sw/pub/openldap/var/slapd.pid
> > argsfile /extra/mayur0/sw/pub/openldap/var/slapd.args
> > # Load dynamic backend modules:
> > # modulepath /extra/mayur0/sw/pub/openldap/libexec/openldap
> > # moduleload back_ldap.la
> > # moduleload back_ldbm.la
> > # moduleload back_passwd.la
> > # moduleload back_shell.la
> > #
> > # Sample Access Control
> > # Allow read access of root DSE
> > # Allow self write access
> > # Allow authenticated users read access
> > # Allow anonymous users to authenticate
> > #
> > #access to dn="" by * read
> > #access to *
> > # by self write
> > # by users read
> > # by anonymous auth
> > #
> > # if no access controls are present, the default is:
> > # Allow read by all
> > #
> > # rootdn can always write!
> > #######################################################################
> > # ldbm database definitions
> > #######################################################################
> > database ldbm
> > suffix "o=dsm.ics.uci.edu, c=US"
> > # The database directory MUST exist prior to running slapd AND
> > # should only be accessible by the slapd/tools. Mode 700 recommended.
> > directory /extra/mayur0/sw/pub/bDB
> > # Cache Size
> > cachesize 100000
> > dbcachesize 1000000
> > # Indices to maintain
> > index default pres,eq
> > #index objectClass
> > # Disable DB sync
> > dbcacheNoWsync
> > rootdn "cn=Manager, o=dsm.ics.uci.edu, c=US"
> > # Cleartext passwords, especially for the rootdn, should
> > # be avoid. See slappasswd(8) and slapd.conf(5) for details.
> > # Use of strong authentication encouraged.
> > rootpw "secret"
> > ______________________________________________________________________
> >
> > thanks a lot again,
> > ~suraj


--
Peter Marschall     |   eMail: peter.marschall@mayn.de
Scheffelstraße 15   |          peter.marschall@is-energy.de
97072 Würzburg      |   Tel:   0931/14721
PGP:  D7 FF 20 FE E6 6B 31 74  D1 10 88 E0 3C FE 28 35




_________________________________________________________________
MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx