[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: OpenLDAP + pgSQL
I would try including the back_sql module.
just my 2 cents
Dev Zero G disse:
> Hello,
>
> I try to explain the whole problem.
>
> I have FreeBSD 4.9-R, OpenLDAP 2.2.10-server and PostgreSQL 7.4
>
> Here's list of slapd.conf:
>
> #
> # See slapd.conf(5) for details on configuration options.
> # This file should NOT be world readable.
> #
> include /usr/local/etc/openldap/schema/core.schema
> include /usr/local/etc/openldap/schema/cosine.schema
> include /usr/local/etc/openldap/schema/corba.schema
> include /usr/local/etc/openldap/schema/inetorgperson.schema
> include /usr/local/etc/openldap/schema/java.schema
> #include /usr/local/etc/openldap/schema/krb5-kdc.schema
> #include /usr/local/etc/openldap/schema/kerberosobject.schema
> include /usr/local/etc/openldap/schema/misc.schema
> include /usr/local/etc/openldap/schema/nis.schema
> include /usr/local/etc/openldap/schema/openldap.schema
> include /usr/local/etc/openldap/schema/samba.schema
>
> # Define global ACLs to disable default read access.
>
> # Do not enable referrals until AFTER you have a working directory #
> service AND an understanding of referrals.
> #referral ldap://root.openldap.org
>
> pidfile /var/run/openldap/slapd.pid
> argsfile /var/run/openldap/slapd.args
>
> defaultsearchbase dc=some,dc=domain,dc=com
>
> # Load dynamic backend modules:
> modulepath /usr/local/libexec/openldap
> moduleload back_bdb.la
> moduleload back_ldap.la
> moduleload back_ldbm.la
> moduleload back_passwd.la
> moduleload back_shell.la
>
> # Timeout in seconds, 0 = never
> idletimeout 0
> threads 32
> # Debuging level, 0 = none
> loglevel 64
>
> access to *
> by self write
> by * read
> access to * by dn="cn=admin,dc=some,dc=domain,dc=com" write
>
> security ssf=1 update_ssf=112 simple_bind=64
>
> access to dn.base="" by * read
> access to dn.base="cn=Subschema" by * read
> access to *
> by self write
> by users read
> by anonymous auth
>
> allow bind_v2
>
> database sql
> suffix "dc=some,dc=domain,dc=com"
> rootdn "cn=admin,dc=some,dc=domain,dc=com"
> rootpw secret
> dbname pg_ldap
> dbuser test
> dbpasswd test
> lastmod off
> insentry_query "insert into ldap_entries
> (id,dn,oc_map_id,parent,keyval) values ((select max(id)+ upper_func
> "upper"
> strcast_func "text"
> concat_pattern "?||?"
> has_ldapinfo_dn_ru no
>
> #Specify ciphers
> TLSCipherSuite HIGH:MEDIUM:+SSLv2:+SSLv3
> #TLS keyfile locations
> TLSCertificateFile /etc/ldap/slapd_cert.pem
> TLSCertificateKeyFile /etc/ldap/slapd_key.pem
>
> #Sasl
> sasl-host localhost
>
> PostgreSQL configured by default.
>
> Here's what I have in logs:
> May 12 09:48:35 palladium-bsd slapd[287]: @(#) $OpenLDAP:
> slapd 2.2.10(May 11 2004 09:41:45) $
> root@palladium-bsd.ua.devzerog.com:/usr/ports/net/openldap22-server/work/openldap-2.2.10/servers/slapd
> May 12 09:48:35 palladium-bsd /kernel: May 12 09:48:35 palladium-bsd May
> 12 09:48:35 palladium-bsd slapd[287]: bdb_initialize: Sleepycat
> Software: Berkeley DB 4.2.52: (December 3, 2003)
> May 12 09:48:35 palladium-bsd /kernel: May 12 09:48:35 palladium-bsd
> slapd[287]: bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52:
> (December 3, 2003) May 12 09:48:35 palladium-bsd slapd[287]:
> bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December 3,
> 2003)
> May 12 09:48:35 palladium-bsd slapd[287]: line 44 (access to *
> by self write by * read)
> May 12 09:48:35 palladium-bsd /kernel: May 12 09:48:35 palladium-bsd
> slapd[287]: bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52:
> (December 3, 2003) May 12 09:48:35 palladium-bsd /kernel: May 12
> 09:48:35 palladium-bsd slapd[287]: line 44 (access to * by self
> write by * read) May 12 09:48:35 palladium-bsd slapd[287]: line
> 45 (access to * by
> dn="cn=admin,dc=some,dc=domain,dc=com" write)
> May 12 09:48:35 palladium-bsd slapd[287]: line 138 (database sql)
> May 12 09:48:35 palladium-bsd /kernel: May 12 09:48:35 palladium-bsd
> slapd[287]: line 140 (suffix "dc=some,dc=domain,dc=com")
> May 12 09:48:35 palladium-bsd /kernel: May 12 09:48:35 palladium-bsd
> slapd[287]: line 142 (rootdn "cn=root,dc=some,dc=domain,dc=com")
> May 12 09:48:35 palladium-bsd slapd[287]: line 144 (rootpw ***)
> May 12 09:48:35 palladium-bsd slapd[287]: line 145 (dbname
> pg_ldap) May 12 09:48:35 palladium-bsd slapd[287]: line 146 (dbuser
> test) May 12 09:48:35 palladium-bsd slapd[287]: line 147 (dbpasswd
> ***)
> May 12 09:48:35 palladium-bsd slapd[287]: line 148 (lastmod off)
> May 12 09:48:35 palladium-bsd slapd[287]: line 149 (insentry_query
> "insert into ldap_entries (id,dn,oc_map_id,parent,keyval) values
> ((select max(id)+1 from ldap_entries),?,?,?,?)") May 12 09:48:35
> palladium-bsd slapd[287]: line 150 (upper_func "upper") May 12
> 09:48:35 palladium-bsd slapd[287]: line 151 (strcast_func "text") May
> 12 09:48:35 palladium-bsd slapd[287]: line 152 (concat_pattern "?||?")
> May 12 09:48:35 palladium-bsd slapd[287]: line 153 (has_ldapinfo_dn_ru
> no) May 12 09:48:35 palladium-bsd slapd[287]: line 163
> (TLSCipherSuite HIGH:MEDIUM:+SSLv2:+SSLv3) May 12 09:48:35 palladium-bsd
> slapd[287]: line 165 (TLSCertificateFile /etc/ldap/slapd_cert.pem) May
> 12 09:48:35 palladium-bsd slapd[287]: line 166 (TLSCertificateKeyFile
> /etc/ldap/slapd_key.pem) May 12 09:48:35 palladium-bsd slapd[287]:
> line 169 (sasl-host localhost) May 12 09:48:35 palladium-bsd slapd[288]:
> backend_startup: bi_db_open(0) failed! (1) May 12 09:48:35 palladium-bsd
> slapd[288]: slapd stopped.
> May 12 09:48:35 palladium-bsd slapd[288]: connections_destroy: nothing
> to destroy.
>
> Any ideas?
>
> --
> Regards,
>
> Sergey
> Dev Zero G Ltd
> w: http://devzerog.com
> e: sergey.p@ua.devzerog.com
--
Luca Scamoni - e-mail: luca.scamoni@sys-net.it
SysNet snc - Via Dossi, 8 - 27100 Pavia Italy
IT Senior Consultant - mobile: +393471014425
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497
- References:
- OpenLDAP + pgSQL
- From: "Sergey Panchenko (Dev Zero G)" <sergey.p@ua.devzerog.com>