[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: new slapd.d configuration format and Invalid DN syntax (34)

To: "Howard Chu" <hyc@symas.com>
Subject: Re: new slapd.d configuration format and Invalid DN syntax (34)
From: "Samuel Tran" <stran@amnh.org>
Date: Fri, 26 Aug 2005 19:03:19 -0400 (EDT)
Cc: "Samuel Tran" <stran@amnh.org>, "openldap" <openldap-software@OpenLDAP.org>
Importance: Normal
In-reply-to: <430F8AAF.2060305@symas.com>
References: <1125069919.24389.24.camel@mistral> <1125086872.24389.40.camel@mistral> <430F8AAF.2060305@symas.com>
User-agent: SquirrelMail/1.4.4

> Samuel Tran wrote:
>>  On Fri, 2005-08-26 at 11:25 -0400, Samuel Tran wrote:
>> > Hi all,
>> >
>> > I am testing OL 2.3.6 + BerkeleyDB 4.2.52 on Debian Sarge boxes.
>> >
>> > I am a little bit confused on the new slapd.d configuration format.
>> >
>> >
>> > I have a slapd.conf file that is working with my setup. I converted
>> > it to the new slapd.d format using this command:
>> >
>> > /usr/local/libexec/slapd -f /etc/openldap/slapd.conf -F
>> > /etc/openldap/slapd.d
>> >
>> > I re-started slapd using slapd.d: /usr/local/libexec/slapd -d 255
>> > -u ldap -F /etc/openldap/slapd.d -4
>
>>  Any hints?
>
> You're running slapd as "-u ldap" but you didn't specify that when
> converting the config format. Are the permissions in slapd.d correct?
>

Here are the permissions on slapd.d and subfolders:

stran@info-ldap-001:/etc/openldap$ ls -ald slapd.d
drwxr-xr-x  3 ldap ldap 1024 2005-08-26 10:52 slapd.d
stran@info-ldap-001:/etc/openldap$ ls -al slapd.d
total 4
drwxr-xr-x  3 ldap ldap 1024 2005-08-26 10:52 .
drwxr-xr-x  6 root root 1024 2005-08-26 10:52 ..
drwxr-x---  3 ldap ldap 1024 2005-08-26 10:52 cn=config
-rw-------  1 ldap ldap  839 2005-08-26 10:52 cn=config.ldif
stran@info-ldap-001:/etc/openldap$ sudo ls -al slapd.d/*
-rw-------  1 ldap ldap  839 2005-08-26 10:52 slapd.d/cn=config.ldif

slapd.d/cn=config:
total 58
drwxr-x---  3 ldap ldap  1024 2005-08-26 10:52 .
drwxr-xr-x  3 ldap ldap  1024 2005-08-26 10:52 ..
-rw-------  1 ldap ldap   144 2005-08-26 10:52 cn=include{0}.ldif
-rw-------  1 ldap ldap   149 2005-08-26 10:52 cn=include{10}.ldif
-rw-------  1 ldap ldap   146 2005-08-26 10:52 cn=include{1}.ldif
-rw-------  1 ldap ldap   153 2005-08-26 10:52 cn=include{2}.ldif
-rw-------  1 ldap ldap   143 2005-08-26 10:52 cn=include{3}.ldif
-rw-------  1 ldap ldap   144 2005-08-26 10:52 cn=include{4}.ldif
-rw-------  1 ldap ldap   148 2005-08-26 10:52 cn=include{5}.ldif
-rw-------  1 ldap ldap   155 2005-08-26 10:52 cn=include{6}.ldif
-rw-------  1 ldap ldap   148 2005-08-26 10:52 cn=include{7}.ldif
-rw-------  1 ldap ldap   151 2005-08-26 10:52 cn=include{8}.ldif
-rw-------  1 ldap ldap   153 2005-08-26 10:52 cn=include{9}.ldif
drwxr-x---  2 ldap ldap  1024 2005-08-26 10:52 cn=schema
-rw-------  1 ldap ldap 36319 2005-08-26 10:52 cn=schema.ldif
-rw-------  1 ldap ldap   199 2005-08-26 10:52 olcDatabase={0}config.ldif
-rw-------  1 ldap ldap  4378 2005-08-26 10:52 olcDatabase={1}bdb.ldif
-rw-------  1 ldap ldap   296 2005-08-26 10:52 olcDatabase={-1}frontend.ldif

Content of /etc/openldap/slapd.d/cn=config.ldif:

stran@info-ldap-001:/etc/openldap$ sudo cat slapd.d/cn\=config.ldif
dn: cn=config
objectClass: olcGlobal
cn: config
olcConfigFile: /etc/openldap/slapd.conf
olcConfigDir: /etc/openldap/slapd.d
olcAllows: bind_v2
olcAuthzPolicy: none
olcConcurrency: 0
olcConnMaxPending: 100
olcConnMaxPendingAuth: 1000
olcDefaultSearchBase: dc=example,dc=com
olcGentleHUP: FALSE
olcIdleTimeout: 0
olcIndexSubstrIfMaxLen: 4
olcIndexSubstrIfMinLen: 2
olcIndexSubstrAnyLen: 4
olcIndexSubstrAnyStep: 2
olcLocalSSF: 71
olcLogLevel: Any
olcPasswordHash: {SSHA}
olcPidFile: /var/tmp/slapd.pid
olcReadOnly: FALSE
olcReplicationInterval: 0
olcReverseLookup: FALSE
olcSaslSecProps: noplain,noanonymous
olcSizeLimit: 5000
olcSockbufMaxIncoming: 524288
olcSockbufMaxIncomingAuth: 16777215
olcThreads: 16
olcTLSCACertificateFile: /etc/openldap/certs/cacert.pem
olcTLSCRLCheck: none
olcTLSVerifyClient: never
structuralObjectClass: olcGlobal

Content of cn=config/olcDatabase={0}config.ldif:

stran@info-ldap-001:/etc/openldap$ sudo cat
slapd.d/cn\=config/olcDatabase={0}config.ldif
dn: olcDatabase={0}config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: cn=config
structuralObjectClass: olcDatabaseConfig

Content of cn=config/olcDatabase={1}bdb.ldif:

stran@info-ldap-001:/etc/openldap$ sudo cat
slapd.d/cn\=config/olcDatabase={1}bdb.ldif
dn: olcDatabase={1}bdb
objectClass: olcDatabaseConfig
objectClass: olcBdbConfig
olcDatabase: {1}bdb
olcSuffix: dc=example,dc=com
olcAccess:
[snip]
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: cn=Manager,dc=example,dc=com
olcRootPW:: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
olcDbDirectory: /var/lib/ldap
olcDbCacheSize: 4000
olcDbCheckpoint: 512 720
olcDbConfig: {0}# $OpenLDAP: pkg/ldap/servers/slapd/DB_CONFIG,v 1.1
2004/06/18
  02:49:08 kurt Exp $
olcDbConfig: {1}# Example DB_CONFIG file for use with slapd(8) BDB/HDB
databas
 es.
olcDbConfig: {2}#
olcDbConfig: {3}# See Sleepycat Berkeley DB documentation
olcDbConfig: {4}#   <http://www.sleepycat.com/docs/ref/env/db_config.html>
olcDbConfig: {5}# for detail description of DB_CONFIG syntax and semantics.
olcDbConfig: {6}#
olcDbConfig: {7}# Hints can also be found in the OpenLDAP Software FAQ
olcDbConfig::
ezh9Iwk8aHR0cDovL3d3dy5vcGVubGRhcC5vcmcvZmFxL2luZGV4LmNnaT9maWxl
 PTI+
olcDbConfig: {9}
olcDbConfig: {10}#
olcDbConfig: {11}# Set the database in memory cache size.
olcDbConfig: {12}#
olcDbConfig: {13}set_cachesize   0       52428800        0
olcDbConfig: {14}
olcDbConfig: {15}# Data Directory
olcDbConfig: {16}#set_data_dir db
olcDbConfig: {17}
olcDbConfig: {18}# Transaction Log settings
olcDbConfig: {19}set_lg_regionmax        1048576
olcDbConfig: {20}set_lg_max              10485760
olcDbConfig: {21}set_lg_bsize            2097152
olcDbConfig: {22}set_lg_dir              /var/log/openldap_bdb
olcDbConfig: {23}
olcDbConfig: {24}# When using (and only when using) slapadd(8) or
slapindex(8)
 ,
olcDbConfig: {25}# the following flags may be useful:
olcDbConfig: {26}#set_flags DB_TXN_NOSYNC
olcDbConfig: {27}#set_flags DB_TXN_NOT_DURABLE
olcDbConfig: {28}
olcDbConfig: {29}#
olcDbConfig: {30}# Set temporary file creation directory.
olcDbConfig:: ezMxfSMgICAgICAgICAgICAgICAgICAgICAgIA==
olcDbConfig: {32}set_tmp_dir             /tmp
olcDbNoSync: FALSE
olcDbDirtyRead: FALSE
olcDbIDLcacheSize: 2000
olcDbIndex: objectClass eq
olcDbIndex: cn eq,subinitial
[snip]
olcDbLinearIndex: FALSE
olcDbMode: 384
olcDbSearchStack: 16
olcDbShmKey: 0
structuralObjectClass: olcBdbConfig

Thanks.

Sam

Follow-Ups:
- Re: new slapd.d configuration format and Invalid DN syntax (34)
  - From: Howard Chu <hyc@symas.com>

References:
- new slapd.d configuration format and Invalid DN syntax (34)
  - From: Samuel Tran <stran@amnh.org>
- Re: new slapd.d configuration format and Invalid DN syntax (34)
  - From: Samuel Tran <stran@amnh.org>
- Re: new slapd.d configuration format and Invalid DN syntax (34)
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: new slapd.d configuration format and Invalid DN syntax (34)
Next by Date: Re: new slapd.d configuration format and Invalid DN syntax (34)
Index(es):
- Chronological
- Thread