[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Issue using ldapadd

To: "Jonathan Wage" <jonwage@gmail.com>
Subject: Re: Issue using ldapadd
From: "Gavin Henry" <ghenry@suretecsystems.com>
Date: Fri, 21 Dec 2007 16:54:10 -0000 (GMT)
Cc: openldap-software@openldap.org
Importance: Normal
In-reply-to: <be85b5220712210800r2202cfc4od669c104e7b2f23c@mail.gmail.com>
Openpgp: id=796B1E87DB73BEA8
References: <be85b5220712201548na448bd0rf45a5998383e6426@mail.gmail.com> <be85b5220712210644y1a908be2hc4215b1c55adfdd7@mail.gmail.com> <52499.80.229.93.1.1198251742.squirrel@webmail.suretecsystems.com> <be85b5220712210752i123f35e0i6a11cb26ac80e773@mail.gmail.com> <52615.80.229.93.1.1198252473.squirrel@webmail.suretecsystems.com> <be85b5220712210800r2202cfc4od669c104e7b2f23c@mail.gmail.com>
User-agent: SquirrelMail/1.4.13-1.fc8

<quote who="Jonathan Wage">
> Here is my slapd.conf
>
> #
> # See slapd.conf(5) for details on configuration options.
> # This file should NOT be world readable.
> #
> include        /private/etc/openldap/schema/core.schema
>
> # Define global ACLs to disable default read access.
>
> # Do not enable referrals until AFTER you have a working directory
> # service AND an understanding of referrals.
> #referral    ldap://root.openldap.org
>
> pidfile        /private/var/db/openldap/run/slapd.pid
> argsfile    /private/var/db/openldap/run/slapd.args
>
> # Load dynamic backend modules:
> # modulepath    /usr/libexec/openldap
> # moduleload    back_bdb.la
> # moduleload    back_ldap.la
> # moduleload    back_ldbm.la
> # moduleload    back_passwd.la
> # moduleload    back_shell.la
>
> # Sample security restrictions
> #    Require integrity protection (prevent hijacking)
> #    Require 112-bit (3DES or better) encryption for updates
> #    Require 63-bit encryption for simple bind
> # security ssf=1 update_ssf=112 simple_bind=64
>
> # Sample access control policy:
> #    Root DSE: allow anyone to read it
> #    Subschema (sub)entry DSE: allow anyone to read it
> #    Other DSEs:
> #        Allow self write access
> #        Allow authenticated users read access
> #        Allow anonymous users to authenticate
> #    Directives needed to implement policy:
> # access to dn.base="" by * read
> # access to dn.base="cn=Subschema" by * read
> # access to *
> #    by self write
> #    by users read
> #    by anonymous auth
> #
> # if no access controls are present, the default policy
> # allows anyone and everyone to read anything but restricts
> # updates to rootdn.  (e.g., "access to * by * read")
> #
> # rootdn can always read and write EVERYTHING!
>
> #######################################################################
> # BDB database definitions
> #######################################################################
>
> database    bdb
> suffix        "dc=example,dc=com"
> rootdn        "cn=Manager,dc=example,dc=com"
> # Cleartext passwords, especially for the rootdn, should
> # be avoid.  See slappasswd(8) and slapd.conf(5) for details.
> # Use of strong authentication encouraged.
> rootpw        secret
> # The database directory MUST exist prior to running slapd AND
> # should only be accessible by the slapd and slap tools.
> # Mode 700 recommended.
> directory    /private/var/db/openldap/openldap-data
> # Indices to maintain
> index    objectClass    eq
>
>
> Which logs are you referring to? The openldap log?

Start slapd by hand with -d -1

and then bind via ldapsearch.

References:
- Issue using ldapadd
  - From: "Jonathan Wage" <jonwage@gmail.com>
- Re: Issue using ldapadd
  - From: "Gavin Henry" <ghenry@suretecsystems.com>
- Re: Issue using ldapadd
  - From: "Gavin Henry" <ghenry@suretecsystems.com>

Prev by Date: Re: Sync Replication via TLS/SSL - get bind err
Next by Date: Re: Sync Replication via TLS/SSL - get bind err
Index(es):
- Chronological
- Thread