[Date Prev][Date Next] [Chronological] [Thread] [Top]

Starting Openldap and adding a new entry into the dabase



Hi All,
i'm a french student, i'm trying to make an Opendldap server on FreeBSD. my openldap version is : openldap-2.3.41
i configured the "slapd.conf" and ldap.conf" in order to start the server.
i have two problems
the first one is : i try to start the server but it doesn't work ... i don't understand whay it doesn"t work!!

stavril#  /usr/local/etc/rc.d/slapd start
Starting slapd.

stavril# /usr/local/etc/rc.d/slapd status
slapd is not running.

the 2 nd one is : i want to add a new entry into my database but i can't !!

stavril# ldapadd -h localhost -x -f test.ldif
ldap_bind: Can't contact LDAP server (-1)

here there are the files of configuration : slapd.conf, ldap.conf, test.ldif, rc.conf


stavril# cat slapd.conf

#

# See slapd.conf(5) for details on configuration options.

# This file should NOT be world readable.

#

include /usr/local/etc/openldap/schema/core.schema


include /usr/local/etc/openldap/schema/cosine.schema

include /usr/local/etc/openldap/schema/inetorgperson.schema

#include /usr/local/etc/openldap/schema/nis.schema

schemacheck on



# Define global ACLs to disable default read access.


# Do not enable referrals until AFTER you have a working directory

# service AND an understanding of referrals.

#referral ldap://root.openldap.org


pidfile /var/run/openldap/slapd.pid

argsfile /var/run/openldap/slapd.args



# Load dynamic backend modules:

modulepath /usr/local/libexec/openldap

moduleload back_bdb

# moduleload back_ldap

# moduleload back_ldbm

# moduleload back_passwd

# moduleload back_shell


# Sample security restrictions

# Require integrity protection (prevent hijacking)

# Require 112-bit (3DES or better) encryption for updates

# Require 63-bit encryption for simple bind

# security ssf=1 update_ssf=112 simple_bind=64


# Sample access control policy:

# Root DSE: allow anyone to read it

# Subschema (sub)entry DSE: allow anyone to read it

# Other DSEs:

# Allow self write access

# Allow authenticated users read access

# Allow anonymous users to authenticate

# Directives needed to implement policy:

# access to dn.base="" by * read

# access to dn.base="cn=Subschema" by * read

# access to *

# by self write

# by users read

# by anonymous auth

#

# if no access controls are present, the default policy

# allows anyone and everyone to read anything but restricts

# updates to rootdn. (e.g., "access to * by * read")

#

# rootdn can always read and write EVERYTHING!




access to attrs=userPassword

by dn="cn=Manager,dc=uvsq,dc=fr" write

by dn="cn=proxyuser,dc=uvsq,dc=fr" read

by self write

by anonymous auth

by * none


access to attrs=uidNumber,gidNumber

by dn="cn=Manager,dc=uvsq,dc=fr" write

by dn="cn=proxyuser,dc=uvsq,dc=fr" read

by * read


access to *

by dn="cn=Manager,dc=uvsq,dc=fr" write

by self write

by * read




#####################################################################

# BDB database definitions

#######################################################################

database bdb

suffix "dc=uvsq,dc=fr"

rootdn "cn=Manager,dc=uvsq,dc=fr"


# Cleartext passwords, especially for the rootdn, should

# be avoid. See slappasswd(8) and slapd.conf(5) for details.

# Use of strong authentication encouraged.


rootpw secret


# The database directory MUST exist prior to running slapd AND

# should only be accessible by the slapd and slap tools.

# Mode 700 recommended.


directory /var/db/openldap-data

mode 700


# indice to maintain

index objectClass eq

#last modification

lastmod on



stavril# cat ldap.conf

#

# LDAP Defaults

#


# See ldap.conf(5) for details

# This file should be world readable but not world writable.


#BASE dc=example, dc=com

#URI ldap://ldap.example.com ldap://ldap-master.example.com:666


BASE dc=uvsq, dc=fr

URI ldap://127.0.0.1/

ldap_version 3



#SIZELIMIT 12

#TIMELIMIT 15

#DEREF never




stavril# cat test.ldif

dn: dc=uvsq, dc= fr

dc: uvsq

objectClass: top

objectClass: domain


dn: cn=Manager, dc=uvsq, dc=fr

objectClass: organizationalRole

cn: Manager

rc.conf (the importante lines)

slapd_enable="YES"

slapd_flags="-h ldap://%2fvar%2frun%2fopenldap%2fldapi/ ldap://0.0.0.0"

slapd_sockets="/var/run/openldap/ldapi"

stavril# cat test.ldif
dn: dc=uvsq, dc= fr
dc: uvsq
objectClass: top
objectClass: domain

dn: cn=Manager, dc=uvsq, dc=fr
objectClass: organizationalRole
cn: Manager


i tried to find a soltuion to my problem 3 days ago without success, i'm waiting for you ideas.

thank you very much

best regards


Uness