[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap_add problems

To: William L Anderson <band@eng.mc.xerox.com>
Subject: Re: ldap_add problems
From: Blake Binkley <blake@netopolis.net>
Date: Thu, 05 Nov 1998 03:43:07 +0000
Cc: openldap-general@openldap.org
Organization: Netopolis, Inc.
References: <199810281748.MAA21645@monk> <363B1900.7FFCC5CC@netopolis.net> <13889.1212.106435.796441@monk>

William L Anderson wrote:

> Blake Binkley writes:
>  > Bill: you must use the following format to ldapadd
>  > ldapadd -w mypassword -D 'cn=root, o=myorg c=US' -f ldif_file
>  >
>  > let us know if this doesn't work.
>
> this ldapadd command was hanging because my referral entry in the
> slapd.conf file was set to umich (can't get there through my
> co. firewall. I changed that to match my local slapd host and then I
> get an
>
> ldap_add: Insufficient access
>
> when I set debug level to -d[34] the tail of the dump is:
>
> ber_get_next
> ber_get_next: tag 0x30 len 12 contents:
> ber_dump: buf 0x36ab0, ptr 0x36ab0, end 0x36abc
>           current len 12, contents:
>         02 01 07  i 07 0a 01  2 04 00 04 00
> request 7 done
> ldap_add: Insufficient access
>
> ber_flush: 7 bytes to sd 5
>          0 05 02 01 08  B 00
> -----
> the ldif_file appears to be parsed OK.
>
> It doesn't seem to matter what the permissons are on ldapadd or
> ldapmodify, or whether I'm running the tools as root or anything. This
> seems like a configuration problem.
>
> Help is really appreciated.
>
> Bill Anderson

Bill lets start with your /usr/local/etc/ldap/slapd.conf it should appear
like this for our tutorial:

------  start /usr/local/etc/ldap/slapd.conf ---------

include         /usr/local/etc/ldap/slapd.at.conf
include         /usr/local/etc/ldap/slapd.oc.conf
schemacheck     off
referral        ldap://ldap.itd.umich.edu

#######################################################################
# ldbm database definitions
#######################################################################

database        ldbm
suffix          "ou=Myorg, c=US"
directory       /usr/tmp
rootdn          "cn=root, ou=Myorg, c=US"
rootpw          mypass
index           cn, sn, uid
index           objectclass pres, eq
index           default none

------ end /usr/local/etc/ldap/slapd.conf ---------

then if you invoke ldapadd as follows:

ldapadd -w mypass -D 'cn=root, ou=Myorg, c=US'

you will then be on a blank line below your invocation of ldapadd type
the following:

dn: ou=Myorg, c=US
ou: Myorg
objectclass: orgainizationalunit

press return twice  and you will see a line that says:

adding new entry 'ou=Myorg, c=US'

if you get this then you have just added your top level orgainizational
unit,
 now to add an e-mail account that you can read from netscape:

ldapadd -w mypass -D 'cn=root, ou=myorg, c=US'
dn: cn=User One, ou=Myorg, c=US
cn: User One
sn: User One
mail: userone@myorg.com
objectclass: person

press enter twice to get out of ldapadd and see the message come up with
the following:

adding new entry 'cn=User One, ou=Myorg, c=US'

now lets invoke ldap search to verify that your data is there: do the
following:

ldapsearch -h localhost -b 'ou=Myorg, c=US' 'objectclass=*'

you should see both of the records we just added. if so, congratulations,
you now have an ldap server

let me know if you don't seem to understand something

Blake

References:
- Re: ldap_add problems
  - From: William L Anderson <band@eng.mc.xerox.com>

Prev by Date: Re: ldap_bind: DSA is unavailable - newby help please ;) Got a bit further...
Next by Date: definition of objectclass
Index(es):
- Chronological
- Thread