[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Trying to get RH 7.3 to play nicely with OpenLDAP

>>I'm attempting to get a small network of RedHat boxen (1 server, 13
>>workstations) setup for LDAP authentication.  At the moment, LDAP starts
>>up without complaining, and I've used the migrate_all_offline.sh
>>script with apparent success.  However, I can't find anything
>>with ldapsearch -x, nor can I find anything trying to browse with gq.  I've
>>read most of the docs I could find, and my most recent setup is a result of
>>trying to followthe directions in
>>1101.1472 713773.6227%40yahoo.com
>>(without success).
>>Is there a step-by-step configuration checklist out there that would allow
>>me to wipe
>>what I have and start over?
>Have you read the Quick Start Guide that is part of the OpenLDAP
>Administrator's Guide? http://www.openldap.org/doc/admin/quickstart.html
>As interesting as the above-referenced article was, I must point out that
>OpenLDAP does *not* provide any such thing as migrate_all_offline.sh. RedHat
>is packaging something with their OpenLDAP RPMs, which I'm sure they're free
>to do, but those tools were not written by the OpenLDAP team and we don't
>have any knowledge or control over those tools.

The migration scripts are a PADL thing,  and RH bundles them in the
openldap packages.  I cover using them (in a more or less step-by-step
way) in ftp://kalamazoolinux.org/pub/pdf/ldapv3.pdf

>>I'm thoroughly bewildered at this point (because most of the
>>docs I've read get to a point where I'm following instructions and suddenly
>>what I'm trying to do isn't working),
>Most of the docs floating around the web are antiques,

So true!

>talking about software
>revisions that were obsoleted long ago. (Also, I personally am very biased
>against any article that reads "I've found a number of bugs in this code"
>from someone who has never submitted a bug report to our bug tracking
>database. OpenLDAP is community-supported code. If you find a bug, you have
>an obligation as a user of this free software to report it. We can't help you
>if you don't help us.)
>>without much in the way of helpful error messages.  I'm not
>>a Linux newbie, and I'm comfortable with Unixisms in general, but I've
>>gotten thoroughly
>>confused at this point.  I have certificates turned off, I think (that was
>>causing some
>>errors, I think, but so is plaintext--I keep getting "ldap_search_s No such
>>object" in
>>my logs for a user that I know exists in the passwd file and should

If ldapsearch -x "objectclass=*" doesn't find anything check
/etc/openldap/ldap.conf.  You probably miss defined your base, etc... 
And set a default search base in slapd.conf