[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slapd runs, but nothing else works

Tony Earnshaw wrote:

tir, 2003-01-14 kl. 10:31 skrev Benjamin A. Collins:

Hi, I started with a fresh install of RedHat 7.3 (a somewhat skimpy install, getting things as I needed them) and tried to set up openldap the way that the securityfocus article describes it, like many who have posted here. I seem to have some combination of all of the most frequent errors. I have edited the /etc/openldap/slapd.conf file to look like this:


So as you can see, I have serious problems. When I try to give the DN and password, I get err=49. When I try to just search for anything and everything, I get err=11 (Resource temporarily unavailable) and err 32.

Anyone know what these might be? I have read this mailing list up and down, so please don't just tell me that err=11 is normal. actually, with my particular error, it's trying to read data from a file descriptor (fd 12) that doesn't exist. At any rate, I need some serious help.

Sorry for the long post, but I wanted to be thorough.


Actually, it's admirably commented.

I can think of:

1: There's nothing wrong with your debug output. It's normal. You're
hanging yoursel up on a file descriptor problem when there isn't one.
You'll find out in time.

2: You have to add at least an entry for the organization
dc=sandbox,dc=edu with an ldif file. Use:

dn: dc=sandbox,dc=edu
objectClass: dcObject
objectClass: organization
objectClass: top
dc: sandbox

Then you should add at least one cn dn (can be a uid, male address or
what you like, but I have a cn):

dn: cn=Admin,dc=sandbox,dc=edu
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: Admin
sn: Admin
userPassword: adminpassword
uid: admin

The password should be encrypted somehow {crypt}, {md5} or any other
accepted form (man slappasswd)

3: You have to have at least the BASE and the HOST in /etc/ldap.conf (or
ldaprc or ~/.ldaprc, man ldap.conf). Or you have to give '-b
"dc=sandbox,d=edu'" in your ldapsearch command.



Tony, I tried the above, and still had a problem. I dumped your ops into a file called init.ldif, and ran the following: 'ldapadd -x -v -f init.ldif'

The response was that I had insufficient access, so I edited my ACL's in slapd.conf. I commented the existing ones out and put in this one:
access to dn="" by * write

and ran ldapsearch again, but still got the same errors -- at some point in the debug spew I saw a "suffix add denied".