[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapadd requires confidentiality

ons, 21.01.2004 kl. 12.55 skrev "Frank Hoffsümmer":

> now I started slapd interactively with debugging on:
> $ libexec/slapd  -d12 -f etc/openldap/slapd.conf 
> daemon_init: <null>
> daemon: bind(7) failed errno=125 (Address already in use)    <<<=========== 1:
> bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December  3, 2003)
> bdb_db_init: Initializing BDB database
> TLS: PRNG not been seeded with enough data                         <<<==========  2:
> bdb_db_open: dc=svt,dc=se
> slapd starting
> daemon: added 6r
> daemon: select: listen=6 active_threads=0 tvp=NULL
> then, in another terminal window, my usual effort to add some entries: 
> $ bin/ldapadd -x -D 'cn=manager,dc=svt,dc=se' -h localhost -p 389 -W -f
> top.ldif
> Enter LDAP Password: 
> ldap_bind: Confidentiality required (13)
> but nothing shows on the console where i started slapd! shouldn't I see
> something in debug mode when 
> ldapadd tries (and fails) to bind to slapd?? (using the standard ldap.conf
> and slapd.conf)

See above "arrows".

This is a Solaris-specific thing. I'm afraid I have no Openldap
experience on Solaris and have no machine to check on.


1: above would seem to indicate that there is already a daemon running;
check that;
2: I don't know what you use to seed your encryption software, Linux has
a /dev/random which is usually used for this.

It looks as though you might have *2* LDAP instances on your Solaris
machine. The strange thing is, that in your slapd.conf you have nothing
about certificates, nor have you explicitly compiled for SSL support,
but your daemon is definitely trying to run with TLS support.

Hope that a Solaris Openldap person sees this and can help you further.
I know that there have been conflicts reported on this list for Solaris
stuff that is already installed as standard, and Openldap installs.


mail: billy - at - billy.demon.nl