[Date Prev][Date Next] [Chronological] [Thread] [Top]

no entries where found with ldapsearch

To: openldap-software@OpenLDAP.org
Subject: no entries where found with ldapsearch
From: Andreas Dondera <andreas@dondera.de>
Date: Thu, 19 Feb 2004 21:10:34 +0100

Hello,
I tried for severals days to get an LDAP-Server running the way I want.
The server should work as a Single-Sign-On System for Linux, Samba and
later PHP.
I've read the tutorial from Markus Amersbacher on subnet.at and other.
My Server based on Debian Woody with Openldap 2.0.
Something already runs fine, but I don't know what ;-) I've adapted the
slapd.conf (see below), libnss-ldap.conf, libpam-ldap.conf and several
files in /etc/pam.d/ to my needs. At the moment I get the following when 
I change my password:

Enter login(LDAP) password: 
New password: 
Re-enter new password: 
LDAP password information changed for donde
passwd: password updated successfully

So I guess that the slapd is already working.
After installing openldap and configuring the files above, I added the
first ldif-file (see below) with slapadd -l /etc/ldap/test.ldif.
Thereafter I tried slapcat and was able to see the entries of this
ldif-file. So I tried to add my group.ldif, etc, which I made with the
migrationtools, with ldapadd. I get several messages like "Add new
entry" but after a new invoking of slapcat the entries are still the
same as before (only the entries of the test.ldif-file).
Then I tried the GUI Directory-Administrator. The program was able to
connect to the slapd, but reports, that the database is empty,
respectivly that there is no organizationalUnit.
Because of I'm a really newbie to ldap, I tried now the easy querys of
the openldap-tutorial to test the server.

ldapsearch -x -b '' -s base '(objectClass=*)' namingContexts

According to the Tutorial the output of this command should look like 
this:

dn:

namingContexts:	dc=fhoevp,dc=de

This is my output

version: 2
#
# filter: (objectClass=*)
# requesting: namingContexts 
#

# search result
search: 2
result: 0 Success

# numResponses: 1

A search for the uid=donde brings nearly the same output:

ldapsearch -x -b 'dc=fhoevp,dc=de' 'uid=donde'

version: 2

#
# filter: uid=donde
# requesting: ALL
#

# search result
search: 2
result: 0 Success

# numResponses: 1

This is the output of slapcat. As you can see the uid=donde exists and
donde is known by ldap. He's able to login and change his password, but
it's not possible to search for him.

woody:/slapcat
dn: dc=fhoevp,dc=de
objectClass: organization
o: fhoevp

dn: cn=manager, dc=fhoevp,dc=de
objectClass: organizationalRole
objectClass: simpleSecurityObject
cn: admin 

description: LDAP administrator
userPassword:: e0NSWVBUfVducFZaelNaT2xSTFk=

dn: cn=nss, dc=fhoevp,dc=de
objectClass: organizationalRole
objectClass: simpleSecurityObject
cn: nss
description: LDAP NSS user for user-lookups
userPassword:: e0NSWVBUfVducFZaelNaT2xSTFk=

dn: ou=People, dc=fhoevp,dc=de
objectClass: organizationalUnit
ou: People

dn: ou=Group, dc=fhoevp,dc=de
objectClass: top
objectClass: organizationalUnit
ou: Group

dn: uid=donde, ou=People,dc=fhoevp,dc=de
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
objectClass: organizationalPerson
uid: donde
cn: Andreas Dondera
sn: Dondera
givenName: Donde LDAP Test User
title: Admin
departmentNumber: IT
userPassword:: e0NSWVBUfVducFZaelNaT2xSTFk=
loginShell: /bin/bash
uidNumber: 11111
gidNumber: 11111
homeDirectory: /home/donde/
gecos: donde_gecos-field
description: Not Available
l: HSGEB.2

dn: cn=donde,ou=Group,dc=fhoevp,dc=de
objectClass: posixGroup
objectClass: top
cn: donde
gidNumber: 11111

The server runs as the user slapd. Every file in /etc/ldap and
/var/lib/ldap is owned by him.

/etc/ldap/slapd.conf:

include         /etc/ldap/schema/core.schema
include         /etc/ldap/schema/cosine.schema
include         /etc/ldap/schema/nis.schema
include         /etc/ldap/schema/inetorgperson.schema
include         /etc/ldap/schema/misc.schema

schemacheck     on
pidfile         /var/run/slapd.pid
argsfile        /var/run/slapd.args
password-hash   {CRYPT}
replogfile      /var/lib/ldap/replog
loglevel        256

database        ldbm
suffix          "dc=fhoevp,dc=de"
rootdn          "cn=manager,dc=fhoevp,dc=de"
rootpw          {CRYPT}WnpVZzSZOlRLY
directory       "/var/lib/ldap"
index objectClass eq
lastmod on
access to attribute=userPassword
        by dn="cn=manager,dc=fhoevp,dc=de" write
        by anonymous auth
        by * none

access to *
        by dn="cn=manager,dc=fhoevp,dc=de" write
        by dn="cn=nss,dc=fhoevp,dc=de" read
        by * auth

The tool gq likewise finds no entries.
I'm absolutely helpless.
So I would be truly grateful for every kind of help.
Why could no entry be found with ldapsearch or any 
gui-tools?

Donde

P.S. Excuse my english ;-)

Follow-Ups:
- Re: no entries where found with ldapsearch
  - From: Tony Earnshaw <tonye@billy.demon.nl>

Prev by Date: Using SSL and TLS
Next by Date: Re: slapindex question (was slapcat question)
Index(es):
- Chronological
- Thread