[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How to confirm --enable-local

On Wed, 2004-03-24 at 01:49, Pierangelo Masarati wrote:
> If you are starting slapd, then it uses the socket if you used
> the -h "ldapi://" switch; then, if it is unable to open the socket
> it will not start. 

The server starts fine with "-h 'ldapi:/// ldap:///'" and is accessible
via TCP, SSL, etc thereafter. However, I still get "Can't connect to
server" when trying to initialize a new REALM in Heimdal Kerbersos that
requires local socket access. I tried moving the ACL for the socket to
the top, but then could not access the server via anything but GQ. Right
now, I have the following ACL entry in my slapd.conf at the bottom of
all other ACL entries and just above the database entry:

access to *
        by sockurl="^ldapi:///$" write

Any ideas why Heimdal is not connecting? I'm getting no response from
the Heimdal list about this. Is there another application I can use that
accesses via ldapi for testing?

> To setup back-monitor, simply add a
> "database monitor" directive in slapd.conf, as described in
> slapd-monitor(5), back-monitor's man page (with references in
> slapd.conf(5) man page).  Check the permissions of the socket
> and of the entire path to the socket.

No manual page for slapd-monitor. I see "--enable-monitor" in the
Makefile, assuming it is installed, but I guess not.