Re: How to confirm --enable-local

[Robert Fitzpatrick <robert@webtent.com>]

On Wed, 2004-03-24 at 11:46, Robert Fitzpatrick wrote:
> On Wed, 2004-03-24 at 01:49, Pierangelo Masarati wrote:
> > If you are starting slapd, then it uses the socket if you used
> > the -h "ldapi://" switch; then, if it is unable to open the socket
> > it will not start. 
> 
> The server starts fine with "-h 'ldapi:/// ldap:///'" and is accessible
> via TCP, SSL, etc thereafter. However, I still get "Can't connect to
> server" when trying to initialize a new REALM in Heimdal Kerbersos that
> requires local socket access. I tried moving the ACL for the socket to
> the top, but then could not access the server via anything but GQ. Right
> now, I have the following ACL entry in my slapd.conf at the bottom of
> all other ACL entries and just above the database entry:
> 
> access to *
>         by sockurl="^ldapi:///$" write
> 
> Any ideas why Heimdal is not connecting? I'm getting no response from
> the Heimdal list about this. Is there another application I can use that
> accesses via ldapi for testing?
> 
> > To setup back-monitor, simply add a
> > "database monitor" directive in slapd.conf, as described in
> > slapd-monitor(5), back-monitor's man page (with references in
> > slapd.conf(5) man page).  Check the permissions of the socket
> > and of the entire path to the socket.
> 
> No manual page for slapd-monitor. I see "--enable-monitor" in the
> Makefile, assuming it is installed, but I guess not.

Another note, this returns all the responses it should:

ldapsearch -H 'ldapi://%2fvar%2frun%2fopenldap%2fldapi/'

-- 
Robert