[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Fw: ldap_add: Operations error

To: <postmaster@gnvfc.net>
Subject: Re: Fw: ldap_add: Operations error
From: "Pierangelo Masarati" <ando@sys-net.it>
Date: Wed, 5 May 2004 00:02:46 +0200 (CEST)
Cc: <openLDAP-software@OpenLDAP.org>
Importance: Normal
In-reply-to: <0e1101c43192$b6e9ac10$4681a3cb@ispqznmqzghk2t>
References: <0e1101c43192$b6e9ac10$4681a3cb@ispqznmqzghk2t>

Is it my mailer that's eating up all the "=" between "dc" and values in
all your DNs or what?  Otherwise, if you really set
"dcgnfcinfotower,dccom" as your suffix, I stongly suggest yu read aboutDN
syntax (e.g. rfc 2253, which is included in the distribution).

p.

> This is a multi-part message in MIME format.
>
> Hellooo,
>
> I have installed openldap 2-1.2.13-5 throug rpm with linux 8.0.
>
> Below is my slapd.conf file
>
> [root@test openldap]# cat slapd.conf
> # $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.7 2001/09/27
> 20:00:31 kurt
> #
> # See slapd.conf(5) for details on configuration options.
> # This file should NOT be world readable.
> #
> include         /etc/openldap/schema/core.schema
> include         /etc/openldap/schema/cosine.schema
> include         /etc/openldap/schema/inetorgperson.schema
> include         /etc/openldap/schema/nis.schema
> include         /etc/openldap/schema/redhat/rfc822-MailMember.schema
> include         /etc/openldap/schema/redhat/autofs.schema
> include         /etc/openldap/schema/redhat/kerberosobject.schema
> include         /etc/openldap/schema/qmail.schema
>
> # Define global ACLs to disable default read access.
>
> # Do not enable referrals until AFTER you have a working directory #
> service AND an understanding of referrals.
> #referral       ldap://root.openldap.org
>
> pidfile /var/run/slapd.pid
> argsfile /var/run/slapd.args
>
> # Create a replication log in /var/lib/ldap for use by slurpd.
> #replogfile     /var/lib/ldap/master-slapd.replog
>
> # Load dynamic backend modules:
> # modulepath    /usr/sbin/openldap
> # moduleload    back_ldap.la
> # moduleload    back_ldbm.la
> # moduleload    back_passwd.la
> # moduleload    back_shell.la
>
> #
> # The next two lines allow use of TLS for connections using a dummy test
> # certificate, but you should generate a proper certificate by changing
> to
> # /usr/share/ssl/certs, running "make slapd.pem", and fixing permissions
>  on
> # slapd.pem so that the ldap user or group can read it.
> # TLSCertificateFile /usr/share/ssl/certs/slapd.pem
> # TLSCertificateKeyFile /usr/share/ssl/certs/slapd.pem
> #
> # Sample Access Control
> #       Allow read access of root DSE
> #       Allow self write access
> #       Allow authenticated users read access
> #       Allow anonymous users to authenticate
> #
> #access to dn"" by * read
> #access to *
> #       by self write
> #       by users read
> #       by anonymous auth
> #
> # if no access controls are present, the default is:
> #       Allow read by all
> #
> # rootdn can always write!
>
> #######################################################################
> # ldbm database definitions
> #######################################################################
>
> database        ldbm
> suffix          "dcgnfcinfotower,dccom"
> #suffix         "oMy Organization Name,cUS"
> rootdn          "cnroot,dcgnfcinfotower,dccom"
> #rootdn         "cnManager,oMy Organization Name,cUS"
> # Cleartext passwords, especially for the rootdn, should
> # be avoided.  See slappasswd(8) and slapd.conf(5) for details.
> # Use of strong authentication encouraged.
> rootpw          secret
> # rootpw                {crypt}ijFYNcSNctBYg
> # The database directory MUST exist prior to running slapd AND
> # should only be accessible by the slapd/tools. Mode 700 recommended.
> directory       /var/lib/ldap
> # Indices to maintain
> index   objectClass,uid,uidNumber,gidNumber,memberUid   eq
> index   cn,mail,surname,givenname                       eq,subinitial #
> Replicas to which we should propagate changes
> #replica hostldap-1.example.com:389 tlsyes
> #       bindmethodsasl saslmechGSSAPI
> #       authcIdhost/ldap-master.example.com@EXAMPLE.COM
> [root@test openldap]#
>
>
> and below is my /etc/openldap/ldap.conf
>
> # $OpenLDAP: pkg/ldap/libraries/libldap/ldap.conf,v 1.4.8.6 2000/09/05
> 17:54:38 kurt Exp $
> #
> # LDAP Defaults
> #
>
> # See ldap.conf(5) for details
> # This file should be world readable but not world writable.
>
> #BASE   dcexample, dccom
> #URI    ldap://ldap.example.com ldap://ldap-master.example.com:666
>
> #SIZELIMIT      12
> #TIMELIMIT      15
> #DEREF          never
> HOST 127.0.0.1
> BASE    dcgnfcinfotower, dccom
> PORT 389
> #TLS_CACERT     /usr/share/ssl/misc/deniCA/52026275.0
>
>
> Now when i tried to add the user through through below command
> [root@test openldap]# ldapadd -x -D "cnroot,dcgnfcinfotower,dccom" -w
> secret -f /tmp/user.ldif
>
> i got the error like below
> adding new entry "dcgnfcinfotower,dccom"
> ldap_add: Operations error
> ldif_record()  1
>
> my /tmp/user.ldif file is
>
> dn: dcgnfcinfotower,dccom
> ou: mail
> objectClass: top
> objectClass: organizationalUnit
>
>
> How can i run the ldapadd command successfully.....
>
> Thanks in Advance.........
>
> Regards
> suhag.


-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it




    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497

References:
- Fw: ldap_add: Operations error
  - From: <postmaster@gnvfc.net>

Prev by Date: Re: saslAuthzTo check returning 48 SASL [conn=154] Failure: not authorized
Next by Date: library links...
Index(es):
- Chronological
- Thread