[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Newbie help

To: Christy Mahon <christymahon@yahoo.com.au>
Subject: Re: Newbie help
From: Daniel Gleich <mail-list-linux@gmx.de>
Date: Sat, 04 Sep 2004 19:00:44 +0200
Cc: OpenLDAP-software@OpenLDAP.org
In-reply-to: <20040904151112.34431.qmail@web90008.mail.scd.yahoo.com>
References: <20040904151112.34431.qmail@web90008.mail.scd.yahoo.com>
User-agent: Mozilla Thunderbird 0.7.3 (X11/20040803)

hey

You have to use "slappasswd -u" to encrypt your password. Then copy this SSHA encrypted password in your slapd.conf (rootpw). Then dry your ldapadd request again. To add some data in your directory, you have to specify an "LDIF" file by using the "-f" Parameter:

ldapadd -x -D "cn=root,dc=office,dc=local" -W -f user.ldif

The "-x" Parameter is specified for using the "simple bind" without SASL.


Daniel

Christy Mahon wrote:

I've followed closely tutorial instructions and have
started slapd.
Now i want to add some data to my directory but I'm
getting an error. Obviously I'm missing something not
covered in my tutorial. Unfortunately, searching more
widely just seems to add to the confusion because I
just don't know enough at this stage: Here's what I'm
getting when I try to run ldapadd:

ldapserver:/# /usr/lib/openldap/slapd
ldapserver:/# /usr/bin/ldapadd -x -D
"cn=root,dc=office, dc=local" -W
Enter LDAP Password: secret
ldap_bind: Invalid credentials: (49)

Not sure what the -x does but gather its something to
do with the access levels. When I drop it I get:

ldapserver:/# /usr/lib/openldap/slapd
ldapserver:/# /usr/bin/ldapadd -D "cn=root,dc=office,
dc=local" -W
Enter LDAP Password: secret
ldap_sasl_interactive_bind-s: No such attribute (16)

here is my slapd.conf file:
# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v
1.23.2.2 2002/08/19 16:21:49 kurt Exp $
#
# See slapd.conf(5) for details on configuration
options.
# This file should NOT be world readable.
#
include	/etc/openldap/schema/core.schema
include	/etc/openldap/schema/cosine.schema
include	/etc/openldap/schema/inetorgperson.schema

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a
working directory
# service AND an understanding of referrals.
#referral	ldap://root.openldap.org

pidfile		/var/run/slapd/slapd.pid
argsfile	/var/run/slapd/slapd.args

# Load dynamic backend modules:
# modulepath	/usr/lib/openldap/openldap
# moduleload	back_bdb.la
# moduleload	back_ldap.la
# moduleload	back_ldbm.la
# moduleload	back_passwd.la
# moduleload	back_shell.la

#
# Sample access control policy:
#	Allow read access of root DSE
#	Allow self write access
#	Allow authenticated users read access
#	Allow anonymous users to authenticate
# Directives needed to implement policy:
#access to dn.base="" by * read
#access to *
#	by self write
#	by users read
#	by anonymous auth
#
# if no access controls are present, the default
policy is:
#	Allow read by all
#
# rootdn can always write!

#######################################################################
# ldbm database definitions
#######################################################################

database bdb suffix "dc=office,dc=local" rootdn "cn=root,dc=office,dc=local" # Cleartext passwords, especially for the rootdn, should # be avoid. See slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. rootpw secret # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd/tools. Mode 700 recommended. directory /var/lib/ldap # Indices to maintain index objectClass eq


Apreciate your help
Thanks
Christy

Find local movie times and trailers on Yahoo! Movies.
http://au.movies.yahoo.com

Follow-Ups:
- Re: Newbie help
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

References:
- Newbie help
  - From: Christy Mahon <christymahon@yahoo.com.au>

Prev by Date: Newbie help
Next by Date: Re: Newbie help
Index(es):
- Chronological
- Thread