[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLdap Problems on Redhat ESv3

If you wrote an email that I could actually read, I might answer it. I'd figure out what is wrong with your email client first.

I will note that RedHat ships with an ancient version of OpenLDAP (2.0.27) so you'd most likely want to at least upgrade to something newer (SUSE ships with a newer version).


--On Friday, January 28, 2005 4:58 PM -0800 Nick Bernstein <nbernstein@frontbridge.com> wrote:

= Aside from some stuff a year or so ago = during research into
authenticating linux hosts against active directory (= another job, don?t
ask), this is my first time setting up openldap. = After reading the ldap
quickstart, and skimming over the admin guide, and = picking up the
Oriley book, all of which pointed to a very simple setup, I= figured it
would be a cakewalk and after getting annoyed with progress on= ES3, I
was able to do the exact same sequence on Suse 9.2 in about 15 min= utes
and be able to browse tree, and query successfully.. Since I?m = doing it
on redhat es v. 3, however, it, of course, has to work oddly. J The final
goal for = this is to be able to use ldap for authentication. = I?ll go
over the problem(s) first, and put the configurat= ion stuff below. Love
to hear what you guys (and gals) think. Basically here?s what I did: =
(1) Setup /etc/openldap/slapd.conf (2)   Authconfig info ? auth both get
ldap (loc= alhost dc=shuba,dc=com) (3) = Migrate_base > /tmp/base.ldif
(4) Slapadd ?f /etc/openldap/slapd.conf ?x âv ?l /tmp/base.ldif (5) =
Authconfig (turn shadow passwords off) (6)   Cp /etc/passwd
/tmp/shadowpass.txt = (7) = ; Migrate_passwd.pl /tmp/shadowpass.= txt >
/tmp/users.ldif (8) = Slapadd ?f /etc/openldap/slapd.conf ?x ?v ?f =
/tmp/base.ldif (9) Slapcat= t | more (looks good) (10) Service ldap start
= (/etc/init.d/ldap start) (11) Ldapsearch ?x= (see below for results)
(12) Open a java ldap br= owser (connects, ONLY shows ?dc=shuba, dc=com?
? no = children) (13) Try to connect using the Manager= user, no dice. =
(PS) I looked through the archives, and did= n?t see anything, as well as
going through google, and google news g= roups. If by some miracle, I?ve
missed readily available answers the= re or in the FAQ, please accept my
apologies in advance. TIA, Nick = First ldapadd works oddly. An ldif that
I c= an add with slapadd gives an error using ldap add. = slapadd -f
/etc/openldap/slapd.conf= -v -l /tmp/user.ldif added:
"uid=foo,ou=People,dc=shuba,dc= =com" (00000050) bar, and increase the
uid/gid by one, sam= e file >> [r= oot@test1-int migration]#
/etc/init.d/ldap start Starting slapd:     = [OK] = [root@test1-int migr=
ation]# ldapadd -x -v -f /tmp/user.ldif ldap_initialize( ) add uid: bar
add cn:   adding with ldapadd add objectClas= s: account =   posixAccount
top add userPassword: = {SSHA}qaf5D6w/DGSY521JJu5gambxmBvadJyr add
loginShell: = /bin/bash add uidNumber:   1029 add gidNumber: =   1029 add
homeDirectory:   /home/bar adding new entry "uid=bar,ou=People,dc=
=shuba,dc=com" ldap_add: Operations error =   ldif_record() = 1 for the
record, btw, the last entry in the db, according to slapcat is: = dn:
uid=foo,= ou=People,dc=shuba,dc=com uid: foo cn: adding with ldapadd
objectClass= : account objectClass: posixAccount objectClass: top =
userPassword:: --sni= p -- = loginShell: /bin/bash uidNumber: 1028
gidNumber: 1028 homeDirector= y: /home/foo So t= hat?s the first thing.
Second, Nothing comes back when I use ldapsea= rch, even when asking for
anything: = ; ldapsearch -x -b '' -s base '(objectclass=*)' = version: 2
# # filter: (objectclass=*) # requesting: ALL # = # dn: objec= tClass:
top objectClass: OpenLDAProotDSE # search result search: 2 re= sult: 0
Success # numResponses: 2 # numEntries: 1 = Unfo= rtunately, I got a
bounce stating that this message was to long. I have mo= ved the config
files to http://nicholasbernstein.= com/ldap_stuff/   = It got double
spaced s= ome how in the cutting and pasting from windows -> unix. If it
annoys y= ou, please have compassion ? you can?t imagine how much being =
stuck on windows bugs me. ;) FrontBridge introduces Message Archive and
Secure Email. Get l= eading Enterprise Message Security services from
FrontBridge. www.frontbridge.com

-- Quanah Gibson-Mount Principal Software Developer ITSS/Shared Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

"These censorship operations against schools and libraries are stronger
than ever in the present religio-political climate. They often focus on
fantasy and sf books, which foster that deadly enemy to bigotry and blind
faith, the imagination." -- Ursula K. Le Guin