On Wednesday 15 February 2006 18:35, Mark Worsdall wrote:
> Hi,
>
> I am in a right pickle, I install slapd and answered the questions
> correctly giving it a password.
slapd does not ask any questions.
Maybe you are using the Debian packages?
> I added a new entry which it complained about but still added!! Stupid
> why add if it complains, either add or not!! sorry
You don't go into the detail of what added, what complained etc, I doubt it
was specifically OpenLDAP software.
> Anyway want to delete entry jdw becuase I made the silly mistake of
> assuming People would be ok, but no, it has to be people.
slapd doesn't care.
>
>
> ldapsearch -x -b 'dc=shadshed,dc=com' '(objectclass=*)'
> # extended LDIF
> #
> # LDAPv3
> # base <dc=shadshed,dc=com> with scope sub
> # filter: (objectclass=*)
> # requesting: ALL
> #
>
> # shadshed.com
> dn: dc=shadshed,dc=com
> objectClass: top
> objectClass: dcObject
> objectClass: organization
> o: Shadow Robot Company
> dc: shadshed
>
> # admin, shadshed.com
> dn: cn=admin,dc=shadshed,dc=com
> objectClass: simpleSecurityObject
> objectClass: organizationalRole
> cn: admin
> description: LDAP administrator
>
> # jdw, People, shadshed.com
> dn: uid=jdw,ou=People,dc=shadshed,dc=com
> uid: jdw
> cn: Delete Me
> objectClass: account
> objectClass: posixAccount
> objectClass: top
> objectClass: shadowAccount
> shadowLastChange: 13193
> shadowMax: 99999
> shadowWarning: 7
> loginShell: /bin/bash
> uidNumber: 1010
> gidNumber: 1010
> homeDirectory: /home/jdw
> gecos: worsdall,,,,,,
>
> # search result
> search: 2
> result: 0 Success
>
> # numResponses: 4
> # numEntries: 3
>
>
> So how do I delete it, I am using the password I supplied during
> installation??
Maybe you've been hit by the Debian bug, where the initial password encryption
generation is broken.
> sudo ldapdelete -x -w tooC2thugh -D cn=admin,dc=shadshed,dc=com "cn=Mark
> Worsdall,dc=shadshed,dc=com"
No need to use ldapdelete via sudo ....
>
> It returned:
>
> ldap_bind: Invalid credentials (49)
>
>
> And since I have posted the password how do I change the admin password?
>
>
> Oh this is the entry I wish to add:
>
> dn: uid=jdw,ou=people,dc=shadshed,dc=com
> uid: jdw
> cn: Delete Me
> objectClass: account
> objectClass: posixAccount
> objectClass: top
> objectClass: shadowAccount
> userPassword: {crypt}$1$xvpUzOKX$6ZORWdD9QksB2X0sDmGHk/
> shadowLastChange: 13193
> shadowMax: 99999
> shadowWarning: 7
> loginShell: /bin/bash
> uidNumber: 1010
> gidNumber: 1010
> homeDirectory: /home/jdw
>
>
> Will do it with this?
> offline method:
> sudo slapadd -v < ~/addjdw.ldif
>
> online method
> sudo ldapadd -x -v -D cn=admin,dc=shadshed,dc=com -W < ~/addjdw.ldif
>
>
> Can anyone help, I have never run into such a complicated package,
The Debian package?
> pity
> there is no ssh terminal menu driven package for adding and deleting and
> listing entries.
How would that help, if you can't authenticate as a user with rights to
add/delete entries? There are a number of tools available for administering
LDAP servers, but, since they are independant of the LDAP server, it's really
off-topic for this list ...
Anyway, I suspect generating a password hash:
$ /usr/sbin/slappasswd
And pasting the result into slapd.conf, on the line after the rootdn line,
prefixed with "rootpw ", to get something like this:
rootdn cn=admin,dc=shadshed,dc=com
rootpw {SSHA}px5ZLSPdSpcPQEXdTZbvwFlcw6tG3GnW
should work around this problem with the Debian packages.
I've never personally seen this, but I don't use Debian ...
--
Buchan Milne
ISP Systems Specialist
B.Eng,RHCE(803004789010797),LPIC-2(LPI000074592)
Attachment:
pgphsX87OUuts.pgp
Description: PGP signature