[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: issue w/ LDAP that I have encountered
Quanah,
Comments follow :
Derek R.
---
derek.richardson@ieee.org
derekr42@gmail.com
derekr@tlc2.uh.edu
dmrichar@uh.edu
drichardson4@uh.edu
---
"As a rule, dictatorships guarantee safe streets and
terror of the doorbell. In democracy the streets
may be unsafe after dark, but the most likely visitor
in the early hours will be the milkman."
-- Adam Michnik
Quanah Gibson-Mount wrote:
--On Thursday, July 06, 2006 3:38 PM -0500 "Derek R."
<derekr@tlc2.uh.edu> wrote:
I know I'm missing something dead obvious, but I can't figure out what.
Shouldn't it be giving me something, even though I haven't been able to
add any data to the directory? When I try to add the following LDIF :
dn: dc=tlc2,dc=uh,dc=edu
dc: tlc2
objectClass: top
objectClass: domain
I get the following :
[root@uiln001 ldap]# ldapadd -f base.ldif
SASL/GSSAPI authentication started
SASL username: root/admin@TLC2.UH.EDU
SASL SSF: 56
SASL installing layers
adding new entry "dc=tlc2,dc=uh,dc=edu"
dldap_add: Server is unwilling to perform (53)
additional info: operation not permitted within namingContext
What does "ldapwhoami" show?
[root@uiln001 openldap]# ldapwhoami
SASL/GSSAPI authentication started
SASL username: root/admin@TLC2.UH.EDU
SASL SSF: 56
SASL installing layers
dn:uid=root/admin,cn=tlc2.uh.edu,cn=gssapi,cn=auth
Result: Success (0)
Should this be an exact match for the rootdn line in slapd.conf ( mine
is "uid=ldap,cn=gssapi,cn=auth" )?
For example, on my systems, I have:
ltribes:~> ldapwhoami
SASL/GSSAPI authentication started
SASL username: quanah@stanford.edu
SASL SSF: 56
SASL installing layers
dn:uid=quanah,cn=accounts,dc=stanford,dc=edu
Result: Success (0)
Your posted slapd.conf has:
### SQL database options
database sql
suffix "dc=tlc2,dc=uh,dc=edu"
rootdn "uid=ldap,cn=gssapi,cn=auth"
so if ldapwhoami doesn't return that rootdn, I don't see that you'd be
allowed to write to the database. I'm not terribly familiar with
back-sql, so that may be as far as I get on this. ;) The error could
be related to its ue, since your naming context in your LDIF matches
the suffix.
Okay, so we have a mismatch. Also, I don't know if you read the mail
that Pierangelo sent or not, but apparently I have some significant
issues w/ back-sql still, so my problems might be due to that. I'll
keep digging in there. I've changed the rootdn in slapd.conf to be
"uid=root/admin,cn=tlc2.uh.edu,cn=gssapi,cn=auth", but that doesn't seem
to help. It has to be issues w/ back-sql then, I'll keep chasing that
up. BTW, if I do move to bdb, do you have any tips there?
Thanks,
Derek R.
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
begin:vcard
fn:Derek Richardson
n:Richardson;Derek
org:University of Houston;Texas Learning and Computation Center
adr:;;218 Philip G. Hoffman Hall;Houston;Texas;77204-3058;United States of America
email;internet:derekr@tlc2.uh.edu
title:Linux Cluster Administrator
tel;work:7137433361
tel;fax:7137433376
tel;home:7138191303
tel;cell:7138191303
x-mozilla-html:TRUE
url:http://www.tlc2.uh.edu
version:2.1
end:vcard