Re: setting up admin password on openldap

[Michael Ströder <michael@stroeder.com>]

Naufal Sheikh wrote:
> 
> I compiled and installed openldap version 2.2.20

Why the hell are you using such an ancient version?

If you're already building yourself why didn't you use recent stable
version 2.3.3x?

> The only catch being that I was never asked to
> supply any password during the installation,

It does not work like that.

> which some of the posts in the mailing list suggested.

I doubt that anyone here claimed that 'make install' asks for a password.

> I have a running version of 2.2.20 on Solaris 8.0.

So watch out for rootdn and rootpw in the file slapd.conf.

> I first copied all of the slapd.conf from solaris server file to my red
> hat server, but the slapd gave errors and was not able to start initially.

If you don't provide the exact error message noone will be able to help.

> I then used slapcat on my production system to generate an ldif which I
> imported on red hat server using slapadd. I had few errors about the
> syntax of "clientOrg" attribute being not correct, but those entries
> contained the extended character set in their values and I deleted them
> from the ldif file till I was able to import all the ldif from the
> production system to red hat server.

Do you really know what you're doing? I bet "clientOrg" is a custom
schema. Who defined that? Isn't the data therein important for you?

> Now as Piotr suggested that
> after creating a password I can hash the rootpw line again, so that the
> authentication can be done using only the passwords in the database. So
> using slappasswd i generated a hash value of the password and copied it
> into the slapd.conf. While slapd starts fine it still cannot connect to
> ldap using the supplied credentials saying invalid credentials.

Does your LDIF contain an entry with attribute "userPassword" for the
"rootdn" in slapd.conf? Maybe try changing rootdn in slapd.conf to
something else and try with that one.

Ciao, Michael.