Re: Configuring OpenLDAP on Ubuntu 9.10 [using slapd.conf??]

[Shamika Joshi <shamika.joshi@gmail.com>]

Thank you guys for your help! I'll try my way through it.

One more question here, i have a old working slapd.conf file from a RHEL server, if I want to same slapd.conf file & provide its path in /etc/default/slapd as SLAPD_CONF=/etc/ldap/slapd.conf should that work? Or should I need to make more changes? 
Has anyone done this before? Any articles you may want to suggest I should go through to achieve this?

Thanks
Shamika

On Tue, Mar 30, 2010 at 5:43 PM, Matt Kassawara <mkassawara@gmail.com> wrote:

Starting with Ubuntu Karmic (9.10), the slapd package changed from creating a typical LDAP administrator account (i.e., username and password) to using LDAPI and SASL EXTERNAL which automatically provides LDAP administrator access via the system root account.  As root, run your LDAP utilities with "-Y external -H "ldapi:///" instead of "-x", "-D", and "-W" where appropriate.  For example, to search your LDAP directory:

ldapsearch -Y external -H "ldapi:///" -b dc=domain,dc=com

I'm not sure why the Ubuntu Server Guide for 9.10 did not get updated to reflect these changes, but if you search the web for "ubuntu sasl external" you'll get quite a few hits on the issue.  You may also want to read these bugs when configuring clients:

https://bugs.launchpad.net/bugs/423252

https://bugs.launchpad.net/bugs/427842

Matt

On 3/30/10 4:04 AM, Shamika Joshi wrote:

I have followed following article to install/configure OpenLDAP on
Ubuntu Server 9.10
https://help.ubuntu.com/9.10/serverguide/C/openldap-server.html

There is no slapd.conf in picture here instead running "dpkg-reconfigure
slapd" should come up with following Wizard (got this after running
through numerous articles on this)

*Wizard steps:*

  1. *omit openldap server configuration? – no*
  2. *dns domain name? vm.example.org <http://vm.example.org>*
  3. *organization name? myCompany*
  4. *database backend to use? hdb*
  5. *do you want the database to be removed when slapd is purged? yes*
  6. *may be the question: move old database? yes*
  7. *administrator password? the same one as entered during installation*
  8. *confirm password? see last step*
  9. *allow LDAPv2 protocol? no*

However in my installation wizards asks
*
Omit OpenLDAP server configuration?    No
 Do you want the database to be removed when slapd is purged? No
 Allow LDAPv2 protocol? No
 Creating initial slapd configuration... done.
Starting OpenLDAP: slapd.

*Has anyone attempted this before? What I'm missing here? Could someone
like to pitch in for some help?

So when I run "ldapsearch -x" it gives me following output

admins@x6:/etc/ldap$ ldapsearch -x
# extended LDIF
#
# LDAPv3
# base <> (default) with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# search result
search: 2
result: 32 No such object

# numResponses: 1


where is should give the output like

# extended LDIF
#
# LDAPv3
# base  (default) with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

#vm.example.org  <http://vm.example.org>

dn: dc=vm,dc=example,dc=org
objectClass: top
objectClass: dcObject
objectClass: organization
o: myCompany
dc: vm

# admin,vm.example.org  <http://vm.example.org>

dn: cn=admin,dc=vm,dc=example,dc=org

objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator

# search result
search: 2
result: 0 Success

# numResponses: 3
# numEntries: 2



Thanks
Shamika