[Date Prev][Date Next]
Re: ldap auth does not works after openldap upgrade
- To: Andrew Findlay <firstname.lastname@example.org>
- Subject: Re: ldap auth does not works after openldap upgrade
- From: Leonardo Carneiro <email@example.com>
- Date: Tue, 15 Feb 2011 11:13:03 -0200
- Cc: firstname.lastname@example.org
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=jkfxNQDCCjVvwJTaTbwl2c7z6vY9NkXHJ0BCKKS2DZs=; b=E37fz+q6w8H8B5rKH/QqI9E2CGxO/ABuPospaN0VmhM/sPnJFCpgeH2abQXIp56nzp WIaVXjCz/nbIIu8BOPFwYbtFlxcwpgobEB0pzaG8F4MuTkTWDwv/ZhShUO2ElgeyPt8H 5hrzrTXCCb6z8MYHFFQtVjNQwHyGvToSN7kTM=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=PoHycXcrHUZ18CruLhgdDtKzW7l4zO91cEPxK1wqqxeg27++0b184LRw3Z7fhtShPJ jOhcWYIgV8KW8a23dnOSDh0kScHWB6fC27noXwptbZCTiEXsK+H45+ApPu3l8A5C8VkT NVQMRUAO+nnBzfxlpLPuZoOxM6jHGyQgzCHnk=
- In-reply-to: <20110215122400.GD22964@slab.skills-1st.co.uk>
- References: <AANLkTikfMLBJs2BRZJ46Sbj7WjZykWK1YC1ywU2LvL9g@mail.gmail.com> <20110215122400.GD22964@slab.skills-1st.co.uk>
On Tue, Feb 15, 2011 at 10:24 AM, Andrew Findlay
> It sounds as if there is no data in the LDAP server.
> Debian Lenny seems to use OpenLDAP 2.4.11 with db4.2
> I suspect that Squeeze uses later versions of both, so it is very
> unlikely to be able to read the original database files.
> I do not know what the Lenny->Squeeze update process does with LDAP
> data - I would hope that it creates an LDIF and re-imports it, but in
> your case something has obviously gone wrong.
> You should look in the logs for complaints at startup time which might
> give some clues. If you do not find any logs, try adding '-d 768' to the
> slapd startup command to make it log to stdout.
> As your server appears to be running, you could check that it has your
> suffix configured:
> ldapsearch -x -LLL -b '' -s base '(objectclass=*)' namingcontexts
> If my guess about DB files is right, you will need to re-load the data
> from an LDIF backup file. Something like this:
> Stop the server
> Preserve the existing database files somewhere safe
> Create a new empty database (i.e. an empty DB directory,
> possibly with a DB_CONFIG file in it)
> Load the LDIF file using slapadd (do this as the openldap user)
> Start the server
The ldapsearch you gave me returned the following output:
chester@reploid:~$ ldapsearch -h ldap.server -x -LLL -b '' -s base
I think It's ok, cause that's precisely the root of my ldap tree.
Just another info: when I was on the root shell and tried to change to
another user, i did changed, but i gave some errors:
fileserver:~# su - lscarneiro
I have no name!@fileserver:~$ whoami
whoami: cannot find name for user ID 1130
but than i read this link that dan gave me:
and installed the libnss-ldapd and libpam-ldapd packages as
recommended. but now i can't even 'su' to my username:
fileserver:~# su - lscarneiro
Unknown id: lscarneiro
It's seems that the unix and samba database have lost their sync. I'll
try to execute the backup/restore in a new db dir as you said and post
the results here. This backup need to be from a point before the
upgrade or a can simple get a dump of the actual database?
Sorry for my poor english.