[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap auth does not works after openldap upgrade

Andrew Findlay wrote:
On Tue, Feb 15, 2011 at 05:08:43PM -0200, Leonardo Carneiro wrote:

fileserver:/etc/ldap# /usr/sbin/slapd -h ldapi:/// ldap:/// -g openldap -u
openldap -F /etc/ldap/slapd.d -d 128

Aha! Your server is using LDAP-based config so it is ignoring the config
file entirely.

Does these changes that we are making into slapd.conf really being
processed? Normally, i see just the "-F /etc/ldap/slapd.d" flag and never
the "-f /etc/ldap/slapd.conf".

I suspect the config file was converted to a config dir during the
Debian upgrade process, so the file is now being ignored.

I also suspect that there may not be a valid password set on the
cn=config suffix, so you will not be able to manage the server through
LDAP either.

Since it's starting on ldapi:/// he should just do a SASL EXTERNAL bind on ldapi:// using Unix root. Pretty sure Debian packages it with the appropriate authz-regexp already configured.

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/