[Date Prev][Date Next] [Chronological] [Thread] [Top]

newbie question

To: openldap-software@OpenLDAP.org
Subject: newbie question
From: Edward Zarecor <edward@indeterminate.org>
Date: Mon, 29 Oct 2001 18:00:34 -0500
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.5) Gecko/20011011

I've searched pretty extensively and implemented a number of suggestions, but still haven't been able to get slapd working correctly.

I'm having problems on Redhat 7.1 using the openldap-servers-2.0.11-8 rpm. Currently the daemon starts and the following test query returns successfully

ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts

version: 2

#
# filter: (objectclass=*)
# requesting: namingContexts
#

#
dn:
namingContexts: dc=myorg,dc=org

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1


However, I'm unable to add records to the database using the command:

ldapadd -D "cn=admin,dc=myorg,dc=org" -W -f ./myldif.ldif

after issuing the command I get the message:

ldap_sasl_interactive_bind_s: No such attribute

This is covered briefly in the faqomatic, so I know that my Root DSE has been read, but that it contains no supportedSASLMechanism attribute. This attribute seems to be beyond the scope of the simple configuration files I've seen. So, I'd appreciate any clues.

Attempting the command while forcing simple authentication yields:

ldap_add: Insufficient access

Thanks in advance for any help.

My slapd.conf file is as follows:

#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#

include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema

schemacheck on

pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args

##
## ldbm database definitions
##

database ldbm

directory /var/lib/ldap/myorg
mode    0600

suffix "dc=myorg, dc=org"

rootdn "cn=admin, dc=myorg, dc=org"

rootpw secret

##
## Indexing
##

# Indices to maintain
index   objectClass                             eq,pres
index   uid                                     eq

### You'd do yourself a favor by indexing on those attributes users
### will be searching on.  The attributes listed below are common
### between Microsoft Outlook and Netscape Communicator 4.x
index   cn                                      eq,sub
index   mail                                    eq,pres,sub
index   givenName                               eq,sub
index   sn                                      eq,sub
index   o                                       eq,sub


##
## ACL
##

access to attr=userPassword
       by dn="cn=admin, dc=myorg, dc=org" write
       by * none

access to *
       by anonymous read
       by dn="cn=admin, dc=myorg, dc=org" write

Prev by Date: Re: ActiveDirectory and OpenLDAP
Next by Date: RE: newbie question
Index(es):
- Chronological
- Thread