[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: absolutely frustrated

To: Craig White <craigwhite@azapple.com>
Subject: Re: absolutely frustrated
From: Ron Chmara <ron@Opus1.COM>
Date: Sat, 16 Jun 2001 12:07:34 -0700
Cc: openldap-software <openldap-software@OpenLDAP.org>
In-reply-to: <992713850.3b2b9c7ad6df1@barney.azapple.com>

On Saturday, June 16, 2001, at 10:50 AM, Craig White wrote:

I can't believe that I can work it this long and still cannot have any
success...
ldapsearch -L -b "o=Azapple,c=us" -x
No such object (32)
# numResponses: 1


No records with that object.

per suggestions, my slapd.conf is...
kurt Exp $
include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/redhat/rfc822-MailMember.schema
include         /etc/openldap/schema/redhat/autofs.schema
include         /etc/openldap/schema/redhat/kerberosobject.schema
access to * by * read
pidfile /var/run/slapd.pid
database ldbm
suffix          "dc=azapple,dc=com"
directory /var/lib/ldap
rootdn          "o=Azapple,c=US"
#rootdn         "cn=Manager,dc=azapple,dc=com"

My mistake. If you're using the suffix of "dc=azapple,dc=com", the rootdn should have that suffix.

rootpw          secret
index cn,sn,uid pres,eq,sub
index objectClass pres,eq

The below would need to be added as a record, not appended to the conf file.

dn:     o=Azapple,c=US
objectclass:    top
objectclass:    organization

I think you may be confused .... frustration does that :-( Here's a breif overview about how the conf files, records etc. all fit together.

Ldap works like a tree. Your suffix is the trunk. This trunk must be in the conf file: suffix "dc=azapple,dc=com"

and it must be added as an ldif record to the directory, as well... -------------------- dn: dc=azapple, dc=com objectclass: dcObject objectclass: organization o: AZ Apple Consulting dc: azapple ------------------- You must also have an admin branch, this is often the first branch off the trunk. It must be in the conf file: rootdn "cn=Manager,dc=azapple,dc=com" rootpw secret

And added as an ldif record:
---------------------
dn: cn=Manager,dc=azapple,dc=com
objectclass: organizationalRole
cn: Manager
---------------------

After you have those basic records in there, you should be able to add other records with ldapadd. For each "branch" you add, you will need to add a record, and each "leaf" need a record as well.

For example, this branch would need to be added:
---------------
dn: ou=Children,dc=azapple,dc=com
objectclass: organizationalunit
ou: Children
--------------
Before adding these leaves:
--------------
dn: givenname=Jennifer,ou=Children,dc=azapple,dc=com
objectclass=organizationalPerson
objectclass=InetOrgPerson
givenname: Jennifer
sn: White
cn: Jennifer Whilte
ou: Children

dn: givenname=Holly,ou=Children,dc=azapple,dc=com
objectclass=organizationalPerson
objectclass=InetOrgPerson
givenname: Holly
sn: White
cn: Holly Whilte
ou: Children
---------------

Now, since you can't add/edit/search records until the conf file is working....(they sort of bootstrap eachother) let's back up, and have another look at: http://www.openldap.org/doc/admin/quickstart.html

Starting at step 8, your conf file would be as follows:: -------------------------------------- # $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.4 2000/08/26 17:06:18 kurt Exp $ # include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/redhat/rfc822-MailMember.schema include /etc/openldap/schema/redhat/autofs.schema include /etc/openldap/schema/redhat/kerberosobject.schema # access to * by * read # pidfile /var/run/slapd.pid # database ldbm suffix "dc=azapple,dc=com" directory /var/lib/ldap rootdn "cn=Manager,dc=azapple,dc=com" rootpw secret

Step 9 (make sure slapd is running, then):
$ ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts

Should return:
dn:
namingContexts: dc=azapple,dc=com

This verifies that your conf file is ready, even if you have *no* records.

Step 10, make a file named "azapple.ldif":
dn: dc=azapple,dc=com
objectclass: dcObject
objectclass: organization
o: AZ Apple Consulting
dc: azapple

dn: cn=Manager,dc=azapple,dc=com
objectclass: organizationalRole
cn: Manager

And add it:
ldapadd -x -D "cn=Manager,dc=azapple,dc=com" -W -f azapple.ldif

Step 11:
ldapsearch -x -b 'dc=azapple,dc=com' '(objectclass=*)

(Which is where you're stuck, right?)

-Ronabopintucson

--2D426F70|759328624|00101101010000100110111101110000 ron@opus1.com, 520-326-6109, http://www.opus1.com/ron/ The opinions expressed in this email are not necessarily those of myself, my employers, or any of the other little voices in my head.

Follow-Ups:
- Re: absolutely frustrated
  - From: Craig White <craigwhite@azapple.com>

References:
- Re: absolutely frustrated
  - From: Craig White <craigwhite@azapple.com>

Prev by Date: Re: access control help
Next by Date: Re: nscd
Index(es):
- Chronological
- Thread