[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: newbie openbsd ldap startup and slapd logging
hmmm... even though.. you're not staring slapd as any user? in any case,
start slapd with debugging on
here's a little bourne shell script that might help you
#!/bin/sh
DEBUG_MODE=256
/usr/local/bin/slapd \
-f /usr/local/etc/openldap/slapd.conf \
-h "ldap:///" \
-l local4 \
-d $DEBUG_MODE \
-u slapd -g slapd ### create this user and group in
/etc/passwd, /etc/group respectively
You must be root to do this (for logging):
1. Make backup copies of the lookup files (just in case you need them).
Namely:
* /usr/local/etc/openldap/slapd.conf
* /etc/init.d/slapd
* /usr/sbin/syslogd (make sure to transfer this in binary)
* /etc/syslog.conf
3. Move over the files we've copied from pinnacle to their respective
places EXCEPT /usr/local/etc/openldap/slapd.conf. This is only for
reference
4. Edit /etc/syslog.conf and add the following:
local4.emerg /var/log/sldap.log
local4.alert /var/log/sldap.log
local4.crit /var/log/sldap.log
local4.err /var/log/sldap.log
local4.warning /var/log/sldap.log
local4.notice /var/log/sldap.log
local4.info /var/log/sldap.log
local4.debug /var/log/sldap.log
Remember that the syslog.conf file takes the facility name <TAB>
/path/to/log (one or more tabs)
5. cd to /var/log and touch sldap.log file. This should create the
sldap.log file
6. Edit the /etc/init.d/slapd startup script file (again be wary of
spaces and extra tabs)
#! /bin/sh
#
#
# start/stop the slapd daemon
case "$1" in
'start')
# Start the slapd daemon
if [ -f
/usr/local/libexec/slapd ] ; then
echo "starting slapd"
/usr/local/libexec/slapd -p 389 -f /usr/local/etc/openldap/slapd.
conf -s 256 -l local4
fi
;;
'stop')
# Stop the slapd daemon
echo "stopping
slapd"
kill -TERM `cat
/usr/local/var/slapd.pid`
;;
esac
8. Double check the /usr/local/etc/openldap/slapd.conf file and it should
match the first 18 lines (more or less):
1 #
2 # See slapd.conf(5) for details on
configuration options.
3 # This file should NOT be world
readable.
4 #
5
include
/usr/local/etc/openldap/slapd.at.conf
6
include
/usr/local/etc/openldap/slapd.oc.conf
7 # MyCompany denfined schema
8
include
/usr/local/etc/openldap/slapd.user_at.conf
9
include
/usr/local/etc/openldap/slapd.user_oc.conf
10 schemacheck on
11 sizelimit
500
12 #referral
ldap://ldap.itd.umich.edu
13
14
pidfile
/usr/local/var/slapd.pid
15
argsfile
/usr/local/var/slapd.args
16
17
loglevel 256
9. Run the syslogd daemon if it isn't already by doing
cd /usr/sbin ; ./syslogd
10. Restart the syslogd daemon to have it re-read its configuration
file
kill -1 `/bin/cat /etc/syslog.pid`
This might complain that the syslog.pid does not exist if so repeat step
9 and 10 again for about a couple times. If after a couple of times it
still complains check to make sure that /bin/ps -ef | grep sl still
reports something similar to the following:
# /bin/ps -ef | grep sl
root 15940 1 0 08:10:43
? 0:14 /usr/local/libexec/slapd
-p 389 -f /usr/local/etc/openldap/slapd.conf -s 256 -l
root 15791 1 0 07:41:57
? 0:00 ./syslogd
10a. "Touch" a new file in /var/log
cd /var/log
touch slapd.log
11. restart the slapd daemon
/etc/init.d/slapd start
12. Check /var/log/sldap.log by logging onto your browser and typing
ldap://<HOSTNAME>/<LDAP attributes>??sub?uid=<NAME> for
example
ldap://myserver.mydomain.com/ou=People,o=MyCompany??sub?uid=myuid
13. Assuming you got everything to work you should be able to view the
log file via tail -f /var/log/sldap.log
and get results similar to the following:
May 24 09:17:46 myserver.mydomain.com slapd[15940]: conn=22 op=19 RESULT
err=0 tag=101 nentries=1
May 24 09:18:12 myserver.mydomain.com slapd[15940]: conn=69 fd=23
connection from user-2injvqj.dsl.mindspring.com (165.121.255.83)
accepted.
May 24 09:18:12 myserver.mydomain.comslapd[15940]: conn=69 op=0 BIND
dn="" method=128
May 24 09:18:12 myserver.mydomain.com slapd[15940]: unknown version
3
May 24 09:18:12 myserver.mydomain.com slapd[15940]: conn=69 op=0 RESULT
err=2 tag=97 nentries=0
At 10:41 AM 11/19/2001 -0500, you wrote:
Thanks
JM,
I've done everything as root so far until I
have a better idea how all this works together.. probably not a good
idea, but I just want to see the thing work to start. so i don't think
it's permissions. .
I'm going to try to find logging note you'd
posted. .
I don't suppose you have it handy?
cheers,
Kris.
- ----- Original Message -----
- From: Jan-Michael Ong
- To: Kris McKay
- Cc:
openLDAP-software@OpenLDAP.org
- Sent: Monday, November 19, 2001 10:29 AM
- Subject: Re: newbie openbsd ldap startup
- Check your database permissions. Normally that's the reason why it can't add. If its other than that check the logs... I posted a note before on how to do the logging its pretty tricky but you'll have to restart syslogd and edit /etc/syslog.conf and start slapd with -s local4. Please check the man page on openldap.
- jm ^_^
- At 10:12 AM 11/19/2001 -0500, you wrote:
- I need help desperately..
-
- I'm tryind to get qmial-ldap setup, but I can't get past the initial install for ldap.
- I've installed openldap 2.0.18 on OpenBSD 2.9. The 'make tests' all passed with no problems.. I can start slapd, but I get the following error everytime I try to do anything.
-
- ldap_init( localhost, 0 )
- ldap_bind: Can't contact LDAP server
-
- When I 'ps -aux' I can see that slapd is running. I'm using the default slapd.conf exactly as it comes with the following command to add a record.
-
- ldapadd -vxc -h localhost -D "cn=manager,dc=my-domain,dc=com" -w secret -f ldap.ldif
-
- The the contents of ldap.ldif is:
-
- dn: dc=my-domain, dc=com
- objectclass: top
-
- dn: ou=qmail, dc=my-domain, dc=com
- objectclass: top
- objectclass: organizationalUnit
- ou: qmail
- There's probably a typical rookie flaw in here somewhere, but I haven't been able to find anything online to help..
- Thanks in advance..