[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Proofed slapd.conf + *.ldif example ??
<quote who="Murat Ünalan">
> I checked the "Admin Guide" and failed getting openLDAP version
> 2.0.19 work. Before boring everyone with my explicit problems:
>
> Does anybody have a slapd.conf in combination with an *.ldif file
> for me (which are proofed to be working)?!
you can find mull.schema on the net, search for netscape
roaming with ldap. if you don't need/want roaming, take out
the include for mull.schema and remove the roaming entries
below.
here is one i setup last night, which works for me:
# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.7 2001/09/27
20:00:31 kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /usr/local/openldap/etc/openldap/schema/core.schema
include /usr/local/openldap/etc/openldap/schema/cosine.schema
include /usr/local/openldap/etc/openldap/schema/nis.schema
include
/usr/local/openldap/etc/openldap/schema/inetorgperson.schema
include /usr/local/openldap/etc/openldap/schema/misc.schema
include /usr/local/openldap/etc/openldap/schema/mull.schema
pidfile /usr/local/openldap/var/slapd.pid
argsfile /usr/local/openldap/var/slapd.args
loglevel 256
schemacheck on
#######################################################################
# ldbm database definitions
#######################################################################
database ldbm
directory /usr/local/openldap/var/ldap
suffix "o=linuxpowered,c=us"
rootdn "cn=admin,o=linuxpowered,c=us"
rootpw secret
# Indices to maintain
index cn,sn,uid pres,eq,sub
index objectClass eq
lastmod on
access to *
by dn="cn=admin,o=linuxpowered,c=us" write
by self write
by * read
BASE.LDIF
dn: o=linuxpowered,c=us
objectClass: organization
o: linuxpowered
dn: cn=admin,o=linuxpowered,c=us
objectClass: organizationalRole
objectClass: simpleSecurityObject
cn: admin
description: LDAP administrator
userPassword: {MD5}RDRNn4VQY+q2bmOEtzPnVg==
(the password there is 'slapd')
once you add that BASE.LDIF then remove the 'rootpw'
from slapd.conf and restart slapd. from then on use
'slapd' as the password. you can change it later to
something else if you want, i kept it simple for testing
purposes.
then a basic entry for LDIF:
accounts.LDIF:
dn: ou=People,o=linuxpowered,c=us
objectClass: organizationalUnit
ou: People
dn: ou=Roaming,o=linuxpowered,c=us
objectClass: organizationalUnit
ou: Roaming
dn: ou=Group, o=linuxpowered,c=us
objectClass: top
objectClass: organizationalUnit
ou: Group
dn: cn=Jorge Jetson, ou=People, o=linuxpowered, c=us
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
objectClass: organizationalPerson
objectClass: inetLocalMailRecipient
uid: jorgej
cn: Jorge Jetson
sn: Jetson
givenName: Jorge
title: System Administrator
departmentNumber: Information Technology
userPassword: {MD5}aEaBZG/SVbRccU/UYbzxCg==
telephoneNumber: 000-000-1234
facsimileTelephoneNumber: 000-111-1234
mobile: 000-000-1234
postalAddress: My address
labeledURI: http://portal.aphroland.org
mail: myemailaddress@onmyserver.com
mailLocalAddress: myemail@addressonmyserver.com
mailRoutingAddress: my@routing.emailaddressonmyserver.com
mailHost: portal.aphroland.org
loginShell: /bin/bash
uidNumber: 3001
gidNumber: 3001
homeDirectory: /home/jorgej
gecos: Jorge Jetson
description: System Admin
l: My location
dn: cn=jorgej,ou=Group,o=linuxpowered,c=us
objectClass: posixGroup
objectClass: top
cn: jorgej
gidNumber: 3001
dn: nsLIProfileName=Jorge Jetson,ou=Roaming,o=linuxpowered,c=us
objectClass: top
objectClass: nsLIProfile
nsLIProfileName: jorgej
owner: cn=Jorge Jetson,ou=People,o=linuxpowered,c=us
hope this helps. ldap isn't easy, something that is badly
needed is more examples. it took several hours of trial
and error and research to get the above working to
the point that i have a basic understanding. too much
info on LDAP is generalized, on what kind of information,
more info is needed on how to accomplish specific tasks
using LDAP. I hope to write a page on doing this in the
comming weeks.
nate