[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Problem with ldapadd, SASL, KRB using LDAPv3 from Turbo Fredrikson
Hello !
My Platform : RHat 7.2 (with updated SASL...)
I followed Turbo's howto about LDAP/SSL/KRB... (thanx a lot and
congratulation to him)
I've done a fresh install on a new server with no entries into LDAP
directory.
All the tests described in this howto were successful (with ldapsearch...)
The problem i have is to insert entries into LDAP.
when i do:
kinit ldapadm
...
ldapadd -I -f ldif_base.txt
the answer is :
SASL/GSSAPI authentication started
SASL Interaction
Please enter your authorization name: [ENTER]
SASL SSF: 56
SASL installing layers
adding new entry "dc=voie,dc=lactee"
ldap_add: Insufficient access
ldif_record() = 50
____________________________________________________________
MY SLAPD.CONF file
# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.7 2001/09/27 20:00:31
kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/redhat/rfc822-MailMember.schema
include /etc/openldap/schema/redhat/autofs.schema
include /etc/openldap/schema/redhat/kerberosobject.schema
include /etc/openldap/schema/krb5-kdc.schema
schemacheck on
TLSCertificateFile /etc/openldap/server.pem
TLSCertificateKeyFile /etc/openldap/server.pem
TLSCACertificateFile /etc/openldap/server.pem
sasl-realm VOIE.LACTEE
sasl-host kerberos.voie.lactee
#######################################################################
# ldbm database definitions
#######################################################################
database ldbm
suffix "dc=voie, dc=lactee"
directory "/var/lib/ldap/voielactee"
# sauvegarde de l'heure à laquelle les entrées sont modifiées
lastmod on
# Indexes
index default pres,eq
index objectClass,uid,uidnumber,gidnumber,cn
index mail eq
# Gestion des droits d'accès dans un fichier à part...
include "/etc/openldap/slapd.access"
____________________________________________________________________________
_
My SLAPD.ACCESS (i know, very simple but i'm trying to find the answer)
# Fichier de configuration des ACL
# sur les entrées de l'annuaire LDAP
# The admin dn has full write access
access to *
by dn="uid=ldapadm.+\+realm=VOIE.LACTEE" write
by * read
___________________________________________________________________
My LDIF_BASE.LDIF file (very simple also....)
dn: dc=voie,dc=lactee
objectClass: organization
objectClass: dcObject
o: voie lactee
dc: voie
Thanx for your support !