|
Fixed!
I'm sorry for my unexpertise but I was modifying
the wrong slapd.conf
Thanks again for all,
----- Original Message -----
Sent: Tuesday, May 07, 2002 4:09 PM
Subject: RE: Still with the initial
namingContexts: dc=my-domain,dc=com
Still with the problem. I'll summarize trying to
help:
- OpenLdap installed (up to make install):
OpenLdap 2.0.23 over Solaris
- got secret in MD5 and put into the slapd.conf
- slapd.conf changed to:
...
database
ldbm
suffix
"o=SIU"
rootdn
"cn=Manager,o=SIU"
# Cleartext passwords, especially for the rootdn,
should
# be avoid. See slappasswd(8) and slapd.conf(5) for
details.
# Use of strong authentication
encouraged.
rootpw
{MD5}Xr4ilOzQ4PCOq3aQ0qbuaQ==
# The database directory MUST exist prior to
running slapd AND
# should only be accessible by the slapd/tools. Mode 700
recommended.
directory
/export/home/prueba/PROXY_IPLANET/bin1/nsapi/pruebas/binopenldap/var/openldap-ldbm
#
Indices to maintain
index
MSISDN
pres,eq,sub
index objectClass
eq
- slapd started: su , ./slapd -d -1
- exec ldapsearch: ldapsearch -x -D 'cn=Manager,o=SIU' -w secret
- got following error: ldap_bind: Invalid credentials
- the slapd debug shows errors:
ldap_read: want=1, got=1
0000:
30
0
ldap_read: want=1, got=1
0000:
22
"
ldap_read: want=34, got=34
0000: 02 01 01 60 1d 02 01
03 04 10 63 6e 3d 4d 61 6e ...`......cn=Man
0010: 61 67 65 72 2c 6f 3d 53 49 55 80 06 73 65 63 72
ager,o=SIU..secr
0020: 65
74
et
ber_get_next: tag 0x30 len 34 contents:
ber_dump: buf=0x00105fa8
ptr=0x00105fa8 end=0x00105fca len=34
0000: 02 01 01 60 1d 02
01 03 04 10 63 6e 3d 4d 61 6e ...`......cn=Man
0010: 61 67 65 72 2c 6f 3d 53 49 55 80 06 73 65 63
72 ager,o=SIU..secr
0020: 65
74
et
ber_get_next
ldap_read: want=1 error=Resource
temporarily unavailable
ber_get_next on fd 7 failed errno=11 (Resource
temporarily unavailable)
do_bind
ber_scanf fmt ({iat)
ber:
ber_dump: buf=0x00105fa8 ptr=0x00105fab end=0x00105fca
len=31
0000: 60 1d 02 01 03 04 10 63 6e 3d 4d 61 6e 61
67 65 `......cn=Manage
0010: 72 2c 6f 3d 53
49 55 80 06 73 65 63 72 65 74
r,o=SIU..secret
ber_scanf fmt (o}) ber:
ber_dump:
buf=0x00105fa8 ptr=0x00105fc2 end=0x00105fca len=8
0000: 80 06
73 65 63 72 65
74
..secret
do_bind:
version=3 dn="cn=Manager,o=SIU" method=128
conn=1 op=0 BIND
dn="CN=MANAGER,O=SIU" method=128
send_ldap_result: conn=1 op=0
p=3
send_ldap_result: 49::
send_ldap_response: msgid=1 tag=97
err=49
ber_flush: 14 bytes to sd 7
0000: 30 0c 02 01 01 61
07 0a 01 31 04 00 04 00
0....a...1....
ldap_write: want=14, written=14
0000: 30 0c 02 01 01 61 07 0a 01 31 04 00 04
00
0....a...1....
conn=1 op=0 RESULT tag=97 err=49
text=
daemon: select: listen=6 active_threads=1 tvp=NULL
daemon:
activity on 1 descriptors
daemon: activity on: 7r
daemon: read activity
on 7
connection_get(7)
connection_get(7): got
connid=1
connection_read(7): checking for input on
id=1
ber_get_next
ldap_read: want=1, got=0
ber_get_next on fd 7 failed errno=0 (Error
0)
connection_read(7): input error=-2 id=1,
closing.
connection_closing: readying conn=1 sd=7 for
close
connection_close: conn=1 sd=7
daemon: removing 7
conn=-1 fd=7
closed
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon:
activity on 1 descriptors
daemon: select: listen=6 active_threads=0
tvp=NULL
Thankx for all,
----- Original Message -----
Sent: Tuesday, May 07, 2002 3:41
PM
Subject: AW: Still with the initial
namingContexts: dc=my-domain,dc=com
Also I think you must use a encrypted password no cleartext password
for rootdn use slappasswd -h "{MD5}" -s "secret" to encrypt the
password and paste it to slapd.conf.
With all entries ofthe DIT i mean you become all you entry of your
Database
Invalid credentials means something is wrong in your bind your
password or the rootdn ???
Is it that before all there's the first
step?,
ldapsearch -x -D 'cn=Manager,o=SIU' -w secret
What do you mean with than you must become all
entries of your DIT?
Anyway, if I exec ldapsearch -x -D
'cn=Manager,o=SIU' -w secret I get
:
ldap_bind:
Invalid credentials
I'm working with Solaris, and OpenLdap
2.0.23, do I need a patch?
Thanks for all,
Sent: Tuesday, May 07, 2002 3:23
PM
Subject: AW: Still with the initial
namingContexts: dc=my-domain,dc=com
make search with ldapsearch -x -D 'cn=Manager,o=SIU' -w secret
than you must become all entries of your DIT
If you want to search for attribute you can use
Filter
ldapsearch -x -D 'cn=Manager,o=SIU' -w secret "Here come
the Filter" and here you can place attribute that returned
example
ldapsearch -x -D 'cn=Manager,o=SIU' -w secret
"(&(cn=Peter)( objectclass=person))" cn sn
userPassword
this search would give you back cn, sn userPassword of the
matched person
Hope it will helps
regards
Ferruh
Hello,
I'm starting with OpenLDAP and followed
the Quick Start Guide, everything went Ok,
I've changed the slapd.conf
to:
database
ldbm
suffix
"o=SIU"
rootdn
"cn=Manager,o=SIU"
# Cleartext passwords, especially for the
rootdn, should
# be avoid. See slappasswd(8) and
slapd.conf(5) for details.
# Use of strong authentication
encouraged.
rootpw
secret
# The database directory MUST exist prior to running slapd
AND
# should only be accessible by the slapd/tools. Mode 700
recommended.
directory
/export/home/prueba/PROXY_IPLANET/bin1/nsapi/pruebas/binopenldap/var/openldap-ldbm
#
Indices to maintain
index
MSISDN
pres,eq,sub
index objectClass
eq
And created a database with slapadd. It
all worked fine (I checked it with slapcat and the output equalled my
.ldif).
However, if I execute: ldapsearch -s base
'(objectclass=top)' namingContexts, I still get the
initial:
dn:
namingContexts:
dc=my-domain,dc=com
What am I doing wrong?,
Thanks in advance,
|