[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: RESOLVED: ldapsearch returns dreaded 'no such object'



lør, 2002-08-03 kl. 03:31 skrev Steve Johnson:

> thanks to everyone that e-mailed me "newbie" suggestions off-list.  i 
> got sidetracked on another project and finally got back to trying 
> this out.  it turns out i was doing two things wrong:

> 1) i had to change the owner of "/usr/local/var/openldap-ldbm" and 
> the files inside to be "ldap" instead of "root" since slapd was 
> running as "ldap".  IMHO this should have been done by the "make 
> install" command, but maybe there are other factors i don't 
> understand.  since an older version of OpenLDAP was already installed 
> i think certain things had been done that normally aren't done when 
> installing from source.

> 2) i had to use ldapadd instead of slapadd.  now that i've done it 
> the instructions make much more sense, but essentially i took these 
> lines out of the LDIF file and loaded them with slapadd (while slapd 
> wasn't running):

At this point I'd like to comment that:

Many things that work for others with 2.1.3/PADL
pam_ldap/nss_ldap/Berkeley 4.0 don't always seem to work for me, and
vice versa. This is true as far as Steve's findings on slapadd and
ldapadd are concerned; for example, I can't get ldapadd to work
properly, whilst slapadd always works. It's not just this example
though. pam_ldap seems to work completely differently for me than for
others on this list. Openssl TLS/SSL works differently for me, too, than
examples quoted elsewhere.

Basically, I can do anything I want with Openldap that I want to at the
moment, although most of what I want is specifically confined to
"virtual users and domains, including mail forwarding and aliases with
the Exim SMTP MTA".

Though at the same time, ldap-based (as far better alternative to yukky
NIS) login accounts are important too. For these and the above things,
Openldap still - after a month or so - seems like magic after the
constraints of virgin Unix. However, I've had little help from the
examples on this list as far as PAM is concerned - it just works
differently for me :-/ ; however, everything works, and that's the main
thing.

What I said about "examples" above doesn't apply to "people". They've
been top, and their help and comments have been the main reason that
everything works. Them and Vincent Danen.

My conclusion to date, is that Openldap is a fantastic "modelling
toolset" for the averagely intelligent, goal-conscious and inquisitive
sysadmin. But it's far from being a saleable "product". I would rather
define it as "an anarchistic set of building blocks, with no hard and
fast rules (or rather, rules that can be bent and twisted according to
one's own desires and system requirements), to create practically any
Unix administrative environment that one wishes to achieve." In that
respect it's rather like Exim (as opposed to, say, BIND DNS). And that
just has to be worth something.

Best,

Tony

-- 

Tony Earnshaw

The usefulness of RTFM is vastly overrated.

e-post:		tonni@billy.demon.nl
www:		http://www.billy.demon.nl
gpg public key:	http://www.billy.demon.nl/tonni.armor

Telefoon:	(+31) (0)172 530428
Mobiel:		(+31) (0)6 51153356

GPG Fingerprint = 3924 6BF8 A755 DE1A 4AD6 FA2B F7D7 6051 3BE7 B981
3BE7B981


Attachment: signature.asc
Description: Dette er en digitalt signert meldingsdel