I am trying to setup Openldap version 2.0.23-4 that came
with Red Hat. I have modified the slapd.conf file. When I try to use ldapadd to
add entries to the database I get an ldap_add:operations error. message. The command that I am using is: ldapadd –v –f /usr/ldap/add.ldif –x
–D “cn=Manager, o=CSU, c=US” -W The entire output from that command is Adding new entry “O=csu, C=us” Ldap_add: Operations error My ldif file is: ##################### dn: O=csu,C=us objectClass: dcObject objectClass: organization o: AdminServ o: csu dn: cn=Manager,o=csu,c=us objectClass: organizationalRole cn: Manager My Slapd.conf file is ################# # $OpenLDAP:
pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.7 2001/09/27 # # See slapd.conf(5) for details on
configuration options. # This file should NOT be world readable. # include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/redhat/rfc822-MailMember.schema include /etc/openldap/schema/redhat/autofs.schema include /etc/openldap/schema/redhat/kerberosobject.schema # Define global ACLs to disable default
read access. # Do not enable referrals until AFTER you
have a working directory # service AND an understanding of
referrals. #referral ldap://root.openldap.org #pidfile //var/run/slapd.pid #argsfile //var/run/slapd.args # Create a replication log in /var/lib/ldap
for use by slurpd. #replogfile /var/lib/ldap/master-slapd.replog # Load dynamic backend modules: # modulepath /usr/sbin/openldap # moduleload back_ldap.la # moduleload back_ldbm.la # moduleload back_passwd.la # moduleload back_shell.la # # The next two lines allow use of TLS for connections
using a dummy test # certificate, but you should generate a
proper certificate by changing to # /usr/share/ssl/certs, running "make
slapd.pem", and fixing permissions on # slapd.pem so that the ldap user or group
can read it. # TLSCertificateFile
/usr/share/ssl/certs/slapd.pem # TLSCertificateKeyFile
/usr/share/ssl/certs/slapd.pem # # Sample Access Control # Allow
read access of root DSE # Allow
self write access # Allow
authenticated users read access # Allow
anonymous users to authenticate # #access to dn="" by * read #access to * # by
self write # by
users read # by
anonymous auth # # if no access controls are present, the
default is: # Allow
read by all # # rootdn can always write! ####################################################################### # ldbm database definitions ####################################################################### database ldbm #suffix "dc=csuniv,dc=edu" suffix "o=CSU,c=US" #rootdn "cn=Manager,dc=csuniv,dc=edu" rootdn "cn=Manager,o=CSU,c=US" # Cleartext passwords, especially for the
rootdn, should # be avoided. See slappasswd(8) and slapd.conf(5) for
details. # Use of strong authentication encouraged. rootpw <removed> # rootpw {crypt}ijFYNcSNctBYg # The database directory MUST exist prior to
running slapd AND # should only be accessible by the
slapd/tools. Mode 700 recommended. directory /usr/ldap # Indices to maintain index objectClass,uid,uidNumber,gidNumber,memberUid eq index cn,mail,surname,givenname eq,subinitial # Replicas to which we should propagate
changes #replica host=ldap-1.example.com:389
tls=yes # bindmethod=sasl
saslmech=GSSAPI # authcId=host/ldap-master.example.com@EXAMPLE.COM Any Ideas? John |