[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: can't delete entries



The problem your having is that ldapdelete doesn't take the same format
file as ldapadd.  The format of the file is just one DN per line:

eg

uid=user1,o=top
uid=user2,o=top
etc..

not

dn: uid=user1,o=top
dn: uid=user2,o=top
etc...

and not

dn: uid=user1,o=top
objectclass: posixAccount
uid: user1
etc

Hope this helps.

Aaron

Quoting Justin Georgeson <jgeorgeson@unboundtech.com>:

> I imported /etc/hosts and /etc/passwd with the PADL tools. So far so 
> good. I was able to log in on another machine authenticating against 
> this. I'm still in my testing out everything phase, so I tried to
> delete 
> stuff. Specifically, I tried to run ldapdelete with the same
> credentials 
> and ldif file I used to ldapadd hosts. This is the error I get
> 
> ldap_bind: Invalid DN syntax
>          additional info: invalid DN
> 
> So I doublechecked the binddn I gave with -D against the rootdn in 
> /etc/openldap/slapd.conf, looked fine. The only thing I found in the
> FAQ 
> was this
> 
> http://www.openldap.org/faq/data/cache/231.html
> 
> But I'm not sure what to do with that information. Here's my access 
> config from /etc/openldap/slapd.conf
> 
> access to attr=userPassword
>          by self write
>          by anonymous auth
>          by dn="cn=sysadm,dc=unboundtech,dc=com" write
>          by * none
> access to *
>          by self write
>          by dn="cn=sysadm,dc=unboundtech,dc=com" write
>          by * read
> 
> I think the addition of the rootdn explicitly is redundant though.
> 
> Separate question, RedHat's authconfig added ldap for a bunch of things
> 
> other than passwd, stuff like services and protocols and stuff. I
> hadn't 
> thought that would have been necessary (since I only had hosts and 
> passwd in my LDAP database anyway) so I removed ldap from those extra
> 
> ones. I can't log in anymore via ssh or serial console, not even with a
> 
> local account. Any ideas there? I may have stopped/started the LDAP 
> server somewhere in there, but I would have thought a client machine 
> only hit the LDAP during authentication.
> 
> -- 
> Justin Georgeson
> UnBound Technologies, Inc.
> http://www.unboundtech.com
> Main   713.329.9330
> Fax    713.460.4051
> Mobile 512.789.1962
> 
> 5295 Hollister Road
> Houston, TX 77040
> Real Applications using Real Wireless Intelligence(tm)
> 
> 




-----------------------------------------------------------------
Secure Webmail sent through: Echostar Solutions - www.echostar.ca