[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Probelm of OpenLDAP/PostgreSQL
Dear,
I found the "OpenLDAP/PostgreSQL HOWTO" from OpenLDAP mailing list.
Referred this "HOWTO" I installed OpenLDAP2.1.16 and PostgreSQL7.3.
Now they can be started satisfactorily, no any error.
But ...
I defined the slapd.conf like this
--------------------------------------------------------------------------------
# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23 2002/02/02 05:23:12 kurt E
xp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
# Define global ACLs to disable default read access.
access to *
by * write
by * read
access to * by dn="cn=Admin,o=fjh,c=jp" write
#defaultaccess none
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org
pidfile /usr/local/var/slapd.pid
argsfile /usr/local/var/slapd.args
#######################################################################
# sql database definitions
#######################################################################
database sql
suffix "o=fjh,c=jp"
rootdn "cn=Admin,o=fjh,c=jp"
rootpw secret
allow bind_v2
dbname PgSQL
dbuser test
dbpasswd test
subtree_cond "upper(ldap_entries.dn) LIKE '%'||?"
insentry_query "insert into ldap_entries (id,dn,oc_map_id,parent,keyval) values
((select max(id)+1 from ldap_entries),?,?,?,?)"
upper_func "upper"
strcast_func "text"
concat_pattern "?||?"
has_ldapinfo_dn_ru no
--------------------------------------------------------------------------------
When I run "ldapsearch -h mickey -p 40389 -b "o=fjh,c=jp" "(objectClass=*)" ", I got:
--------------------------------------------------------------------------------
daemon: new connection on 8
conn=1 fd=8 ACCEPT from IP=10.131.201.143:35267 (IP=10.131.201.143:40389)
daemon: added 8r
daemon: activity on:
daemon: select: listen=7 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: activity on: 8r
daemon: read activity on 8
connection_get(8)
connection_get(8): got connid=1
connection_read(8): checking for input on id=1
ber_get_next
ldap_read: want=9, got=9
0000: 30 2f 02 01 01 63 2a 04 0a 0/...c*..
ldap_read: want=40, got=40
0000: 6f 3d 66 6a 68 2c 63 3d 6a 70 0a 01 02 0a 01 00 o=fjh,c=jp......
0010: 02 01 00 02 01 00 01 01 00 87 0b 6f 62 6a 65 63 ...........objec
0020: 74 43 6c 61 73 73 30 00 tClass0.
ber_get_next: tag 0x30 len 47 contents:
ber_dump: buf=0x000f3140 ptr=0x000f3140 end=0x000f316f len=47
0000: 02 01 01 63 2a 04 0a 6f 3d 66 6a 68 2c 63 3d 6a ...c*..o=fjh,c=j
0010: 70 0a 01 02 0a 01 00 02 01 00 02 01 00 01 01 00 p...............
0020: 87 0b 6f 62 6a 65 63 74 43 6c 61 73 73 30 00 ..objectClass0.
ber_get_next
ldap_read: want=9 error=Resource temporarily unavailable
ber_get_next on fd 8 failed errno=11 (Resource temporarily unavailable)
do_search
ber_scanf fmt ({miiiib) ber:
ber_dump: buf=0x000f3140 ptr=0x000f3143 end=0x000f316f len=44
0000: 63 2a 04 0a 6f 3d 66 6a 68 2c 63 3d 6a 70 0a 01 c*..o=fjh,c=jp..
0010: 02 0a 01 00 02 01 00 02 01 00 01 01 00 87 0b 6f ...............o
0020: 62 6a 65 63 74 43 6c 61 73 73 30 00 bjectClass0.
>>> dnPrettyNormal: <o=fjh,c=jp>
=> ldap_bv2dn(o=fjh,c=jp,0)
<= ldap_bv2dn(o=fjh,c=jp,0)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(o=fjh,c=jp,272)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(o=fjh,c=jp,272)=0
<<< dnPrettyNormal: <o=fjh,c=jp>, <o=fjh,c=jp>
SRCH "o=fjh,c=jp" 2 0 0 0 0
begin get_filter
PRESENT
ber_scanf fmt (m) ber:
ber_dump: buf=0x000f3140 ptr=0x000f3160 end=0x000f316f len=15
0000: 87 0b 6f 62 6a 65 63 74 43 6c 61 73 73 30 00 ..objectClass0.
end get_filter 0
filter: (objectClass=*)
ber_scanf fmt ({M}}) ber:
ber_dump: buf=0x000f3140 ptr=0x000f316d end=0x000f316f len=2
0000: 00 00 ..
attrs:
conn=1 op=0 SRCH base="o=fjh,c=jp" scope=2 filter="(objectClass=*)"
==>backsql_search(): base='o=fjh,c=jp', filter='(objectClass=*)', scope=2, deref
=0, attrsonly=0, attributes to load: all
==>backsql_get_db_conn()
==>backsql_open_db_conn()
daemon: select: listen=7 active_threads=1 tvp=NULL
backsql_open_db_conn(): connected, adding to tree
<==backsql_open_db_conn()
<==backsql_get_db_conn()
==>backsql_oc_get_candidates(): oc='organization'
==>backsql_srch_query()
==>backsql_process_filter()
<==backsql_process_filter()
<==backsql_srch_query()
Constructed query: SELECT DISTINCT ldap_entries.id,institutes.id,text('organizat
ion') AS objectClass,ldap_entries.dn AS dn FROM ldap_entries,institutes WHERE in
stitutes.id=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND upper(ldap_entr
ies.dn) LIKE upper(?) AND NOT ('organization' IS NULL)
dn '%O=FJH,C=JP'
<==backsql_oc_get_candidates()
==>backsql_oc_get_candidates(): oc='document'
==>backsql_srch_query()
==>backsql_process_filter()
<==backsql_process_filter()
<==backsql_srch_query()
Constructed query: SELECT DISTINCT ldap_entries.id,documents.id,text('document')
AS objectClass,ldap_entries.dn AS dn FROM ldap_entries,documents WHERE document
s.id=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND upper(ldap_entries.dn)
LIKE upper(?) AND NOT ('document' IS NULL)
dn '%O=FJH,C=JP'
<==backsql_oc_get_candidates()
==>backsql_oc_get_candidates(): oc='inetOrgPerson'
==>backsql_srch_query()
==>backsql_process_filter()
<==backsql_process_filter()
<==backsql_srch_query()
Constructed query: SELECT DISTINCT ldap_entries.id,persons.id,text('inetOrgPerso
n') AS objectClass,ldap_entries.dn AS dn FROM ldap_entries,persons WHERE persons
.id=ldap_entries.keyval AND ldap_entries.oc_map_id=? AND upper(ldap_entries.dn)
LIKE upper(?) AND NOT ('inetOrgPerson' IS NULL)
dn '%O=FJH,C=JP'
<==backsql_oc_get_candidates()
send_ldap_result: conn=1 op=0 p=3
send_ldap_result: err=0 matched="" text=""
send_ldap_response: msgid=1 tag=101 err=0
ber_flush: 14 bytes to sd 8
0000: 30 0c 02 01 01 65 07 0a 01 00 04 00 04 00 0....e........
daemon: activity on 1 descriptors
daemon: activity on: 8r
daemon: read activity on 8
connection_get(8)
ldap_write: want=14, written=14
0000: 30 0c 02 01 01 65 07 0a 01 00 04 00 04 00 0....e........
connection_get(8): got connid=1
connection_read(8): checking for input on id=1
ber_get_next
ldap_read: want=9, got=7
0000: 30 05 02 01 02 42 00 0....B.
ber_get_next: tag 0x30 len 5 contents:
ber_dump: buf=0x000b44b8 ptr=0x000b44b8 end=0x000b44bd len=5
0000: 02 01 02 42 00 ...B.
do_unbind
conn=1 op=1 UNBIND
==>backsql_unbind()
send_ldap_result: conn=1 op=1 p=3
send_ldap_result: err=0 matched="" text=""
send_ldap_response: msgid=0 tag=48 err=0
ber_get_next
ldap_read: want=9, got=0
ber_get_next on fd 8 failed errno=0 (Error 0)
connection_read(8): input error=-2 id=1, closing.
connection_closing: readying conn=1 sd=8 for close
connection_close: deferring conn=1 sd=8
daemon: select: listen=7 active_threads=2 tvp=NULL
daemon: activity on 1 descriptors
daemon: select: listen=7 active_threads=2 tvp=NULL
conn=1 op=1 RESULT tag=48 err=0 text=
<==backsql_unbind()
connection_resched: attempting closing conn=1 sd=8
connection_close: deferring conn=1 sd=8
conn=1 op=0 RESULT tag=101 err=0 text=
<==backsql_search()
connection_resched: attempting closing conn=1 sd=8
connection_close: conn=1 sd=8
==>backsql_connection_destroy()
==>backsql_free_db_conn()
backsql_free_db_conn(): closing db connection
==>backsql_close_db_conn()
<==backsql_close_db_conn()
<==backsql_free_db_conn()
<==backsql_connection_destroy()
daemon: removing 8
conn=1 fd=8 closed
--------------------------------------------------------------------------------
Or I run the command like "ldapadd -h mickey -p 40389 -D "cn=Admin,o=fjh,c=jp" -w
secret -f ./b.ldif", I got:
# ldapadd -h mickey -p 40389 -D "cn=Admin,o=fjh,c=jp" -w secret -f ./b.ldif
adding new entry o=fjh,c=jp
ldap_add_s: DSA is unwilling to perform
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
(I don't know what does it mean)
And the log is:
--------------------------------------------------------------------------------
daemon: activity on 1 descriptors
daemon: new connection on 8
conn=2 fd=8 ACCEPT from IP=10.131.201.143:35269 (IP=10.131.201.143:40389)
daemon: added 8r
daemon: activity on:
daemon: select: listen=7 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: activity on: 8r
daemon: read activity on 8
connection_get(8)
connection_get(8): got connid=2
connection_read(8): checking for input on id=2
ber_get_next
ldap_read: want=9, got=9
0000: 30 25 02 01 01 60 20 02 01 0%...` ..
ldap_read: want=30, got=30
0000: 03 04 13 63 6e 3d 41 64 6d 69 6e 2c 6f 3d 66 6a ...cn=Admin,o=fj
0010: 68 2c 63 3d 6a 70 80 06 73 65 63 72 65 74 h,c=jp..secret
ber_get_next: tag 0x30 len 37 contents:
ber_dump: buf=0x000ed078 ptr=0x000ed078 end=0x000ed09d len=37
0000: 02 01 01 60 20 02 01 03 04 13 63 6e 3d 41 64 6d ...` .....cn=Adm
0010: 69 6e 2c 6f 3d 66 6a 68 2c 63 3d 6a 70 80 06 73 in,o=fjh,c=jp..s
0020: 65 63 72 65 74 ecret
do_bind
ber_get_next
ldap_read: want=9 error=Resource temporarily unavailable
ber_get_next on fd 8 failed errno=11 (Resource temporarily unavailable)
ber_scanf fmt ({imt) ber:
ber_dump: buf=0x000ed078 ptr=0x000ed07b end=0x000ed09d len=34
0000: 60 20 02 01 03 04 13 63 6e 3d 41 64 6d 69 6e 2c ` .....cn=Admin,
0010: 6f 3d 66 6a 68 2c 63 3d 6a 70 80 06 73 65 63 72 o=fjh,c=jp..secr
0020: 65 74 et
ber_scanf fmt (m}) ber:
ber_dump: buf=0x000ed078 ptr=0x000ed095 end=0x000ed09d len=8
0000: 00 06 73 65 63 72 65 74 ..secret
>>> dnPrettyNormal: <cn=Admin,o=fjh,c=jp>
=> ldap_bv2dn(cn=Admin,o=fjh,c=jp,0)
<= ldap_bv2dn(cn=Admin,o=fjh,c=jp,0)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=Admin,o=fjh,c=jp,272)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=admin,o=fjh,c=jp,272)=0
<<< dnPrettyNormal: <cn=Admin,o=fjh,c=jp>, <cn=admin,o=fjh,c=jp>
do_bind: version=3 dn="cn=Admin,o=fjh,c=jp" method=128
conn=2 op=0 BIND dn="cn=Admin,o=fjh,c=jp" method=128
==>backsql_bind()
<==backsql_bind() root bind
conn=2 op=0 BIND dn="cn=Admin,o=fjh,c=jp" mech=simple ssf=0
do_bind: v3 bind: "cn=Admin,o=fjh,c=jp" to "cn=Admin,o=fjh,c=jp"
send_ldap_result: conn=2 op=0 p=3
send_ldap_result: err=0 matched="" text=""
send_ldap_response: msgid=1 tag=97 err=0
ber_flush: 14 bytes to sd 8
0000: 30 0c 02 01 01 61 07 0a 01 00 04 00 04 00 0....a........
ldap_write: want=14, written=14
0000: 30 0c 02 01 01 61 07 0a 01 00 04 00 04 00 0....a........
conn=2 op=0 RESULT tag=97 err=0 text=
daemon: select: listen=7 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: activity on: 8r
daemon: read activity on 8
connection_get(8)
connection_get(8): got connid=2
connection_read(8): checking for input on id=2
ber_get_next
ldap_read: want=9, got=9
0000: 30 43 02 01 02 68 3e 04 0a 0C...h>..
ldap_read: want=60, got=60
0000: 6f 3d 66 6a 68 2c 63 3d 6a 70 30 30 30 22 04 0b o=fjh,c=jp000"..
0010: 6f 62 6a 65 63 74 43 6c 61 73 73 31 13 04 03 74 objectClass1...t
0020: 6f 70 04 0c 6f 72 67 61 6e 69 7a 61 74 69 6f 6e op..organization
0030: 30 0a 04 01 6f 31 05 04 03 66 6a 68 0...o1...fjh
ber_get_next: tag 0x30 len 67 contents:
ber_dump: buf=0x000def48 ptr=0x000def48 end=0x000def8b len=67
0000: 02 01 02 68 3e 04 0a 6f 3d 66 6a 68 2c 63 3d 6a ...h>..o=fjh,c=j
0010: 70 30 30 30 22 04 0b 6f 62 6a 65 63 74 43 6c 61 p000"..objectCla
0020: 73 73 31 13 04 03 74 6f 70 04 0c 6f 72 67 61 6e ss1...top..organ
0030: 69 7a 61 74 69 6f 6e 30 0a 04 01 6f 31 05 04 03 ization0...o1...
0040: 66 6a 68 fjh
ber_get_next
ldap_read: want=9 error=Resource temporarily unavailable
ber_get_next on fd 8 failed errno=11 (Resource temporarily unavailable)
daemon: select: listen=7 active_threads=1 tvp=NULL
do_add
ber_scanf fmt ({m) ber:
ber_dump: buf=0x000def48 ptr=0x000def4b end=0x000def8b len=64
0000: 68 3e 04 0a 6f 3d 66 6a 68 2c 63 3d 6a 70 30 30 h>..o=fjh,c=jp00
0010: 30 22 04 0b 6f 62 6a 65 63 74 43 6c 61 73 73 31 0"..objectClass1
0020: 13 04 03 74 6f 70 04 0c 6f 72 67 61 6e 69 7a 61 ...top..organiza
0030: 74 69 6f 6e 30 0a 04 01 6f 31 05 04 03 66 6a 68 tion0...o1...fjh
>>> dnPrettyNormal: <o=fjh,c=jp>
=> ldap_bv2dn(o=fjh,c=jp,0)
<= ldap_bv2dn(o=fjh,c=jp,0)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(o=fjh,c=jp,272)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(o=fjh,c=jp,272)=0
<<< dnPrettyNormal: <o=fjh,c=jp>, <o=fjh,c=jp>
do_add: dn (o=fjh,c=jp)
ber_scanf fmt ({m{W}}) ber:
ber_dump: buf=0x000def48 ptr=0x000def5b end=0x000def8b len=48
0000: 30 22 04 0b 6f 62 6a 65 63 74 43 6c 61 73 73 31 0"..objectClass1
0010: 13 04 03 74 6f 70 04 0c 6f 72 67 61 6e 69 7a 61 ...top..organiza
0020: 74 69 6f 6e 30 0a 04 01 6f 31 05 04 03 66 6a 68 tion0...o1...fjh
ber_scanf fmt ({m{W}}) ber:
ber_dump: buf=0x000def48 ptr=0x000def7f end=0x000def8b len=12
0000: 30 0a 04 01 6f 31 05 04 03 66 6a 68 0...o1...fjh
ber_scanf fmt (}) ber:
ber_dump: buf=0x000def48 ptr=0x000def8b end=0x000def8b len=0
conn=2 op=1 ADD dn="o=fjh,c=jp"
==>backsql_add(): adding entry 'o=fjh,c=jp'
oc_check_required entry (o=fjh,c=jp), objectClass "organization"
oc_check_allowed type "objectClass"
oc_check_allowed type "o"
oc_check_allowed type "structuralObjectClass"
oc_check_allowed type "entryUUID"
oc_check_allowed type "creatorsName"
oc_check_allowed type "createTimestamp"
oc_check_allowed type "entryCSN"
oc_check_allowed type "modifiersName"
oc_check_allowed type "modifyTimestamp"
backsql_add(): create procedure is not defined for this objectclass - aborting
send_ldap_result: conn=2 op=1 p=3
send_ldap_result: err=53 matched="" text="operation not permitted within namingC
ontext"
send_ldap_response: msgid=2 tag=105 err=53
ber_flush: 58 bytes to sd 8
0000: 30 38 02 01 02 69 33 0a 01 35 04 00 04 2c 6f 70 08...i3..5...,op
0010: 65 72 61 74 69 6f 6e 20 6e 6f 74 20 70 65 72 6d eration not perm
0020: 69 74 74 65 64 20 77 69 74 68 69 6e 20 6e 61 6d itted within nam
0030: 69 6e 67 43 6f 6e 74 65 78 74 ingContext
daemon: activity on 1 descriptors
daemon: activity on: 8r
daemon: read activity on 8
connection_get(8)
ldap_write: want=58, written=58
0000: 30 38 02 01 02 69 33 0a 01 35 04 00 04 2c 6f 70 08...i3..5...,op
0010: 65 72 61 74 69 6f 6e 20 6e 6f 74 20 70 65 72 6d eration not perm
0020: 69 74 74 65 64 20 77 69 74 68 69 6e 20 6e 61 6d itted within nam
0030: 69 6e 67 43 6f 6e 74 65 78 74 ingContext
connection_get(8): got connid=2
connection_read(8): checking for input on id=2
ber_get_next
ldap_read: want=9, got=7
0000: 30 05 02 01 03 42 00 0....B.
ber_get_next: tag 0x30 len 5 contents:
ber_dump: buf=0x000b4458 ptr=0x000b4458 end=0x000b445d len=5
0000: 02 01 03 42 00 ...B.
do_unbind
conn=2 op=2 UNBIND
==>backsql_unbind()
send_ldap_result: conn=2 op=2 p=3
send_ldap_result: err=0 matched="" text=""
send_ldap_response: msgid=0 tag=48 err=0
ber_get_next
ldap_read: want=9, got=0
ber_get_next on fd 8 failed errno=0 (Error 0)
connection_read(8): input error=-2 id=2, closing.
connection_closing: readying conn=2 sd=8 for close
connection_close: deferring conn=2 sd=8
daemon: select: listen=7 active_threads=2 tvp=NULL
daemon: activity on 1 descriptors
daemon: select: listen=7 active_threads=2 tvp=NULL
conn=2 op=2 RESULT tag=48 err=0 text=
<==backsql_unbind()
connection_resched: attempting closing conn=2 sd=8
connection_close: deferring conn=2 sd=8
conn=2 op=1 RESULT tag=105 err=53 text=operation not permitted within namingCont
ext
connection_resched: attempting closing conn=2 sd=8
connection_close: conn=2 sd=8
==>backsql_connection_destroy()
==>backsql_free_db_conn()
<==backsql_free_db_conn()
<==backsql_connection_destroy()
daemon: removing 8
conn=2 fd=8 closed
--------------------------------------------------------------------------------
Can someone give me suggestions?
Thank you.
Best regards.
Zhang
zhang@fjh.fujitsu.com