[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: sql-backend
hi otto, pierangelo and adam,
This is my slapd.conf configuration:
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
# Define global ACLs to disable default read access.
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org
pidfile /usr/local/var/run/slapd.pid
argsfile /usr/local/var/run/slapd.args
# Load dynamic backend modules:
# modulepath /usr/local/libexec/openldap
# moduleload back_bdb.la
# moduleload back_ldap.la
# moduleload back_ldbm.la
# moduleload back_passwd.la
# moduleload back_shell.la
# Sample security restrictions
# Require integrity protection (prevent hijacking)
# Require 112-bit (3DES or better) encryption for updates
# Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64
# Sample access control policy:
# Root DSE: allow anyone to read it
# Subschema (sub)entry DSE: allow anyone to read it
# Other DSEs:
# Allow self write access
# Allow authenticated users read access
# Allow anonymous users to authenticate
# Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
# by self write
# by users read
# by anonymous auth
#
# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn. (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!
#######################################################################
# ldbm database definitions
#######################################################################
#database ldbm
#suffix "dc=my-domain,dc=com"
#rootdn "cn=Manager,dc=my-domain,dc=com"
# Cleartext passwords, especially for the rootdn, should
# be avoid. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
#rootpw secret
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
#directory /usr/local/var/openldap-data
# Indices to maintain
#index objectClass eq
##########################################################################
# BD test en MySQL
##########################################################################
database sql
# This following is for the sample database as it installs
suffix "o=sql,c=RU"
rootdn "cn=root,o=sql,c=RU"
rootpw secret
dbname test
dbuser mely
dbpasswd mely
at_query "SELECT
name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return
FROM ldap_attr_mappings WHERE oc_map_id=?"
insentry_query "insert into ldap_entries
(id,dn,oc_map_id,parent,keyval) values ((select max(id)+1 from
ldap_entries),?,?,?,?)"
upper_func "upper"
strcast_func "text"
concat_pattern "?||?"
When i come up slapd it logs this error
==>load_schema_map()
ldapinfo.dn_ru field exists in the schema
load_schema_map(): at_query 'SELECT '
load_schema_map(): objectClass 'inetOrgPerson': keytbl='persons' keycol='id'
create_proc='insert into persons (name) values ('');
select last_insert_id();'
expect_return: add=0, del=0; attributes:
load_schema_map(): autoadding 'objectClass' and 'ref' mappings
load_schema_map(): error executing at_query:
Return code: -1
Native error code: 1064
SQL engine state: 37000
Message: [MySQL][ODBC 3.51 Driver][mysqld-3.23.58]You have an error in your SQL syntax near '' at line 1
==>backsql_free_db_conn()
backsql_free_db_conn(): closing db connection
==>backsql_close_db_conn()
<==backsql_close_db_conn()
<==backsql_free_db_conn()
backsql_db_open(): connection failed, exiting
backend_startup: bi_db_open(0) failed! (1)
slapd shutdown: initiated
==>backsql_db_close()
<==backsql_db_close()
slapd shutdown: freeing system resources.
==>backsql_db_destroy()
==>backsql_free_db_env()
<==backsql_free_db_env()
==>destroy_schema_map()
==>free_oc(): 'inetOrgPerson'
==>free_attr(): 'ref'
<==free_attr()
==>free_attr(): 'objectClass'
<==free_attr()
<==free_oc()
<==destroy_schema_map()
<==backsql_db_destroy()
slapd stopped.
connections_destroy: nothing to destroy.
I think is good that you could explain us what does this lines means
at_query "SELECT
name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return
FROM ldap_attr_mappings WHERE oc_map_id=?"
insentry_query "insert into ldap_entries
(id,dn,oc_map_id,parent,keyval) values ((select max(id)+1 from
ldap_entries),?,?,?,?)"
upper_func "upper"
strcast_func "text"
concat_pattern "?||?"
*********** REPLY SEPARATOR ***********
On 1/16/2004 at 8:54 PM Otto Kucera wrote:
>Pierangelo Masarati wrote:
>
>>>backsql_db_open(): attribute mapping SQL statement not specified (use
>>>"at_query" directive in slapd.conf)
>>>backsql_db_open(): setting 'SELECT
>>>name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return,sel_expr_u
>>> FROM ldap_attr_mappings WHERE oc_map_id=?' by default
>>>
>>>
>>
>>You're using the default attribute mapping directive,
>>which is incorrect for mysql (as well as for postgres);
>>please add
>>
>>at_query "SELECT name,sel_expr,from_tbls,join_where,add_proc,delete_proc,
>> param_order,expect_return FROM ldap_attr_mappings WHERE oc_map_id=?"
>>
>>to your slapd-conf, below the "database sql"
>>directive. This will fix the latest error
>>you got. Of course, there could be more ...
>>
>>
>>
>that looks like this?
>
>#######################################################################
># sql database definitions
>#######################################################################
>database sql
># suffix "o=sql,c=RU"
># rootdn "cn=Manager,o=sql,c=RU"
>suffix "dc=sql,dc=hosting"
>rootdn "cn=manager,dc=sql,dc=hosting"
>rootpw {MD5}5WRd2F3rEA/R1x0OjWcQkQ==
>dbname ldap
>dbuser ldap
>dbpasswd ldap
>at_query "SELECT
>name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return
>FROM ldap_attr_mappings WHERE oc_map_id=?"
>insentry_query "insert into ldap_entries
>(id,dn,oc_map_id,parent,keyval) values ((select max(id)+1 from
>ldap_entries),?,?,?,?)"
>upper_func "upper"
>strcast_func "text"
>concat_pattern "?||?"
>
># subtree_cond "ldap_entries.dn LIKE CONCAT('%',?)"
># insentry_query "INSERT INTO ldap_entries
>(dn,oc_map_id,parent,keyval) VALUES (?,?,?,?)"
>
>
>sorry but does not work :(
>
>slapd startup: initiated.
>bdb_db_open: dc=my,dc=hosting
>bdb_db_open: dbenv_open(/var/lib/openldap-data)
>==>backsql_db_open(): testing RDBMS connection
>backsql_db_open(): subtree search SQL condition not specified (use
>"subtree_cond" directive in slapd.conf)
>backsql_db_open(): setting 'upper(ldap_entries.dn) LIKE upper('%'||?)'
>as default
>backsql_db_open(): setting 'upper(ldap_entries.dn)=upper(?)' as default
>backsql_db_open(): objectclass mapping SQL statement not specified (use
>"oc_query" directive in slapd.conf)
>backsql_db_open(): setting 'SELECT
>id,name,keytbl,keycol,create_proc,delete_proc,expect_return FROM
>ldap_oc_mappings' by default
>backsql_db_open(): entry deletion SQL statement not specified (use
>"delentry_query" directive in slapd.conf)
>backsql_db_open(): setting 'DELETE FROM ldap_entries WHERE id=?' by default
>==>backsql_get_db_conn()
>==>backsql_open_db_conn()
>backsql_open_db_conn(): connected, adding to tree
><==backsql_open_db_conn()
>backsql_get_db_conn(): first call -- reading schema map
>==>load_schema_map()
>ldapinfo.dn_ru field exists in the schema
>load_schema_map(): at_query 'SELECT
>name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return
>FROM ldap_attr_mappings WHERE oc_map_id=?'
><==load_schema_map()
><==backsql_get_db_conn()
>==>backsql_free_db_conn()
>backsql_free_db_conn(): closing db connection
>==>backsql_close_db_conn()
><==backsql_close_db_conn()
><==backsql_free_db_conn()
><==backsql_db_open(): test succeeded, schema map loaded
>slapd starting
>connection_get(12)
>connection_get(12): got connid=0
>connection_read(12): checking for input on id=0
>ber_get_next
>ber_get_next: tag 0x30 len 43 contents:
>do_bind
>ber_get_next
>ber_get_next on fd 12 failed errno=11 (Resource temporarily unavailable)
>ber_scanf fmt ({imt) ber:
>ber_scanf fmt (m}) ber:
> >>> dnPrettyNormal: <cn=Manager,dc=my,dc=hosting>
>=> ldap_bv2dn(cn=Manager,dc=my,dc=hosting,0)
><= ldap_bv2dn(cn=Manager,dc=my,dc=hosting,0)=0
>=> ldap_dn2bv(272)
><= ldap_dn2bv(cn=Manager,dc=my,dc=hosting,272)=0
>=> ldap_dn2bv(272)
><= ldap_dn2bv(cn=manager,dc=my,dc=hosting,272)=0
><<< dnPrettyNormal: <cn=Manager,dc=my,dc=hosting>,
><cn=manager,dc=my,dc=hosting>
>do_bind: version=3 dn="cn=Manager,dc=my,dc=hosting" method=128
>==> bdb_bind: dn: cn=Manager,dc=my,dc=hosting
>bdb_dn2entry_rw("cn=manager,dc=my,dc=hosting")
>=> bdb_dn2id_matched( "cn=manager,dc=my,dc=hosting" )
><= bdb_dn2id_matched: id=0x00000001: matched dc=my,dc=hosting
>entry_decode: "dc=my,dc=hosting"
><= entry_decode(dc=my,dc=hosting)
>====> bdb_cache_return_entry_r( 1 ): created (0)
>do_bind: v3 bind: "cn=Manager,dc=my,dc=hosting" to
>"cn=Manager,dc=my,dc=hosting"
>send_ldap_result: conn=0 op=0 p=3
>send_ldap_result: err=0 matched="" text=""
>send_ldap_response: msgid=1 tag=97 err=0
>ber_flush: 14 bytes to sd 12
>connection_get(12)
>connection_get(12): got connid=0
>connection_read(12): checking for input on id=0
>ber_get_next
>ber_get_next: tag 0x30 len 81 contents:
>deferring operation
>do_add
>ber_scanf fmt ({m) ber:
> >>> dnPrettyNormal: <dc=sql, dc=hosting>
>=> ldap_bv2dn(dc=sql, dc=hosting,0)
><= ldap_bv2dn(dc=sql, dc=hosting,0)=0
>=> ldap_dn2bv(272)
><= ldap_dn2bv(dc=sql,dc=hosting,272)=0
>=> ldap_dn2bv(272)
><= ldap_dn2bv(dc=sql,dc=hosting,272)=0
><<< dnPrettyNormal: <dc=sql,dc=hosting>, <dc=sql,dc=hosting>
>do_add: dn (dc=sql,dc=hosting)
>ber_scanf fmt ({m{W}}) ber:
>ber_scanf fmt ({m{W}}) ber:
>ber_scanf fmt (}) ber:
>==>backsql_add(): adding entry 'dc=sql,dc=hosting'
>oc_check_required entry (dc=sql,dc=hosting), objectClass "dcObject"
>oc_check_required entry (dc=sql,dc=hosting), objectClass "organization"
>Entry (dc=sql,dc=hosting): object class 'organization' requires
>attribute 'o'
>backsql_add(): entry failed schema check -- aborting
>send_ldap_result: conn=0 op=1 p=3
>send_ldap_result: err=65 matched="" text="operation not permitted within
>namingContext"
>send_ldap_response: msgid=2 tag=105 err=65
>ber_flush: 58 bytes to sd 12
>connection_get(12)
>connection_get(12): got connid=0
>connection_read(12): checking for input on id=0
>ber_get_next
>ber_get_next: tag 0x30 len 5 contents:
>ber_get_next
>ber_get_next on fd 12 failed errno=0 (Success)
>connection_read(12): input error=-2 id=0, closing.
>connection_closing: readying conn=0 sd=12 for close
>connection_close: deferring conn=0 sd=12
>connection_resched: attempting closing conn=0 sd=12
>connection_close: deferring conn=0 sd=12
>do_unbind
>==>backsql_unbind()
>send_ldap_result: conn=0 op=2 p=3
>send_ldap_result: err=0 matched="" text=""
>send_ldap_response: msgid=0 tag=48 err=0
><==backsql_unbind()
>connection_resched: attempting closing conn=0 sd=12
>connection_close: conn=0 sd=12
>==>backsql_connection_destroy()
>==>backsql_free_db_conn()
><==backsql_free_db_conn()
><==backsql_connection_destroy()
>
>>p.
>>
>>
>>
>i googled around and found this manual
>http://www.samse.fr/GPL/ldap_pg/HOWTO/x132.html
>and try it. it's not importand for to use mysql.
>
>otto
>
>--
>-----------------------------------
>Otto Kucera
>A-1020 Wien Engerthstrasse 137/6/7
>Tel: +43 699 1 942 30 91 [neue Nummer!]
>Email: ok@72pixel.at
>Icq: 65351173
>-----------------------------------
>
>And root said rm -rf / ......and there was nothing
>*BSD is like a wigwam: NO windows, NO gates and an Apache inside!
>
>Your mailserver MUST resolve properly (Fully Qualified Domain Name) or the
>mail will not go through!