[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: sql-backend



hi otto, pierangelo and adam,

This is my slapd.conf configuration:

#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include         /usr/local/etc/openldap/schema/core.schema
include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/inetorgperson.schema

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral       ldap://root.openldap.org

pidfile         /usr/local/var/run/slapd.pid
argsfile        /usr/local/var/run/slapd.args

# Load dynamic backend modules:
# modulepath    /usr/local/libexec/openldap
# moduleload    back_bdb.la
# moduleload    back_ldap.la
# moduleload    back_ldbm.la
# moduleload    back_passwd.la
# moduleload    back_shell.la

# Sample security restrictions
#       Require integrity protection (prevent hijacking)
#       Require 112-bit (3DES or better) encryption for updates
#       Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:
#       Root DSE: allow anyone to read it
#       Subschema (sub)entry DSE: allow anyone to read it
#       Other DSEs:
#               Allow self write access
#               Allow authenticated users read access
#               Allow anonymous users to authenticate
#       Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
#       by self write
#       by users read
#       by anonymous auth
#
# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn.  (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!

#######################################################################
# ldbm database definitions
#######################################################################

#database       ldbm
#suffix         "dc=my-domain,dc=com"
#rootdn         "cn=Manager,dc=my-domain,dc=com"
# Cleartext passwords, especially for the rootdn, should
# be avoid.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
#rootpw         secret
# The database directory MUST exist prior to running slapd AND 
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
#directory      /usr/local/var/openldap-data
# Indices to maintain
#index  objectClass     eq

##########################################################################
# BD test en MySQL
##########################################################################

database        sql
# This following is for the sample database as it installs
suffix          "o=sql,c=RU"
rootdn          "cn=root,o=sql,c=RU"
rootpw          secret
dbname          test
dbuser          mely
dbpasswd        mely
at_query "SELECT 
name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return 
FROM ldap_attr_mappings WHERE oc_map_id=?"
insentry_query  "insert into ldap_entries 
(id,dn,oc_map_id,parent,keyval) values ((select max(id)+1 from 
ldap_entries),?,?,?,?)"
upper_func      "upper"
strcast_func    "text"
concat_pattern  "?||?"


When i come up slapd it logs this error


==>load_schema_map()
ldapinfo.dn_ru field exists in the schema
load_schema_map(): at_query 'SELECT '
load_schema_map(): objectClass 'inetOrgPerson': keytbl='persons' keycol='id'
create_proc='insert into persons (name) values ('');
 select last_insert_id();'
expect_return: add=0, del=0; attributes:
load_schema_map(): autoadding 'objectClass' and 'ref' mappings
load_schema_map(): error executing at_query: 
Return code: -1
Native error code: 1064
SQL engine state: 37000
Message: [MySQL][ODBC 3.51 Driver][mysqld-3.23.58]You have an error in your SQL syntax near '' at line 1
==>backsql_free_db_conn()
backsql_free_db_conn(): closing db connection
==>backsql_close_db_conn()
<==backsql_close_db_conn()
<==backsql_free_db_conn()
backsql_db_open(): connection failed, exiting
backend_startup: bi_db_open(0) failed! (1)
slapd shutdown: initiated
==>backsql_db_close()
<==backsql_db_close()
slapd shutdown: freeing system resources.
==>backsql_db_destroy()
==>backsql_free_db_env()
<==backsql_free_db_env()
==>destroy_schema_map()
==>free_oc(): 'inetOrgPerson'
==>free_attr(): 'ref'
<==free_attr()
==>free_attr(): 'objectClass'
<==free_attr()
<==free_oc()
<==destroy_schema_map()
<==backsql_db_destroy()
slapd stopped.
connections_destroy: nothing to destroy.


I think is good that you could explain us what does this lines means


at_query "SELECT 
name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return 
FROM ldap_attr_mappings WHERE oc_map_id=?"
insentry_query  "insert into ldap_entries 
(id,dn,oc_map_id,parent,keyval) values ((select max(id)+1 from 
ldap_entries),?,?,?,?)"
upper_func      "upper"
strcast_func    "text"
concat_pattern  "?||?"












*********** REPLY SEPARATOR  ***********

On 1/16/2004 at 8:54 PM Otto Kucera wrote:

>Pierangelo Masarati wrote:
>
>>>backsql_db_open(): attribute mapping SQL statement not specified (use
>>>"at_query" directive in slapd.conf)
>>>backsql_db_open(): setting 'SELECT
>>>name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return,sel_expr_u
>>> FROM ldap_attr_mappings WHERE oc_map_id=?' by default
>>>    
>>>
>>
>>You're using the default attribute mapping directive,
>>which is incorrect for mysql (as well as for postgres);
>>please add
>>
>>at_query "SELECT name,sel_expr,from_tbls,join_where,add_proc,delete_proc, 
>>     param_order,expect_return FROM ldap_attr_mappings WHERE oc_map_id=?"
>>
>>to your slapd-conf, below the "database sql"
>>directive.  This will fix the latest error
>>you got.  Of course, there could be more ...
>>
>>  
>>
>that looks like this?
>
>#######################################################################
># sql database definitions
>#######################################################################
>database        sql
># suffix                "o=sql,c=RU"
># rootdn                "cn=Manager,o=sql,c=RU"
>suffix          "dc=sql,dc=hosting"
>rootdn          "cn=manager,dc=sql,dc=hosting"
>rootpw          {MD5}5WRd2F3rEA/R1x0OjWcQkQ==
>dbname          ldap
>dbuser          ldap
>dbpasswd        ldap
>at_query "SELECT 
>name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return 
>FROM ldap_attr_mappings WHERE oc_map_id=?"
>insentry_query  "insert into ldap_entries 
>(id,dn,oc_map_id,parent,keyval) values ((select max(id)+1 from 
>ldap_entries),?,?,?,?)"
>upper_func      "upper"
>strcast_func    "text"
>concat_pattern  "?||?"
>
># subtree_cond  "ldap_entries.dn LIKE CONCAT('%',?)"
># insentry_query        "INSERT INTO ldap_entries 
>(dn,oc_map_id,parent,keyval) VALUES (?,?,?,?)"
>
>
>sorry but does not work :(
>
>slapd startup: initiated.
>bdb_db_open: dc=my,dc=hosting
>bdb_db_open: dbenv_open(/var/lib/openldap-data)
>==>backsql_db_open(): testing RDBMS connection
>backsql_db_open(): subtree search SQL condition not specified (use 
>"subtree_cond" directive in slapd.conf)
>backsql_db_open(): setting 'upper(ldap_entries.dn) LIKE upper('%'||?)' 
>as default
>backsql_db_open(): setting 'upper(ldap_entries.dn)=upper(?)' as default
>backsql_db_open(): objectclass mapping SQL statement not specified (use 
>"oc_query" directive in slapd.conf)
>backsql_db_open(): setting 'SELECT 
>id,name,keytbl,keycol,create_proc,delete_proc,expect_return FROM 
>ldap_oc_mappings' by default
>backsql_db_open(): entry deletion SQL statement not specified (use 
>"delentry_query" directive in slapd.conf)
>backsql_db_open(): setting 'DELETE FROM ldap_entries WHERE id=?' by default
>==>backsql_get_db_conn()
>==>backsql_open_db_conn()
>backsql_open_db_conn(): connected, adding to tree
><==backsql_open_db_conn()
>backsql_get_db_conn(): first call -- reading schema map
>==>load_schema_map()
>ldapinfo.dn_ru field exists in the schema
>load_schema_map(): at_query 'SELECT 
>name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return 
>FROM ldap_attr_mappings WHERE oc_map_id=?'
><==load_schema_map()
><==backsql_get_db_conn()
>==>backsql_free_db_conn()
>backsql_free_db_conn(): closing db connection
>==>backsql_close_db_conn()
><==backsql_close_db_conn()
><==backsql_free_db_conn()
><==backsql_db_open(): test succeeded, schema map loaded
>slapd starting
>connection_get(12)
>connection_get(12): got connid=0
>connection_read(12): checking for input on id=0
>ber_get_next
>ber_get_next: tag 0x30 len 43 contents:
>do_bind
>ber_get_next
>ber_get_next on fd 12 failed errno=11 (Resource temporarily unavailable)
>ber_scanf fmt ({imt) ber:
>ber_scanf fmt (m}) ber:
> >>> dnPrettyNormal: <cn=Manager,dc=my,dc=hosting>
>=> ldap_bv2dn(cn=Manager,dc=my,dc=hosting,0)
><= ldap_bv2dn(cn=Manager,dc=my,dc=hosting,0)=0
>=> ldap_dn2bv(272)
><= ldap_dn2bv(cn=Manager,dc=my,dc=hosting,272)=0
>=> ldap_dn2bv(272)
><= ldap_dn2bv(cn=manager,dc=my,dc=hosting,272)=0
><<< dnPrettyNormal: <cn=Manager,dc=my,dc=hosting>, 
><cn=manager,dc=my,dc=hosting>
>do_bind: version=3 dn="cn=Manager,dc=my,dc=hosting" method=128
>==> bdb_bind: dn: cn=Manager,dc=my,dc=hosting
>bdb_dn2entry_rw("cn=manager,dc=my,dc=hosting")
>=> bdb_dn2id_matched( "cn=manager,dc=my,dc=hosting" )
><= bdb_dn2id_matched: id=0x00000001: matched dc=my,dc=hosting
>entry_decode: "dc=my,dc=hosting"
><= entry_decode(dc=my,dc=hosting)
>====> bdb_cache_return_entry_r( 1 ): created (0)
>do_bind: v3 bind: "cn=Manager,dc=my,dc=hosting" to 
>"cn=Manager,dc=my,dc=hosting"
>send_ldap_result: conn=0 op=0 p=3
>send_ldap_result: err=0 matched="" text=""
>send_ldap_response: msgid=1 tag=97 err=0
>ber_flush: 14 bytes to sd 12
>connection_get(12)
>connection_get(12): got connid=0
>connection_read(12): checking for input on id=0
>ber_get_next
>ber_get_next: tag 0x30 len 81 contents:
>deferring operation
>do_add
>ber_scanf fmt ({m) ber:
> >>> dnPrettyNormal: <dc=sql, dc=hosting>
>=> ldap_bv2dn(dc=sql, dc=hosting,0)
><= ldap_bv2dn(dc=sql, dc=hosting,0)=0
>=> ldap_dn2bv(272)
><= ldap_dn2bv(dc=sql,dc=hosting,272)=0
>=> ldap_dn2bv(272)
><= ldap_dn2bv(dc=sql,dc=hosting,272)=0
><<< dnPrettyNormal: <dc=sql,dc=hosting>, <dc=sql,dc=hosting>
>do_add: dn (dc=sql,dc=hosting)
>ber_scanf fmt ({m{W}}) ber:
>ber_scanf fmt ({m{W}}) ber:
>ber_scanf fmt (}) ber:
>==>backsql_add(): adding entry 'dc=sql,dc=hosting'
>oc_check_required entry (dc=sql,dc=hosting), objectClass "dcObject"
>oc_check_required entry (dc=sql,dc=hosting), objectClass "organization"
>Entry (dc=sql,dc=hosting): object class 'organization' requires 
>attribute 'o'
>backsql_add(): entry failed schema check -- aborting
>send_ldap_result: conn=0 op=1 p=3
>send_ldap_result: err=65 matched="" text="operation not permitted within 
>namingContext"
>send_ldap_response: msgid=2 tag=105 err=65
>ber_flush: 58 bytes to sd 12
>connection_get(12)
>connection_get(12): got connid=0
>connection_read(12): checking for input on id=0
>ber_get_next
>ber_get_next: tag 0x30 len 5 contents:
>ber_get_next
>ber_get_next on fd 12 failed errno=0 (Success)
>connection_read(12): input error=-2 id=0, closing.
>connection_closing: readying conn=0 sd=12 for close
>connection_close: deferring conn=0 sd=12
>connection_resched: attempting closing conn=0 sd=12
>connection_close: deferring conn=0 sd=12
>do_unbind
>==>backsql_unbind()
>send_ldap_result: conn=0 op=2 p=3
>send_ldap_result: err=0 matched="" text=""
>send_ldap_response: msgid=0 tag=48 err=0
><==backsql_unbind()
>connection_resched: attempting closing conn=0 sd=12
>connection_close: conn=0 sd=12
>==>backsql_connection_destroy()
>==>backsql_free_db_conn()
><==backsql_free_db_conn()
><==backsql_connection_destroy()
>
>>p.
>>
>>  
>>
>i googled around and found this manual 
>http://www.samse.fr/GPL/ldap_pg/HOWTO/x132.html
>and try it. it's not importand for to use mysql.
>
>otto
>
>-- 
>-----------------------------------
>Otto Kucera
>A-1020 Wien Engerthstrasse 137/6/7
>Tel: +43 699 1 942 30 91 [neue Nummer!]
>Email: ok@72pixel.at
>Icq: 65351173
>-----------------------------------
>
>And root said rm -rf /     ......and there was nothing
>*BSD is like a wigwam: NO windows, NO gates and an Apache inside!
>
>Your mailserver MUST resolve properly (Fully Qualified Domain Name) or the
>mail will not go through!