Hi People...
Sorry about my amount of messages about this topic, but for
talk about openldap problems is this list.
I'm running openldap 2.2.4, with libiodbc 3.51, unixODBC 2.2.7
and MyODBC 3.51 on RedHat 8.0. I compiled openldap with back-sql and ldbm
backends,
i was following the steps of the manual Setting up Ldap with
back-sql, posted here http://www.flatmtn.com/computer/Linux-LDAP.html but
i don't understand this part of the BACK-SQL Specific
Note: inetOrgPerson scheme requires a value for 'cn'
and 'sn'. Because we have some contacts that only have values in "Company", my
real 'cn' sel_expr
is:
MySQL: IF(Length(LastName)>0,IF(Length(FirstName)>0,IF(Length(MInitial)>0,CONCAT(FirstName, ' ', MInitial, ' ', LastName),CONCAT(FirstName, ' ', LastName)),LastName),IF(Length(FirstName)>0,FirstName,Company)) PostgreSQL (shortned due to varchar(255) length): CASE WHEN Length(lastname)>0 THEN CASE WHEN Length(firstname)>0 THEN CASE WHEN Length(minitial)>0 THEN firstname||' '||minitial||' '||lastname ELSE firstname||' '||lastname END ELSE lastname END ELSE company END and my real 'sn' sel_expr is: MySQL: IF(Length(LastName)>0,LastName,IF(Length(FirstName)>0,FirstName,Company)) PostgreSQL: CASE WHEN Length(lastname)>0 THEN lastname ELSE company END where do i have to put that? I created the tables contacts and
orgunit and the values that the manual says in the tables ldap_oc_mappings and
ldap_attr_mappings.
this is my slapd.conf
#
# See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/inetorgperson.schema # Define global ACLs to disable default read
access.
# Do not enable referrals until AFTER you have a working
directory
# service AND an understanding of referrals. #referral ldap://root.openldap.org pidfile
/usr/local/var/run/slapd.pid
argsfile /usr/local/var/run/slapd.args # Load dynamic backend modules:
# modulepath /usr/local/libexec/openldap # moduleload back_bdb.la # moduleload back_ldap.la # moduleload back_ldbm.la # moduleload back_passwd.la # moduleload back_shell.la # Sample security
restrictions
# Require integrity protection (prevent hijacking) # Require 112-bit (3DES or better) encryption for updates # Require 63-bit encryption for simple bind # security ssf=1 update_ssf=112 simple_bind=64 # Sample access control
policy:
# Root DSE: allow anyone to read it # Subschema (sub)entry DSE: allow anyone to read it # Other DSEs: # Allow self write access # Allow authenticated users read access # Allow anonymous users to authenticate # Directives needed to implement policy: # access to dn.base="" by * read # access to dn.base="cn=Subschema" by * read # access to * # by self write # by users read # by anonymous auth # # if no access controls are present, the default policy # allows anyone and everyone to read anything but restricts # updates to rootdn. (e.g., "access to * by * read") # # rootdn can always read and write EVERYTHING! ##########################################################################
# BD test en MySQL ########################################################################## database
sql
suffix "ou=test,dc=sql,dc=RU" # You only need these if normal ldap backends are defined and hold the "root" #rootdn "cn=manager,dc=example,dc=com" #rootpw dbname test dbuser mely dbpasswd secret index cn,sn,givenName,o index objectclass pres,eq index default none lastmod off # new to OpenLDAP v2.1.x has_ldapinfo_dn_ru no at_query "SELECT
name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return
FROM ldap_attr_mappings WHERE oc_map_id=?" insentry_query "insert into
ldap_entries (id,dn,oc_map_id,parent,keyval) values ((selectmax(id)+1 from
ldap_entries),?,?,?,?)" upper_func "upper"
strcast_func "text" concat_pattern "?||?"
IF(Length(LastName)>0,IF(Length(FirstName)>0,IF(Length(MInitial)>0,CONCAT(FirstName,
' ', MInitial, ' ', LastName),CONCAT(FirstName, ' ',
LastName)),LastName),IF(Length(FirstName)>0,FirstName,Company))
IF(Length(LastName)>0,LastName,IF(Length(FirstName)>0,FirstName,Company))
#######################################################################
# ldbm database definitions ####################################################################### database
ldbm
suffix "dc=sql,dc=RU" rootdn "cn=mely,dc=sql,dc=RU" # Cleartext passwords, especially for the rootdn, should # be avoid. See slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. rootpw secret # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /usr/local/var/openldap-data # Indices to maintain index objectClass eq Note that i put that lines in slapd.conf but i don;;t
now where to put it..... when i start openldap it log this
name='cn',sel_expr='CONCAT(contacts.FirstName, ' ',
contacts.LastName)'
from='contacts'join_where='',add_proc=''delete_proc=''
sel_expr_u='(null)' load_schema_map(): preconstructed query 'SELECT CONCAT(contacts.FirstName, ' ', contacts.LastName) AS cn FROM contacts WHERE orgunit.id=?' ********'givenName' name='givenName',sel_expr='contacts.FirstName' from='contacts'join_where='',add_proc=''delete_proc='' sel_expr_u='(null)' load_schema_map(): preconstructed query 'SELECT contacts.FirstName AS givenName FROM contacts WHERE orgunit.id=?' ********'sn' name='sn',sel_expr='contacts.LastName' from='contacts'join_where='',add_proc=''delete_proc='' sel_expr_u='(null)' load_schema_map(): preconstructed query 'SELECT contacts.LastName AS sn FROM contacts WHERE orgunit.id=?' ********'o' name='o',sel_expr='contacts.Company' from='contacts'join_where='',add_proc=''delete_proc='' sel_expr_u='(null)' load_schema_map(): preconstructed query 'SELECT contacts.Company AS o FROM contacts WHERE orgunit.id=?' ********'mail' name='mail',sel_expr='contacts.EMailAddress' from='contacts'join_where='',add_proc=''delete_proc='' sel_expr_u='(null)' load_schema_map(): preconstructed query 'SELECT contacts.EMailAddress AS mail FROM contacts WHERE orgunit.id=?' <==load_schema_map() <==backsql_get_db_conn() ==>backsql_free_db_conn() backsql_free_db_conn(): closing db connection ==>backsql_close_db_conn() <==backsql_close_db_conn() <==backsql_free_db_conn() <==backsql_db_open(): test succeeded, schema map loaded slapd starting Sorry About the big mail but this is very important for
me and maybe for the others openldap users
|