[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
no entries where found with ldapsearch
Hello,
I tried for severals days to get an LDAP-Server running the way I want.
The server should work as a Single-Sign-On System for Linux, Samba and
later PHP.
I've read the tutorial from Markus Amersbacher on subnet.at and other.
My Server based on Debian Woody with Openldap 2.0.
Something already runs fine, but I don't know what ;-) I've adapted the
slapd.conf (see below), libnss-ldap.conf, libpam-ldap.conf and several
files in /etc/pam.d/ to my needs. At the moment I get the following when
I change my password:
Enter login(LDAP) password:
New password:
Re-enter new password:
LDAP password information changed for donde
passwd: password updated successfully
So I guess that the slapd is already working.
After installing openldap and configuring the files above, I added the
first ldif-file (see below) with slapadd -l /etc/ldap/test.ldif.
Thereafter I tried slapcat and was able to see the entries of this
ldif-file. So I tried to add my group.ldif, etc, which I made with the
migrationtools, with ldapadd. I get several messages like "Add new
entry" but after a new invoking of slapcat the entries are still the
same as before (only the entries of the test.ldif-file).
Then I tried the GUI Directory-Administrator. The program was able to
connect to the slapd, but reports, that the database is empty,
respectivly that there is no organizationalUnit.
Because of I'm a really newbie to ldap, I tried now the easy querys of
the openldap-tutorial to test the server.
ldapsearch -x -b '' -s base '(objectClass=*)' namingContexts
According to the Tutorial the output of this command should look like
this:
dn:
namingContexts: dc=fhoevp,dc=de
This is my output
version: 2
#
# filter: (objectClass=*)
# requesting: namingContexts
#
# search result
search: 2
result: 0 Success
# numResponses: 1
A search for the uid=donde brings nearly the same output:
ldapsearch -x -b 'dc=fhoevp,dc=de' 'uid=donde'
version: 2
#
# filter: uid=donde
# requesting: ALL
#
# search result
search: 2
result: 0 Success
# numResponses: 1
This is the output of slapcat. As you can see the uid=donde exists and
donde is known by ldap. He's able to login and change his password, but
it's not possible to search for him.
woody:/slapcat
dn: dc=fhoevp,dc=de
objectClass: organization
o: fhoevp
dn: cn=manager, dc=fhoevp,dc=de
objectClass: organizationalRole
objectClass: simpleSecurityObject
cn: admin
description: LDAP administrator
userPassword:: e0NSWVBUfVducFZaelNaT2xSTFk=
dn: cn=nss, dc=fhoevp,dc=de
objectClass: organizationalRole
objectClass: simpleSecurityObject
cn: nss
description: LDAP NSS user for user-lookups
userPassword:: e0NSWVBUfVducFZaelNaT2xSTFk=
dn: ou=People, dc=fhoevp,dc=de
objectClass: organizationalUnit
ou: People
dn: ou=Group, dc=fhoevp,dc=de
objectClass: top
objectClass: organizationalUnit
ou: Group
dn: uid=donde, ou=People,dc=fhoevp,dc=de
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
objectClass: organizationalPerson
uid: donde
cn: Andreas Dondera
sn: Dondera
givenName: Donde LDAP Test User
title: Admin
departmentNumber: IT
userPassword:: e0NSWVBUfVducFZaelNaT2xSTFk=
loginShell: /bin/bash
uidNumber: 11111
gidNumber: 11111
homeDirectory: /home/donde/
gecos: donde_gecos-field
description: Not Available
l: HSGEB.2
dn: cn=donde,ou=Group,dc=fhoevp,dc=de
objectClass: posixGroup
objectClass: top
cn: donde
gidNumber: 11111
The server runs as the user slapd. Every file in /etc/ldap and
/var/lib/ldap is owned by him.
/etc/ldap/slapd.conf:
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/misc.schema
schemacheck on
pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args
password-hash {CRYPT}
replogfile /var/lib/ldap/replog
loglevel 256
database ldbm
suffix "dc=fhoevp,dc=de"
rootdn "cn=manager,dc=fhoevp,dc=de"
rootpw {CRYPT}WnpVZzSZOlRLY
directory "/var/lib/ldap"
index objectClass eq
lastmod on
access to attribute=userPassword
by dn="cn=manager,dc=fhoevp,dc=de" write
by anonymous auth
by * none
access to *
by dn="cn=manager,dc=fhoevp,dc=de" write
by dn="cn=nss,dc=fhoevp,dc=de" read
by * auth
The tool gq likewise finds no entries.
I'm absolutely helpless.
So I would be truly grateful for every kind of help.
Why could no entry be found with ldapsearch or any
gui-tools?
Donde
P.S. Excuse my english ;-)