[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
LDAP-Browser cannot connect as admin ( LDAP-Beginners problem :-))) )
Hi everybody,
finally I got my LDAP-Server up and running on Suse 9.1 .
The LDAP-Brwoser has a problem connecting to the server.
Isn't it true the browser should be able to connect with that minimum
configuration ?
slapd.conf:
# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.6 2001/04/20 23:32:43
kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/rfc2307bis.schema
include /etc/openldap/schema/yast2userconfig.schema
pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args
database ldbm
suffix "c=de"
rootdn "cn=admin,c=de"
rootpw test12
directory /var/lib/ldap
index objectClass eq
loglevel 1
access to attrs=userPassword
by self write
by * auth
access to * by * read
This is the messages for different actions I got in my logfile:
##### Server Start ##################################################
Jul 22 20:32:55 srv02 slapd[17107]: @(#) $OpenLDAP: slapd 2.2.6 (Apr 6 2004
02:01:25) $
abuild@lifschitz:/usr/src/packages/BUILD/openldap-2.2.6/servers/slapd
Jul 22 20:32:55 srv02 slapd[17107]: bdb_initialize: Sleepycat Software:
Berkeley DB 4.2.52: (April 5, 2004)
Jul 22 20:32:55 srv02 slapd[17107]: matching_rule_use_init
Jul 22 20:32:55 srv02 slapd[17107]: 1.2.840.113556.1.4.804
(integerBitOrMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 1.2.840.113556.1.4.804
NAME 'integerBitOrMatch' APPLIES ( suseMaxPasswordLength $
suseMinPasswordLength $ suseMaxUniqueId $ suseMinUniqueId $ suseNextUniqueId
$ oncRpcNumber $ ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire
$ shadowInactive $ shadowWarning $ shadowMax $ shadowMin $ shadowLastChange $
gidNumber $ uidNumber $ mailPreferenceOption $ supportedLDAPVersion ) )
Jul 22 20:32:55 srv02 slapd[17107]: 1.2.840.113556.1.4.803
(integerBitAndMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 1.2.840.113556.1.4.803
NAME 'integerBitAndMatch' APPLIES ( suseMaxPasswordLength $
suseMinPasswordLength $ suseMaxUniqueId $ suseMinUniqueId $ suseNextUniqueId
$ oncRpcNumber $ ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire
$ shadowInactive $ shadowWarning $ shadowMax $ shadowMin $ shadowLastChange $
gidNumber $ uidNumber $ mailPreferenceOption $ supportedLDAPVersion ) )
Jul 22 20:32:55 srv02 slapd[17107]: 1.3.6.1.4.1.1466.109.114.2
(caseIgnoreIA5Match):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse:
( 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' APPLIES ( suseSkelDir
$ susePasswordHash $ suseNamingAttribute $ automountInformation $
automountKey $ automountMapName $ nisDomain $ nisMapEntry $ bootFile $
bootParameter $ macAddress $ ipNetmaskNumber $ nisNetgroupTriple $
memberNisNetgroup $ memberUid $ loginShell $ homeDirectory $ gecos $
janetMailbox $ cNAMERecord $ sOARecord $ nSRecord $ mXRecord $ mDRecord $
aRecord $ email $ associatedDomain $ dc $ mail $ altServer ) )
Jul 22 20:32:55 srv02 slapd[17107]: 1.3.6.1.4.1.1466.109.114.1
(caseExactIA5Match):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse:
( 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' APPLIES ( suseSkelDir $
susePasswordHash $ suseNamingAttribute $ automountInformation $ automountKey
$ automountMapName $ nisDomain $ nisMapEntry $ bootFile $ bootParameter $
macAddress $ ipNetmaskNumber $ nisNetgroupTriple $ memberNisNetgroup $
memberUid $ loginShell $ homeDirectory $ gecos $ janetMailbox $ cNAMERecord $
sOARecord $ nSRecord $ mXRecord $ mDRecord $ aRecord $ email $
associatedDomain $ dc $ mail $ altServer ) )
Jul 22 20:32:55 srv02 slapd[17107]: 2.5.13.35 (certificateMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 2.5.13.35 NAME
'certificateMatch' APPLIES ( cACertificate $ userCertificate ) )
Jul 22 20:32:55 srv02 slapd[17107]: 2.5.13.34 (certificateExactMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 2.5.13.34 NAME
'certificateExactMatch' APPLIES ( cACertificate $ userCertificate ) )
Jul 22 20:32:55 srv02 slapd[17107]: 2.5.13.30
(objectIdentifierFirstComponentMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 2.5.13.30 NAME
'objectIdentifierFirstComponentMatch' APPLIES ( supportedApplicationContext $
ldapSyntaxes $ matchingRuleUse $ objectClasses $ attributeTypes $
matchingRules $ supportedFeatures $ supportedExtension $ supportedControl ) )
Jul 22 20:32:55 srv02 slapd[17107]: 2.5.13.29
(integerFirstComponentMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 2.5.13.29 NAME
'integerFirstComponentMatch' APPLIES ( suseMaxPasswordLength $
suseMinPasswordLength $ suseMaxUniqueId $ suseMinUniqueId $ suseNextUniqueId
$ oncRpcNumber $ ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire
$ shadowInactive $ shadowWarning $ shadowMax $ shadowMin $ shadowLastChange $
gidNumber $ uidNumber $ mailPreferenceOption $ supportedLDAPVersion ) )
Jul 22 20:32:55 srv02 slapd[17107]: 2.5.13.27 (generalizedTimeMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 2.5.13.27 NAME
'generalizedTimeMatch' APPLIES ( modifyTimestamp $ createTimestamp ) )
Jul 22 20:32:55 srv02 slapd[17107]: 2.5.13.24 (protocolInformationMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 2.5.13.24 NAME
'protocolInformationMatch' APPLIES protocolInformation )
Jul 22 20:32:55 srv02 slapd[17107]: 2.5.13.23 (uniqueMemberMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 2.5.13.23 NAME
'uniqueMemberMatch' APPLIES uniqueMember )
Jul 22 20:32:55 srv02 slapd[17107]: 2.5.13.22 (presentationAddressMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 2.5.13.22 NAME
'presentationAddressMatch' APPLIES presentationAddress )
Jul 22 20:32:55 srv02 slapd[17107]: 2.5.13.20 (telephoneNumberMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 2.5.13.20 NAME
'telephoneNumberMatch' APPLIES ( pager $ mobile $ homePhone $
telephoneNumber ) )
Jul 22 20:32:55 srv02 slapd[17107]: 2.5.13.17 (octetStringMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 2.5.13.17 NAME
'octetStringMatch' APPLIES ( nisSecretKey $ nisPublicKey $ queryid $
userPassword ) )
Jul 22 20:32:55 srv02 slapd[17107]: 2.5.13.16 (bitStringMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 2.5.13.16 NAME
'bitStringMatch' APPLIES x500UniqueIdentifier )
Jul 22 20:32:55 srv02 slapd[17107]: 2.5.13.14 (integerMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 2.5.13.14 NAME
'integerMatch' APPLIES ( suseMaxPasswordLength $ suseMinPasswordLength $
suseMaxUniqueId $ suseMinUniqueId $ suseNextUniqueId $ oncRpcNumber $
ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire $ shadowInactive
$ shadowWarning $ shadowMax $ shadowMin $ shadowLastChange $ gidNumber $
uidNumber $ mailPreferenceOption $ supportedLDAPVersion ) )
Jul 22 20:32:55 srv02 slapd[17107]: 2.5.13.13 (booleanMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 2.5.13.13 NAME
'booleanMatch' APPLIES hasSubordinates )
Jul 22 20:32:55 srv02 slapd[17107]: 2.5.13.11 (caseIgnoreListMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 2.5.13.11 NAME
'caseIgnoreListMatch' APPLIES ( homePostalAddress $ registeredAddress $
postalAddress ) )
Jul 22 20:32:55 srv02 slapd[17107]: 2.5.13.8 (numericStringMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 2.5.13.8 NAME
'numericStringMatch' APPLIES ( internationaliSDNNumber $ x121Address ) )
Jul 22 20:32:55 srv02 slapd[17107]: 2.5.13.7 (caseExactSubstringsMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 2.5.13.7 NAME
'caseExactSubstringsMatch' APPLIES ( dnQualifier $ destinationIndicator $
serialNumber ) )
Jul 22 20:32:55 srv02 slapd[17107]: 2.5.13.6 (caseExactOrderingMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 2.5.13.6 NAME
'caseExactOrderingMatch' APPLIES ( dnQualifier $ destinationIndicator $
serialNumber ) )
Jul 22 20:32:55 srv02 slapd[17107]: 2.5.13.5 (caseExactMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 2.5.13.5 NAME
'caseExactMatch' APPLIES ( suseMapAttribute $ susePlugin $ suseDefaultValue $
suseSearchFilter $ nisMapName $ ipNetworkNumber $ ipHostNumber $
ipServiceProtocol $ preferredLanguage $ employeeType $ employeeNumber $
displayName $ departmentNumber $ carLicense $ documentPublisher $
buildingName $ organizationalStatus $ uniqueIdentifier $ co $ personalTitle $
documentLocation $ documentVersion $ documentTitle $ documentIdentifier $
host $ userClass $ roomNumber $ drink $ info $ textEncodedORAddress $ uid $
dmdName $ houseIdentifier $ dnQualifier $ generationQualifier $ initials $
givenName $ destinationIndicator $ physicalDeliveryOfficeName $ postOfficeBox
$ postalCode $ businessCategory $ description $ title $ ou $ o $ street $ st
$ l $ c $ serialNumber $ sn $ knowledgeInformation $ labeledURI $ cn $ name $
ref $ vendorVersion $ vendorName $ supportedSASLMechanisms ) )
Jul 22 20:32:55 srv02 slapd[17107]: 2.5.13.3 (caseIgnoreOrderingMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 2.5.13.3 NAME
'caseIgnoreOrderingMatch' APPLIES ( dnQualifier $ destinationIndicator $
serialNumber ) )
Jul 22 20:32:55 srv02 slapd[17107]: 2.5.13.2 (caseIgnoreMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 2.5.13.2 NAME
'caseIgnoreMatch' APPLIES ( suseMapAttribute $ susePlugin $ suseDefaultValue
$ suseSearchFilter $ nisMapName $ ipNetworkNumber $ ipHostNumber $
ipServiceProtocol $ preferredLanguage $ employeeType $ employeeNumber $
displayName $ departmentNumber $ carLicense $ documentPublisher $
buildingName $ organizationalStatus $ uniqueIdentifier $ co $ personalTitle $
documentLocation $ documentVersion $ documentTitle $ documentIdentifier $
host $ userClass $ roomNumber $ drink $ info $ textEncodedORAddress $ uid $
dmdName $ houseIdentifier $ dnQualifier $ generationQualifier $ initials $
givenName $ destinationIndicator $ physicalDeliveryOfficeName $ postOfficeBox
$ postalCode $ businessCategory $ description $ title $ ou $ o $ street $ st
$ l $ c $ serialNumber $ sn $ knowledgeInformation $ labeledURI $ cn $ name $
ref $ vendorVersion $ vendorName $ supportedSASLMechanisms ) )
Jul 22 20:32:55 srv02 slapd[17107]: 2.5.13.1 (distinguishedNameMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 2.5.13.1 NAME
'distinguishedNameMatch' APPLIES ( suseSecondaryGroup $ suseDefaultTemplate $
suseDefaultBase $ dITRedirect $ associatedName $ secretary $ documentAuthor $
manager $ seeAlso $ roleOccupant $ owner $ member $ distinguishedName $
aliasedObjectName $ namingContexts $ subschemaSubentry $ modifiersName $
creatorsName ) )
Jul 22 20:32:55 srv02 slapd[17107]: 2.5.13.0 (objectIdentifierMatch):
Jul 22 20:32:55 srv02 slapd[17107]: matchingRuleUse: ( 2.5.13.0 NAME
'objectIdentifierMatch' APPLIES ( supportedApplicationContext $
supportedFeatures $ supportedExtension $ supportedControl ) )
Jul 22 20:32:55 srv02 slapd[17108]: slapd startup: initiated.
Jul 22 20:32:55 srv02 slapd[17108]: slapd starting
#################### Fetch DNs by browser ... ########################
Jul 22 20:34:36 srv02 slapd[17108]: connection_get(8): got connid=0
Jul 22 20:34:36 srv02 slapd[17108]: connection_read(8): checking for input on
id=0
Jul 22 20:34:36 srv02 slapd[17108]: ber_get_next on fd 8 failed errno=11
(Resource temporarily unavailable)
Jul 22 20:34:36 srv02 slapd[17108]: do_bind
Jul 22 20:34:36 srv02 slapd[17108]: >>> dnPrettyNormal: <>
Jul 22 20:34:36 srv02 slapd[17108]: <<< dnPrettyNormal: <>, <>
Jul 22 20:34:36 srv02 slapd[17108]: do_bind: version=3 dn="" method=128
Jul 22 20:34:36 srv02 slapd[17108]: send_ldap_result: conn=0 op=0 p=3
Jul 22 20:34:36 srv02 slapd[17108]: send_ldap_response: msgid=1 tag=97 err=0
Jul 22 20:34:36 srv02 slapd[17108]: do_bind: v3 anonymous bind
Jul 22 20:34:36 srv02 slapd[17108]: connection_get(8): got connid=0
Jul 22 20:34:36 srv02 slapd[17108]: connection_read(8): checking for input on
id=0
Jul 22 20:34:36 srv02 slapd[17108]: ber_get_next on fd 8 failed errno=11
(Resource temporarily unavailable)
Jul 22 20:34:36 srv02 slapd[17108]: do_search
Jul 22 20:34:36 srv02 slapd[17108]: >>> dnPrettyNormal: <>
Jul 22 20:34:36 srv02 slapd[17108]: <<< dnPrettyNormal: <>, <>
Jul 22 20:34:36 srv02 slapd[17108]: => send_search_entry: dn=""
Jul 22 20:34:36 srv02 slapd[17108]: <= send_search_entry
Jul 22 20:34:36 srv02 slapd[17108]: send_ldap_result: conn=0 op=1 p=3
Jul 22 20:34:36 srv02 slapd[17108]: send_ldap_response: msgid=2 tag=101 err=0
Jul 22 20:34:36 srv02 slapd[17108]: connection_get(8): got connid=0
Jul 22 20:34:36 srv02 slapd[17108]: connection_read(8): checking for input on
id=0
Jul 22 20:34:36 srv02 slapd[17108]: ber_get_next on fd 8 failed errno=0
(Success)
Jul 22 20:34:36 srv02 slapd[17108]: connection_read(8): input error=-2 id=0,
closing.
Jul 22 20:34:36 srv02 slapd[17108]: connection_closing: readying conn=0 sd=8
for close
Jul 22 20:34:36 srv02 slapd[17108]: connection_close: deferring conn=0 sd=8
Jul 22 20:34:36 srv02 slapd[17108]: do_unbind
Jul 22 20:34:36 srv02 slapd[17108]: connection_resched: attempting closing
conn=0 sd=8
Jul 22 20:34:36 srv02 slapd[17108]: connection_close: conn=0 sd=8
########### Connect as anonymous from LDAP-Browser.... ###############
Jul 22 20:35:56 srv02 slapd[17108]: connection_get(8): got connid=1
Jul 22 20:35:56 srv02 slapd[17108]: connection_read(8): checking for input on
id=1
Jul 22 20:35:56 srv02 slapd[17108]: ber_get_next on fd 8 failed errno=11
(Resource temporarily unavailable)
Jul 22 20:35:56 srv02 slapd[17108]: do_bind
Jul 22 20:35:56 srv02 slapd[17108]: >>> dnPrettyNormal: <>
Jul 22 20:35:56 srv02 slapd[17108]: <<< dnPrettyNormal: <>, <>
Jul 22 20:35:56 srv02 slapd[17108]: do_bind: version=3 dn="" method=128
Jul 22 20:35:56 srv02 slapd[17108]: send_ldap_result: conn=1 op=0 p=3
Jul 22 20:35:56 srv02 slapd[17108]: send_ldap_response: msgid=1 tag=97 err=0
Jul 22 20:35:56 srv02 slapd[17108]: do_bind: v3 anonymous bind
Jul 22 20:35:57 srv02 slapd[17108]: connection_get(8): got connid=1
Jul 22 20:35:57 srv02 slapd[17108]: connection_read(8): checking for input on
id=1
Jul 22 20:35:57 srv02 slapd[17108]: ber_get_next on fd 8 failed errno=11
(Resource temporarily unavailable)
Jul 22 20:35:57 srv02 slapd[17108]: do_search
Jul 22 20:35:57 srv02 slapd[17108]: >>> dnPrettyNormal: <c=de>
Jul 22 20:35:57 srv02 slapd[17108]: <<< dnPrettyNormal: <c=de>, <c=de>
Jul 22 20:35:57 srv02 slapd[17108]: => ldbm_back_search
Jul 22 20:35:57 srv02 slapd[17108]: dn2entry_r: dn: "c=de"
Jul 22 20:35:57 srv02 slapd[17108]: => dn2id( "c=de" )
Jul 22 20:35:57 srv02 slapd[17108]: => ldbm_cache_open( "dn2id.dbb", 73, 600 )
Jul 22 20:35:57 srv02 slapd[17108]: <= ldbm_cache_open (opened 0)
Jul 22 20:35:57 srv02 slapd[17108]: <= dn2id NOID
Jul 22 20:35:57 srv02 slapd[17108]: send_ldap_result: conn=1 op=1 p=3
Jul 22 20:35:57 srv02 slapd[17108]: send_ldap_response: msgid=2 tag=101 err=32
######## Connect as admin from LDAP-Browser.... ##############################
Jul 22 20:36:45 srv02 slapd[17108]: connection_get(8): got connid=1
Jul 22 20:36:45 srv02 slapd[17108]: connection_read(8): checking for input on
id=1
Jul 22 20:36:45 srv02 slapd[17108]: ber_get_next on fd 8 failed errno=11
(Resource temporarily unavailable)
Jul 22 20:36:45 srv02 slapd[17108]: do_search
Jul 22 20:36:45 srv02 slapd[17108]: >>> dnPrettyNormal: <c=de>
Jul 22 20:36:45 srv02 slapd[17108]: <<< dnPrettyNormal: <c=de>, <c=de>
Jul 22 20:36:45 srv02 slapd[17108]: => ldbm_back_search
Jul 22 20:36:45 srv02 slapd[17108]: dn2entry_r: dn: "c=de"
Jul 22 20:36:45 srv02 slapd[17108]: => dn2id( "c=de" )
Jul 22 20:36:45 srv02 slapd[17108]: => ldbm_cache_open( "dn2id.dbb", 73, 600 )
Jul 22 20:36:45 srv02 slapd[17108]: <= ldbm_cache_open (cache 0)
Jul 22 20:36:45 srv02 slapd[17108]: <= dn2id NOID
Jul 22 20:36:45 srv02 slapd[17108]: send_ldap_result: conn=1 op=2 p=3
Jul 22 20:36:45 srv02 slapd[17108]: send_ldap_response: msgid=3 tag=101 err=32
Jul 22 20:36:58 srv02 slapd[17108]: connection_get(8): got connid=1
Jul 22 20:36:58 srv02 slapd[17108]: connection_read(8): checking for input on
id=1
Jul 22 20:36:58 srv02 slapd[17108]: ber_get_next on fd 8 failed errno=11
(Resource temporarily unavailable)
Jul 22 20:36:58 srv02 slapd[17108]: do_unbind
Jul 22 20:36:58 srv02 slapd[17108]: connection_closing: readying conn=1 sd=8
for close
Jul 22 20:36:58 srv02 slapd[17108]: connection_resched: attempting closing
conn=1 sd=8
Jul 22 20:36:58 srv02 slapd[17108]: connection_close: conn=1 sd=8
Jul 22 20:37:20 srv02 slapd[17108]: connection_get(8): got connid=2
Jul 22 20:37:20 srv02 slapd[17108]: connection_read(8): checking for input on
id=2
Jul 22 20:37:20 srv02 slapd[17108]: ber_get_next on fd 8 failed errno=11
(Resource temporarily unavailable)
Jul 22 20:37:20 srv02 slapd[17108]: do_bind
Jul 22 20:37:20 srv02 slapd[17108]: >>> dnPrettyNormal: <admin, c=de>
Jul 22 20:37:20 srv02 slapd[17108]: bind: invalid dn (admin, c=de)
Jul 22 20:37:20 srv02 slapd[17108]: send_ldap_result: conn=2 op=0 p=3
Jul 22 20:37:20 srv02 slapd[17108]: send_ldap_response: msgid=1 tag=97 err=34
Jul 22 20:37:20 srv02 slapd[17108]: connection_get(8): got connid=2
Jul 22 20:37:20 srv02 slapd[17108]: connection_read(8): checking for input on
id=2
Jul 22 20:37:20 srv02 slapd[17108]: ber_get_next on fd 8 failed errno=0
(Success)
Jul 22 20:37:20 srv02 slapd[17108]: connection_read(8): input error=-2 id=2,
closing.
Jul 22 20:37:20 srv02 slapd[17108]: connection_closing: readying conn=2 sd=8
for close
Jul 22 20:37:20 srv02 slapd[17108]: connection_close: conn=2 sd=8
Someone out there who can help ? Thanks in advance,
Marcus