[Date Prev][Date Next] [Chronological] [Thread] [Top]

To be a newbie, or not to be a newby .. that's the question.....

To: <OpenLDAP-software@OpenLDAP.org>
Subject: To be a newbie, or not to be a newby .. that's the question.....
From: "Christiaan den Besten" <chris@scorpion.nl>
Date: Thu, 28 Oct 2004 00:55:38 +0200

Hi !

Still figuring out how to get cn=monitoring working -and- letting replication work. From what I have read, below configuration should be working right?.. ( well, ofcourse it is not .. probably Murphy's week or something ;( ... ). So ... user error?, or software error ?....

Any help would (once again) be very appreciated ....

--- # $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24 23:19:14 kurt Exp $ # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/qmail.schema

# /* Allow (old) LDAPv2 client connections. TODO: Do we need this ? */
allow   bind_v2

# /* Check if we have a valid schema */
schemacheck on

# /* Set file location */
pidfile  /var/run/slapd.pid

# /* Performance */
concurrency  10
threads  10
loglevel 0
idletimeout  30

# /*
#  * Backend configuration.
#  */

# /* Specific options for bdb .. for now: none :) */
backend  bdb

# /* Specific options for monitor .. for now: none :) */
backend  monitor

# /*
#  * List with database definitions
#  */

# /* START DATABASE: o=Slave,c=nl */

database bdb
suffix  "o=Slave,c=nl"
rootdn  "cn=admin,o=Slave,c=nl"
rootpw  {SSHA}S7yjUq8njF/7cmE7IZEeEccs9PGDcIPI
checkpoint  1024 5
cachesize 10000
idlcachesize  10000

# /* Mode 700 recommended */
directory /usr/local/var/lib/ldap

# /* Indices to maintain for this database */
index objectClass                       eq,pres
index ou,cn,mail,surname,givenname      eq,pres,sub
index uidNumber,gidNumber,loginShell    eq,pres
index uid,memberUid                     eq,pres,sub
index nisMapName,nisMapEntry            eq,pres,sub

# /* Keep track of modifications */
lastmod on

# /* Replicate data to slave /*

replogfile /usr/local/var/lib/ldap/replog replica host=mail3.slave.nl bindmethod=simple binddn=cn=admin,o=slave,c=nl credentials=password tls=no

# /* Set access to attribute=userPassword
access to dn.regex="^cn=[^,]+,ou=BBO-People,o=slave,c=nl$"
attrs=userPassword
       by dn="cn=admin,o=slave,c=nl" write
       by self write
       by anonymous auth
       by * none

# The admin dn has full write access
access to dn.regex="^.*$"
       by dn="cn=admin,o=slave,c=nl" write
       by * read

# /* END DATABASE: o=Slave,c=nl */

# /* START DATABASE: cn=Monitor */

database monitor

# /* The admin dn can ask for statistics
access to dn.subtree="cn=Monitor"
       by dn.exact="cn=admin,o=slave,c=nl" write
       by users read
       by * none

# /* END DATABASE: cn=Monitor */

# End of config
----

slaptest -d 64 ---- line 13 (allow bind_v2) line 16 (schemacheck on) line 19 (pidfile /var/run/slapd.pid) line 22 (concurrency 10) line 23 (threads 10) line 24 (loglevel 0) line 25 (idletimeout 30 ) line 75 (backend bdb) line 78 (backend monitor) line 86 (database bdb) bdb_db_init: Initializing bdb database line 87 (suffix "o=Slave,c=nl") line 88 (rootdn "cn=admin,o=Slave,c=nl") line 89 (rootpw ***) line 90 (checkpoint 1024 5 ) line 91 (cachesize 10000) line 92 (idlcachesize 10000) line 95 (directory /usr/local/var/lib/ldap) line 98 (index objectClass eq,pres) index objectClass 0x0006 line 99 (index ou,cn,mail,surname,givenname eq,pres,sub) index ou 0x0716 index cn 0x0716 index mail 0x0716 index sn 0x0716 index givenName 0x0716 line 100 (index uidNumber,gidNumber,loginShell eq,pres) index uidNumber 0x0006 index gidNumber 0x0006 index loginShell 0x0006 line 101 (index uid,memberUid eq,pres,sub) index uid 0x0716 index memberUid 0x0716 line 102 (index nisMapName,nisMapEntry eq,pres,sub) index nisMapName 0x0716 index nisMapEntry 0x0716 line 105 (lastmod on) line 109 (replogfile /usr/local/var/lib/ldap/replog) line 110 (replica ***) line 118 (access to dn.regex="^cn=[^,]+,ou=BBO-People,o=slave,c=nl$" attrs=userPassword by dn="cn=admin,o=slave,c=nl" write by self write by anonymous auth by * none) line 123 (access to dn.regex="^.*$" by dn="cn=admin,o=slave,c=nl" write by * read) line 129 (database monitor) line 135 (access to dn.subtree="cn=Monitor" by dn.exact="cn=admin,o=slave,c=nl" write by users read by * none) config file testing succeeded ---

Replication works, database monitor does nothing. I used (cn=monitor) query below with succes when replication was not operational.....

--- [root@bbo-log10 /usr/local/etc/openldap]# ldapsearch -LLL -x -b "cn=monitor" '(objectClass=*)' @extensibleObject [root@bbo-log10 /usr/local/etc/openldap]# ---

Any tips ?

bye,
Chris

Follow-Ups:
- The porpose of sr_matched member in reply parameter
  - From: "Michael Margulis" <michael.margulis@zultys.com>
- Re: To be a newbie, or not to be a newby .. that's the question.....
  - From: Dieter Kluenter <dieter@dkluenter.de>

Prev by Date: Re: Is there a best OS to run OpenLDAP ?
Next by Date: Re: Is there a best OS to run OpenLDAP ?
Index(es):
- Chronological
- Thread