[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: slapcat vs. ldapsearch
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Tim Nelson wrote:
| On Thu, 13 Jan 2005, Buchan Milne wrote:
|
|> -----BEGIN PGP SIGNED MESSAGE-----
|> Hash: SHA1
|>
|> Hallvard B Furuseth wrote:
|>
|> | Of course, 'upgrade to the latest Stable version' also tends ot be a
|> | good answer, in particular if you are using the OpenLDAP which comes
|> | with RedHat:-)
|>
|> I really don't think this will fix the problem, and there are some
|> useful things you can do with the OpenLDAP that comes with RedHat, you
|> can read the man pages ;-).
|>
|> Tim, care to explain exactly what you are trying to do? Maybe you want
|> to post the relevant bits of your slapd.conf, and also tell us if you
|> have actually got a password for cn=sync,ou=Rpc in your database ...
|
|
| Ok, finally managed to get back to this.
|
| I'm essentially trying to follow the Quick Start guide, with the
| following assumptions and modifications of the process:
| - I'm using the OpenLDAP which comes with Redhat Enterprise 3
| (openldap-2.0.27-17)
I guess I should really get around to doing a bit more testing on my
parallel-installable openldap-2.2.20 packages for RHEL3 to iron out the
last minor issues, so I can make them available and people can run a
modern package without conflicting with the original packages ...
|, and I'm assuming that the RPM has already
| done steps 1-7 in the first section of the quick start guide for
| me, and that the only step I needed to complete in the first
| section was step 8, configure config files (which I've done, with
| the exception that I generated the password with slappasswd, and
| pasted that in the config file)
| - I'm assuming that Redhat's "service ldap start" (aka
| /etc/rc.d/init.d/ldap start) does the same thing as starting the
| LDAP server in step 1 of the second section.
| - Evidence that the above assumptions are true: in step 1 of the
| second section, I get the correct output for ldapsearch
No problem so far.
| - Rather than adding entries with ldapadd, I'm using the migration
| scripts which come with openLDAP (specifically, using
| migrate_all_offline before I started openLDAP).
(I doubt the usefulness of having some of the information migrated ...
having services, protocols in LDAP is a bit pointless IMHO ...)
| These show up
| fine in slapcat, but when I run the ldapsearch command listed in
| step 3 of section 2 of the Quick Start Guide, I get:
It would help if you gave the actual command ... I am not sure which
version of the Quick Start guide your are using ...
| -------------------------------
| version: 2
|
| #
| # filter: (objectclass=*)
| # requesting: ALL
| #
|
| # search result
| search: 2
| result: 32 No such object
|
| # numResponses: 1
| -------------------------------
|
| AFAIK, the only passwords involved are:
| 1. The one in slapd.conf
| 2. Anything imported by the migrate scripts
|
| Does this help at all?
|
Yep. But, I'm going to paste some parts of your previous mail:
| --------------------------------
| # slapcat
| ...
| dn: cn=sync,ou=Rpc,dc=webalive,dc=biz
| objectClass: oncRpc
| objectClass: top
| description: RPC sync
| description: ONC RPC number 100104 (sync)
| oncRpcNumber: 100104
| cn: sync
| cn: na.sync
| ...
| --------------------------------
|
| If I do an ldapsearch, I don't seem to be able to get this
information out:
|
| --------------------------------
| # ldapsearch -x -LLL -b '' -s base -D 'cn=sync,ou=Rpc,dc=webalive,dc=biz'
| dn:
| objectClass: top
| objectClass: OpenLDAProotDSE
| --------------------------------
|
| Question; is there something obvious I'm missing? eg. a command
line option to ldapsearch?
The search you list here is:
- -searching on the "root DIT" (via -b ''), with a scope of base,
requesting all non-operational attibutes. The output is more or less
what one would expect to see.
- -You are trying to bind as cn=sync,ou=Rpc,dc=webalive,dc=biz without a
password
If you were trying to retreive the cn=sync,ou=Rpc,dc=webalive,dc=biz
entry, you should probably instead have run something like this:
$ ldapsearch -x -LLL -b cn=sync,ou=Rpc,dc=webalive,dc=biz -s base
Or:
$ ldapsearch -x -LLL -b dc=webalive,dc=biz "(cn=sync)"
You should be able to retrieve most entries in your directory with:
$ ldapsearch -x -LLL -b dc=webalive,dc=biz
If you have configured your ldap client correctly (ie have "BASE
dc=webalive,dc=biz" in /etc/openldap/ldap.conf), you should also get the
~ same with:
$ ldapsearch -x -LLL -b dc=webalive,dc=biz
Regards,
Buchan
- --
Buchan Milne Senior Support Technician
Obsidian Systems http://www.obsidian.co.za
B.Eng RHCE (803004789010797)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFB8K+ArJK6UGDSBKcRAr/TAKCVJMemODX0FH51s2BUzVm5lh9jBACfXxNr
CtHTnjhIXI6Kn4Lp9JOqIV8=
=OHD9
-----END PGP SIGNATURE-----