[Date Prev][Date Next] [Chronological] [Thread] [Top]

OpenLdap Problems on Redhat ESv3



= Aside from some stuff a year or so ago = during research into authenticating linux hosts against active directory (= another job, don?t ask), this is my first time setting up openldap. = After reading the ldap quickstart, and skimming over the admin guide, and = picking up the Oriley book, all of which pointed to a very simple setup, I= figured it would be a cakewalk and after getting annoyed with progress on= ES3, I was able to do the exact same sequence on Suse 9.2 in about 15 min= utes and be able to browse tree, and query successfully.. Since I?m = doing it on redhat es v. 3, however, it, of course, has to work oddly. J The final goal for = "" is to be able to use ldap for authentication. = I?ll go over the problem(s) first, and put the configurat= ion stuff below. Love to hear what you guys (and gals) think. Basically here?s what I did: = (1) <= /span>Setup /etc/openldap/slapd.conf (2)   Authconfig info & auth both get ldap (loc= alhost dc=shuba,dc=com) (3) = Migrate_base > /tmp/base.ldif (4) <= /span>Slapadd ?f /etc/openldap/slapd.conf ?x –v ?l /tmp/base.ldif (5) = Authconfig (turn shadow passwords off) (6)   Cp /etc/passwd /tmp/shadowpass.txt<= /p> = (7) = ; Migrate_passwd.pl /tmp/shadowpass.= txt > /tmp/users.ldif (8) = Slapadd ?f /etc/openldap/slapd.conf ?x ?v ?f = /tmp/base.ldif (9) Slapcat= t | more (looks good) (10) Service ldap start = (/etc/init.d/ldap start) (11) Ldapsearch ?x= (see below for results) (12) Open a java ldap br= owser (connects, ONLY shows ?dc=shuba, dc=com? ? no = children) (13) Try to connect using the Manager= user, no dice. = (PS) I looked through the archives, and did= n?t see anything, as well as going through google, and google news g= roups. If by some miracle, I?ve missed readily available answers the= re or in the FAQ, please accept my apologies in advance. TIA, Nick = First ldapadd works oddly. An ldif that I c= an add with slapadd gives an error using ldap add. = slapadd -f /etc/openldap/slapd.conf= -v -l /tmp/user.ldif added: "uid=foo,ou=People,dc=shuba,dc= =com" (00000050) << changes foo->bar, and increase the uid/gid by one, sam= e file >> [r= oot@test1-int migration]# /etc/init.d/ldap start Starting slapd:     = [OK] = [root@test1-int migr= ation]# ldapadd -x -v -f /tmp/user.ldif ldap_initialize( ) add uid: bar add cn:   adding with ldapadd<= /p> add objectClas= s: account =   posixAccount   top add userPassword: = {SSHA}qaf5D6w/DGSY521JJu5gambxmBvadJyr add loginShell: = /bin/bash add uidNumber:   1029 add gidNumber: =   1029 add homeDirectory:   /home/bar adding new entry "uid=bar,ou=People,dc= =shuba,dc=com" ldap_add: Operations error =   ldif_record() = 1 for the record, btw, the last entry in the db, according to slapcat is: = dn: uid=foo,= ou=People,dc=shuba,dc=com uid: foo cn: adding with ldapadd objectClass= : account objectClass: posixAccount objectClass: top = userPassword:: --sni= p -- = loginShell: /bin/bash uidNumber: 1028 gidNumber: 1028 homeDirector= y: /home/foo So t= hat?s the first thing. Second, Nothing comes back when I use ldapsea= rch, even when asking for anything: = ; ldapsearch -x -b '' -s base '(objectclass=*)' = version: 2   <= font size=2 face=Arial># # filter: (objectclass=*) # requesting: ALL <= p class=MsoNormal style='margin-left:.5in'><= span style='font-size:10.0pt;font-family:Arial'># = # dn:<= /font> objec= tClass: top objectClass: OpenLDAProotDSE # search result search: 2 re= sult: 0 Success # numResponses: 2 # numEntries: 1 = Unfo= rtunately, I got a bounce stating that this message was to long. I have mo= ved the config files to http://nicholasbernstein.= com/ldap_stuff/   = It got double spaced s= ome how in the cutting and pasting from windows -> unix. If it annoys y= ou, please have compassion ? you can?t imagine how much being = stuck on windows bugs me. ;) FrontBridge introduces Message Archive and Secure Email. Get l= eading Enterprise Message Security services from FrontBridge. www.frontbridge.com