On Friday 16 September 2005 00:24, Steve Parker wrote: > Peter Huetmannsberger wrote: > > Thanks for these suggestions, but I can't get either to work... with > Peter's suggestion, I get: > adding new entry "dc=itops,dc=com" > ldap_add: Naming violation (64) > additional info: value of naming attribute 'dc' is not present in > entry > > With Patrick's suggestion I still get: > adding new entry "dc=itops,dc=com" > ldap_add: No such object (32) > > Since all the (presumably) right answers, from here and what I've found > on the web, aren't working, could it possibly be something to do with my > config? > > ///// what I assume is the relevant part of ldap.conf //// > SSL true > # > BASE dc=itops,dc=com > ROOTBINDDN cn=Manager,dc=itops,dc=com This configuration option doesn't exist. > BINDDN cn=Manager,dc=itops,dc=com Quote from ldap.conf(5): "BINDDN <dn> Specifies the default bind DN to use when performing ldap opera- tions. The bind DN must be specified as a Distinguished Name in LDAP format. This is a user-only option." Since it is a user-only option, it won't work in an ldap.conf file, but only ldaprc or .ldaprc. > # Dont forget to put the LDAP Manager password in /etc/ldap.secret > PORT 636 > > ///// what I assume is the relevant part of slapd.conf ///// > database bdb > suffix "dc=itops,dc=com" > rootdn "cn=Manager,dc=itops,dc=com" > rootpw <my_password> > ///// > > Does that look sensible? Yes, but your commandline doesn't match it: # /usr/local/bin/ldapadd -c -Y DIGEST-MD5 -U Manager -W -f i.ldif -v Your other slapd.conf snippet contained: > rootpw <my_password> > #rootpw <my_encrypted_password> # I've hashed this out for now, let's > keep it simple! Problems I see here are: 1)No authz-regexp You probably need something like: authz-regexp UID=([^,]*),CN=DIGEST-MD5,CN=auth cn=$1,dc=itops,dc=com 2)Your comment on the rootpw from the 2nd snippet implies you were using an encrypted rootpw, this won't work with digest-md5. Before you debug your LDIF further, make sure you can authenticate your rootdn: # ldapwhoami -U Manager -W -Y DIGEST-MD5 Regards, Buchan -- Buchan Milne ISP Systems Specialist B.Eng,RHCE(803004789010797),LPIC-2(LPI000074592)
Attachment:
pgpdcIjq27Lk0.pgp
Description: PGP signature