[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP and MySQL

To: "Russell Handorf" <rhandorf@handorf.org>
Subject: Re: OpenLDAP and MySQL
From: "Pierangelo Masarati" <ando@sys-net.it>
Date: Fri, 19 May 2006 17:41:02 +0200 (CEST)
Cc: openldap-software@OpenLDAP.org
Importance: Normal
In-reply-to: <446BB450.7080207@handorf.org>
References: <1147866468.446b0d64d1805@ssl0.ovh.net> <446B86C2.9030000@symas.com> <446BB450.7080207@handorf.org>
User-agent: SquirrelMail/1.4.3a-1

> Hello all,
>
> I've been researching and attempting to get OpenLDAP and MySQL to play
> nice together now for a little over a week. Unfortunately, I cannot get
> them to do so (I've even threatened time out, but alas, they still
> misbehave).
>
> I've been following the HowTo here:
> http://www.flatmtn.com/computer/Linux-LDAP.html only to find it lacking
> major detail and non working config scripts. I've since started 'on my
> own' and now slapd starts without any errors now. The problems are:
>
> 1. Short of no errors, I cant get any data INTO or OUT OF the LDAP server
> 2. As such, no user info can be authenticated
> 3. GUI's (yup, I've even tried them) such as phpLDAP have vague errors
> such as:
>     Could not bind to the LDAP server.
>
>     LDAP said: Undefined attribute type
>     Error number: 0x11 (LDAP_UNDEFINED_TYPE)
>     Description: The attribute type specified is invalid.
>
> My end goal for the first step is to have LDAP use MySQL as the DB, and
> to authenticate SAMBA clients this way. The DB is necessary because I
> already have a big database of user accounts/passwords for
> IMAP/POP/SASL/Postfix that would be way too much of a pain to migrate
> the accounts, then how they would be stored on the file system (phase
> two is to have that username/password base authenticate the SAMBA
> clients). Would anyone mind pointing me in the right direction with
> getting LDAP-MySQL to work?
>
> System: Slackware 10.0
> OpenLDAP: 2.3.22
> Samba: 3.0.22
> MySQL: 4.0.24
> MyODBC: 2.50.39   (3.51.12 compiled with way to many warnings and exited
> on a few vague errors)
> libiodbc: 3.52.4
>
> slapd.conf
> ===
> # $OpenLDAP:
> pkg/ldap/servers/slapd/back-sql/rdbms_depend/mysql/slapd.conf,v 1.5.2.1
> 2005/01/20 18:04:03 kurt Exp $
> #
> # See slapd.conf(5) for details on configuration options.
> # This file should NOT be world readable.
> #
> include         /usr/local/etc/openldap/schema/core.schema
> include         /usr/local/etc/openldap/schema/cosine.schema
> include         /usr/local/etc/openldap/schema/inetorgperson.schema
> include         /usr/local/etc/openldap/schema/nis.schema
> include         /etc/openldap/schema/samba.schema
>
> # Define global ACLs to disable default read access.
>
> # Do not enable referrals until AFTER you have a working directory
> # service AND an understanding of referrals.
> #referral       ldap://root.openldap.org
>
> pidfile         /usr/local/var/slapd.pid
> argsfile        /usr/local/var/slapd.args
>
> #######################################################################
> # sql database definitions
> #######################################################################
>
> database        sql
> suffix          "o=sql,c=RU"
> rootdn          "cn=root,o=sql,c=RU"
> rootpw          >snip<
> dbname          ldap
> dbuser          root
> dbpasswd        >snip<
> subtree_cond    "ldap_entries.dn LIKE CONCAT('%',?)"
> insentry_stmt   "INSERT INTO ldap_entries (dn,oc_map_id,parent,keyval)
> VALUES (?,?,?,?)"
> has_ldapinfo_dn_ru      no

Did you try the built-in tests and instructions?  They're a bit out of
date, but they're __way__ more recent than the ones you followed.

Look into "servers/slapd/back-sql/rdbms_depend/README" for a brief
description of what you're supposed to do.  Make sure you read the FAQ:
<http://www.openldap.org/faq/data/cache/978.html>.  As a general rule, I
suggest using unofficial sources only when the official ones are missing
or incomplete.  If you set up the system (RDBMS and ODBC) appropriately,
you can also run a built-in test suite: "cd tests && make sql".  You need
to define some environment variables first, but the whole stuff should be
illustrated in the above README.  Note that the most accurately maintained
RDBMS is PostgreSQL; there's no write tests for MySQL.

p.



Ing. Pierangelo Masarati
Responsabile Open Solution
OpenLDAP Core Team

SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office:   +39.02.23998309          
Mobile:   +39.333.4963172
Email:    pierangelo.masarati@sys-net.it
------------------------------------------

Follow-Ups:
- Re: OpenLDAP and MySQL
  - From: Russell Handorf <rhandorf@handorf.org>

References:
- TLS could not load verify location
  - From: agerardin@ariane-ingenierie.net
- Re: TLS could not load verify location
  - From: Howard Chu <hyc@symas.com>
- OpenLDAP and MySQL
  - From: Russell Handorf <rhandorf@handorf.org>

Prev by Date: Re: Problem indexing
Next by Date: Re: Problem indexing
Index(es):
- Chronological
- Thread