[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Configuring OpenLDAP on Ubuntu 9.10.Need help!



Starting with Ubuntu Karmic (9.10), the slapd package changed from creating a typical LDAP administrator account (i.e., username and password) to using LDAPI and SASL EXTERNAL which automatically provides LDAP administrator access via the system root account. As root, run your LDAP utilities with "-Y external -H "ldapi:///" instead of "-x", "-D", and "-W" where appropriate. For example, to search your LDAP directory:

ldapsearch -Y external -H "ldapi:///" -b dc=domain,dc=com

I'm not sure why the Ubuntu Server Guide for 9.10 did not get updated to reflect these changes, but if you search the web for "ubuntu sasl external" you'll get quite a few hits on the issue. You may also want to read these bugs when configuring clients:

https://bugs.launchpad.net/bugs/423252

https://bugs.launchpad.net/bugs/427842

Matt

On 3/30/10 4:04 AM, Shamika Joshi wrote:
I have followed following article to install/configure OpenLDAP on
Ubuntu Server 9.10
https://help.ubuntu.com/9.10/serverguide/C/openldap-server.html

There is no slapd.conf in picture here instead running "dpkg-reconfigure
slapd" should come up with following Wizard (got this after running
through numerous articles on this)

*Wizard steps:*

   1. *omit openldap server configuration? – no*
   2. *dns domain name? vm.example.org <http://vm.example.org>*
   3. *organization name? myCompany*
   4. *database backend to use? hdb*
   5. *do you want the database to be removed when slapd is purged? yes*
   6. *may be the question: move old database? yes*
   7. *administrator password? the same one as entered during installation*
   8. *confirm password? see last step*
   9. *allow LDAPv2 protocol? no*

However in my installation wizards asks
*
Omit OpenLDAP server configuration?    No
  Do you want the database to be removed when slapd is purged? No
  Allow LDAPv2 protocol? No
  Creating initial slapd configuration... done.
Starting OpenLDAP: slapd.

*Has anyone attempted this before? What I'm missing here? Could someone
like to pitch in for some help?

So when I run "ldapsearch -x" it gives me following output

admins@x6:/etc/ldap$ ldapsearch -x
# extended LDIF
#
# LDAPv3
# base <> (default) with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# search result
search: 2
result: 32 No such object

# numResponses: 1


where is should give the output like

# extended LDIF
#
# LDAPv3
# base  (default) with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

#vm.example.org  <http://vm.example.org>

dn: dc=vm,dc=example,dc=org
objectClass: top
objectClass: dcObject
objectClass: organization
o: myCompany
dc: vm

# admin,vm.example.org  <http://vm.example.org>
dn: cn=admin,dc=vm,dc=example,dc=org

objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator

# search result
search: 2
result: 0 Success

# numResponses: 3
# numEntries: 2



Thanks
Shamika