[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ldap falls without logs
You likely need to setup syslogd to work with slapd. I dont remember how to do it in debian, so you may need to do some research
To check slapd is working, stop slapd and start it from the command line with slapd -d 256, and it will print the log to the console. If you have troubles from there you would be well advised to post the out otput of logs so we can help you.
William
On 13/07/2010, at 9:13 PM, Márcio Luciano Donada wrote:
> Hi list,
> I'm using debian lenny,[1], with openldap 2.4.11 and in many cases
> simply to LDAP, while not log information. My slapd.conf is:
>
> # Global Directives:
>
> # Features to permit
> allow bind_v2
>
> # Schema and objectClass definitions
> include /etc/ldap/schema/core.schema
> include /etc/ldap/schema/cosine.schema
> include /etc/ldap/schema/inetorgperson.schema
> include /etc/ldap/schema/java.schema
> include /etc/ldap/schema/misc.schema
> include /etc/ldap/schema/nis.schema
> include /etc/ldap/schema/openldap.schema
> include /etc/ldap/schema/samba.schema
> include /etc/ldap/schema/qmail.schema
> include /etc/ldap/schema/authldap.schema
> include /etc/ldap/schema/RADIUS-LDAPv3.schema
> include /etc/ldap/schema/ppolicy.schema
>
> # Where the pid file is put. The init.d script
> # will not stop the server if you change this.
> pidfile /var/run/slapd/slapd.pid
>
> # List of arguments that were passed to the server
> argsfile /var/run/slapd/slapd.args
>
> # Read slapd.conf(5) for possible values
> loglevel 256
>
> # Where the dynamically loaded modules are stored
> modulepath /usr/lib/ldap
> moduleload syncprov
> moduleload back_monitor
> moduleload back_bdb
> moduleload ppolicy
> moduleload unique
> moduleload back_ldap
>
> # TLS
> TLSVerifyClient demand
> TLSCACertificateFile /etc/ldap/ssl/server.pem
> TLSCertificateFile /etc/ldap/ssl/server.pem
> TLSCertificateKeyFile /etc/ldap/ssl/server.pem
>
> # The tool-threads parameter sets the actual amount of cpu's that is used
> # for indexing.
> tool-threads 16
> threads 32
> #######################################################################
> # Specific Backend Directives for hdb:
> # Backend specific directives apply to this backend until another
> # 'backend' directive occurs
>
> backend bdb
> #######################################################################
> # Specific Backend Directives for 'other':
> # Backend specific directives apply to this backend until another
> # 'backend' directive occurs
> #backend <other>
>
> #######################################################################
> # Specific Directives for database #1, of type hdb:
> # Database specific directives apply to this databasse until another
> # 'database' directive occurs
> database monitor
> database bdb
>
> # The base of your directory in database #1
> suffix "dc=xxx,dc=com,dc=br"
> rootdn "cn=suporte,dc=xxx,dc=com,dc=br"
> rootpw blablabla
> overlay unique
> unique_uri ldap:///?mail?sub?
> overlay syncprov
> syncprov-checkpoint 100 10
> syncprov-sessionlog 100
>
> # Where the database file are physically stored for database #1
> directory "/var/lib/ldap"
> idletimeout 30
> checkpoint 128 15
> cachesize 100000
> lastmod on
> sizelimit unlimited
>
> index objectClass eq
> index cn pres,sub,eq
> index sn pres,sub,eq
> index uid pres,sub,eq
> index displayName pres,sub,eq
> index uniqueMember eq
> index uidNumber eq
> index gidNumber eq
> index memberUID eq
> index mailAlternateAddress eq
> index MailForwardingAddress eq
> index mail pres,sub,eq
> index default sub
> index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq
> index sambaSIDList,sambaGroupType eq
> index givenName pres,sub,eq
> index homePhone eq
> index shadowExpire,shadowLastChange,shadowMax,shadowWarning eq
> index entryCSN,entryUUID eq
>
> # Ensure read access to the base for things like
> # supportedSASLMechanisms. Without this you may
> # have problems with SASL not knowing what
> # mechanisms are available and the like.
> # Note that this is covered by the 'access to *'
> # ACL below too but if you change that as people
> # are wont to do you'll still need this if you
> # want SASL (and possible other things) to work
> # happily.
>
> # ACLs
> access to attrs=userPassword,sambaLMPassword,sambaNTPassword
> by self write
> by anonymous auth
> by * none
>
> access to *
> by * read
>
>
> P.S. note that the loglevel is 256 and I have no record of trouble.
>
> [1]. Linux ldap 2.6.26-2-686 #1 SMP Wed Aug 19 06:06:52 UTC 2009 i686
> GNU/Linux
> --
> Márcio Luciano Donada <mdonada -at- auroraalimentos -dot- com -dot- br>
> Aurora Alimentos - Cooperativa Central Oeste Catarinense
> Departamento de T.I.