On Tuesday, 3 January 2012 03:33:42 Maxim Vetrov wrote:
Hi!
Trying to start test server (openldap 2.4.25) on my home box (FreeBSD
8.2 i386) I get this error:
Can you provide the commandline invocation that provided this error message?
...
ldif_back_add: "olcDatabase={0}config,cn=config"
oc_check_required entry (olcDatabase={0}config,cn=config), objectClass
"olcDatabaseConfig"
oc_check_allowed type "objectClass"
oc_check_allowed type "olcDatabase"
oc_check_allowed type "olcAddContentAcl"
oc_check_allowed type "olcLastMod"
oc_check_allowed type "olcMaxDerefDepth"
oc_check_allowed type "olcReadOnly"
oc_check_allowed type "olcRootDN"
oc_check_allowed type "olcSyncUseSubentry"
oc_check_allowed type "olcMonitoring"
oc_check_allowed type "structuralObjectClass"
oc_check_allowed type "entryUUID"
oc_check_allowed type "creatorsName"
oc_check_allowed type "createTimestamp"
oc_check_allowed type "entryCSN"
oc_check_allowed type "modifiersName"
oc_check_allowed type "modifyTimestamp"
ldif_back_add: err: 68 text:
send_ldap_result: conn=-1 op=0 p=0
send_ldap_result: err=68 matched="" text=""
slapd destroy: freeing system resources.
slapd stopped.
connections_destroy: nothing to destroy.
Config I use:
# global configuration entry
dn: cn=config
objectClass: olcGlobal
cn: config
olcAttributeOptions: x-hidden lang-
olcLogLevel: conns config acl
# internal schema
dn: cn=schema,cn=config
objectClass: olcSchemaConfig
cn: schema
include: file:///usr/local/etc/openldap/schema/core.ldif
include: file:///usr/local/etc/openldap/schema/cosine.ldif
include: file:///usr/local/etc/openldap/schema/inetorgperson.ldif
#include: file:///usr/local/etc/openldap/schema/collective.ldif
include: file:///usr/local/etc/openldap/schema/nis.ldif
It looks as if you are treating the back-ldif database as if it is a text-
based configuration file, which in fact it is not. You should not be starting
slapd with this configuration file, but rather be running 'slapadd -n0' (or
similar) on this ldif to import an initial configuration. Further
administration of the configuration should be done over the LDAP protocol
(e.g. with ldapmodify, or a GUI LDAP tool).
While the documentation may not necessarily be explicit enough in this regard,
please read the notes at the beginning of the 'Configuring slapd' section of
the administrator guide, such as:
"Note: Although the slapd-config(5) system stores its configuration as (text-
based) LDIF files, you should never edit any of the LDIF files directly.
Configuration changes should be performed via LDAP operations, e.g.
ldapadd(1), ldapdelete(1), or ldapmodify(1). "
Regards,
Buchan