[KLUG Members] first ldap question
Richard Harding
members@kalamazoolinux.org
Wed, 26 Nov 2003 10:36:28 -0500
My apologies...I found my error. I needed to be trying to use the add
command like this:
ldapadd -x -D "cn=admin,dc=home,dc=ricksweb,dc=info" -W -f example.ldif
Richard Harding wrote:
> Here we go...ldap testing take one. I installed the packages on my
> Debian system and started out with the base Debian slapd.conf.
>
> I have set up DNS on my box internally for the domain home.ricksweb.info
> (I have the rickweb.info domain hosted elsewhere)
>
> The DNS is working and ldap appears to be working. If I run:
> ldapsearch -x -b 'dc=home,dc=ricksweb,dc=info' '(objectclass=*)'
>
> I get the following:
> # extended LDIF
> #
> # LDAPv3
> # base <dc=home,dc=ricksweb,dc=info> with scope sub
> # filter: (objectclass=*)
> # requesting: ALL
> #
>
> # home.ricksweb.info
> dn: dc=home,dc=ricksweb,dc=info
> objectClass: top
> objectClass: dcObject
> objectClass: organization
> o: ricksweb
> dc: home
>
> # admin, home.ricksweb.info
> dn: cn=admin,dc=home,dc=ricksweb,dc=info
> objectClass: simpleSecurityObject
> objectClass: organizationalRole
> cn: admin
> description: LDAP administrator
>
> # search result
> search: 2
> result: 0 Success
>
> # numResponses: 3
> # numEntries: 2
>
>
> Now I am following the openldap documentation and attempting to insert
> using the following example.ldif file: ( I got it from the quickstart
> docs from OpenLDAP )
> dn: dc=home,dc=ricksweb,dc=info
> objectclass: dcObject
> objectclass: organization
> o: ricksweb
> dc: home.ricksweb
>
> dn: cn=Manager,dc=home,dc=ricksweb,dc=info
> objectclass: organizationRole
> cn: Manager
>
>
> When I attempt to load it with the command
> ldapadd -x -W -f example.ldif
>
> I get a password prompt and once I put in the password I get a Invalid
> credentials (49) error. Now I did some google searching and came across
> making sure you have a rootdn and rootpw set in the slapd.conf. So I
> added these lines and then restarted slapd...no luck.
>
> Any idea what is causing the error and how I can correct?
>
> Thanks.
>
> I am including my slapd.conf below for completeness.
> ---------------------------------------------------------------------------
> # This is the main slapd configuration file. See slapd.conf(5) for more
> # info on the configuration options.
>
> #######################################################################
> # Global Directives:
>
> # Features to permit
> #allow bind_v2
>
> # Schema and objectClass definitions
> include /etc/ldap/schema/core.schema
> include /etc/ldap/schema/cosine.schema
> include /etc/ldap/schema/nis.schema
> include /etc/ldap/schema/inetorgperson.schema
>
> # Schema check allows for forcing entries to
> # match schemas for their objectClasses's
> schemacheck on
>
> # Where the pid file is put. The init.d script
> # will not stop the server if you change this.
> pidfile /var/run/slapd/slapd.pid
>
> # List of arguments that were passed to the server
> argsfile /var/run/slapd.args
>
> # Read slapd.conf(5) for possible values
> loglevel 0
>
> # Where the dynamically loaded modules are stored
> modulepath /usr/lib/ldap
> moduleload back_bdb
>
> #######################################################################
> # Specific Backend Directives for bdb:
> # Backend specific directives apply to this backend until another
> # 'backend' directive occurs
> backend bdb
>
> #######################################################################
> # Specific Backend Directives for 'other':
> # Backend specific directives apply to this backend until another
> # 'backend' directive occurs
> #backend <other>
>
> #######################################################################
> # Specific Directives for database #1, of type bdb:
> # Database specific directives apply to this databasse until another
> # 'database' directive occurs
> database bdb
>
> # The base of your directory in database #1
> suffix "dc=home,dc=ricksweb,dc=info"
>
> # Where the database file are physically stored for database #1
> directory "/var/lib/ldap"
>
> # Indexing options for database #1
> index objectClass eq
>
> # Save the time that the entry gets modified, for database #1
> lastmod on
>
> # Where to store the replica logs for database #1
> # replogfile /var/lib/ldap/replog
>
> #added to attempt to allow the ldif file to be inserted
> rootdn "cn=admin,dc=home,dc=ricksweb,dc=info"
> rootpw {SSHA}kakcMyHc7D2pW2O4OjlG8Q/9lqJJkNxF
>
> # The userPassword by default can be changed
> # by the entry owning it if they are authenticated.
> # Others should not be able to see it, except the
> # admin entry below
> # These access lines apply to database #1 only
> access to attribute=userPassword
> by dn="cn=admin,dc=home,dc=ricksweb,dc=info" write
> by anonymous auth
> by self write
> by * none
>
> # Ensure read access to the base for things like
> # supportedSASLMechanisms. Without this you may
> # have problems with SASL not knowing what
> # mechanisms are available and the like.
> # Note that this is covered by the 'access to *'
> # ACL below too but if you change that as people
> # are wont to do you'll still need this if you
> # want SASL (and possible other things) to work
> # happily.
> access to dn.base="" by * read
>
> # The admin dn has full write access, everyone else
> # can read everything.
> access to *
> by dn="cn=admin,dc=home,dc=ricksweb,dc=info" write
> by * read
>
>
> _______________________________________________
> Members mailing list
> Members@kalamazoolinux.org
>