Starting with:

sudo ./slapd -d -1 -f /private/etc/openldap/slapd.conf

Produces this:

daemon: activity on 1 descriptor
daemon: listen=7, new connection on 12
daemon: added 12r
conn=1 fd=12 ACCEPT from IP= 127.0.0.1:64694 (IP=0.0.0.0:389)
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: select: listen=7 active_threads=0 tvp=NULL
daemon: activity on 1 descriptor
daemon: activity on: 12r
daemon: read activity on 12
connection_get(12)
connection_get(12): got connid=1
connection_read(12): checking for input on id=1
ber_get_next
ldap_read: want=8, got=8
  0000:  30 2e 02 01 01 60 29 02                            0....`).         
ldap_read: want=40, got=40
  0000:  01 03 04 1c 63 6e 3d 4d  61 6e 61 67 65 72 2c 64   ....cn=Manager,d 
  0010:  63 3d 65 78 61 6d 70 6c  65 2c 64 63 3d 63 6f 6d   c=example,dc=com 
  0020:  80 06 73 65 63 72 65 74                            ..secret         
ber_get_next: tag 0x30 len 46 contents:
ber_dump: buf=0x00345680 ptr=0x00345680 end=0x003456ae len=46
  0000:  02 01 01 60 29 02 01 03  04 1c 63 6e 3d 4d 61 6e   ...`).....cn=Man 
  0010:  61 67 65 72 2c 64 63 3d  65 78 61 6d 70 6c 65 2c   ager,dc=example, 
  0020:  64 63 3d 63 6f 6d 80 06  73 65 63 72 65 74         dc=com..secret   
ber_get_next
ldap_read: want=8 error=Resource temporarily unavailable
ber_get_next on fd 12 failed errno=35 (Resource temporarily unavailable)
do_bind
ber_scanf fmt ({imt) ber:
ber_dump: buf=0x00345680 ptr=0x00345683 end=0x003456ae len=43
  0000:  60 29 02 01 03 04 1c 63  6e 3d 4d 61 6e 61 67 65   `).....cn=Manage 
  0010:  72 2c 64 63 3d 65 78 61  6d 70 6c 65 2c 64 63 3d   r,dc=example,dc= 
  0020:  63 6f 6d 80 06 73 65 63  72 65 74                  com..secret      
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: select: listen=7 active_threads=0 tvp=NULL
ber_scanf fmt (m}) ber:
ber_dump: buf=0x00345680 ptr=0x003456a6 end=0x003456ae len=8
  0000:  00 06 73 65 63 72 65 74                            ..secret         
>>> dnPrettyNormal: <cn=Manager,dc=example,dc=com>
=> ldap_bv2dn(cn=Manager,dc=example,dc=com,0)
<= ldap_bv2dn(cn=Manager,dc=example,dc=com)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=Manager,dc=example,dc=com)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=manager,dc=example,dc=com)=0
<<< dnPrettyNormal: <cn=Manager,dc=example,dc=com>, <cn=manager,dc=example,dc=com>
do_bind: version=3 dn="cn=Manager,dc=example,dc=com" method=128
conn=1 op=0 BIND dn="cn=Manager,dc=example,dc=com" method=128
==> bdb_bind: dn: cn=Manager,dc=example,dc=com
bdb_dn2entry("cn=manager,dc=example,dc=com")
=> bdb_dn2id("dc=example,dc=com")
<= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found (-30990)
send_ldap_result: conn=1 op=0 p=3
send_ldap_result: err=49 matched="" text=""
send_ldap_response: msgid=1 tag=97 err=49
ber_flush: 14 bytes to sd 12
  0000:  30 0c 02 01 01 61 07 0a  01 31 04 00 04 00         0....a...1....   
ldap_write: want=14, written=14
  0000:  30 0c 02 01 01 61 07 0a  01 31 04 00 04 00         0....a...1....   
conn=1 op=0 RESULT tag=97 err=49 text=
daemon: activity on 1 descriptor
daemon: activity on: 12r
daemon: read activity on 12
connection_get(12)
connection_get(12): got connid=1
connection_read(12): checking for input on id=1
ber_get_next
ldap_read: want=8, got=0

ber_get_next on fd 12 failed errno=0 (Undefined error: 0)
connection_read(12): input error=-2 id=1, closing.
connection_closing: readying conn=1 sd=12 for close
connection_close: conn=1 sd=12
daemon: removing 12
conn=1 fd=12 closed (connection lost)
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: select: listen=7 active_threads=0 tvp=NULL
daemon: activity on 1 descriptor
daemon: waked
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: select: listen=7 active_threads=0 tvp=NULL


On Dec 21, 2007 2:09 PM, Gavin Henry < ghenry@suretecsystems.com> wrote:
<quote who="Jonathan Wage">
> Uncommented and restarted ldap with the following command:
>
> sudo ./slapd -d 256 -f /private/etc/openldap/slapd.conf

Can you start up with -d -1 and just paste the first say 50 lines.

and CC your reply to openldap-software@openldap.org

>
> Then when I run this command:
>
> sudo ldapadd -x -D "cn=Manager,dc=example,dc=com" -W -f example.ldif
>
> I get this in the screen with slapd running:
>
> conn=0 fd=12 ACCEPT from IP=127.0.0.1:64609 (IP= 0.0.0.0:389)
> conn=0 op=0 BIND dn="cn=Manager,dc=example,dc=com" method=128
> conn=0 op=0 RESULT tag=97 err=49 text=
> conn=0 fd=12 closed (connection lost)
>
> The error code translates to incorrect DN or password.
>
> - Jon
>
> On Dec 21, 2007 1:52 PM, Gavin Henry <ghenry@suretecsystems.com> wrote:
>
>> Uncommment:
>>
>> # modulepath    /usr/libexec/openldap
>> # moduleload    back_bdb.la
>>
>> --
>> Kind Regards,
>>
>> Gavin Henry.
>> Managing Director.
>>
>> T +44 (0) 1224 279484
>> M +44 (0) 7930 323266
>> F +44 (0) 1224 824887
>> E ghenry@suretecsystems.com
>>
>> Open Source. Open Solutions(tm).
>>
>> http://www.suretecsystems.com/
>>
>> <quote who="Jonathan Wage">
>> > When I start slapd like you said above I am able to see the logs. I
>> then
>> > run
>> > the same command where I get the invalid credentials and I get the
>> > following:
>> >
>> > ------------------
>> >
>> > daemon: activity on 1 descriptor
>> > daemon: listen=7, new connection on 13
>> > daemon: added 13r
>> > conn=1 fd=13 ACCEPT from IP=127.0.0.1:63502 (IP= 0.0.0.0:389)
>> > daemon: select: listen=6 active_threads=0 tvp=NULL
>> > daemon: select: listen=7 active_threads=0 tvp=NULL
>> > daemon: activity on 1 descriptor
>> > daemon: activity on: 13r
>> > daemon: read activity on 13
>> > connection_get(13)
>> > connection_get(13): got connid=1
>> > connection_read(13): checking for input on id=1
>> > ber_get_next
>> > ldap_read: want=8, got=8
>> >   0000:  30 2e 02 01 01 60 29 02
>> > 0....`).
>> > ldap_read: want=40, got=40
>> >   0000:  01 03 04 1c 63 6e 3d 4d  61 6e 61 67 65 72 2c 64
>> > ....cn=Manager,d
>> >   0010:  63 3d 65 78 61 6d 70 6c  65 2c 64 63 3d 63 6f 6d
>> > c=example,dc=com
>> >   0020:  80 06 73 65 63 72 65 74
>> > ..secret
>> > ber_get_next: tag 0x30 len 46 contents:
>> > ber_dump: buf=0x003451d0 ptr=0x003451d0 end=0x003451fe len=46
>> >   0000:  02 01 01 60 29 02 01 03  04 1c 63 6e 3d 4d 61 6e
>> > ...`).....cn=Man
>> >   0010:  61 67 65 72 2c 64 63 3d  65 78 61 6d 70 6c 65 2c
>> > ager,dc=example,
>> >   0020:  64 63 3d 63 6f 6d 80 06  73 65 63 72 65 74
>> > dc=com..secret
>> > ber_get_next
>> > ldap_read: want=8 error=Resource temporarily unavailable
>> > ber_get_next on fd 13 failed errno=35 (Resource temporarily
>> unavailable)
>> > daemon: select: listen=6 active_threads=0 tvp=NULL
>> > daemon: select: listen=7 active_threads=0 tvp=NULL
>> > do_bind
>> > ber_scanf fmt ({imt) ber:
>> > ber_dump: buf=0x003451d0 ptr=0x003451d3 end=0x003451fe len=43
>> >   0000:  60 29 02 01 03 04 1c 63  6e 3d 4d 61 6e 61 67 65
>> > `).....cn=Manage
>> >   0010:  72 2c 64 63 3d 65 78 61  6d 70 6c 65 2c 64 63 3d
>> > r,dc=example,dc=
>> >   0020:  63 6f 6d 80 06 73 65 63  72 65 74
>> > com..secret
>> > ber_scanf fmt (m}) ber:
>> > ber_dump: buf=0x003451d0 ptr=0x003451f6 end=0x003451fe len=8
>> >   0000:  00 06 73 65 63 72 65 74
>> > ..secret
>> >>>> dnPrettyNormal: <cn=Manager,dc=example,dc=com>
>> > => ldap_bv2dn(cn=Manager,dc=example,dc=com,0)
>> > <= ldap_bv2dn(cn=Manager,dc=example,dc=com)=0
>> > => ldap_dn2bv(272)
>> > <= ldap_dn2bv(cn=Manager,dc=example,dc=com)=0
>> > => ldap_dn2bv(272)
>> > <= ldap_dn2bv(cn=manager,dc=example,dc=com)=0
>> > <<< dnPrettyNormal: <cn=Manager,dc=example,dc=com>,
>> > <cn=manager,dc=example,dc=com>
>> > do_bind: version=3 dn="cn=Manager,dc=example,dc=com" method=128
>> > conn=1 op=0 BIND dn="cn=Manager,dc=example,dc=com" method=128
>> > ==> bdb_bind: dn: cn=Manager,dc=example,dc=com
>> > bdb_dn2entry("cn=manager,dc=example,dc=com")
>> > => bdb_dn2id("dc=example,dc=com")
>> > <= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found
>> > (-30990)
>> > send_ldap_result: conn=1 op=0 p=3
>> > send_ldap_result: err=49 matched="" text=""
>> > send_ldap_response: msgid=1 tag=97 err=49
>> > ber_flush: 14 bytes to sd 13
>> >   0000:  30 0c 02 01 01 61 07 0a  01 31 04 00 04 00
>> > 0....a...1....
>> > ldap_write: want=14, written=14
>> >   0000:  30 0c 02 01 01 61 07 0a  01 31 04 00 04 00
>> > 0....a...1....
>> > conn=1 op=0 RESULT tag=97 err=49 text=
>> > daemon: activity on 1 descriptor
>> > daemon: activity on: 13r
>> > daemon: read activity on 13
>> > connection_get(13)
>> > connection_get(13): got connid=1
>> > connection_read(13): checking for input on id=1
>> > ber_get_next
>> > ldap_read: want=8, got=0
>> >
>> > ber_get_next on fd 13 failed errno=0 (Undefined error: 0)
>> > connection_read(13): input error=-2 id=1, closing.
>> > connection_closing: readying conn=1 sd=13 for close
>> > connection_close: deferring conn=1 sd=13
>> > daemon: select: listen=6 active_threads=0 tvp=NULL
>> > daemon: select: listen=7 active_threads=0 tvp=NULL
>> > daemon: activity on 1 descriptor
>> > daemon: waked
>> > daemon: select: listen=6 active_threads=0 tvp=NULL
>> > daemon: select: listen=7 active_threads=0 tvp=NULL
>> > connection_resched: attempting closing conn=1 sd=13
>> > connection_close: conn=1 sd=13
>> > daemon: removing 13
>> > conn=1 fd=13 closed (connection lost)
>> >
>> > - Jon
>> >
>> > On Dec 21, 2007 10:54 AM, Gavin Henry < ghenry@suretecsystems.com>
>> wrote:
>> >
>> >> <quote who="Jonathan Wage">
>> >> > Here is my slapd.conf
>> >> >
>> >> > #
>> >> > # See slapd.conf(5) for details on configuration options.
>> >> > # This file should NOT be world readable.
>> >> > #
>> >> > include        /private/etc/openldap/schema/core.schema
>> >> >
>> >> > # Define global ACLs to disable default read access.
>> >> >
>> >> > # Do not enable referrals until AFTER you have a working directory
>> >> > # service AND an understanding of referrals.
>> >> > #referral    ldap://root.openldap.org
>> >> >
>> >> > pidfile        /private/var/db/openldap/run/slapd.pid
>> >> > argsfile    /private/var/db/openldap/run/slapd.args
>> >> >
>> >> > # Load dynamic backend modules:
>> >> > # modulepath    /usr/libexec/openldap
>> >> > # moduleload    back_bdb.la
>> >> > # moduleload    back_ldap.la
>> >> > # moduleload    back_ldbm.la
>> >> > # moduleload    back_passwd.la
>> >> > # moduleload    back_shell.la
>> >> >
>> >> > # Sample security restrictions
>> >> > #    Require integrity protection (prevent hijacking)
>> >> > #    Require 112-bit (3DES or better) encryption for updates
>> >> > #    Require 63-bit encryption for simple bind
>> >> > # security ssf=1 update_ssf=112 simple_bind=64
>> >> >
>> >> > # Sample access control policy:
>> >> > #    Root DSE: allow anyone to read it
>> >> > #    Subschema (sub)entry DSE: allow anyone to read it
>> >> > #    Other DSEs:
>> >> > #        Allow self write access
>> >> > #        Allow authenticated users read access
>> >> > #        Allow anonymous users to authenticate
>> >> > #    Directives needed to implement policy:
>> >> > # access to dn.base="" by * read
>> >> > # access to dn.base="cn=Subschema" by * read
>> >> > # access to *
>> >> > #    by self write
>> >> > #    by users read
>> >> > #    by anonymous auth
>> >> > #
>> >> > # if no access controls are present, the default policy
>> >> > # allows anyone and everyone to read anything but restricts
>> >> > # updates to rootdn.  (e.g., "access to * by * read")
>> >> > #
>> >> > # rootdn can always read and write EVERYTHING!
>> >> >
>> >> >
>> #######################################################################
>> >> > # BDB database definitions
>> >> >
>> #######################################################################
>> >> >
>> >> > database    bdb
>> >> > suffix        "dc=example,dc=com"
>> >> > rootdn        "cn=Manager,dc=example,dc=com"
>> >> > # Cleartext passwords, especially for the rootdn, should
>> >> > # be avoid.  See slappasswd(8) and slapd.conf(5) for details.
>> >> > # Use of strong authentication encouraged.
>> >> > rootpw        secret
>> >> > # The database directory MUST exist prior to running slapd AND
>> >> > # should only be accessible by the slapd and slap tools.
>> >> > # Mode 700 recommended.
>> >> > directory    /private/var/db/openldap/openldap-data
>> >> > # Indices to maintain
>> >> > index    objectClass    eq
>> >> >
>> >> >
>> >> > Which logs are you referring to? The openldap log?
>> >>
>> >> Start slapd by hand with -d -1
>> >>
>> >> and then bind via ldapsearch.
>> >>
>> >>
>> >>
>> >
>> >
>> > --
>> > Jonathan Wage
>> > http://www.jwage.com
>> > http://www.centresource.com
>> >
>>
>>
>
>
> --
> Jonathan Wage
> http://www.jwage.com
> http://www.centresource.com
>




--
Jonathan Wage
http://www.jwage.com
http://www.centresource.com