Markus Krause wrote:
No. I'm referring to slapd.4.conf as generated by the test018 script.
ah ok, sorry for that. i could not find it at first, had ro stop "make test" at test018 to get it ... now i used it (and slapd.1.conf) as template for my config.
I assumed you knew that you can tun a single test by issuing
./run test018
from the tests/ directory. Sorry about that.
i am really sorry about still bothering you with my problems but i still have no success... :-( my slapd.conf now looks like (now in more detail, just cleaned up): --- slapd.conf ... modulepath /usr/lib/openldap/modules moduleload smbk5pwd.so sizelimit unlimited acl ... TLSstuff ... #### chain overlay definition overlay chain chain-rebind-as-user FALSE chain-uri "ldaps://ldapprov" chain-rebind-as-user TRUE chain-idassert-bind bindmethod="simple" binddn="cn=manager,o=test" credentials="secret" mode="self"
database bdb suffix "o=test" directory /var/lib/ldap/ rootdn "cn=manager,o=test" rootpw "secret" index objectClass,uidNumber,gidNumber eq index member,mail eq,pres index cn,displayname,uid,sn,givenname sub,eq,pres index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq index entryCSN,entryUUID eq index dhcpHWAddress eq,pres index relativeDomainName eq,pres index ipHostNumber eq,pres index zoneName eq,pres index radiusGroupName eq,pres
syncrepl rid=13 provider=ldaps://ldapprov type=refreshAndPersist retry=1,5,5,6,30,+ interval=00:00:00:30 searchbase="o=test" filter="(objectclass=*)" scope=sub attrs="*" schemachecking=off binddn="cn=manager,o=test" bindmethod=simple credentials="secret" sizelimit=unlimited updateref ldaps://ldapprov
overlay syncprov overlay smbk5pwd smbk5pwd-enable samba --- end of slapd.conf
To me, it looks just fine.
Please rearrange the configuration as instructed and retry. In general, never intermix database and overlay directives. Order matters (as it always did; but now violations are no longer harmless).
i hope i did understand how which order the entries should have ... (see above)
but the last lines before the consumer dies after running "ldappasswd .." show: --- slapd -d 65535 output ... => bdb_dn2id("uid=user,o=test") <= bdb_dn2id: got id=0x0000337f entry_decode: "uid=user,o=test" <= entry_decode(uid=user,o=test) ldap_url_parse_ext(ldaps://ldapprov) send_ldap_extended: err=10 oid= len=0 ldap_url_parse_ext(ldaps://ldapprov) Segmentation fault --- end of slapd -d 65535 output
That's another issue. You may send a stack backtrace after this crash.
In any case, you didn't specify you were trying to perform an extended operation (ldap passwd); there might be some bg in how extended operations are handled by slapo-chain(5). I'd narrow this down by running ldappasswd within a simpler configuration setup. In case, please file an ITS.
In the meanwhile, I'd check your configuration by using a less challenging write operation (like a modify).
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------