On Tue, Feb 15, 2011 at 04:04:57PM -0200, Leonardo Carneiro wrote:
Hmm, still did not worked.
If i do a ldapsearch specifying '-D cn=root,dc=dominio,dc=com,dc=br" and the password, the search goes ok. if i do not specify, is asks me for a sasl/md5 authentication and fails, and just asks for a password. if i include a '-x' parameter, also does not work:
chester@reploid:~$ ldapsearch -v -h 192.168.0.2 -b "dc=dominio,dc=com,dc=br" '(objectclass=*)' -LLL -x ldap_initialize( ldap://192.168.0.2 ) filter: (objectclass=*) requesting: All userApplication attributes No such object (32)
You always need the -x flag. (You can only leave it out if you supply SASL credentials, and that is a complexity we do not need right now).
It seems that anon users still cannot see the suffix entry at all.
Try adding this line just under your 'lastmod off' line:
access to * by * read
Make sure that you restart the slapd process after doing this. Then try the search:
ldapsearch -x -v -h 192.168.0.2 -b "dc=dominio,dc=com,dc=br" '(objectclass=*)'
If you still get nothing, set SLAPD_OPTIONS="-d 128" in /etc/default/slapd and restart the server. It should not go into the background, and should produce some output on the screen. DO NOT REBOOT with this setting in place. Now retry just the search above, and post the debug output along with the new state of the slapd config file. Remove the "-d 128" again.
Andrew