On 26/07/2010 15:23, Zhang Weiwu wrote:
[snip] <= root access granted => access_allowed: search access granted by manage(=mwrscxd) <= test_filter 6 : config_add_internal: DN="olcDatabase={1}bdb,cn=config" no structural objectClass (unrecognized objectClass 'olcBdbConfig') config error processing olcDatabase={1}bdb,cn=config: send_ldap_result: conn=-1 op=0 p=0 [/snip]
This part "Unrecognized objectClass 'olcBdbConfig'" surprised me a bit, as the line caused the problem is taken from openldap manual:
Quote from http://www.openldap.org/doc/admin24/slapdconf2.html
5.2.6. BDB and HDB Database DirectivesIn addition to the olcDatabaseConfig objectClass, BDB and HDB database entries must have the olcBdbConfig and olcHdbConfig objectClass, respectively.
Actually if you re-read that, you'll see that it says to use the 'olcBdbConfig' objectClass *in addition* to the olcDatabaseConfig objectClass.
Jonathan Clarke also wrote:
One would usually add the new configuration object via LDAP, rather than by modifying the database files. This is the point of cn=config. However, adding files may work also...
Thanks.
Perhaps I missed some document, but what you said is not mentioned in the document I referred to. I think it make a lot of sense to add new database via LDAP, but a newbie would not be able to assume this can be done, especially puzzled by not knowing what crediential should I use to access db cn=config, because olcRootPW is not existing in any of the ldif files except the one I just added:
# grep -R olcRootPW /etc/ldap/slapd.d/ /etc/ldap/slapd.d/cn=config/olcDatabase=bdb:olcRootPW: secret /etc/ldap/slapd.d/cn=config/olcDatabase={1}hdb:olcRootPW: secret
No, I recall that Ubuntu sets up some other form of authentication tied into the OS... I've never really got it though, so I can't help here. Maybe others on the list understand how this works by default on Ubuntu?
Jonathan