Hi,
I am running the below mentioned openldap server version on CentOS Linux release 7.9.2009 (Core)
# rpm -qa | grep openldap openldap-servers-2.4.44-25.el7_9.x86_64 openldap-servers-sql-2.4.44-25.el7_9.x86_64 openldap-devel-2.4.44-25.el7_9.x86_64 openldap-2.4.44-25.el7_9.x86_64 compat-openldap-2.3.43-5.el7.x86_64 openldap-clients-2.4.44-25.el7_9.x86_64 #
# slapd -VV @(#) $OpenLDAP: slapd 2.4.44 (Feb 23 2022 17:11:27) $ mockbuild@x86-01.bsys.centos.org: /builddir/build/BUILD/openldap-2.4.44/openldap-2.4.44/servers/slapd #
# systemctl status slapd ● slapd.service - OpenLDAP Server Daemon Loaded: loaded (/usr/lib/systemd/system/slapd.service; enabled; vendor preset: disabled) Active: active (running) since Wed 2023-08-09 18:17:23 IST; 3min 36s ago Docs: man:slapd man:slapd-config man:slapd-hdb man:slapd-mdb file:///usr/share/doc/openldap-servers/guide.html Main PID: 16246 (slapd) CGroup: /system.slice/slapd.service └─16246 /usr/sbin/slapd -u ldap -h ldapi:/// ldap:///
Aug 09 18:17:22 cbopenldap slapd[16243]: @(#) $OpenLDAP: slapd 2.4.44 (Feb 23 2022 17:11:27) $
mockbuild@x86-01.bsys.centos.org: /builddir/build/BUILD/openldap-2.4.44/openldap-2.4.44/servers/slapd Aug 09 18:17:23 cbopenldap slapd[16246]: slapd starting Aug 09 18:17:23 cbopenldap systemd[1]: Started OpenLDAP Server Daemon. Aug 09 18:20:04 cbopenldap slapd[16246]: conn=1000 fd=11 ACCEPT from PATH=/var/run/ldapi (PATH=/var/run/ldapi) Aug 09 18:20:04 cbopenldap slapd[16246]: conn=1000 op=0 BIND dn="" method=163 Aug 09 18:20:04 cbopenldap slapd[16246]: conn=1000 op=0 BIND authcid="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" authzid="gidNumber=0+uidNumber...l,cn=auth" Aug 09 18:20:04 cbopenldap slapd[16246]: conn=1000 op=0 BIND dn="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" mech=EXTERNAL sasl_ssf=0 ssf=71 Aug 09 18:20:04 cbopenldap slapd[16246]: conn=1000 op=0 RESULT tag=97 err=0 text= Aug 09 18:20:04 cbopenldap slapd[16246]: conn=1000 op=1 UNBIND Aug 09 18:20:04 cbopenldap slapd[16246]: conn=1000 fd=11 closed Hint: Some lines were ellipsized, use -l to show in full. #
*Setup LDAP admin password* slappasswd -h {SSHA} -s ldappassword
# cd /etc/openldap/slapd.d/ # ls -ltrh total 4.0K -rw------- 1 ldap ldap 589 Aug 5 16:27 cn=config.ldif drwxr-x--- 3 ldap ldap 182 Aug 5 16:37 cn=config # cd cn=config # ls -ltrh total 20K -rw------- 1 ldap ldap 378 Aug 5 16:27 cn=schema.ldif -rw------- 1 ldap ldap 609 Aug 5 16:27 olcDatabase={2}hdb.ldif -rw------- 1 ldap ldap 443 Aug 5 16:27 olcDatabase={-1}frontend.ldif -rw------- 1 ldap ldap 513 Aug 5 16:27 olcDatabase={0}config.ldif -rw------- 1 ldap ldap 611 Aug 5 16:37 olcDatabase={1}monitor.ldif drwxr-x--- 2 ldap ldap 108 Aug 5 16:38 cn=schema # cd cn=schema # ls -ltrh total 40K -rw------- 1 ldap ldap 16K Aug 5 16:27 cn={0}core.ldif -rw------- 1 ldap ldap 12K Aug 5 16:38 cn={1}cosine.ldif -rw------- 1 ldap ldap 6.5K Aug 5 16:38 cn={2}nis.ldif -rw------- 1 ldap ldap 2.9K Aug 5 16:38 cn={3}inetorgperson.ldif #
Configure OpenLDAP server while sending the configuration to the LDAP server. # cat db.ldif dn: olcDatabase={2}hdb,cn=config changetype: modify replace: olcSuffix olcSuffix: dc=itzgeek,dc=local dn: olcDatabase={2}hdb,cn=config changetype: modify replace: olcRootDN olcRootDN: cn=ldapadm,dc=itzgeek,dc=local dn: olcDatabase={2}hdb,cn=config changetype: modify replace: olcRootPW olcRootPW: {SSHA}RCQG8Sec/XtirtjxXL2cbAyeeWH2A9r/ #
# ldapmodify -Y EXTERNAL -H ldapi:/// -f db.ldif SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 ldapmodify: wrong attributeType at line 5, entry "olcDatabase={2}hdb,cn=config" #
Please guide me. Thanks in advance.
Best Regards,
Kaushal