2/ Exports your configuration slapcat -F /path/to/slapd.d -n 0 -l config.ldif
i get the following error:
55d4f273 ldif_read_file: checksum error on "/etc/ldap/slapd.d/cn=config/olcDatabase={0}config.ldif"
On Thu, Aug 20, 2015 at 2:11 AM, Abdelkader Chelouah a.chelouah@gmail.com wrote:
On 19/08/2015 20:32, Aneela Saleem wrote:
Anyone there? Please help me getting out of this problem
On Wed, Aug 19, 2015 at 1:29 AM, Aneela Saleem aneela@platalytics.com wrote:
this is my /etc/ldap/ldap.conf file:
BASE dc=platalytics,dc=com
URI ldap://127.0.0.1
TLS_CACERT /etc/ldap/cacert.pem
On Wed, Aug 19, 2015 at 1:07 AM, Aneela Saleem < aneela@platalytics.com aneela@platalytics.com> wrote:
Still i get following error:
modifying entry "cn=config" ldap_result: Can't contact LDAP server (-1)
On Wed, Aug 19, 2015 at 12:34 AM, Abdelkader Chelouah < a.chelouah@gmail.com> wrote:
On 18/08/2015 20:27, Aneela Saleem wrote:
I get following result
ldap_initialize( ldap://localhost:389/??base ) dn:cn=admin,cn=config Result: Success (0)
On Tue, Aug 18, 2015 at 11:24 PM, Abdelkader Chelouah < a.chelouah@gmail.coma.chelouah@gmail.com> wrote:
On 18/08/2015 20:11, Aneela Saleem wrote:
When i add below file i.e., ssl_mod.ldif
*dn: cn=config* *changetype: modify* *add: olcTLSCACertificateFile* *olcTLSCACertificateFile: /etc/ldap/cacert.pem* *-* *add: olcTLSCertificateFile* *olcTLSCertificateFile: /etc/ldap/servercrt.pem* *-* *add: olcTLSCertificateKeyFile* *olcTLSCertificateKeyFile: /etc/ldap/serverkey.pem* *-* *add: olcTLSCipherSuite* *olcTLSCipherSuite: HIGH:MEDIUM:!SSLv3:!SSLv2*
using following command:
ldapmodify -h localhost -p 389 -D "cn=admin,cn=config" -w 123 -f mod_ssl.ldif
i get ldap_result: Can't contact LDAP server (-1) error.
Although LDAP is running. I can run following command i.e.,
ldapsearch -h localhost -p 389 -D "cn=admin,dc=platalytics,dc=com" -w 123 -b "dc=platalytics,dc=com" "objectclass=*"
How can i make ldaps work?
On Tue, Aug 18, 2015 at 7:37 PM, Aneela Saleem < aneela@platalytics.comaneela@platalytics.com> wrote:
Where i can find the logs?
On Tue, Aug 18, 2015 at 7:36 PM, Aneela Saleem < aneela@platalytics.comaneela@platalytics.com> wrote:
> I wrote the above lines in olcDatabase={0}config.ldif file. When i > restart slapd it gets failed. > > > On Tue, Aug 18, 2015 at 7:14 PM, Aneela Saleem < > aneela@platalytics.comaneela@platalytics.com> wrote: > >> Which file i need to write this in? >> >> On Tue, Aug 18, 2015 at 7:09 PM, Abdelkader Chelouah < >> a.chelouah@gmail.coma.chelouah@gmail.com> wrote: >> >>> On 18/08/2015 16:05, Aneela Saleem wrote: >>> >>> I have no slapd.conf. I have cn=conf >>> >>> On Tue, Aug 18, 2015 at 6:54 PM, Abdelkader Chelouah < >>> a.chelouah@gmail.coma.chelouah@gmail.com> wrote: >>> >>>> On 18/08/2015 15:51, Aneela Saleem wrote: >>>> >>>> Thanks Michael and Abdelkader. >>>> >>>> Abdelkaded the link you provided is for slapd.conf distribution. >>>> Can you please guide me how to do "cn=config" distribution? >>>> >>>> On Tue, Aug 18, 2015 at 6:45 PM, Abdelkader Chelouah < >>>> a.chelouah@gmail.coma.chelouah@gmail.com> wrote: >>>> >>>>> On 18/08/2015 15:41, Michael Ströder wrote: >>>>> >>>>>> Aneela Saleem wrote: >>>>>> >>>>>>> Can anyone please provide me some link for enabling "ldaps" >>>>>>> >>>>>> http://www.openldap.org/doc/admin24/tls.html >>>>>> http://www.openldap.org/doc/admin24/tls.html >>>>>> >>>>>> Ciao, Michael. >>>>>> >>>>>> or http://www.openldap.org/faq/data/cache/185.html >>>>> http://www.openldap.org/faq/data/cache/185.html >>>>> >>>>> regards >>>>> >>>> >>>> You can convert a slapd.conf to cn=config using slaptest >>>> >>>> slaptest -f path/to/slapd.conf -F path/to/slapd.d >>>> >>> >>> # cn=config >>> dn: cn=config >>> objectClass: olcGlobal >>> cn: config >>> ... >>> olcTLSCACertificateFile: /path/to/cacert >>> olcTLSCertificateFile: /path/to/cert >>> olcTLSCertificateKeyFile: /path/to/key >>> olcTLSCipherSuite: HIGH:MEDIUM:!SSLv3:!SSLv2 >>> ... >>> >> >> >
Can you run
ldapwhoami -vxD cn=admin,cn=config -w 123 -H ldap://localhost:389
Ok, retry the "ldapmodify" command using
ldapmodify -xD cn=admin,cn=config -w 123 -H ldap://localhost:389 -f mod_ssl.ldif
There is something wrong with your setup.
1/ Stops your instance 2/ Exports your configuration
slapcat -F /path/to/slapd.d -n 0 -l config.ldif
3/ Performs the modification directly on config.ldif 4/ Removes the old configuration
rm -rf /path/to/slapd.d/*
5/ Imports the new configuration
slapadd -F /path/to/slapd.d -n 0 -l config.ldif
6/ Starts your instance