Hi Guys! I don't know if it is possible, but.......
What I do: sudo apt-get install slapd ldap-utils
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/inetorgperson.ldif ldapadd -Y EXTERNAL -H ldapi:/// -f backend.example.com.ldif ldapadd -x -D cn=admin,dc=felipemeirelles,dc=com,dc=br -W -f frontend.example.com.ldif
*backend Base *felipemeirelles*:*
# Load dynamic backend modules dn: cn=module,cn=config objectClass: olcModuleList cn: module olcModulepath: /usr/lib/ldap olcModuleload: back_hdb
# Database settings dn: olcDatabase=hdb,cn=config objectClass: olcDatabaseConfig objectClass: olcHdbConfig olcDatabase: {1}hdb olcSuffix: dc=felipemeirelles,dc=com,dc=br olcDbDirectory: /var/lib/ldap olcRootDN: cn=admin,dc=felipemeirelles,dc=com,dc=br olcRootPW: 123456 olcDbConfig: set_cachesize 0 2097152 0 olcDbConfig: set_lk_max_objects 1500 olcDbConfig: set_lk_max_locks 1500 olcDbConfig: set_lk_max_lockers 1500 olcDbIndex: objectClass eq olcLastMod: TRUE olcDbCheckpoint: 512 30 olcAccess: to attrs=userPassword by dn="cn=admin,dc=felipemeirelles,dc=com,dc=br" write by anonymous auth by self write by * none olcAccess: to attrs=shadowLastChange by self write by * read olcAccess: to dn.base="" by * read olcAccess: to * by dn="cn=admin,dc=felipemeirelles,dc=com,dc=br" write by * read
*Frontend* *Base *felipemeirelles:
# Create top-level object in domain dn: dc=felipemeirelles,dc=com,dc=br objectClass: top objectClass: dcObject objectclass: organization o: Example Organization dc: felipemeirelles description: LDAP SIJ
# Admin user. dn: cn=admin,dc=felipemeirelles,dc=com,dc=br objectClass: simpleSecurityObject objectClass: organizationalRole cn: admin description: LDAP administrator userPassword: 123456
dn: ou=people,dc=felipemeirelles,dc=com,dc=br objectClass: organizationalUnit ou: people
dn: ou=groups,dc=felipemeirelles,dc=com,dc=br objectClass: organizationalUnit ou: groups
dn: uid=contato,ou=people,dc=felipemeirelles,dc=com,dc=br objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount uid: contato sn: Contato givenName: Contato cn: Contato Contato displayName: Contato uidNumber: 1000 gidNumber: 10000 userPassword: 123456 gecos: Contato Contato loginShell: /bin/bash homeDirectory: /home/contato shadowExpire: -1 shadowFlag: 0 shadowWarning: 7 shadowMin: 8 shadowMax: 999999 shadowLastChange: 10877 mail: contato@felipemeirelles.com.br postalCode: 31000 l: Toulouse o: Example mobile: +33 (0)6 xx xx xx xx homePhone: +33 (0)5 xx xx xx xx title: System Administrator postalAddress: initials: JD
dn: cn=felipemeirelles,ou=groups,dc=felipemeirelles,dc=com,dc=br objectClass: posixGroup cn: felipemeirelles gidNumber: 10000
Ok ? This is my first base.
Now, i try added more:
ldapadd -Y EXTERNAL -H ldapi:/// -f backend_sij_com.example.com.ldif ldapadd -x -D cn=admin,dc=sij,dc=com,dc=br -W -f frontend_sij_com.example.com.ldif ldap_bind: Invalid credentials (49)
*BASE SIJ.COM.BR* ( Other backend: backend_sij_com.example.com.ldif )
# Load dynamic backend modules dn: cn=module,cn=config objectClass: olcModuleList cn: module olcModulepath: /usr/lib/ldap olcModuleload: back_hdb
# Database settings dn: olcDatabase=hdb,cn=config objectClass: olcDatabaseConfig objectClass: olcHdbConfig olcDatabase: {1}hdb olcSuffix: dc=sij,dc=com,dc=br olcDbDirectory: /var/lib/ldap olcRootDN: cn=admin,dc=sij,dc=com,dc=br olcRootPW: 123456 olcDbConfig: set_cachesize 0 2097152 0 olcDbConfig: set_lk_max_objects 1500 olcDbConfig: set_lk_max_locks 1500 olcDbConfig: set_lk_max_lockers 1500 olcDbIndex: objectClass eq olcLastMod: TRUE olcDbCheckpoint: 512 30 olcAccess: to attrs=userPassword by dn="cn=admin,dc=sij,dc=com,dc=br" write by anonymous auth by self write by * none olcAccess: to attrs=shadowLastChange by self write by * read olcAccess: to dn.base="" by * read olcAccess: to * by dn="cn=admin,dc=sij,dc=com,dc=br" write by * read
*Other FrontEnd: frontend_sij_com.example.com.ldif* # Create top-level object in domain dn: dc=sij,dc=com,dc=br objectClass: top objectClass: dcObject objectclass: organization o: Example Organization dc: sij description: LDAP SIJ
# Admin user. dn: cn=admin,dc=sij,dc=com,dc=br objectClass: simpleSecurityObject objectClass: organizationalRole cn: admin description: LDAP administrator userPassword: 123456
dn: ou=people,dc=sij,dc=com,dc=br objectClass: organizationalUnit ou: people
dn: ou=groups,dc=sij,dc=com,dc=br objectClass: organizationalUnit ou: groups
dn: uid=caho.lopes,ou=people,dc=sij,dc=com,dc=br objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount uid: caho.lopes sn: caho givenName: Caho cn: Caho Lopes displayName: caho uidNumber: 1000 gidNumber: 10000 userPassword: testecahosij gecos: Caho Lopes loginShell: /bin/bash homeDirectory: /home/caho.lopes shadowExpire: -1 shadowFlag: 0 shadowWarning: 7 shadowMin: 8 shadowMax: 999999 shadowLastChange: 10877 mail: caho.lopes@sij.com.br postalCode: 31000 l: Toulouse o: Example mobile: +33 (0)6 xx xx xx xx homePhone: +33 (0)5 xx xx xx xx title: System Administrator postalAddress: initials: JD
dn: cn=sij,ou=groups,dc=sij,dc=com,dc=br objectClass: posixGroup cn: sij gidNumber: 10000
root@PythonAPP:~# ldapadd -d 65535 -x -D cn=admin,dc=sij,dc=com,dc=br -W -f frontend_sij_com.example.com.ldif ldap_create Enter LDAP Password: ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP localhost:389 ldap_new_socket: 4 ldap_prepare_socket: 4 ldap_connect_to_host: Trying ::1 389 ldap_pvt_connect: fd: 4 tm: -1 async: 0 ldap_open_defconn: successful ldap_send_server_request ber_scanf fmt ({it) ber: ber_dump: buf=0x7f75c3f32540 ptr=0x7f75c3f32540 end=0x7f75c3f32570 len=48 0000: 30 2e 02 01 01 60 29 02 01 03 04 1c 63 6e 3d 61 0....`).....cn=a 0010: 64 6d 69 6e 2c 64 63 3d 73 69 6a 2c 64 63 3d 63 dmin,dc=sij,dc=c 0020: 6f 6d 2c 64 63 3d 62 72 80 06 31 32 33 34 35 36 om,dc=br..123456 ber_scanf fmt ({i) ber: ber_dump: buf=0x7f75c3f32540 ptr=0x7f75c3f32545 end=0x7f75c3f32570 len=43 0000: 60 29 02 01 03 04 1c 63 6e 3d 61 64 6d 69 6e 2c `).....cn=admin, 0010: 64 63 3d 73 69 6a 2c 64 63 3d 63 6f 6d 2c 64 63 dc=sij,dc=com,dc 0020: 3d 62 72 80 06 31 32 33 34 35 36 =br..123456 ber_flush2: 48 bytes to sd 4 0000: 30 2e 02 01 01 60 29 02 01 03 04 1c 63 6e 3d 61 0....`).....cn=a 0010: 64 6d 69 6e 2c 64 63 3d 73 69 6a 2c 64 63 3d 63 dmin,dc=sij,dc=c 0020: 6f 6d 2c 64 63 3d 62 72 80 06 31 32 33 34 35 36 om,dc=br..123456 ldap_write: want=48, written=48 0000: 30 2e 02 01 01 60 29 02 01 03 04 1c 63 6e 3d 61 0....`).....cn=a 0010: 64 6d 69 6e 2c 64 63 3d 73 69 6a 2c 64 63 3d 63 dmin,dc=sij,dc=c 0020: 6f 6d 2c 64 63 3d 62 72 80 06 31 32 33 34 35 36 om,dc=br..123456 ldap_result ld 0x7f75c3f2a2b0 msgid 1 wait4msg ld 0x7f75c3f2a2b0 msgid 1 (infinite timeout) wait4msg continue ld 0x7f75c3f2a2b0 msgid 1 all 1 ** ld 0x7f75c3f2a2b0 Connections: * host: localhost port: 389 (default) refcnt: 2 status: Connected last used: Wed Jul 20 17:53:53 2011
** ld 0x7f75c3f2a2b0 Outstanding Requests: * msgid 1, origid 1, status InProgress outstanding referrals 0, parent count 0 ld 0x7f75c3f2a2b0 request count 1 (abandoned 0) ** ld 0x7f75c3f2a2b0 Response Queue: Empty ld 0x7f75c3f2a2b0 response count 0 ldap_chkResponseList ld 0x7f75c3f2a2b0 msgid 1 all 1 ldap_chkResponseList returns ld 0x7f75c3f2a2b0 NULL ldap_int_select read1msg: ld 0x7f75c3f2a2b0 msgid 1 all 1 ber_get_next ldap_read: want=8, got=8 0000: 30 0c 02 01 01 61 07 0a 0....a.. ldap_read: want=6, got=6 0000: 01 31 04 00 04 00 .1.... ber_get_next: tag 0x30 len 12 contents: ber_dump: buf=0x7f75c3f33920 ptr=0x7f75c3f33920 end=0x7f75c3f3392c len=12 0000: 02 01 01 61 07 0a 01 31 04 00 04 00 ...a...1.... read1msg: ld 0x7f75c3f2a2b0 msgid 1 message type bind ber_scanf fmt ({eAA) ber: ber_dump: buf=0x7f75c3f33920 ptr=0x7f75c3f33923 end=0x7f75c3f3392c len=9 0000: 61 07 0a 01 31 04 00 04 00 a...1.... read1msg: ld 0x7f75c3f2a2b0 0 new referrals read1msg: mark request completed, ld 0x7f75c3f2a2b0 msgid 1 request done: ld 0x7f75c3f2a2b0 msgid 1 res_errno: 49, res_error: <>, res_matched: <> ldap_free_request (origid 1, msgid 1) ldap_parse_result ber_scanf fmt ({iAA) ber: ber_dump: buf=0x7f75c3f33920 ptr=0x7f75c3f33923 end=0x7f75c3f3392c len=9 0000: 61 07 0a 01 31 04 00 04 00 a...1.... ber_scanf fmt (}) ber: ber_dump: buf=0x7f75c3f33920 ptr=0x7f75c3f3392c end=0x7f75c3f3392c len=0
ldap_msgfree ldap_err2string ldap_bind: Invalid credentials (49)
In the slapd -D, the log:
..... 0000: 30 2e 02 01 01 60 29 02 0....`). ldap_read: want=40, got=40 0000: 01 03 04 1c 63 6e 3d 61 64 6d 69 6e 2c 64 63 3d ....cn=admin,dc= 0010: 73 69 6a 2c 64 63 3d 63 6f 6d 2c 64 63 3d 62 72 sij,dc=com,dc=br 0020: 80 06 31 32 33 34 35 36 ..123456 *ldap_read: want=8 error=Resource temporarily unavailable* ldap_write: want=14, written=14 0000: 30 0c 02 01 01 61 07 0a 01 31 04 00 04 00 0....a...1.... ldap_bind: Invalid credentials (49)
*Help ?*
Thanks! ldap_read: want=8, got=0