I'm having problems getting the rootDN working when using slapd-config form of configuration, while the "exact" same configuration using slapd.conf works fine. Here are my stripped down test versions of the two configurations (hashed password is 'secret' from slappasswd):
slapd.d/cn=e2config.ldif: ------------------------- dn: cn=config objectClass: olcGlobal cn: config olcArgsFile: /var/openldap/run/slapd.args olcPidFile: /var/openldap/run/slapd.pid
dn: cn=schema,cn=config objectClass: olcSchemaConfig cn: schema
include: file:///var/openldap/schema/core.ldif include: file:///var/openldap/schema/cosine.ldif
dn: olcDatabase=frontend,cn=config objectClass: olcDatabaseConfig objectClass: olcFrontendConfig olcDatabase: frontend
dn: olcDatabase=mdb,cn=config objectClass: olcDatabaseConfig objectClass: olcMdbConfig olcDatabase: mdb olcMaxsize: 1073741824 olcSuffix: dc=com olcRootDN: cn=reader,dc=com olcRootPW: {SSHA}RIC5hnBuWr4t857KR+dzTEOF/ekQaIVx olcDbDirectory: /var/openldap/data olcDbIndex: objectClass eq olcDbIndex: dc eq olcDbIndex: cn eq
slapd.conf: ----------- include /var/openldap/schema/core.schema include /var/openldap/schema/cosine.schema
backend mdb
pidfile /var/openldap/run/slapd.pid argsfile /var/openldap/run/slapd.args
database mdb maxsize 1073741824 suffix dc=com rootdn cn=reader,dc=com rootpw {SSHA}RIC5hnBuWr4t857KR+dzTEOF/ekQaIVx directory /var/openldap/data index objectClass eq index dc eq index cn eq
When I run a simple search for slapd running with the slapd.conf configuration I get:
$ ldapsearch -D cn=reader,dc=com -w secret -x -LLL -b dc=com -s base dc=* dn: dc=com objectClass: top objectClass: domain dc: com
But when I run the same search with the slapd.d configuration I get:
$ ldapsearch -D cn=reader,dc=com -w secret -x -LLL -b dc=com -s base dc=* ldap_bind: Invalid DN syntax (34) additional info: invalid DN
Debug output on the server side isn't giving much info in addition to what's already displayed on the client:
57bf52df conn=1000 op=0 do_bind: invalid dn (cn=reader,dc=com)
Any help on what I might be doing wrong is greatly appreciated. Oh yeah, I'm using version 2.4.44.
Thanks, Dave