Buchan Milne пишет:
On Tuesday, 3 January 2012 03:33:42 Maxim Vetrov wrote:
Hi!
Trying to start test server (openldap 2.4.25) on my home box (FreeBSD 8.2 i386) I get this error:
Can you provide the commandline invocation that provided this error message?
... ldif_back_add: "olcDatabase={0}config,cn=config" oc_check_required entry (olcDatabase={0}config,cn=config), objectClass "olcDatabaseConfig" oc_check_allowed type "objectClass" oc_check_allowed type "olcDatabase" oc_check_allowed type "olcAddContentAcl" oc_check_allowed type "olcLastMod" oc_check_allowed type "olcMaxDerefDepth" oc_check_allowed type "olcReadOnly" oc_check_allowed type "olcRootDN" oc_check_allowed type "olcSyncUseSubentry" oc_check_allowed type "olcMonitoring" oc_check_allowed type "structuralObjectClass" oc_check_allowed type "entryUUID" oc_check_allowed type "creatorsName" oc_check_allowed type "createTimestamp" oc_check_allowed type "entryCSN" oc_check_allowed type "modifiersName" oc_check_allowed type "modifyTimestamp" ldif_back_add: err: 68 text: send_ldap_result: conn=-1 op=0 p=0 send_ldap_result: err=68 matched="" text="" slapd destroy: freeing system resources. slapd stopped. connections_destroy: nothing to destroy.
Config I use:
# global configuration entry dn: cn=config objectClass: olcGlobal cn: config olcAttributeOptions: x-hidden lang- olcLogLevel: conns config acl
# internal schema dn: cn=schema,cn=config objectClass: olcSchemaConfig cn: schema
include: file:///usr/local/etc/openldap/schema/core.ldif include: file:///usr/local/etc/openldap/schema/cosine.ldif include: file:///usr/local/etc/openldap/schema/inetorgperson.ldif #include: file:///usr/local/etc/openldap/schema/collective.ldif include: file:///usr/local/etc/openldap/schema/nis.ldif
It looks as if you are treating the back-ldif database as if it is a text- based configuration file, which in fact it is not. You should not be starting slapd with this configuration file, but rather be running 'slapadd -n0' (or similar) on this ldif to import an initial configuration. Further administration of the configuration should be done over the LDAP protocol (e.g. with ldapmodify, or a GUI LDAP tool).
While the documentation may not necessarily be explicit enough in this regard, please read the notes at the beginning of the 'Configuring slapd' section of the administrator guide, such as:
"Note: Although the slapd-config(5) system stores its configuration as (text- based) LDIF files, you should never edit any of the LDIF files directly. Configuration changes should be performed via LDAP operations, e.g. ldapadd(1), ldapdelete(1), or ldapmodify(1). "
Regards, Buchan
Thank you for answer!
Actually, I'm trying to apply recommendation from the the slapd-config where simple config.ldif is listed and the imported into the db with slapadd command. Anyway here is command sequence
Save the config in <slapd-template.ldif>, create /usr/local/etc/openldap/slapd.d/ dir, set appropriate user&mode for it. Then, as root: # sudo -u ldap slapadd -F /usr/local/etc/openldap/slapd.d/ -n 0 -l /home/muxas/projects/ldap-server/slapd-template.ldif # /usr/local/libexec/slapd -h "ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://127.0.0.1/" -u ldap -g ldap -F /usr/local/etc/openldap/slapd.d/ -d any
Slapadd runs without complains. But slapd does not start.
Maxim