On 04/01/11 19:30 +0800, cn_gd@126.com wrote:
hi all,
I 'm install slapd follow bellow steps in ubuntu 10.04 lucid strictly:
- apt-get install slapd
- slapd -V
@(#) $OpenLDAP: slapd 2.4.21 (Aug 10 2010 17:08:36) $ buildd@yellow:/build/buildd/openldap-2.4.21/debian/build/servers/slapd*
- dpkg-reconfigure slapd
3.edit /etc/ldap/slapd.d/cn=config.ldif
- cat /etc/ldap/slapd.d/cn=config.ldif
dn: cn=config objectClass: olcGlobal cn: config olcArgsFile: /var/run/slapd/slapd.args olcLogLevel: none olcPidFile: /var/run/slapd/slapd.pid structuralObjectClass: olcGlobal
dn: olcDatabase=bdb,cn=config objectClass: olcDatabaseConfig objectClass: olcBdbConfig olcDatabase: bdb olcSuffix: "dc=cg,dc=scsio,dc=ac,dc=cn" olcDbDirectory: /home/az/openldap-data olcRootDN: "cn=Manager,dc=cg,dc=scsio,dc=ac,dc=cn" olcRootPW: secret
- /etc/init.d/slapd restart
All step're OK,then I run bellow to test it:
- ldapsearch -x -D "cn=Manager,dc=cg,dc=scsio,dc=ac,dc=cn" -w
"secret" -H ldap://cg.scsio.ac.cn
and it show that error: *ldap_bind: Invalid credentials (49)
You could increase your log level (olcLogLevel) to get trouble shooting details.
After having gone through this process myself recently (using slapd.d), and not being happy with the Debian default config, here's the process I'm using in a test environment for boot strapping an install, that might spark some ideas with your config.
My starting configuration is: http://web.olp.net/dwhite/openldap/slapd-new.conf
aptitude install slapd slapd-smbk5pwd
/etc/init.d/slapd stop mv /etc/ldap/slapd.d /etc/ldap/slapd.d.bak mv /var/lib/ldap /var/lib/ldap.bak mkdir /etc/ldap/slapd.d /var/lib/ldap chown openldap:openldap /etc/ldap/slapd.d /var/lib/ldap cat > /etc/ldap/ldap.conf << EOF BASE dc=example,dc=org URI ldapi:/// EOF
echo "SASL_MECH EXTERNAL" > /root/.ldaprc
sudo -u openldap slapadd << EOF dn: dc=example,dc=org objectClass: top objectClass: dcObject objectClass: organization o: Example dc: example
dn: ou=People,dc=example,dc=org objectClass: top objectClass: organizationalUnit ou: People
dn: ou=Groups,dc=example,dc=org objectClass: top objectClass: organizationalUnit ou: Groups
dn: ou=Aliases,dc=example,dc=org objectClass: top objectClass: organizationalUnit ou: Aliases
EOF
sudo -u openldap slaptest -f /etc/ldap/slapd.conf -F /etc/ldap/slapd.d /etc/init.d/slapd start