Problem with chain overlay

20 Oct 2014


      Hi,
I have a problem with the configuration of the Chain Overlay.
Provider and Consumer are identical
CentOS release 6.5
rpm -qa | grep ldap
openldap-clients-2.4.23-34.el6_5.1.x86_64
openldap-2.4.23-34.el6_5.1.x86_64
apr-util-ldap-1.3.9-3.el6_0.1.x86_64
nss-pam-ldapd-0.7.5-18.2.el6_4.x86_64
mod_authz_ldap-0.26-16.el6.x86_64
pam_ldap-185-11.el6.x86_64
openldap-servers-2.4.23-34.el6_5.1.x86_64
On the Consumer I imported the ldif file:
dn: olcOverlay=chain,olcDatabase={-1}frontend,cn=config
objectClass: olcOverlayConfig
objectClass: olcChainConfig
olcOverlay: chain
olcChainCacheURI: FALSE
olcChainMaxReferralDepth: 1
olcChainReturnError: FALSE
and I created the file.
/etc/openldap/slapd.d/cn=config/olcDatabase={-1}frontend/olcOverlay={1}chain.ldif
and after that I can not understand what I do. I've read a few things on
the internet but have not been able to arrive at a solution,
I tried to import the ldif file:
dn: olcDatabase=ldap,olcOverlay={1}chain,olcDatabase={-1}frontend,cn=config
objectClass: olcLDAPConfig
objectClass: olcChainDatabase
olcDatabase: ldap
olcDbURI: "ldap://ldpsoc01devpom.sociale.it"
olcDbIDAssertBind: mode=self flags=prescriptive,proxy-authz-non-critical
bindmethod=simple timeout=0 network-timeout=0
binddn="uid=pippo,ou=admin_esercizio,ou=Utenze_Amministratori,dc=sociale,dc=it"
credentials="*******" keepalive=0:0:0
olcDbIDAssertAuthzFrom: *
olcDbRebindAsUser: FALSE
olcDbChaseReferrals: TRUE
olcDbTFSupport: no
olcDbProxyWhoAmI: FALSE
olcDbProtocolVersion: 3
olcDbSingleConn: FALSE
olcDbCancel: abandon
olcDbUseTemporaryConn: FALSE
olcDbConnectionPoolMax: 16
olcDbNoRefs: FALSE
olcDbNoUndefFilter: FALSE
but what I try to import it, I get the following error
ldapadd -d 5 -H ldap://localhost:389 -x -W -D "cn=admin,cn=config" -f
chaing_entry.ldif
res_errno: 32, res_error: <>, res_matched:
<olcDatabase={-1}frontend,cn=config>
ldap_free_request (origid 2, msgid 2)
ldap_parse_result
ber_scanf fmt ({iAA) ber:
ber_scanf fmt (}) ber:
ldap_msgfree
ldap_err2string
ldap_add: No such object (32)
matched DN: olcDatabase={-1}frontend,cn=config
ldap_free_connection 1 1
ldap_send_unbind
ber_flush2: 7 bytes to sd 4
ldap_free_connection: actually freed
I do not know what to do !!!!
My problem is that I use the Consumer ldap for authentication of some
applications
and if a user fails for more than 5 times the password, it should be
blocked but being Consumer ldap read-only, the locking is not done !!!
HELP !!!
Ing. Stefano Elmopi
Cooperativa Capodarco - Resp. Area ICT Gestione Esercizio
Via Ostiense 131/L Corpo B, 00154 Roma
cell. 3466147165
tel.  0657060500
email:stefano.elmopi@sociale.it
-- 
"Ai sensi e per gli effetti della legge sulla tutela dei dati personali 
(D.lgs 196/2003),
le informazioni contenute nella presente @mail sono di natura riservata e 
destinate
ad un uso aziendale-lavorativo con esclusione di utilizzi ad uso personale; 
come tali,
pertanto, sono riservate esclusivamente ai destinatari sopra indicati. E' 
proibito leggere,
copiare, usare o diffondere il contenuto della presente @mail senza 
autorizzazione.
Se avete ricevuto questa @mail per errore, siete pregati di rispedire la 
stessa al mittente.
Grazie"

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Problem with chain overlay