hi Dan White,
I'm sorry to reply so late.
I read your email this morning,before that I still try to check the
problem out.Last night I figure out a solution by rebuild
"/etc/ldap/slapd.d/cn=config" directory:
rm -r /etc/ldap/slapd.d/cn\=config
/etc/init.d/slapd restart
and this problem(Invalid credentials) seem to gone,but another new
problem arises.when I run step 5,it's show that:
# ldapsearch -x -D
"cn=Manager,dc=cg,dc=scsio,dc=ac,dc=cn" -w "secret"
ldap_bind: Invalid DN syntax (34)
additional info: invalid DN
I google the solution and found someone said it must be the DN
string format error (contain whitespace),but I check and check
again,and it's seem to be OK in format.Maybe there are still
somewhere went wrong?
Thank you for your help!
On 2011年01月05日 01:20, Dan White wrote:
On
04/01/11 19:30 +0800, cn_gd@126.com wrote:
hi all,
I 'm install slapd follow bellow steps in ubuntu 10.04 lucid
strictly:
1. apt-get install slapd
* slapd -V
@(#) $OpenLDAP: slapd 2.4.21 (Aug 10 2010 17:08:36) $
buildd@yellow:/build/buildd/openldap-2.4.21/debian/build/servers/slapd*
2. dpkg-reconfigure slapd
3.edit /etc/ldap/slapd.d/cn\=config.ldif
4. cat /etc/ldap/slapd.d/cn\=config.ldif
dn: cn=config
objectClass: olcGlobal
cn: config
olcArgsFile: /var/run/slapd/slapd.args
olcLogLevel: none
olcPidFile: /var/run/slapd/slapd.pid
structuralObjectClass: olcGlobal
dn: olcDatabase=bdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcBdbConfig
olcDatabase: bdb
olcSuffix: "dc=cg,dc=scsio,dc=ac,dc=cn"
olcDbDirectory: /home/az/openldap-data
olcRootDN: "cn=Manager,dc=cg,dc=scsio,dc=ac,dc=cn"
olcRootPW: secret
4. /etc/init.d/slapd restart
All step're OK,then I run bellow to test it:
5. ldapsearch -x -D "cn=Manager,dc=cg,dc=scsio,dc=ac,dc=cn" -w
"secret" -H ldap://cg.scsio.ac.cn
and it show that error:
*ldap_bind: Invalid credentials (49)
You could increase your log level (olcLogLevel) to get trouble
shooting
details.
After having gone through this process myself recently (using
slapd.d), and
not being happy with the Debian default config, here's the process
I'm
using in a test environment for boot strapping an install, that
might spark
some ideas with your config.
My starting configuration is:
http://web.olp.net/dwhite/openldap/slapd-new.conf
aptitude install slapd slapd-smbk5pwd
/etc/init.d/slapd stop
mv /etc/ldap/slapd.d /etc/ldap/slapd.d.bak
mv /var/lib/ldap /var/lib/ldap.bak
mkdir /etc/ldap/slapd.d /var/lib/ldap
chown openldap:openldap /etc/ldap/slapd.d /var/lib/ldap
cat > /etc/ldap/ldap.conf << EOF
BASE dc=example,dc=org
URI ldapi:///
EOF
echo "SASL_MECH EXTERNAL" > /root/.ldaprc
sudo -u openldap slapadd << EOF
dn: dc=example,dc=org
objectClass: top
objectClass: dcObject
objectClass: organization
o: Example
dc: example
dn: ou=People,dc=example,dc=org
objectClass: top
objectClass: organizationalUnit
ou: People
dn: ou=Groups,dc=example,dc=org
objectClass: top
objectClass: organizationalUnit
ou: Groups
dn: ou=Aliases,dc=example,dc=org
objectClass: top
objectClass: organizationalUnit
ou: Aliases
EOF
sudo -u openldap slaptest -f /etc/ldap/slapd.conf -F
/etc/ldap/slapd.d
/etc/init.d/slapd start
--
黄龙飞
2011-01-05
_________________________________________________________
地址: 广州市新港西路135号中山大学东北区345栋(510275)
网站: http://press.sysu.edu.cn
电话: (020)84113349
传真: (020)84037215
手机: 13560497211
Email:l.f.hwang@gmail.com
* 在社办公时间:周二、周三 08:15~11:45 14:45~17:15
外出组稿时请直接拨打本人手机,谢谢!