Next question, and if this is veering off topic, or there is documentation somewhere that I haven't found yet, I can try to go that route.
I have most of my cn=config rebuilt on Symas v2.6 that was originally in Ubuntu v2.4, but for some reason, slapcat can't see it (I assumed that cn=config would be represented with `-n 0`). Slapcat can only see my "real" database (which is represented with '-n 1`). My permissions are still a little bit wonky though, because right now (on v2.6), every time I run ldapsearch to get something out of the `cn=config` database, I have to specify the following parameters for it to work: `-W -D "cn=config"
I can, for example, view the `cn=config` ACL that I have setup for a certain user: root@ldap-provider:~# ldapsearch -H ldap:/// -LLL -b cn=config '(olcSuffix=dc=example,dc=com)' olcAccess -W -D "cn=config" Enter LDAP Password:
dn: olcDatabase={1}mdb,cn=config olcAccess: {0}to * by dn.exact="cn=replicate,dc=example,dc=com m" read by * break
What am I missing here?
root@ldap-provider:~# slapcat -b cn=config slapcat: could not open database.
root@ldap-provider:~# slapcat -n0 slapcat: could not open database.
root@ldap-provider:~# ldapsearch -H ldap:/// -x -s base -b "" + -LLL dn: structuralObjectClass: OpenLDAProotDSE configContext: cn=config namingContexts: dc=example,dc=com {snip}
root@ldap-provider:~# slapcat -n1 | grep "dn:" dn: dc=example,dc=com dn: dc=us,dc=example,dc=com dn: ou=People,dc=example,dc=com dn: ou=Groups,dc=example,dc=com
Sent with ProtonMail Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Tuesday, January 4th, 2022 at 3:12 PM, Quanah Gibson-Mount quanah@symas.com wrote:
--On Tuesday, January 4, 2022 8:04 PM +0000 David White
dmwhite823@protonmail.com wrote:
Thank you. I just ran "find /opt/symas -name 'slapcat'" and realized that
the binary does indeed exist. A simple `ln -s` into /usr/local/sbin did
the trick.
I'm learning!
Better solution would be to adjust your PATH variable to include the symas
paths. But the Symas packages actually already do that, too... You just
have to log out/in to regenerate your shell env to pick them up.
--Quanah
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP: