On Mon, Aug 21, 2023 at 10:54 PM Kaushal Shriyan <kaushalshriyan@gmail.com> wrote:

On Mon, Aug 21, 2023 at 10:29 PM Quanah Gibson-Mount <quanah@fast-mail.org> wrote:

--On Monday, August 21, 2023 10:38 PM +0530 Kaushal Shriyan
<kaushalshriyan@gmail.com> wrote:
>
> Prepare the database template included in OpenLDAP installed
>
># cp -r /usr/share/openldap-servers/DB_CONFIG.example
># /var/lib/ldap/DB_CONFIG
> cp: cannot stat '/usr/share/openldap-servers/DB_CONFIG.example': No such
> file or directory
>
># ls -l /usr/share/openldap-servers/DB_CONFIG.example
> ls: cannot access '/usr/share/openldap-servers/DB_CONFIG.example': No
> such file or directory
># ls -l /etc/openldap/slapd.d/cn=config/olcDatabase={2}mdb.ldif
> ls: cannot access
> '/etc/openldap/slapd.d/cn=config/olcDatabase={2}mdb.ldif': No such file
> or directory

I don't know where you are getting information about
/usr/share/openldap-servers/DB_CONFIG.example. That doesn't exist in
OpenLDAP 2.5+

--Quanah

Thanks Quanah for the quick response. I am following https://unixcop.com/how-to-install-openldap-on-rockylinux-or-centos-8-step-by-step/. Are there any tutorials or guides to setup symas-openldap-servers-2.5.16-1.el8.x86_64 on Red Hat Enterprise Linux release 8.7 (Ootpa)?

Please suggest further. Thanks in advance.

Best Regards,

Kaushal

Hi,

# cat /etc/os-release
NAME="Red Hat Enterprise Linux"
VERSION="8.7 (Ootpa)"
ID="rhel"
ID_LIKE="fedora"
VERSION_ID="8.7"
PLATFORM_ID="platform:el8"
PRETTY_NAME="Red Hat Enterprise Linux 8.7 (Ootpa)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:redhat:enterprise_linux:8::baseos"
HOME_URL="https://www.redhat.com/"
DOCUMENTATION_URL="https://access.redhat.com/documentation/red_hat_enterprise_linux/8/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"

REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 8"
REDHAT_BUGZILLA_PRODUCT_VERSION=8.7
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="8.7"

# rpm -qa | grep ldap

symas-openldap-libs-2.5.16-1.el8.x86_64
sssd-ldap-2.7.3-4.el8.x86_64
symas-openldap-clients-2.5.16-1.el8.x86_64
openldap-2.4.46-18.el8.x86_64
symas-openldap-servers-selinux-1.0.6-1.el8.noarch
symas-openldap-servers-2.5.16-1.el8.x86_64
#

# /opt/symas/bin/ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts
# extended LDIF
#
# LDAPv3
# base <> with scope baseObject
# filter: (objectclass=*)
# requesting: namingContexts
#

#
dn:
namingContexts: dc=example,dc=com

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
#

#/opt/symas/bin/ldapsearch -xD dc=example,dc=com -w secret -b 'dc=example,dc=com' '(objectclass=*)'

# extended LDIF
#
# LDAPv3
# base <ou=Janitorial,dc=example,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# Janitorial, example.com
dn: ou=Janitorial,dc=example,dc=com
objectClass: top
objectClass: organizationalunit
ou: Janitorial

# Clark Soto, Janitorial, example.com
dn: cn=Clark Soto,ou=Janitorial,dc=example,dc=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: Clark Soto
sn: Soto
facsimileTelephoneNumber: +1 510 450-7054
l: San Francisco
ou: Janitorial
postalAddress: example # 395
telephoneNumber: +1 415 574-1770
title: Junior Janitorial Sales Rep
userPassword:: b3RvU2tyYWxD
uid: Clark_Soto
givenName: Clark
mail: Clark_Soto@example.com
carLicense: PPTYC3Z
departmentNumber: 7897
employeeType: Employee
homePhone: +1 804 304-2863
initials: C. S.
mobile: +1 206 393-4632
pager: +1 510 651-1646
manager: cn=Gerianne Skrebels
secretary: cn=Vrouwerff Komenda
roomNumber: 5847
description: The Real Clark!

#cd /opt/symas/etc/openldap/schema/

#pwd
/opt/symas/etc/openldap/schema
#ldapadd -Y EXTERNAL -H ldapi:/// -f cosine.ldif

SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "cn=cosine,cn=schema,cn=config"
ldap_modify: Insufficient access (50)

# ldapadd -Y EXTERNAL -H ldapi:/// -f inetorgperson.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "cn=inetorgperson,cn=schema,cn=config"
ldap_modify: Insufficient access (50)

# ldapadd -Y EXTERNAL -H ldapi:/// -f nis.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "cn=nis,cn=schema,cn=config"
ldap_modify: Insufficient access (50)
#

# cat chroot.ldif
# specify the password generated above for "olcRootPW" section
dn: olcDatabase={0}config,cn=config
changetype: modify
add: olcRootPW
olcRootPW: {SSHA}rpJNDcVGQjs+UNgWh32KlNmXYjGXz/Uw
#

# ldapadd -Y EXTERNAL -H ldapi:/// -f chroot.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
modifying entry "olcDatabase={0}config,cn=config"
ldap_modify: Insufficient access (50)

Please comment. Thanks in advance.

Best Regards,

Kaushal