Yes, I edited it by hand. Clearly not advisable since the comments said "don't do that", but since the server wouldn't start I couldn't use ldapmodify.
On Fri, Aug 10, 2012 at 6:51 AM, Gavin Henry ghenry@suretecsystems.comwrote:
Not knowing what else to do, I removed the lines containing
"olcTLS" from /etc/ldap/slapd.d/cn=config.ldif. Then I was able to
restart
slapd (congratulating myself) and then re-ran my ldapmodify command to
enter
the correct locations of the cert and key. But I still get a checksum
error
in syslog:
Aug 8 17:04:53 grackle slapd[2028]: slapd starting Aug 8 17:05:01 grackle slapd[2028]: ldif_read_file: checksum error on "/etc/ldap /slapd.d/cn=config.ldif"
So you edited this by hand?
I haven't even tried to see if I have TLS working, but I have two questions:
#1. How should I have recovered from this (human) error? What I did didn't seem to work out very well.
and
#2. How do I un-screw my config and resolve the checksum problem?
Thanks in advance for any assistance.
-- Jeff Dickens IT Manager 978-632-1513
-- Kind Regards,
Gavin Henry. Managing Director.
T +44 (0) 1224 279484 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghenry@suretecsystems.com
Open Source. Open Solutions(tm).
http://www.suretecsystems.com/
Suretec Systems is a limited company registered in Scotland. Registered number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, Aberdeenshire, AB51 8GL.
Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html
Do you know we have our own VoIP provider called SureVoIP? See http://www.surevoip.co.uk
Did you see our API news? http://www.surevoip.co.uk/news-events/surevoip-launches-innovative-api
Sent: Sat Aug 11 2012 18:06:49 GMT-0400 (EDT) From: Jeff Dickens jeff@seamanpaper.com To: Gavin Henry ghenry@suretecsystems.com openldap-technical@openldap.org Subject: Re: got into a "checksum error" situation
Yes, I edited it by hand. Clearly not advisable since the comments said "don't do that", but since the server wouldn't start I couldn't use ldapmodify.
On Fri, Aug 10, 2012 at 6:51 AM, Gavin Henry <ghenry@suretecsystems.com mailto:ghenry@suretecsystems.com> wrote:
Not knowing what else to do, I removed the lines containing > "olcTLS" from /etc/ldap/slapd.d/cn=config.ldif. Then I was able to restart > slapd (congratulating myself) and then re-ran my ldapmodify command to enter > the correct locations of the cert and key. But I still get a checksum error > in syslog: > Aug 8 17:04:53 grackle slapd[2028]: slapd starting > Aug 8 17:05:01 grackle slapd[2028]: ldif_read_file: checksum error on > "/etc/ldap /slapd.d/cn=config.ldif" So you edited this by hand?
You can use 'slapcat' and 'slapadd' to modify the config database offline. This is the recommended way.
On 12 August 2012 00:00, Patrick Hemmer openldap@stormcloud9.net wrote:
Sent: Sat Aug 11 2012 18:06:49 GMT-0400 (EDT) From: Jeff Dickens jeff@seamanpaper.com To: Gavin Henry ghenry@suretecsystems.com openldap-technical@openldap.org
Subject: Re: got into a "checksum error" situation
Yes, I edited it by hand. Clearly not advisable since the comments said "don't do that", but since the server wouldn't start I couldn't use ldapmodify.
So you edited this by hand?
You can use 'slapcat' and 'slapadd' to modify the config database offline. This is the recommended way.
Not sure if you know, but what you should be doing is making changes and then running:
slaptest -F myconf.d -d my_debug_level_if_different_from_my_conf
Then slapd doesn't need to start and you'll see any errors. You can also do the same with:
slapacl -F myconf.d --extra_options_from_man_slapacl
to test your ACLs whilst referencing man slapd.access (5)
openldap-technical@openldap.org
-
Gavin Henry -
Jeff Dickens -
Patrick Hemmer