Hi All, I have install openldap, openldap-servers and openldap-clients and systemctl start slapd without anyproblem but when try ti do an initial ldapadd I got error. My slapd.conf and oidbase.ldif as below. Please help and thank you very much
Garry
slapd.conf # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema
include /etc/openldap/oidschema/oidbase.schema include /etc/openldap/oidschema/oidnet.schema include /etc/openldap/oidschema/oidrdbms.schema include /etc/openldap/oidschema/alias.schema
# Allow LDAPv2 client connections. This is NOT the default. allow bind_v2
# Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral ldap://root.openldap.org
pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.args
#default searchbase defaultsearchbase "dc=cornell,dc=edu" ####################################################################### # ldbm and/or bdb database definitions #######################################################################
database bdb suffix "dc=cornell,dc=edu" rootdn "cn=admin,dc=cornell,dc=edu" rootpw {SSHA}gZp2hnEA/xq/FfxMgPTjDmSPo78PuZAs
# The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /var/lib/ldap/cornell
# Indices to maintain for this database index objectClass eq,pres index ou,cn,mail,surname,givenname eq,pres,sub index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub index nisMapName,nisMapEntry eq,pres,sub
### for root oraclecontext # database bdb suffix "" rootdn "cn=admin" rootpw {SSHA}gZp2hnEA/xq/FfxMgPTjDmSPo78PuZAs
# The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /var/lib/ldap/rootoraclecontext
# Indices to maintain for this database index objectClass eq,pres index ou,cn,mail,surname,givenname eq,pres,sub index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub index nisMapName,nisMapEntry eq,pres,sub
oidbase.ldif dn: dc=cornell,dc=edu objectClass: top objectClass: dcObject objectClass: organization o: cornell.edu dc: cornell
dn: cn=OracleContext,dc=cornell,dc=edu objectclass: orclContext cn: OracleContext
l$ ldapadd -vc -x -D “cn=admin,dc=cornell,dc=edu” -w $passwd -f oidbase.ldif ldap_initialize( <DEFAULT> ) ldap_bind: Invalid DN syntax (34) additional info: invalid DN
--On Tuesday, December 04, 2018 8:10 PM +0000 Eggo why eggo@hotmail.com wrote:
database bdb
Don't use BDB as your backend.
### for root oraclecontext
OpenLDAP is not Oracle. It probably should not have an oracle context.
oidbase.ldif dn: dc=cornell,dc=edu
objectClass: top
objectClass: dcObject
objectClass: organization
o: cornell.edu
dc: cornell
dn: cn=OracleContext,dc=cornell,dc=edu
objectclass: orclContext cn: OracleContext
I can't tell if your LDIF file is badly formatted or the extra spacing here is an effect of the mailer you are using.
l$ ldapadd -vc -x -D "cn=admin,dc=cornell,dc=edu" -w $passwd -f oidbase.ldif ldap_initialize( <DEFAULT> )
ldap_bind: Invalid DN syntax (34) additional info: invalid DN
What does the slapd server log show as the received DN?
Additionally, if you're working on converting from OID to OpenLDAP I would note that Symas has extensive experience in this area.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
On 12/5/18 6:08 PM, Quanah Gibson-Mount wrote:
--On Tuesday, December 04, 2018 8:10 PM +0000 Eggo why eggo@hotmail.com wrote:
### for root oraclecontext
OpenLDAP is not Oracle. It probably should not have an oracle context.
One can provide a replacement for tnsnames.ora for Oracle SQL clients via LDAP service. That's probably what the original poster wants to achieve. No problem to implement such a service based on OpenLDAP provided you load the right schema.
See also: https://markjbobak.wordpress.com/2013/10/10/openldap-configuration-for-net-s...
Ciao, Michael.
--On Wednesday, December 05, 2018 7:27 PM +0100 Michael Ströder michael@stroeder.com wrote:
OpenLDAP is not Oracle. It probably should not have an oracle context.
One can provide a replacement for tnsnames.ora for Oracle SQL clients via LDAP service. That's probably what the original poster wants to achieve. No problem to implement such a service based on OpenLDAP provided you load the right schema.
Part of why I put the word "probably". ;) I.e., in case there was something outside of a direct OID->OpenLDAP migration in play.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
openldap-technical@openldap.org
-
Eggo why -
Michael Ströder -
Quanah Gibson-Mount