The openldap guide suggests that the configuration for dynamic configuration is yet to be written and it seems it is probably easy to get configured from the start but not intuitive enough for me to add to an already running server.
(this is my consumer if that makes a difference)
# cat monitor-add.ldif # Load dynamic backend modules dn: cn=module,cn=config changetype: add add: module olcModuleload: back_monitor -
# http://www.openldap.org/doc/admin24/monitoringslapd.html dn: olcDatabase=monitor,cn=config #objectClass: olcDatabaseConfig changetype: add add: olcDatabase olcDatabase: {2}monitor
# ./monitor-add.sh Enter LDAP Password: adding new entry "cn=module,cn=config" ldapmodify: update failed: cn=module,cn=config ldap_add: Bad parameter to an ldap routine (-9)
I can't seem to find the right ldif combination to add monitor (Ubuntu Lucid / slapd 2.4.21-0ubuntu5.5)
# grep ModulePath /etc/ldap/slapd.d/cn=config/cn=module{0}.ldif olcModulePath: /usr/lib/ldap
I don't know much about cn=monitor,cn=config, but I would first look at the format of your LDIF file.
You only use a dash (-) to separate multiple changes on the same previously defined DN (dn: cn=module,cn=config).
If you change the target of modifications to a different DN (dn: olcDatabase=monitor,cn=config) then you separate it by a blank line, not a dash.
You seem to be doing parts of both.Try removing the dash or remove the blank line, the "dn: olcDatabase=monitor,cn=config" and the "changetype: add" lines, depending on what you were trying to do.
An example of multiple DN targets within one LDIF file can be found in provider_sync.ldif listed in the LDAP Replication section of https://help.ubuntu.com/10.04/serverguide/C/openldap-server.html
Bob
________________________________ From: Craig White craig.white@ttiltd.com To: openldap-technical@openldap.org Sent: Friday, 14 October 2011 1:30 AM Subject: adding monitor to cn=config on already running slapd
The openldap guide suggests that the configuration for dynamic configuration is yet to be written and it seems it is probably easy to get configured from the start but not intuitive enough for me to add to an already running server.
(this is my consumer if that makes a difference)
# cat monitor-add.ldif # Load dynamic backend modules dn: cn=module,cn=config changetype: add add: module olcModuleload: back_monitor -
# http://www.openldap.org/doc/admin24/monitoringslapd.html dn: olcDatabase=monitor,cn=config #objectClass: olcDatabaseConfig changetype: add add: olcDatabase olcDatabase: {2}monitor
# ./monitor-add.sh Enter LDAP Password: adding new entry "cn=module,cn=config" ldapmodify: update failed: cn=module,cn=config ldap_add: Bad parameter to an ldap routine (-9)
I can't seem to find the right ldif combination to add monitor (Ubuntu Lucid / slapd 2.4.21-0ubuntu5.5)
# grep ModulePath /etc/ldap/slapd.d/cn=config/cn=module{0}.ldif olcModulePath: /usr/lib/ldap
On Donnerstag 13 Oktober 2011 19:30:01 Craig White wrote:
The openldap guide suggests that the configuration for dynamic configuration is yet to be written and it seems it is probably easy to get configured from the start but not intuitive enough for me to add to an already running server.
(this is my consumer if that makes a difference)
# cat monitor-add.ldif # Load dynamic backend modules dn: cn=module,cn=config changetype: add add: module olcModuleload: back_monitor
This is not a valid LDIF record. Please have a look at the ldif(5) manpage. You use "changetype: add" but the information that follows is in the format for "changetype: modify".
Additionally, as Marc already pointed out the "add: module" is also wrong. The value you use for olcModuleload wrong as well. You need to specify a file name there.
The other entries of your LDIF seem broken in similar ways, btw.
Ralf
On Oct 14, 2011, at 5:44 AM, Ralf Haferkamp wrote:
On Donnerstag 13 Oktober 2011 19:30:01 Craig White wrote:
The openldap guide suggests that the configuration for dynamic configuration is yet to be written and it seems it is probably easy to get configured from the start but not intuitive enough for me to add to an already running server.
(this is my consumer if that makes a difference)
# cat monitor-add.ldif # Load dynamic backend modules dn: cn=module,cn=config changetype: add add: module olcModuleload: back_monitor
This is not a valid LDIF record. Please have a look at the ldif(5) manpage. You use "changetype: add" but the information that follows is in the format for "changetype: modify".
Additionally, as Marc already pointed out the "add: module" is also wrong. The value you use for olcModuleload wrong as well. You need to specify a file name there.
The other entries of your LDIF seem broken in similar ways, btw.
---- this worked... (thanks) # Load dynamic backend modules dn: cn=module{0},cn=config changetype: modify add: olcModuleLoad olcModuleload: back_monitor.la
but I still can't seem to grok how to add the monitor database... (commented 'changetype' to use ldapadd instead of ldapmodify)
dn: olcDatabase=monitor,cn=config #changetype: modify objectClass: olcDatabaseConfig add: olcDatabase olcDatabase: {2}monitor
adding new entry "olcDatabase=monitor,cn=config" ldap_add: Undefined attribute type (17) additional info: add: attribute type undefined
and this doesn't work either (using ldapmodify)... dn: cn=config changetype: modify add: olcDatabase olcDatabase: {2}monitor
modifying entry "cn=config" ldap_modify: Object class violation (65) additional info: attribute 'olcDatabase' not allowed
Craig
On Freitag 14 Oktober 2011 18:53:30 Craig White wrote:
On Oct 14, 2011, at 5:44 AM, Ralf Haferkamp wrote:
[..]
The other entries of your LDIF seem broken in similar ways, btw.
this worked... (thanks) # Load dynamic backend modules dn: cn=module{0},cn=config changetype: modify add: olcModuleLoad olcModuleload: back_monitor.la
but I still can't seem to grok how to add the monitor database... (commented 'changetype' to use ldapadd instead of ldapmodify)
dn: olcDatabase=monitor,cn=config #changetype: modify objectClass: olcDatabaseConfig add: olcDatabase olcDatabase: {2}monitor
adding new entry "olcDatabase=monitor,cn=config" ldap_add: Undefined attribute type (17) additional info: add: attribute type undefined
Did you ever read the ldif(5) manpage or RFC2849? Both document very well (the RFC even with examples) the differences between LDIF entry records and change records. When using ldapadd the input file needs to be entry records (hint: those don't have those add/replace/delete: <attrtype> lines).
and this doesn't work either (using ldapmodify)... dn: cn=config changetype: modify add: olcDatabase olcDatabase: {2}monitor
This one is completely bogus, your LDIF is telling slapd to add an attribute "olcDatabase: {2}monitor" to the entry "cn=config". But in reality you want to create a new entry with the DN: "olcDatabase=monitor,cn=config"
Ralf
openldap-technical@openldap.org
-
Bob Fitch -
Craig White -
Marc Patermann -
Ralf Haferkamp