-----Original Message----- From: Quanah Gibson-Mount [mailto:quanah@zimbra.com] Sent: Thursday, August 29, 2013 3:10 PM To: Clint Petty Subject: RE: ldapadd "ldap_bind: Invalid credentials (49)"

--On Thursday, August 29, 2013 10:06 PM +0000 Clint Petty cpetty@luthresearch.com wrote:

...

# /etc/init.d/slapd debug -1 -u ldap -F /usr/local/etc/openldap/slapd.d # -H ldapi:/// slapd: [INFO] Using /etc/default/slapd for configuration slapd: [INFO] Halting OpenLDAP... slapd: [INFO] Can't read PID file, to stop OpenLDAP try: /etc/init.d/slapd forcestop slapd: [INFO] No db_recover done slapd: [INFO] Launching OpenLDAP... slapd: [OK] File descriptor limit set to 1024 521fc4a1 @(#) $OpenLDAP: slapd 2.4.36 (Aug 21 2013 09:39:54) $ clement@localhost.localdomain:/home/clement/build/BUILD/openldap-2.4.36/ servers/slapd 521fc4a1 /usr/local/openldap/etc/openldap/slapd.conf: line 5: unknown directive dn: >outside backend info and database definitions. 521fc4a1 slapd stopped. 521fc4a1 connections_destroy: nothing to destroy.

Hi Clint,

The point is to use a ">" with the text *I* wrote, not the text you write. That's standard quoting of replies (as you will see my email client does automatically).

In the above, you used /etc/init.d/slapd, rather than the slapd *binary*. The above indicates you are using an invalid slapd.conf file localted in /usr/local/openldap/etc/openldap. I thought you used cn=config?

You may need to examine /etc/default/slapd to see how to fix it to use cn=config? etc. At this point, you may want to ask the LTB project for guidance on configuring their servers correctly.

--Quanah

_________________________________________________________________

# /usr/local/openldap/libexec/slapd -d -1 -u ldap -F /usr/local/etc/openldap/slapd.d -h ldapi:/// ldap_url_parse_ext(ldap://localhost/) ldap_init: trying /usr/local/openldap/etc/openldap/ldap.conf ldap_init: using /usr/local/openldap/etc/openldap/ldap.conf ldap_init: HOME env is /root ldap_init: trying /root/ldaprc ldap_init: trying /root/.ldaprc ldap_init: trying ldaprc ldap_init: LDAPCONF env is NULL ldap_init: LDAPRC env is NULL 521fc7d9 @(#) $OpenLDAP: slapd 2.4.36 (Aug 21 2013 09:39:54) $ clement@localhost.localdomain:/home/clement/build/BUILD/openldap-2.4.36/servers/slapd ldap_pvt_gethostbyname_a: host=ip-10-15-2-169, r=0 521fc7d9 daemon_init: ldapi:/// 521fc7d9 daemon_init: listen on ldapi:/// 521fc7d9 daemon_init: 1 listeners to open... ldap_url_parse_ext(ldapi:///) 521fc7d9 daemon: listener initialized ldapi:/// 521fc7d9 daemon_init: 1 listeners opened ldap_create 521fc7d9 slapd init: initiated server. 521fc7d9 slap_sasl_init: initialized! 521fc7d9 bdb_back_initialize: initialize BDB backend 521fc7d9 bdb_back_initialize: Berkeley DB 4.6.21: (September 27, 2007) 521fc7d9 hdb_back_initialize: initialize HDB backend 521fc7d9 hdb_back_initialize: Berkeley DB 4.6.21: (September 27, 2007) 521fc7d9 mdb_back_initialize: initialize MDB backend 521fc7d9 mdb_back_initialize: MDB 0.9.7: (January 10, 2013) 521fc7d9 ==> translucent_initialize 521fc7d9 backend_startup_one: starting "cn=config" 521fc7d9 ldif_read_file: Permission denied for "/usr/local/etc/openldap/slapd.d/cn=config.ldif" 521fc7d9 send_ldap_result: conn=-1 op=0 p=0 521fc7d9 send_ldap_result: err=80 matched="" text="internal error (cannot read some entry file)" 521fc7d9 slapd destroy: freeing system resources. 521fc7d9 slapd stopped. 521fc7d9 connections_destroy: nothing to destroy. #

Clint