9:58 a.m.
Hello List,
I am very new to OpenLDAP and I am trying to put a Linux box authenticating trough
OpenLDAP instead of using the standard password file.
For this use I followed the tutorial you can find at http://ldots.org/ldap/ but it seems
this howto is out of date. The first problem I ran into was when trying to insert a new
user in LDIF format, I corrected the first error I got and now this is the file I have
dn: uid=myuser,ou=People,dc=example,dc=com
uid: myuser
cn: myuser
sn: Doe
givenname: John
objectclass: person
objectclass: posixaccount
objectclass: account
ou: People
uidnumber: 10001
gidnumber: 10001
homedirectory=: /home/ldap/john
loginshell: /bin/bash
When I try to run ldapadd I get the following error:
adding new entry "uid=branc0,ou=People,dc=example,dc=com"
ldap_add: Invalid syntax (21)
additional info: objectclass: value #1 invalid per syntax
I am not sure what the problem is, although I'm pretty sure it is between the chair
and the keyboard. Maybe someone on the list can direct me to a more up-to-date tutorial on
setting up authentication with LDAP ?
OpenLDAP version is 2.4.7
12:17 p.m.
I think you need to include the nis.schema in your slapd.conf. Also you
might want to try a
LDAP browser, as it helps add users and allows you to see what
objectclass are available
and which attributes are needed.
Vinh
Nuno Manuel Martins <nuno.mmartins_externo(a)sonae.com>
Sent by: openldap-technical-bounces+vinh.ctr.hoang=faa.gov(a)OpenLDAP.org
02/01/2008 12:58 PM
To
"openldap-technical(a)openldap.org" <openldap-technical(a)openldap.org>
cc
Subject
LDAP Auth
Hello List,
I am very new to OpenLDAP and I am trying to put a Linux box
authenticating trough OpenLDAP instead of using the standard password
file.
For this use I followed the tutorial you can find at
http://ldots.org/ldap/ but it seems this howto is out of date. The first
problem I ran into was when trying to insert a new user in LDIF format, I
corrected the first error I got and now this is the file I have
dn: uid=myuser,ou=People,dc=example,dc=com
uid: myuser
cn: myuser
sn: Doe
givenname: John
objectclass: person
objectclass: posixaccount
objectclass: account
ou: People
uidnumber: 10001
gidnumber: 10001
homedirectory=: /home/ldap/john
loginshell: /bin/bash
When I try to run ldapadd I get the following error:
adding new entry "uid=branc0,ou=People,dc=example,dc=com"
ldap_add: Invalid syntax (21)
additional info: objectclass: value #1 invalid per syntax
I am not sure what the problem is, although I?m pretty sure it is between
the chair and the keyboard. Maybe someone on the list can direct me to a
more up-to-date tutorial on setting up authentication with LDAP ?
OpenLDAP version is 2.4.7
3:02 a.m.
Hello everyone again,
I didn't have any help that would lead me to fix this, so I have spent some hours
trying to understand things better but still haven't got there.
I changed my ldif.file and now looks like this:
dn: uid=myuser,dc=example,dc=com
uid: myuser
cn: myuser
sn: Doe
uidnumber: 10001
gidnumber: 10001
homedirectory: /home/ldap/john
loginshell: /bin/bash
userPassword: password
objectclass: person
objectclass: posixaccount
I am trying to add this entry with the following command: ldapadd -D
"cn=manager,dc=example,dc=com" -W -f /root/tmp/tstuser.ldif
From the client I get the following message:
adding new entry
"uid=myuser,dc=example,dc=com"
ldap_add: No such object (32)
I have put the slapd in debug mode and I get a lot of messages. In order not to flood the
list I will post what I think are the relevant ones. If you need to see the whole messages
let me know and I'll use an attachment or something.
ber_scanf fmt (}) ber:
>> dnPrettyNormal: <uid=myuser,dc=example,dc=com>
=> ldap_bv2dn(uid=myuser,dc=example,dc=com,0)
<= ldap_bv2dn(uid=myuser,dc=example,dc=com)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=myuser,dc=example,dc=com)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=myuser,dc=example,dc=com)=0
<<< dnPrettyNormal: <uid=myuser,dc=example,dc=com>,
<uid=myuser,dc=example,dc=com>
bdb_dn2entry("uid=myuser,dc=example,dc=com")
=> bdb_dn2id("dc=example,dc=com")
<= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found (-30989)
bdb_referrals: tag=104 target="uid=myuser,dc=example,dc=com"
matched=""
==> bdb_add: uid=myuser,dc=example,dc=com
oc_check_required entry (uid=myuser,dc=example,dc=com), objectClass "person"
oc_check_required entry (uid=myuser,dc=example,dc=com), objectClass
"posixAccount"
oc_check_allowed type "uid"
oc_check_allowed type "cn"
oc_check_allowed type "sn"
oc_check_allowed type "uidNumber"
oc_check_allowed type "gidNumber"
oc_check_allowed type "homeDirectory"
oc_check_allowed type "loginShell"
oc_check_allowed type "userPassword"
oc_check_allowed type "objectClass"
oc_check_allowed type "structuralObjectClass"
bdb_dn2entry("uid=myuser,dc=example,dc=com")
=> bdb_dn2id("dc=example,dc=com")
<= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found (-30989)
bdb_add: parent does not exist
send_ldap_result: conn=15 op=3 p=3
send_ldap_result: err=10 matched="" text=""
send_ldap_response: msgid=4 tag=105 err=32
I googled around for that DB_NOTFOUND problem and all I got were some ideas about
permissions, but I'm starting OpenLDAP as root so I don't think that is it. Maybe
something I skipped on installation of OpenLDAP? Is there any step needed to initialize
the DB?
This is my slapd.conf:
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
include /usr/local/etc/openldap/schema/nis.schema
pidfile /usr/local/var/run/slapd.pid
argsfile /usr/local/var/run/slapd.args
database bdb
suffix "dc=example,dc=com"
rootdn "cn=manager,dc=example,dc=com"
rootpw [something]
directory /usr/local/var/openldap-data
index objectClass eq
If anyone can help, it would be really appreciated.
Thank you,
Nuno
________________________________
Hello List,
I am very new to OpenLDAP and I am trying to put a Linux box authenticating trough
OpenLDAP instead of using the standard password file.
For this use I followed the tutorial you can find at http://ldots.org/ldap/ but it seems
this howto is out of date. The first problem I ran into was when trying to insert a new
user in LDIF format, I corrected the first error I got and now this is the file I have
dn: uid=myuser,ou=People,dc=example,dc=com
uid: myuser
cn: myuser
sn: Doe
givenname: John
objectclass: person
objectclass: posixaccount
objectclass: account
ou: People
uidnumber: 10001
gidnumber: 10001
homedirectory=: /home/ldap/john
loginshell: /bin/bash
When I try to run ldapadd I get the following error:
adding new entry "uid=branc0,ou=People,dc=example,dc=com"
ldap_add: Invalid syntax (21)
additional info: objectclass: value #1 invalid per syntax
I am not sure what the problem is, although I'm pretty sure it is between the chair
and the keyboard. Maybe someone on the list can direct me to a more up-to-date tutorial on
setting up authentication with LDAP ?
OpenLDAP version is 2.4.7
4:07 a.m.
Nuno Manuel Martins wrote:
I changed my ldif.file and now looks like this:
dn: uid=myuser,dc=example,dc=com
[..]
I am trying to add this entry with the following command: /ldapadd -D
"cn=manager,dc=example,dc=com" -W -f /root/tmp/tstuser.ldif /
From the client I get the following message:
adding new entry "uid=myuser,dc=example,dc=com"
ldap_add: No such object (32)
http://www.openldap.org/faq/data/cache/157.html
OpenLDAP's FAQ-O-MATIC contains a wealth of good information, e.g. a
section about "Common Errors" in which you can find the FAQ article
mentioned above:
http://www.openldap.org/faq/data/cache/53.html
Ciao, Michael.
10:28 p.m.
On Thursday 14 February 2008 13:02:12 Nuno Manuel Martins wrote:
Hello everyone again,
I didn't have any help that would lead me to fix this, so I have spent some
hours trying to understand things better but still haven't got there.
I changed my ldif.file and now looks like this:
dn: uid=myuser,dc=example,dc=com
uid: myuser
cn: myuser
sn: Doe
uidnumber: 10001
gidnumber: 10001
homedirectory: /home/ldap/john
loginshell: /bin/bash
userPassword: password
objectclass: person
objectclass: posixaccount
I am trying to add this entry with the following command: ldapadd -D
"cn=manager,dc=example,dc=com" -W -f /root/tmp/tstuser.ldif
<= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair
found
(-30989) bdb_add: parent does not exist
You haven't created dc=example,dc=com.
What documentation are you following ? For example, this is step 10 in the
OpenLDAP quick start guide:
http://www.openldap.org/doc/admin24/quickstart.html .
4:20 a.m.
I feel silly... using ldapadd with the -x switch seems to work.
Can't believe the time I wasted checking this, seems I was doing the wrong kind of
authentication.
From: Nuno Manuel Martins
Sent: quinta-feira, 14 de Fevereiro de 2008 11:02
To: openldap-technical(a)openldap.org
Subject: RE: LDAP Auth
Hello everyone again,
I didn't have any help that would lead me to fix this, so I have spent some hours
trying to understand things better but still haven't got there.
I changed my ldif.file and now looks like this:
dn: uid=myuser,dc=example,dc=com
uid: myuser
cn: myuser
sn: Doe
uidnumber: 10001
gidnumber: 10001
homedirectory: /home/ldap/john
loginshell: /bin/bash
userPassword: password
objectclass: person
objectclass: posixaccount
I am trying to add this entry with the following command: ldapadd -D
"cn=manager,dc=example,dc=com" -W -f /root/tmp/tstuser.ldif
From the client I get the following message:
adding new entry
"uid=myuser,dc=example,dc=com"
ldap_add: No such object (32)
I have put the slapd in debug mode and I get a lot of messages. In order not to flood the
list I will post what I think are the relevant ones. If you need to see the whole messages
let me know and I'll use an attachment or something.
ber_scanf fmt (}) ber:
>> dnPrettyNormal: <uid=myuser,dc=example,dc=com>
=> ldap_bv2dn(uid=myuser,dc=example,dc=com,0)
<= ldap_bv2dn(uid=myuser,dc=example,dc=com)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=myuser,dc=example,dc=com)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=myuser,dc=example,dc=com)=0
<<< dnPrettyNormal: <uid=myuser,dc=example,dc=com>,
<uid=myuser,dc=example,dc=com>
bdb_dn2entry("uid=myuser,dc=example,dc=com")
=> bdb_dn2id("dc=example,dc=com")
<= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found (-30989)
bdb_referrals: tag=104 target="uid=myuser,dc=example,dc=com"
matched=""
==> bdb_add: uid=myuser,dc=example,dc=com
oc_check_required entry (uid=myuser,dc=example,dc=com), objectClass "person"
oc_check_required entry (uid=myuser,dc=example,dc=com), objectClass
"posixAccount"
oc_check_allowed type "uid"
oc_check_allowed type "cn"
oc_check_allowed type "sn"
oc_check_allowed type "uidNumber"
oc_check_allowed type "gidNumber"
oc_check_allowed type "homeDirectory"
oc_check_allowed type "loginShell"
oc_check_allowed type "userPassword"
oc_check_allowed type "objectClass"
oc_check_allowed type "structuralObjectClass"
bdb_dn2entry("uid=myuser,dc=example,dc=com")
=> bdb_dn2id("dc=example,dc=com")
<= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found (-30989)
bdb_add: parent does not exist
send_ldap_result: conn=15 op=3 p=3
send_ldap_result: err=10 matched="" text=""
send_ldap_response: msgid=4 tag=105 err=32
I googled around for that DB_NOTFOUND problem and all I got were some ideas about
permissions, but I'm starting OpenLDAP as root so I don't think that is it. Maybe
something I skipped on installation of OpenLDAP? Is there any step needed to initialize
the DB?
This is my slapd.conf:
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
include /usr/local/etc/openldap/schema/nis.schema
pidfile /usr/local/var/run/slapd.pid
argsfile /usr/local/var/run/slapd.args
database bdb
suffix "dc=example,dc=com"
rootdn "cn=manager,dc=example,dc=com"
rootpw [something]
directory /usr/local/var/openldap-data
index objectClass eq
If anyone can help, it would be really appreciated.
Thank you,
Nuno
________________________________
Hello List,
I am very new to OpenLDAP and I am trying to put a Linux box authenticating trough
OpenLDAP instead of using the standard password file.
For this use I followed the tutorial you can find at http://ldots.org/ldap/ but it seems
this howto is out of date. The first problem I ran into was when trying to insert a new
user in LDIF format, I corrected the first error I got and now this is the file I have
dn: uid=myuser,ou=People,dc=example,dc=com
uid: myuser
cn: myuser
sn: Doe
givenname: John
objectclass: person
objectclass: posixaccount
objectclass: account
ou: People
uidnumber: 10001
gidnumber: 10001
homedirectory=: /home/ldap/john
loginshell: /bin/bash
When I try to run ldapadd I get the following error:
adding new entry "uid=branc0,ou=People,dc=example,dc=com"
ldap_add: Invalid syntax (21)
additional info: objectclass: value #1 invalid per syntax
I am not sure what the problem is, although I'm pretty sure it is between the chair
and the keyboard. Maybe someone on the list can direct me to a more up-to-date tutorial on
setting up authentication with LDAP ?
OpenLDAP version is 2.4.7
10:36 p.m.
On Thursday 14 February 2008 14:20:18 Nuno Manuel Martins wrote:
Can't believe the time I wasted checking this, seems I was doing
the wrong
kind of authentication.
If you don't actually read the accurate error messages, you will waste time,
and be uncertain about what you are doing wrong.
This list is maybe not the most appropriate list for a user who is learning
the very basics of LDAP, openldap-software may be a better list for your
questions at this stage.
Regards,
Buchan
5772
days inactive
5786
days old
openldap-technical@openldap.org
6 comments
4 participants
participants (4)
-
Buchan Milne -
Michael Ströder -
Nuno Manuel Martins -
Vinh.CTR.Hoang@faa.gov