Find the answer to your Linux question:
Results 1 to 3 of 3
Hi! I'm trying to setup an OpenLDAP based system i can add entries to the database with ldapadd -D "cn=root,dc=beraldap" -w prova -f test.ldif (slapcat lends me the correct dump ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Mar 2012
    Posts
    6

    LDAP (probably stupid) problem


    Hi!
    I'm trying to setup an OpenLDAP based system
    i can add entries to the database with
    ldapadd -D "cn=root,dc=beraldap" -w prova -f test.ldif
    (slapcat lends me the correct dump of the database, with my new inserted values!)

    but if i try to use
    ldapsearch -D "cn=root,dc=beraldap" -w prova
    the command fail then echo "result: 32 No such object"
    (using switch -d1 is not more useful...it prints only connection status, saying to me that nothing where wrong...)

    It's my first try at LDAP system so I've configured slapd.conf as follow:

    slapd.conf
    #
    # See slapd.conf(5) for details on configuration options.
    # This file should NOT be world readable.
    #
    include /etc/openldap/schema/core.schema
    #aggiunte varie

    include /etc/openldap/schema/cosine.schema
    include /etc/openldap/schema/nis.schema
    include /etc/openldap/schema/inetorgperson.schema
    include /etc/openldap/schema/traffico.schema
    # Define global ACLs to disable default read access.

    # Do not enable referrals until AFTER you have a working directory
    # service AND an understanding of referrals.
    #referral ldap://root.openldap.org

    pidfile /run/openldap/slapd.pid
    argsfile /run/openldap/slapd.args

    # Load dynamic backend modules:
    # modulepath /usr/lib/openldap
    # moduleload back_bdb.la
    # moduleload back_hdb.la
    # moduleload back_ldap.la

    # Sample security restrictions
    # Require integrity protection (prevent hijacking)
    # Require 112-bit (3DES or better) encryption for updates
    # Require 63-bit encryption for simple bind
    # security ssf=1 update_ssf=112 simple_bind=64

    # Sample access control policy:
    # Root DSE: allow anyone to read it
    # Subschema (sub)entry DSE: allow anyone to read it
    # Other DSEs:
    # Allow self write access
    # Allow authenticated users read access
    # Allow anonymous users to authenticate
    # Directives needed to implement policy:
    # access to dn.base="" by * read
    # access to dn.base="cn=Subschema" by * read
    # access to *
    # by self write
    # by users read
    # by anonymous auth
    #
    # if no access controls are present, the default policy
    # allows anyone and everyone to read anything but restricts
    # updates to rootdn. (e.g., "access to * by * read")
    #
    # rootdn can always read and write EVERYTHING!

    # I know it's stupid, but is for testing! maybe it's the error?
    access to * by * read
    access to * by * write

    ################################################## #####################
    # BDB database definitions
    ################################################## #####################

    database bdb
    suffix "dc=beraldap"
    rootdn "cn=root,dc=beraldap"
    # Cleartext passwords, especially for the rootdn, should
    # be avoid. See slappasswd( and slapd.conf(5) for details.
    # Use of strong authentication encouraged.
    # The database directory MUST exist prior to running slapd AND
    # should only be accessible by the slapd and slap tools.
    # Mode 700 recommended.
    directory /var/lib/openldap/openldap-data
    # Indices to maintain
    index objectClass eq
    #index uid pres,eq
    #index mail pres,sub,eq
    #index cn pres,sub,eq
    #index sn pres,sub,eq
    #index dc eq
    rootpw {SSHA}yceKYs04IWf5bfC9KVriXxsfLySl7a2D
    sorry for my bad English!
    so...thanks for reading!
    any idea?

    Thanks! (and goodnight! zZz)
    Davide

  2. #2
    Linux Engineer
    Join Date
    Apr 2012
    Location
    Virginia, USA
    Posts
    917
    Hello. See this link: OpenLDAP 2.2 Administrator's Guide: A Quick-Start Guide
    Towards the bottom, you will see your answer

  3. #3
    Just Joined!
    Join Date
    Mar 2012
    Posts
    6
    Quote Originally Posted by mizzle View Post
    Towards the bottom, you will see your answer
    :O
    thanks!
    I never ever think that the root user is limited...

    (and the slapd.conf is trolling me...)
    # rootdn can always read and write EVERYTHING!
    now everything works well!

    thanks!
    Davide

  4. $spacer_open
    $spacer_close

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •