[oclug] Basic LDAP Setup

Chris Herrnberger chris123 at magma.ca
Fri Mar 30 22:54:35 EST 2001 

Reading up on LDAP I decided to set it up on my workstation and of course I 
got stuck. Here is the pertinant data. Looks simple enough and checked all 
config as per reference below but ended up with several errors.

version: SuSE rpm OpenLDAP2.0.7
install ref: http://www2.linuxjournal.com/articles/linux_review/0030.html

/etc/openldap/sldap.conf 
_______________________________________________________________________________
# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.4 2000/08/26 17:06:18 
kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema   #netscape req'd
include         /etc/openldap/schema/inetorgperson.schema  #netscape req'd
 
# Define global ACLs to disable default read access.
 
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral       ldap://root.openldap.org
 
pidfile         /var/run/slapd.pid
argsfile        /var/run/slapd.args
 
# Load dynamic backend modules:
# modulepath    /usr/lib/openldap/openldap
# moduleload    back_ldap.la
# moduleload    back_ldbm.la
# moduleload    back_passwd.la
# moduleload    back_shell.la
 
#######################################################################
# ldbm database definitions
#######################################################################

database        ldbm
suffix          "dc=my-domain, dc=com"
suffix          "o=myaddressbook, c=CA"
rootdn          "cn=root, o=myaddressbook, c=CA"
#rootdn         "cn=Manager, o=My Organization Name, c=US"
# Cleartext passwords, especially for the rootdn, should
# be avoid.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw          xxxxxxxxxxxxxxxxxxxx
# The database directory MUST exist prior to running slapd AND
# should only be accessable by the slapd/tools. Mode 700 recommended.
directory       /var/lib/ldap
# Indices to maintain
index   objectClass     eq
access to dn=".*,o=myaddressbook,c=CA"                          (LINE 44:)
	by anonymous                        read                       (LINE 45:)
____________________________________________________________________________

Lines 44-45 are added as per reference to allow for testing from Netscape 
Address Book  Starting the ldap server gives the following error:

Starting ldap-server./etc/openldap/slapd.conf: line 44: warning: no by 
clause(s) specified in access line
/etc/openldap/slapd.conf: line 45: unknown directive "by" in ldbm database 
definition (ignored)

The line suffix "dc=my-domain, dc=com" is the slalp.conf file does not make 
sense to me even though the reference provides no instruction to remove it. 
Removing that line item however produces the same error as above. 

Then of course when loading the testdata.ldif gives using the command:
ldapadd -D "cn=root, o=myaddressbook" c=CA" -W -v -f testdata.ldif
gives the following error once the password is added:

ldap_initialize( <DEFAULT> )
Enter LDAP Password:
ldap_sasl_interactive_bind_s: No such object

Any suggestions as to where Im going wrong would be greatly appreciated. 

Best and thanks

Chris

More information about the OCLUG mailing list