Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
database bdb
suffix "dc=company,dc=net"
checkpoint 1024 15
rootdn "cn=manager,dc=company,dc=net"
# Cleartext passwords, especially for the rootdn, should
# be avoided. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
# rootpw secret
rootpw {SSHA}WW2PMcKsh0ZVrFFSuwAtAXIUISAq1VIU
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory /var/lib/ldap
# Indices to maintain for this database
#index objectClass eq,pres
#index ou,cn,mail,
# Replicas of this database
#replogfile /var/lib/ldap/openldap-master-replog
#replica host=ldap-1.example.com:389 starttls=critical
# bindmethod=sasl saslmech=GSSAPI
# authcId=host/ldap-master.example.com@EXAMPLE.COM
# enable monitoring
database monitor
# allow onlu rootdn to read the monitor
access to *
by dn.exact="cn=manager,dc=company,dc=net" read
by * none
According to slapd.conf the root dn is: "cn=manager,dc=company,dc=net", so you have to change it in the above command. You can use also the -vx options (verbose and no sasl auth):
According to slapd.conf the root dn is: "cn=manager,dc=company,dc=net", so you have to change it in the above command. You can use also the -vx options (verbose and no sasl auth):
i've tried slappasswd and it still doesn t work :s
Run slappasswd to create a new encrypted password, stop slapd, copy the new password (the output of slappasswd) in slapd.conf and restart slapd to see what happens.
Run slappasswd to create a new encrypted password, stop slapd, copy the new password (the output of slappasswd) in slapd.conf and restart slapd to see what happens.
[root@localhost anass]# slappasswd
New password:
Re-enter new password:
{SSHA}tfRauHS2E6OIxftJsuqLYqsjWjW1vXsO
[root@localhost anass]# service ldap stop
Stopping slapd: [ OK ]
[root@localhost anass]# vi /etc/openldap/slapd.conf
[root@localhost anass]# service ldap start
Starting slapd: [ OK ]
[root@localhost anass]# ldapadd -vx -D "cn=manager,dc=company,dc=net" -W -f /etc/openldap/base.ldif
ldap_initialize( <DEFAULT> )
Enter LDAP Password:
ldap_bind: Invalid credentials (49)
[root@localhost anass]#
Just to clarify something: Are there blank lines between each line in the ldif you're trying to import, or it seems so because you didn't used [code] tags? Blank lines are used to designate every entry. Use this ldif and see if it works:
Code:
#Organization for Samba Base
dn: dc=company,dc=net
objectclass: dcObject
objectclass: organization
dc: company
o: Samba 3
description: Samba 3
# Manager LDAP
dn: cn=manager,dc=company,dc=net
objectclass: organizationalRole
cn: manager
description: LDAP Manager
# Conteneur d'utilisateurs
dn: ou=Users,dc=company,dc=net
objectclass: top
objectclass: organizationalUnit
ou: Users
# Conteneur de machines
dn: ou=Computers,dc=company,dc=net
objectclass: top
objectclass: organizationalUnit
ou: Computers
# Administrateur
dn: cn=admin,ou=Users,dc=company,dc=net
cn: admin
objectclass: top
objectclass: organizationalRole
objectclass: simpleSecurityObject
userPassword: {SSHA}WW2PMcKsh0ZVrFFSuwAtAXIUISAq1VIU
And you can use slapadd to import the ldif is ldapadd fails. Mind that you must stop the server if you are going to use slapadd.
[QUOTE=bathory;3509699]Just to clarify something: Are there blank lines between each line in the ldif you're trying to import, or it seems so because you didn't used [code] tags? Blank lines are used to designate every entry. Use this ldif and see if it works:
[CODE]
i ve tried with the code that u gave me and i got the same thing
[root@localhost anass]# ldapadd -vx -D "cn=manager,dc=company,dc=net" -W -f /home/anass/Bureau/base.ldif
ldap_initialize( <DEFAULT> )
Enter LDAP Password:
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
[root@localhost anass]# service ldap start
Starting slapd: [ OK ]
[root@localhost anass]# ldapadd -vx -D "cn=manager,dc=company,dc=net" -W -f /home/anass/Bureau/base.ldif
ldap_initialize( <DEFAULT> )
Enter LDAP Password:
ldap_bind: Invalid credentials (49)
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/mozillaAbPersonAlpha.schema
# Allow LDAPv2 client connections. This is NOT the default.
allow bind_v2
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
# Load dynamic backend modules:
# modulepath /usr/lib/openldap
# moduleload back_bdb.la
# moduleload back_ldap.la
# moduleload back_ldbm.la
# moduleload back_passwd.la
# moduleload back_shell.la
# The next three lines allow use of TLS for encrypting connections using a
# dummy test certificate which you can generate by changing to
# /etc/pki/tls/certs, running "make slapd.pem", and fixing permissions on
# slapd.pem so that the ldap user or group can read it. Your client software
# may balk at self-signed certificates, however.
# Sample security restrictions
# Require integrity protection (prevent hijacking)
# Require 112-bit (3DES or better) encryption for updates
# Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64
# Sample access control policy:
# Root DSE: allow anyone to read it
# Subschema (sub)entry DSE: allow anyone to read it
# Other DSEs:
# Allow self write access
# Allow authenticated users read access
# Allow anonymous users to authenticate
# Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
# by self write
# by users read
# by anonymous auth
#
# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn. (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!
#######################################################################
# ldbm and/or bdb database definitions
#######################################################################
#database bdb
#suffix "dc=my-domain,dc=com"
#rootdn "cn=Manager,dc=my-domain,dc=com"
# Cleartext passwords, especially for the rootdn, should
# be avoided. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
# rootpw secret
# rootpw {crypt}ijFYNcSNctBYg
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory /var/lib/ldap
# Indices to maintain for this database
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
# Replicas of this database
#replogfile /var/lib/ldap/openldap-master-replog
#replica host=ldap-1.example.com:389 starttls=critical
# bindmethod=sasl saslmech=GSSAPI
# authcId=host/ldap-master.example.com@EXAMPLE.COMa
database bdb
suffix "dc=example1,dc=com"
rootdn "cn=Manager,dc=example1,dc=com"
rootpw {SSHA}noidea
directory /var/lib/ldap/example1.com
database bdb
suffix "dc=example2,dc=com"
rootdn "cn=Manager,dc=example2,dc=com"
rootpw {SSHA}cantremember
directory /var/lib/ldap/example2.com
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
