LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-14-2005, 04:48 PM   #1
Hampster
Member
 
Registered: May 2003
Location: Washington (the State)
Distribution: Ubuntu 8
Posts: 50

Rep: Reputation: 15
LDAP Newbie


Normally, I'm fairly good at figuring things our for myself, but I've come to the conclusion that ldap is a horrendous piece of $!@%@#$%@%!!!!!!

I've tried many, many on-line tutorials, removed, and reinstalled everything several times. Finally, FINALLY I was able to get a root domain installed.

I should say, all I was is an address book for everyone in the small company to use. There are maybe 2 dozen employees, add to that all the people we deal with, we are looking at 100+ names and addresses. However, things change, and we all need to know when these changes occur, hence the need for a common address book.

So, I now believe the Company is entered as the top level domain, and an 'employee' object was created. When I tried to add myself, I got several errors. First there was not "objectclass" , so I made up objectclass: person I've seen it before, and it liked it. However, it now says "Object class violation" and "additional info: attribute 'uid' not allowed"

Every single tutorial I've seen has uid in it. This is driving me bonkers.

I'm running mandrake 10.1 (Mandriva?) and I've installed LDAP using the Madrake Control Center. However, I did not use the ldap server configuration tool.

How can I get ldap to recognize the uid as an attribute? Every tutorial uses it as if it weren't a problem. Where can I learn about which attributes are allowed?

--(A very frustrated) Dave

Last edited by Hampster; 04-14-2005 at 04:50 PM.
 
Old 04-16-2005, 11:55 AM   #2
stackoverflow86
LQ Newbie
 
Registered: Jan 2002
Posts: 2

Rep: Reputation: 0
ye ldap

Im sure ldap is the alltime best thing but I sure as hell can't crack this one. The mandrake ldap tool makes it look simple to use but I could not set it up. Im using mandrake 10.1 uninstalled and installed 3 to 4 times. I just want to be able to login it with Directory administrator but do you think I could do that

I will keep trying maybe you could send me your slapd.conf and Ill try with your settings.

later james
 
Old 04-18-2005, 02:58 PM   #3
Hampster
Member
 
Registered: May 2003
Location: Washington (the State)
Distribution: Ubuntu 8
Posts: 50

Original Poster
Rep: Reputation: 15
Here is my slapd.conf file, minus the rootpw line

Code:
include /usr/share/openldap/schema/core.schema
include /usr/share/openldap/schema/cosine.schema
include /usr/share/openldap/schema/corba.schema 
include /usr/share/openldap/schema/inetorgperson.schema
include /usr/share/openldap/schema/java.schema 
include /usr/share/openldap/schema/krb5-kdc.schema
include /usr/share/openldap/schema/kerberosobject.schema
include /usr/share/openldap/schema/misc.schema
include /usr/share/openldap/schema/nis.schema
include /usr/share/openldap/schema/openldap.schema 
include /usr/share/openldap/schema/autofs.schema
include /usr/share/openldap/schema/samba.schema
include /usr/share/openldap/schema/kolab.schema
include /usr/share/openldap/schema/evolutionperson.schema
include /usr/share/openldap/schema/calendar.schema
include /usr/share/openldap/schema/sudo.schema
include /usr/share/openldap/schema/dnszone.schema
include /usr/share/openldap/schema/dhcp.schema

#include /usr/share/openldap/schema/rfc822-MailMember.schema
#include /usr/share/openldap/schema/pilot.schema
#include /usr/share/openldap/schema/qmail.schema
#include /usr/share/openldap/schema/mull.schema
#include /usr/share/openldap/schema/netscape-profile.schema
#include /usr/share/openldap/schema/trust.schema

include /etc/openldap/schema/local.schema


# Define global ACLs to disable default read access and provide default
# behaviour for samba/pam use
include         /etc/openldap/slapd.access.conf

# Provide write access to replicators, and cover access to any other
# attributes (default anonymous read access may be undesirable)
access to dn.subtree="dc=CandRinc"
        by group="cn=Replicator,ou=Group,dc=CandRinc"
        by users read
        by anonymous read
--
pidfile         /var/run/ldap/slapd.pid
argsfile        /var/run/ldap/slapd.args

modulepath      /usr/lib/openldap
#moduleload      back_dnssrv.la
#moduleload      back_ldap.la
#moduleload      back_meta.la
#moduleload      back_monitor.la
#moduleload      back_passwd.la
#moduleload      back_sql.la

# SASL config
#sasl-host ldap.example.com

# To allow TLS-enabled connections, create /etc/ssl/openldap/ldap.pem
# and uncomment the following lines.
#TLSRandFile            /dev/random
#TLSCipherSuite         HIGH:MEDIUM:+SSLv2
TLSCertificateFile      /etc/ssl/openldap/ldap.pem
TLSCertificateKeyFile   /etc/ssl/openldap/ldap.pem
#TLSCACertificatePath   /etc/ssl/openldap/
#TLSCACertificateFile    /etc/ssl/cacert.pem
TLSCACertificateFile    /etc/ssl/openldap/ldap.pem
#TLSVerifyClient never # ([never]|allow|try|demand)

# logging
#loglevel 256

#######################################################################
# database definitions
#######################################################################

database        bdb
suffix  "o=CandRinc"
#suffix "dc=CandRinc"
rootdn  "cn=Manager,o=CandRinc"
#rootdn "cn=Manager,o=CandRinc"

--

checkpoint 256 5
The company is C&R inc., hence the above name.

I was wondering if there was anything new lately that didn't make into the tutorials. For example, I have a book on PHP4, but when I started writing my DB software, PHP5 came out, and it handled sessions differently. It took an hour of googling to figure out that something broke in the update to php5. Could this be why not a single on-line tutorial has succeeded?

-Dave
 
Old 04-18-2005, 08:42 PM   #4
blueplazma
Member
 
Registered: Jun 2002
Distribution: Debian/Ubuntu
Posts: 56

Rep: Reputation: 15
It depends a lot on how you intend to use LDAP. If you want to integrate it with SAMBA there's some great documentation on the SAMBA website about that. http://us3.samba.org/samba/docs/man/Samba-Guide/
 
Old 04-19-2005, 01:03 PM   #5
Hampster
Member
 
Registered: May 2003
Location: Washington (the State)
Distribution: Ubuntu 8
Posts: 50

Original Poster
Rep: Reputation: 15
Currently, I just want a common address book for everyone. Employees, Clients, Doctors, Other Professionals. Only 6 people will have access to these 100+ names and addresses.

Eventually, I'd like to use use LDAP for Unix and Windows long-in, but that's down the line a bit.

--Dave
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LDAP: Can't contact master ldap server rulirahm Linux - Networking 2 07-14-2014 03:02 AM
LDAP server not starting as user LDAP klnasveschuk Fedora 1 02-15-2007 05:49 AM
LDAP not sure were i'm at .... paul_mat Linux - Newbie 0 06-08-2005 08:46 PM
ldap-abook unable to get street name in ldap-entry Jingle Linux - Software 1 06-06-2004 08:13 PM
ldap garorag Linux - Networking 1 03-12-2002 07:09 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 02:59 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration