Error with LDAP on CentOS. ldapadd returns: Invalid DN syntax (34)

Abakus · 08-22-2012, 04:11 AM

Hi

I'm trying to install and setup LDAP using the example of :
http://www.howtoforge.com/linux_open..._server_client

This is my file:

Code:

/etc/openldap/warehouse.co.za.ldif

dn: dc=warehouse,dc=co,dc=za
dc: warehouse
description: LDAP Admin
objectClass: dcObject
objectClass: organizationalUnit
ou: rootobject

dn: ou=People, dc=warehouse,dc=co,dc=za
ou: People
description: Users of Warehouse
objectClass: organizationalUnit

This is my command:

Code:

ldap]# ldapadd -x -D "cn=Manager,dc=warehouse,dc=co,dc=za" -W -f  /etc/openldap/warehouse.co.za.ldif

This is my results:

Code:

Enter LDAP Password: 
ldap_bind: Invalid DN syntax (34)
	additional info: invalid DN
ldap]#

Results from slapd (with debug on):

Code:

daemon: activity on 1 descriptor
daemon: activity on:
slap_listener_activate(8): 
daemon: epoll: listen=7 active_threads=0 tvp=NULL
daemon: epoll: listen=8 busy
daemon: epoll: listen=9 active_threads=0 tvp=NULL
>>> slap_listener(ldap:///)
daemon: activity on 1 descriptor
daemon: activity on:daemon: listen=8, new connection on 10

daemon: epoll: listen=7 active_threads=0 tvp=NULL
daemon: epoll: listen=8 active_threads=0 tvp=NULL
daemon: epoll: listen=9 active_threads=0 tvp=NULL
daemon: added 10r (active) listener=(nil)
conn=1004 fd=10 ACCEPT from IP=[::1]:33384 (IP=[::]:389)
daemon: activity on 2 descriptors
daemon: activity on: 10r
daemon: read active on 10
daemon: epoll: listen=7 active_threads=0 tvp=NULL
daemon: epoll: listen=8 active_threads=0 tvp=NULL
daemon: epoll: listen=9 active_threads=0 tvp=NULL
connection_get(10): got connid=1004
connection_read(10): checking for input on id=1004
ber_get_next
ldap_read: want=8, got=8
  0000:  30 37 02 01 01 60 32 02                            07...`2.          
ldap_read: want=49, got=49
  0000:  01 03 04 23 63 6e 3d 4d  61 6e 61 67 65 72 2c 64   ...#cn=Manager,d  
  0010:  63 3d 77 61 72 65 68 6f 75 73 65 2c 64 63 3d 63   c=warehouse,dc=c  
  0020:  6f 2c 64 63 3d 7a 61 80  08 31 32 33 34 61 61 61   o,dc=za..1234aaa  
  0030:  73                                                 s                 
ber_get_next: tag 0x30 len 55 contents:
ber_dump: buf=0x7f66a0000960 ptr=0x7f66a0000960 end=0x7f66a0000997 len=55
  0000:  02 01 01 60 32 02 01 03  04 23 63 6e 3d 4d 61 6e   ...`2....#cn=Man  
  0010:  61 67 65 72 2c 64 63 3d  77 61 72 65 68 6f 75 73   ager,dc=warehous  
  0020:  65 2c 64 63 3d 63 6f 2c  64 63 3d 7a 61 80 08 31   e,dc=co,dc=za..1  
  0030:  32 33 34 61 61 61 73                               234aaas           
op tag 0x60, time 1345624793
ber_get_next
ldap_read: want=8 error=Resource temporarily unavailable
conn=1004 op=0 do_bind
ber_scanf fmt ({imt) ber:
ber_dump: buf=0x7f66a0000960 ptr=0x7f66a0000963 end=0x7f66a0000997 len=52
  0000:  60 32 02 01 03 04 23 63  6e 3d 4d 61 6e 61 67 65   `2....#cn=Manage  
  0010:  72 2c 64 63 3d 77 61 72  65 68 6f 75 73 65 2c 64   r,dc=warehouse,d  
  0020:  63 3d 63 6f 2c 64 63 3d  7a 61 80 08 31 32 33 34   c=co,dc=za..1234  
  0030:  61 61 61 73                                        aaas              
ber_scanf fmt (m}) ber:
ber_dump: buf=0x7f66a0000960 ptr=0x7f66a000098d end=0x7f66a0000997 len=10
  0000:  00 08 31 32 33 34 61 61  61 73                     ..1234aaas        
>>> dnPrettyNormal: <cn=Manager,dc=warehouse,dc=co,dc=za>
daemon: activity on 1 descriptor
daemon: activity on:
conn=1004 op=0 do_bind: invalid dn (cn=Manager,dc=warehouse,dc=co,dc=za)
daemon: epoll: listen=7 active_threads=0 tvp=NULL
daemon: epoll: listen=8 active_threads=0 tvp=NULL
daemon: epoll: listen=9 active_threads=0 tvp=NULL
send_ldap_result: conn=1004 op=0 p=3
send_ldap_response: msgid=1 tag=97 err=34
ber_flush2: 24 bytes to sd 10
  0000:  30 16 02 01 01 61 11 0a  01 22 04 00 04 0a 69 6e   0....a..."....in  
  0010:  76 61 6c 69 64 20 44 4e                            valid DN          
ldap_write: want=24, written=24
  0000:  30 16 02 01 01 61 11 0a  01 22 04 00 04 0a 69 6e   0....a..."....in  
  0010:  76 61 6c 69 64 20 44 4e                            valid DN          
conn=1004 op=0 RESULT tag=97 err=34 text=invalid DN
daemon: activity on 1 descriptor
daemon: activity on: 10r
daemon: read active on 10
daemon: epoll: listen=7 active_threads=0 tvp=NULL
daemon: epoll: listen=8 active_threads=0 tvp=NULL
daemon: epoll: listen=9 active_threads=0 tvp=NULL
connection_get(10): got connid=1004
connection_read(10): checking for input on id=1004
ber_get_next
ldap_read: want=8, got=0

ber_get_next on fd 10 failed errno=0 (Success)
connection_read(10): input error=-2 id=1004, closing.
connection_closing: readying conn=1004 sd=10 for close
connection_close: conn=1004 sd=10
daemon: activity on 1 descriptor
daemon: activity on:
daemon: removing 10
conn=1004 fd=10 closed (connection lost)
daemon: epoll: listen=7 active_threads=0 tvp=NULL
daemon: epoll: listen=8 active_threads=0 tvp=NULL
daemon: epoll: listen=9 active_threads=0 tvp=NULL

I am stuck, not sure how to fix this issue.

acid_kewpie · 08-22-2012, 04:51 AM

It doesn't feel like an "invalid syntax" scenario, but your bind DN is underneath the DN you're trying to add, which doesn't seem to make sense. How can you use that account without the dc it's in existing?

Abakus · 08-22-2012, 05:03 AM

No, sorry, I don't understand. Please elaborate.