sorry I forgot white line
- Ldif (correct) segreteria@tjener:~$ ldapmodify -QY EXTERNAL -H ldapi:/// -f filename.ldif > > modifying entry "cn=config" > > ldap_modify: Insufficient access (50) > > >> segreteria@tjener:~$ > > 2012/3/29 Alessandro Fama <[email protected]> > > - Ping > > segreteria@tjener:~$ ping ldap.intern >> >> PING tjener.intern (10.0.2.2) 56(84) bytes of data. >> >> 64 bytes from tjener.intern (10.0.2.2): icmp_req=1 ttl=64 time=0.035 ms >> >> 64 bytes from tjener.intern (10.0.2.2): icmp_req=2 ttl=64 time=0.046 ms >> >> 64 bytes from tjener.intern (10.0.2.2): icmp_req=3 ttl=64 time=0.071 ms >> >> 64 bytes from tjener.intern (10.0.2.2): icmp_req=4 ttl=64 time=0.047 ms >> >> 64 bytes from tjener.intern (10.0.2.2): icmp_req=5 ttl=64 time=0.047 ms >> >> 64 bytes from tjener.intern (10.0.2.2): icmp_req=6 ttl=64 time=0.048 ms >> >> 64 bytes from tjener.intern (10.0.2.2): icmp_req=7 ttl=64 time=0.059 ms >> >> ^C >> >> --- tjener.intern ping statistics --- >> >> 7 packets transmitted, 7 received, 0% packet loss, time 5998ms >> >> rtt min/avg/max/mdev = 0.035/0.050/0.071/0.012 ms >> >> segreteria@tjener:~$ >> >> >> > - Ldif > > segreteria@tjener:~$ ldapmodify -QY EXTERNAL -H ldapi:/// -f filename.ldif >> >> ldapmodify: wrong attributeType at line 5, entry "cn=config" >> >> segreteria@tjener:~$ >> >> >> > > > >> 2012/3/29 Steven Chamberlain <[email protected]> >>> >> On 29/03/12 13:25, Alessandro Fama wrote: >> > Mar 29 14:17:01 localhost nslcd[1385]: [ed7263] no available >> > LDAP server found >> >> > Mar 29 14:20:01 localhost nslcd[1385]: [68079a] >> > ldap_start_tls_s() failed: Connect error: No such file or >> > directory (uri="ldap://ldap.intern";) >> >> The LDAP service is down? So it cannot check your password. >> >> Firstly I would check you can resolve the name "host ldap.intern" and >> ping it. >> >> >> > Mar 29 14:20:30 tjener slapd[1583]: <= bdb_equality_candidates: >> > (krbPwdPolicyReference) not indexed >> >> Not sure what that is. Maybe it's harmless, or maybe it's the reason >> LDAP isn't working. >> >> >> I have no knowledge of configuring LDAP, but here is what I found: >> >> http://www.rjsystems.nl/en/2100-d6-kerberos-openldap-provider.php#cncf >> >> Item 2.3 of the cn=config section mentions that error message is due to >> a lack of 'eq' index, and 2.12 mentions adding this for that specific >> database field. >> >> So the fix may be to create an LDIF file containing: >> > dn: cn=config >> > changetype: modify >> > replace: olcLogLevel >> > olcLogLevel: stats >> > >> > add: olcDbIndex >> > olcDbIndex: krbPwdPolicyReference eq >> >> Then apply on the LDAP server with: >> # ldapmodify -QY EXTERNAL -H ldapi:/// -f filename.ldif >> >> Completely untested and no idea if this is a proper thing to do :) >> >> Regards, >> -- >> Steven Chamberlain >> [email protected] >> > > > > -- > Everything you need is already inside > -- Everything you need is already inside
