> On Apr 5, 2017, at 10:00 PM, Gigen Thomas <[email protected]> wrote: > > I am trying to install directory-fortress-core with openldap-2.4.31 and am > following the instructions from > https://github.com/apache/directory-fortress-core/blob/master/README.md >
Hello Gigen, welcome! > > On Apr 5, 2017, at 10:00 PM, Gigen Thomas <[email protected]> wrote: > > What's missing in the above referenced documentation is that open ldap 2.4 > and above versions uses the dynamic config and hence require the conversion > of slapd.conf The usage of the openldap dynamic config is not yet required and so the static config (slapd.conf) continues to work. Regardless, you should be able to use either option. > On Apr 5, 2017, at 10:00 PM, Gigen Thomas <[email protected]> wrote: > > and here's command that I use for the conversion: > > sudo -u openldap slaptest -f slapd.conf -F slapd.d -v > > 58e59f4d slapd.conf: line 67: rootdn is always granted unlimited privileges. > 58e59f4d mdb_db_open: database "cn=log" cannot be opened, err 2. Restore from > backup! > 58e59f4d backend_startup_one (type=mdb, suffix="cn=log"): bi_db_open failed! > (2) > slap_startup failed (test would succeed using the -u switch) > > The Conversion fails to create the required databases ( log and fortress ) > > Have checked permissions on the various ldap folders and have not been able > to resolve this. Hoping that someone on this mailing list has run into this. > Any help will be greatly appreciated !! I don’t have much experience with the dynamic configuration utility in slapd so this specific error is unfamiliar, but I can offer some ideas. There’s a problem with the slapd history DB setup used by fortress' audit log. What is the config for yours? For example, the README has this: # History DB Settings (optional) database mdb … directory "/var/openldap/hist" Here we see a DB that has been mapped to the /var/openldap/hist folder. Does that corresponding folder exist on your machine and does it have the proper permissions to allow your openldap user write access? Thanks, Shawn
