Paul Kölle wrote:
Again, this is NOT a successful search, there are no results.
Interesting, I thought it was successful because it didnt fail, and
naturally there *is* nothing in my database because I can't even create
the base dn..
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
From your ldapadd line, I assume you have in slapd.conf:
database bdb
suffix dc=domain,dc=net,dc=au
yes, exactly
The thing you probably missed: You don't need to and you are not allowed
to add entries *below* the "suffix" from slapd.conf as it could be
another suffix. If you try to add something like: "dn: dc=net,dc=au"
slapd searches for *immediate parents* (here: dc=au) to that entry,
either in the directory or for a "suffix" line in slapd.conf (remember,
its a tree). If it couldn't find one you get the "no global superior
knowledge" error or an "already exists" if the enty is already there.
ok
Solution:
ldif
dn: dc=domain,dc=net,dc=au
dc=domain
objectClass: top
objectClass: dcObject
objectClass: domain
objectClass: domainRelatedObject
associatedDomain: domain.net.au
dn: ou=users,dc=domain,dc=net,dc=au
ou: users
objectClass: top
objectClass: organizationalUnit
objectClass: domainRelatedObject
associatedDomain: domain.net.au
end ldif
this gives me:
cephas ~ # ldapadd -D "cn=manager,dc=domain,dc=net,dc=au" -W -f base.ldif -x
Enter LDAP Password:
ldapadd: invalid format (line 2) entry: "dc=domain,dc=net,dc=au"
slapd.conf
database bdb
suffix dc=domain,dc=net,dc=au
rootdn cn=manager,dc=domain,dc=net,dc=au
rootpw not24get
directory /var/lib/openldap-data
index objectClass eq
end slapd.conf
I copied what you suggested and started slapd. see error above.
of course this is just the configuration for that backend, you'll need
more info in slapd.conf for your server to run properly.
cheers
Paul
any ideas? I don't want to make this a huge email, but here are my
relavant configs:
*cephas ~ # sed -e 's/#.*//;/^\s*$/d' "$@" /etc/openldap/slapd.conf*
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
TLSCertificateFile /etc/ssl/ldap.pem
TLSCertificateKeyFile /etc/openldap/ssl/ldap.pem
TLSCACertificateFile /etc/ssl/ldap.pem
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
database bdb
suffix dc=domain,dc=net,dc=au
rootdn cn=manager,dc=domain,dc=net,dc=au
rootpw not24get
directory /var/lib/openldap-data
index objectClass eq
*cephas ~ # sed -e 's/#.*//;/^\s*$/d' "$@" /etc/openldap/ldap.conf*
BASE dc=domain, dc=net, dc=au
URI ldaps://localhost:636/
TLS_REQCERT allow
*cephas ~ # cat base.ldif*
dn: dc=domain,dc=net,dc=au
dc=domain
objectClass: top
objectClass: dcObject
objectClass: domain
objectClass: domainRelatedObject
associatedDomain: domain.net.au
dn: ou=users,dc=domain,dc=net,dc=au
ou: users
objectClass: top
objectClass: organizationalUnit
objectClass: domainRelatedObject
associatedDomain: domain.net.au
Thank you for your time.
--
[email protected] mailing list
