Hello Diego, I don't know if what you did is valid, but I will check it out.
Thanks, Johnny --- "Diego I. Rosso" <[EMAIL PROTECTED]> escribi�: > Johnny, five minutes ago i have the same problems... > i debug ldap and find this, when openca whant to > install CA Certificates intro Ldap, it's try to do > with email address, no with serial number like the > other certificates. What I do... i don't know well > if it's right, i use ADD LDAP WITH MODIFIED DN and > change this > > [EMAIL PROTECTED],CN=Ac de > Prueba,OU=Nuevo,O=Empresa,C=AR (for example) > > to this > > serialnumber=0,CN=Ac de > Prueba,OU=Nuevo,O=Empresa,C=AR > With this change i could import CA certificates into > ldap > > Johnny, como veras mi ingles no es el mejor de > todos.. si prefieres seguimos en castellano, ahh > sobre los esquemas duplicados... me paso lo mismo > estan los mismos object en el openca.schema como en > el core.schema si mal no recuerdo. Espero te sirva > > > > > > ----- Original Message ----- > From: Johnny Gonzalez > To: [EMAIL PROTECTED] > Sent: Friday, July 23, 2004 1:50 PM > Subject: [Openca-Users] Is there a OpenCA-OpenLDAP > step by step config guide?? > > > Hello, > > I'm trying to Update LDAP using the Interface > provided > by http://localhost/ldap and the link > CA-Certificates > but appears this error message: > > Certificate 0 FAILED (error -4: Distinguished name > conflicts with basedn(s).) > > What's going on? > My /etc/openldap/ldap.conf files has these > options: > > SIZELIMIT 12 > TIMELIMIT 15 > #DEREF never > #BASE dc=ubiquando,dc=com > #basedn "dc=ubiquando,dc=com" > BINDDN cn=Manager,o=ubiquando,ou=CO > > BASE o=ubiquando,c=CO > > HOST 192.168.0.253 > PORT 389 > > > ldaproot "cn=Manager,o=ubiquando,c=CO" > ldappwd "U8rmtQVDhrbNyi6GMS2SIVtGAIBxEcJD" > > > and in the file: /etc/openldap/slapd.conf: > > include /etc/openldap/schema/core.schema > include /etc/openldap/schema/cosine.schema > include > /etc/openldap/schema/inetorgperson.schema > include /etc/openldap/schema/nis.schema > include > /etc/openldap/schema/redhat/autofs.schema > > > # Allow LDAPv2 client connections. This is NOT > the > default. > allow bind_v2 > > # Do not enable referrals until AFTER you have a > working directory > # service AND an understanding of referrals. > #referral ldap://root.openldap.org > > pidfile /var/run/slapd.pid > > > access to * by * read > > ####################################################################### > # ldbm and/or bdb database definitions > > ####################################################################### > > database ldbm > readonly off > suffix "o=ubiquando,c=CO" > rootdn "cn=Manager,o=ubiquando,c=CO" > rootpw > {SSHA}U8rmtQVDhrbNyi6GMS2SIVtGAIBxEcJD > > directory /var/lib/ldap > > # Indices to maintain for this database > index objectClass eq,pres > index ou,cn,mail,surname,givenname > eq,pres,sub > index uidNumber,gidNumber,loginShell eq,pres > index uid,memberUid > eq,pres,sub > index nisMapName,nisMapEntry > eq,pres,sub > > LDAP "yes" > > ## LDAP Server Name > ldapserver localhost > > ldapversion 2 > ## ldapversion 3 > > ## LDAP Port Number ( defaults to 389 ) > ldapport 389 > > ## LDAP Maximum number of records returned by a > query > ldaplimit 100 > > ## Now the LDAP default base dn > basedn "o=ubiquando, c=CO" > > ## Let's define the privileged Account Allowed to > Modify the LDAP entries > ldaproot "cn=Manager,o=ubiquando,c=CO" > ldappwd "ubiquando" > > ## Let's define some Directory Env > ## supposed to find there the bin/, sbin/ > directory > #ldapbasedir "/usr/local/ldap" > > #ldapbasedir "/usr/local/ldap" > > LDAP_CRL_Issuer "" > LDAP_CA_DN "" > > 1. Is this configuration, ok? > > 2. I don't know why it says that the distinguished > name conflicts with basedn(s). Which distinguished > name? the one for the certificate I'm trying to > Update in LDAP? > > 3. I haven't modified anything in OpenCA, like > adding > elements to the certificates, like for saying i'm > omiting an element or something, so what happens? > > 4. Following the tips that Oliver gave me I added > this > line to the slapd.conf file: > > include /etc/openldap/schema/openca.schema > > > But when I try to restart openldap appears this > error > message: > > [EMAIL PROTECTED] httpd]# service ldap restart > Parando slapd: [ > OK > ] > Iniciando slapd: > /etc/openldap/schema/openca.schema: > line 122: Duplicate objectClass: "2.5.6.21" > > > [FALL�] > > Notes: > Parando = stoping > Iniciando = starting > FALL� = FAILED > > When I take out the line: > > > include /etc/openldap/schema/openca.schema > > back again from the file, the error message > appears > again. > > 5. Can anyone give me the address of a > step-by-step > === message truncated === ______________________________________________ Yahoo! lanza su nueva tecnolog�a de b�squedas �te atreves a comparar? http://busquedas.yahoo.es ------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
