Hello Diego,
thx 4 ur hint. I followed this one and created root in the directory.
But I wonder if this is nessasary, cause I have rootdn and password in
my slapd.conf. I know its insecure, but for other applications like
Firefox/Thunderbird and Evolution its works and I can logon to the ldap
directory.
But either way, I did. The result is, it still does not work. Here there
is a part of the debug output:
OpenCA::LDAP->add_object: may st
OpenCA::LDAP->add_object: structural organization
OpenCA::LDAP->add_object: structural pkiUser
OpenCA::LDAP->add_object: structural pkiCA
OpenCA::LDAP->add_object: Must setup a CA-cert
OpenCA::LDAP->add_object: The resultcode of the nodeinsertion was 53
DBD::mysql::st execute failed: Unknown character set: 'ISO-8859-1' at
/usr/modules/perl5/OpenCA/DBI.pm line 2544.
DBD::mysql::st execute failed: Unknown character set: 'ISO-8859-1' at
/usr/modules/perl5/OpenCA/DBI.pm line 2544.
DBD::mysql::st execute failed: Unknown character set: 'ISO-8859-1' at
/usr/modules/perl5/OpenCA/DBI.pm line 2544.
OpenCA::LDAP->add_object: Started add_object ...
OpenCA::LDAP->add_object: certificate present ...
OpenCA::LDAP->add_object: role ok ...
OpenCA::LDAP->add_object: Information of the Object:
OpenCA::LDAP->add_object: dn
[EMAIL PROTECTED],CN=blaundblub.com,OU=CA,O=blaundblub.com,C=DE
OpenCA::LDAP->add_object: cn blaundblub.com
OpenCA::LDAP->add_object: serID 2147483647
OpenCA::LDAP->add_object: email [EMAIL PROTECTED]
OpenCA::LDAP->add_object: ou ARRAY(0xa03177c)
OpenCA::LDAP->add_object: o blaundblub.com
OpenCA::LDAP->add_object: l
OpenCA::LDAP->add_object: st
OpenCA::LDAP->add_object: c DE
OpenCA::LDAP->add_object: End of the information of the Object
OpenCA::LDAP->connect: ldap3://localhost:389
OpenCA::LDAP->get_dn called
OpenCA::LDAP->get_dn: dn:
[EMAIL PROTECTED],CN=blaundblub.com,OU=CA,O=blaundblub.com,C=DE
OpenCA::LDAP->get_dn: successfully finished
OpenCA::LDAP->get_suffix: get_suffix called for X500::DN=ARRAY(0xa033bdc)
OpenCA::LDAP->get_suffix: suffixes loaded
OpenCA::LDAP->get_dn called
OpenCA::LDAP->get_dn: dn: o=blaundblub.com, c=DE
OpenCA::LDAP->get_dn: successfully finished
OpenCA::LDAP->compare_dn: called
OpenCA::LDAP->compare_dn: looping
OpenCA::LDAP->compare_dn: successfully finished
OpenCA::LDAP->get_suffix: successfully finished
OpenCA::LDAP->get_path: called
OpenCA::LDAP->get_path: successfully finished
OpenCA::LDAP->add_object: Building the missing nodes of the LDAP-tree ...
OpenCA::LDAP->add_object: Try to add o=blaundblub.com, c=DE ...
attribute: o
value: blaundblub.com
OpenCA::LDAP->add_object: LDAP Schema DN: o=blaundblub.com, c=DE
OpenCA::LDAP->add_object: node doesn't exist
OpenCA::LDAP->add_object: fixing attributes
OpenCA::LDAP->add_object: search for matching schema - o
I dont know where to look 4 the mistake. Maybe he's got a problem with
the country. Cause when I have a look into the ldap directory using gq
and examine my dcObject blaundblub, it does not have a country. If I
completely erase the ldap and try to reinitialize it :
dn: dc=blaundblub,dc=com
objectclass: dcObject
objectclass: organization
o: blaundblub.com
c: DE
dc: blaundblub
... I get an error :
ldap_add: Object class violation (65)
additional info: attribute 'c' not allowed
By the way, the error in the webfrontend says :
no global superior knowledge
Any more ideas ?
Thx in advance.
Diego de Felice wrote:
I don't understand error message because they are in german, but you
said in the last email that you created this two:
dn: dc=blaundblub,dc=com
objectclass: dcObject
objectclass: organization
o: blaundblub.com
dc: blaundblub
dn: cn=testuser,dc=blaundblub,dc=com
objectclass: organizationalRole
cn: testuser
but, I think you must create also the root DN:
dn: cn=root, dc=blaundblub,dc=com
cn: root
userPassword: verydifficultpassword
objectClass: top
objectClass: organizationalRole
objectClass: simpleSecurityObject
Jan Roesner
[EMAIL PROTECTED]
-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server.
Download it for free - -and be entered to win a 42" plasma tv or your very
own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
