Re: No such object error after converting from 2.0.27 to 2.3.32

Buchan Milne Wed, 04 Jul 2007 09:10:41 -0700

On Wednesday, 4 July 2007, Brian Gaber wrote:
> Took the slapcat output from version 2.0.27 (ldbm) to version 2.3.32
> (bdm). Used /usr/local/bin/slapadd on 2.3.32 and am using Berkeley
> 4.5.20. The slapadd works fine. Then I issued chown ldap:ldap on the
> /var/lib/ldap-2.3.32 directory and files. Any type of ldapsearch results
> in a 32 no such object. The identical ldapsearch on the old ldap works
> fine.
>
> Search:
> /usr/local/bin/ldapsearch -h 10.16.13.85 -x -b o=pwgsc -s sub uid=gaberb
>
> Slapd.conf:
> include /usr/local/etc/openldap/schema/core.schema
> include /usr/local/etc/openldap/schema/cosine.schema
> include /usr/local/etc/openldap/schema/inetorgperson.schema
> include /usr/local/etc/openldap/schema/nis.schema
> include /usr/local/etc/openldap/schema/fw1ng.schema
>
> pidfile         /usr/local/var/run/slapd.pid
> argsfile        /usr/local/var/run/slapd.args
>
> allow bind_v2
> #loglevel 296
>
> sizelimit 500000
> access        to *
>   by self write
>   by peername=10.16.13.84 write
>   by peername=10.16.13.81 read
>   by peername=10.16.13.82 read
>   by peername=10.16.13.83 read
>   by peername=10.16.13.85 read
>   by peername=10.16.13.86 read
>
> database         bdb
> suffix                "o=pwgsc"
> rootdn                "cn=admin,o=pwgsc"
> rootpw                {CRYPT}iWkhys7q1iVpM
> directory     /var/lib/ldap-2.3.32
>
> # Indices to maintain
> index objectClass,uid,uidNumber,gidNumber,memberUid   eq
> index cn,mail,surname,givenname                       eq,subinitial
>
> # Master from which we should accept changes
> updatedn "cn=admin,o=pwgsc"
> updateref ldap://10.16.13.84
>
> Log:
>
> do_bind: v3 anonymous bind


To check if your ACLs need to be upgraded to more recent syntax, please try 
the search as rootdn. If it works, your peername clauses may need adjustment, 
e.g. to 'by peername.ip=xxx.xxx.xxx.xxx read'

If the search does not succeed as rootdn, then it may be worthwhile doing an 
ldapsearch from the 2.0.x, and ldapadd'ing this on the 2.3.x, to see if you 
may have missing data above the data you need (which slapadd may allow in, 
but slapd won't let out).

Regards,
Buchan

-- 
Buchan Milne
ISP Systems Specialist - Monitoring/Authentication Team Leader
B.Eng,RHCE(803004789010797),LPIC-2(LPI000074592)
http://en.wikipedia.org/wiki/List_of_Internet_slang_phrases

pgpuarKejHOZ9.pgp
Description: PGP signature

Re: No such object error after converting from 2.0.27 to 2.3.32

Reply via email to