What version of OpenLDAP? You're also using ldbm which has been dropped completely from 2.4 and is not recommended in 2.2
On 9/4/08, John Nietzsche <[EMAIL PROTECTED]> wrote: > Dear members, > > I was trying to use slapd with configurations within itself, i mean: > not using /etc/openldap/slapd.conf. > > Since i could not get authentication working i decided to switch > configuration to /etc/opendalp/slapd.conf, and > > everything worked. My doube is what kinf of error i am doing ? Could > some tell me? > > Here is my ldap.ldif: > > ################################# > # # > # Global configuration settings # > # # > ################################# > > dn: cn=config > objectClass: olcGlobal > cn: config > olcIdleTimeout: 64 > olcLogLevel: -1 > olcReferral: ldap://root.openldap.org > > ############################ > # # > # Included file directives # > # # > ############################ > > dn: cn=include{0},cn=config > objectClass: olcIncludeFile > cn: include{0} > olcInclude: /etc/openldap/schema/core.schema > > dn: cn=include{1},cn=config > objectClass: olcIncludeFile > cn: include{1} > olcInclude: /etc/openldap/schema/cosine.schema > > dn: cn=include{2},cn=config > objectClass: olcIncludeFile > cn: include{2} > olcInclude: /etc/openldap/schema/corba.schema > > dn: cn=include{3},cn=config > objectClass: olcIncludeFile > cn: include{3} > olcInclude: /etc/openldap/schema/dyngroup.schema > > dn: cn=include{4},cn=config > objectClass: olcIncludeFile > cn: include{4} > olcInclude: /etc/openldap/schema/inetorgperson.schema > > dn: cn=include{5},cn=config > objectClass: olcIncludeFile > cn: include{5} > olcInclude: /etc/openldap/schema/java.schema > > dn: cn=include{6},cn=config > objectClass: olcIncludeFile > cn: include{6} > olcInclude: /etc/openldap/schema/misc.schema > > dn: cn=include{7},cn=config > objectClass: olcIncludeFile > cn: include{7} > olcInclude: /etc/openldap/schema/nis.schema > > dn: cn=include{8},cn=config > objectClass: olcIncludeFile > cn: include{8} > olcInclude: /etc/openldap/schema/openldap.schema > > dn: cn=include{9},cn=config > objectClass: olcIncludeFile > cn: include{9} > olcInclude: /etc/openldap/schema/ppolicy.schema > > ############################################################### > # # > # If openldap was compiled with support for modules, then ... # > # # > ############################################################### > > dn: cn=module{0},cn=config > objectClass: olcModuleList > cn: module{0} > olcModulePath: /usr/local/libexec/openldap > olcModuleLoad: back_ldbm.la > > #dn: cn=module{1},cn=config > #objectClass: olcModuleList > #cn: module{1} > #olcModulePath: /usr/local/libexec/openldap > #olcModuleLoad: back_ldap.la > > ################ > # # > # Schema entry # > # # > ################ > > dn: cn=schema,cn=config > objectClass: olcSchemaConfig > cn: cn=schema > > #################### > # # > # Backend # > # # > #################### > > dn: olcBackend=ldbm,cn=config > objectClass: olcBackendConfig > olcBackend: ldbm > > ############# > # # > # Databases # > # # > ############# > > dn: olcDatabase=ldbm,cn=config > objectClass: olcDatabaseConfig > objectClass: olcLdbmConfig > olcDatabase: ldbm > olcSuffix: "dc=cpd,dc=ufv,dc=br" > olcDbDirectory: /asd/var/ldap > olcDbIndex: objectClass eq > olcAccess: to * by users read > olcRootDN: "cn=Manager,dc=cpd,dc=ufv,dc=br" > olcRootPW: {SSHA}q1mH0pWNnHF0+K4hV5yOV4I7p/VfIIYs > > > END OF ldap.ldif > > Now, my slapd.conf > > [EMAIL PROTECTED] cat /etc/openldap/slapd.conf > # > # See slapd.conf(5) for details on configuration options. > # This file should NOT be world readable. > # > include /etc/openldap/schema/core.schema > > # Define global ACLs to disable default read access. > > # Do not enable referrals until AFTER you have a working directory > # service AND an understanding of referrals. > #referral ldap://root.openldap.org > > pidfile /var/run/openldap/slapd.pid > argsfile /var/run/openldap/slapd.args > > # Load dynamic backend modules: > modulepath /usr/local/libexec/openldap > # moduleload back_bdb.la > moduleload back_ldap.la > moduleload back_ldbm.la > # moduleload back_passwd.la > # moduleload back_shell.la > > # Sample security restrictions > # Require integrity protection (prevent hijacking) > # Require 112-bit (3DES or better) encryption for updates > # Require 63-bit encryption for simple bind > # security ssf=1 update_ssf=112 simple_bind=64 > > # Sample access control policy: > # Root DSE: allow anyone to read it > # Subschema (sub)entry DSE: allow anyone to read it > # Other DSEs: > # Allow self write access > # Allow authenticated users read access > # Allow anonymous users to authenticate > # Directives needed to implement policy: > # access to dn.base="" by * read > # access to dn.base="cn=Subschema" by * read > # access to * > # by self write > # by users read > # by anonymous auth > # > # if no access controls are present, the default policy > # allows anyone and everyone to read anything but restricts > # updates to rootdn. (e.g., "access to * by * read") > # > # rootdn can always read and write EVERYTHING! > > ####################################################################### > # BDB database definitions > ####################################################################### > > database ldbm > suffix "dc=cpd,dc=ufv,dc=br" > rootdn "cn=Manager,dc=cpd,dc=ufv,dc=br" > # Cleartext passwords, especially for the rootdn, should > # be avoid. See slappasswd(8) and slapd.conf(5) for details. > # Use of strong authentication encouraged. > rootpw {SSHA}q1mH0pWNnHF0+K4hV5yOV4I7p/VfIIYs > # The database directory MUST exist prior to running slapd AND > # should only be accessible by the slapd and slap tools. > # Mode 700 recommended. > directory /var/openldap-data > # Indices to maintain > index objectClass eq > > > OpenLDAP works if i am using the slapd.conf, but if i choose -F /x/y/z > it does not work. > > Thanks a lot for your time and cooperation, best regards > -- Sent from my mobile device http://www.suretecsystems.com/services/openldap/
