55d5ff01 str2entry: entry -1 has multiple DNs "cn=config" and
"cn=module{0},cn=config"On Thu, Aug 20, 2015 at 8:30 PM, Aneela Saleem <[email protected]> wrote: > 5/ Imports the new configuration > > slapadd -F /path/to/slapd.d -n 0 -l config.ldif > > I get the following error: > > slapadd: could not add entry dn="cn=config" (line=1): > _ 1.03% eta none elapsed none spd 4.2 > M/s > Closing DB... > > On Thu, Aug 20, 2015 at 2:11 AM, Abdelkader Chelouah <[email protected] > > wrote: > >> On 19/08/2015 20:32, Aneela Saleem wrote: >> >> Anyone there? Please help me getting out of this problem >> >> On Wed, Aug 19, 2015 at 1:29 AM, Aneela Saleem <[email protected]> >> wrote: >> >>> this is my /etc/ldap/ldap.conf file: >>> >>> BASE dc=platalytics,dc=com >>> >>> URI ldap://127.0.0.1 >>> >>> TLS_CACERT /etc/ldap/cacert.pem >>> >>> >>> On Wed, Aug 19, 2015 at 1:07 AM, Aneela Saleem < >>> <[email protected]>[email protected]> wrote: >>> >>>> Still i get following error: >>>> >>>> modifying entry "cn=config" >>>> ldap_result: Can't contact LDAP server (-1) >>>> >>>> >>>> On Wed, Aug 19, 2015 at 12:34 AM, Abdelkader Chelouah < >>>> [email protected]> wrote: >>>> >>>>> On 18/08/2015 20:27, Aneela Saleem wrote: >>>>> >>>>> I get following result >>>>> >>>>> ldap_initialize( ldap://localhost:389/??base ) >>>>> dn:cn=admin,cn=config >>>>> Result: Success (0) >>>>> >>>>> >>>>> On Tue, Aug 18, 2015 at 11:24 PM, Abdelkader Chelouah < >>>>> <[email protected]>[email protected]> wrote: >>>>> >>>>>> On 18/08/2015 20:11, Aneela Saleem wrote: >>>>>> >>>>>> When i add below file i.e., ssl_mod.ldif >>>>>> >>>>>> *dn: cn=config* >>>>>> *changetype: modify* >>>>>> *add: olcTLSCACertificateFile* >>>>>> *olcTLSCACertificateFile: /etc/ldap/cacert.pem* >>>>>> *-* >>>>>> *add: olcTLSCertificateFile* >>>>>> *olcTLSCertificateFile: /etc/ldap/servercrt.pem* >>>>>> *-* >>>>>> *add: olcTLSCertificateKeyFile* >>>>>> *olcTLSCertificateKeyFile: /etc/ldap/serverkey.pem* >>>>>> *-* >>>>>> *add: olcTLSCipherSuite* >>>>>> *olcTLSCipherSuite: HIGH:MEDIUM:!SSLv3:!SSLv2* >>>>>> >>>>>> using following command: >>>>>> >>>>>> ldapmodify -h localhost -p 389 -D "cn=admin,cn=config" -w 123 -f >>>>>> mod_ssl.ldif >>>>>> >>>>>> i get ldap_result: Can't contact LDAP server (-1) error. >>>>>> >>>>>> Although LDAP is running. I can run following command i.e., >>>>>> >>>>>> ldapsearch -h localhost -p 389 -D "cn=admin,dc=platalytics,dc=com" -w >>>>>> 123 -b "dc=platalytics,dc=com" "objectclass=*" >>>>>> >>>>>> How can i make ldaps work? >>>>>> >>>>>> On Tue, Aug 18, 2015 at 7:37 PM, Aneela Saleem < >>>>>> <[email protected]>[email protected]> wrote: >>>>>> >>>>>>> Where i can find the logs? >>>>>>> >>>>>>> On Tue, Aug 18, 2015 at 7:36 PM, Aneela Saleem < >>>>>>> <[email protected]>[email protected]> wrote: >>>>>>> >>>>>>>> I wrote the above lines in olcDatabase={0}config.ldif file. When i >>>>>>>> restart slapd it gets failed. >>>>>>>> >>>>>>>> >>>>>>>> On Tue, Aug 18, 2015 at 7:14 PM, Aneela Saleem < >>>>>>>> <[email protected]>[email protected]> wrote: >>>>>>>> >>>>>>>>> Which file i need to write this in? >>>>>>>>> >>>>>>>>> On Tue, Aug 18, 2015 at 7:09 PM, Abdelkader Chelouah < >>>>>>>>> <[email protected]>[email protected]> wrote: >>>>>>>>> >>>>>>>>>> On 18/08/2015 16:05, Aneela Saleem wrote: >>>>>>>>>> >>>>>>>>>> I have no slapd.conf. I have cn=conf >>>>>>>>>> >>>>>>>>>> On Tue, Aug 18, 2015 at 6:54 PM, Abdelkader Chelouah < >>>>>>>>>> <[email protected]>[email protected]> wrote: >>>>>>>>>> >>>>>>>>>>> On 18/08/2015 15:51, Aneela Saleem wrote: >>>>>>>>>>> >>>>>>>>>>> Thanks Michael and Abdelkader. >>>>>>>>>>> >>>>>>>>>>> Abdelkaded the link you provided is for slapd.conf distribution. >>>>>>>>>>> Can you please guide me how to do "cn=config" distribution? >>>>>>>>>>> >>>>>>>>>>> On Tue, Aug 18, 2015 at 6:45 PM, Abdelkader Chelouah < >>>>>>>>>>> <[email protected]>[email protected]> wrote: >>>>>>>>>>> >>>>>>>>>>>> On 18/08/2015 15:41, Michael Ströder wrote: >>>>>>>>>>>> >>>>>>>>>>>>> Aneela Saleem wrote: >>>>>>>>>>>>> >>>>>>>>>>>>>> Can anyone please provide me some link for enabling "ldaps" >>>>>>>>>>>>>> >>>>>>>>>>>>> <http://www.openldap.org/doc/admin24/tls.html> >>>>>>>>>>>>> http://www.openldap.org/doc/admin24/tls.html >>>>>>>>>>>>> >>>>>>>>>>>>> Ciao, Michael. >>>>>>>>>>>>> >>>>>>>>>>>>> or <http://www.openldap.org/faq/data/cache/185.html> >>>>>>>>>>>> http://www.openldap.org/faq/data/cache/185.html >>>>>>>>>>>> >>>>>>>>>>>> regards >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> You can convert a slapd.conf to cn=config using slaptest >>>>>>>>>>> >>>>>>>>>>> slaptest -f path/to/slapd.conf -F path/to/slapd.d >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> # cn=config >>>>>>>>>> dn: cn=config >>>>>>>>>> objectClass: olcGlobal >>>>>>>>>> cn: config >>>>>>>>>> ... >>>>>>>>>> olcTLSCACertificateFile: /path/to/cacert >>>>>>>>>> olcTLSCertificateFile: /path/to/cert >>>>>>>>>> olcTLSCertificateKeyFile: /path/to/key >>>>>>>>>> olcTLSCipherSuite: HIGH:MEDIUM:!SSLv3:!SSLv2 >>>>>>>>>> ... >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>> >>>>>> Can you run >>>>>> >>>>>> ldapwhoami -vxD cn=admin,cn=config -w 123 -H ldap://localhost:389 >>>>>> >>>>>> >>>>>> >>>>> Ok, retry the "ldapmodify" command using >>>>> >>>>> ldapmodify -xD cn=admin,cn=config -w 123 -H ldap://localhost:389 -f >>>>> mod_ssl.ldif >>>>> >>>>> >>>>> >>>>> >>>> >>> >> There is something wrong with your setup. >> >> 1/ Stops your instance >> 2/ Exports your configuration >> >> slapcat -F /path/to/slapd.d -n 0 -l config.ldif >> >> 3/ Performs the modification directly on config.ldif >> 4/ Removes the old configuration >> >> rm -rf /path/to/slapd.d/* >> >> 5/ Imports the new configuration >> >> slapadd -F /path/to/slapd.d -n 0 -l config.ldif >> >> 6/ Starts your instance >> > >
