yes
On Thu, Aug 20, 2015 at 10:39 PM, Abdelkader Chelouah <[email protected]>
wrote:
> On 20/08/2015 18:23, Aneela Saleem wrote:
>
> 55d5ff01 str2entry: entry -1 has multiple DNs "cn=config" and
> "cn=module{0},cn=config"
>
>
> On Thu, Aug 20, 2015 at 8:30 PM, Aneela Saleem <[email protected]>
> wrote:
>
>> 5/ Imports the new configuration
>>
>> slapadd -F /path/to/slapd.d -n 0 -l config.ldif
>>
>> I get the following error:
>>
>> slapadd: could not add entry dn="cn=config" (line=1):
>> _ 1.03% eta none elapsed none spd
>> 4.2 M/s
>> Closing DB...
>>
>> On Thu, Aug 20, 2015 at 2:11 AM, Abdelkader Chelouah <
>> <[email protected]>[email protected]> wrote:
>>
>>> On 19/08/2015 20:32, Aneela Saleem wrote:
>>>
>>> Anyone there? Please help me getting out of this problem
>>>
>>> On Wed, Aug 19, 2015 at 1:29 AM, Aneela Saleem <
>>> <[email protected]>[email protected]> wrote:
>>>
>>>> this is my /etc/ldap/ldap.conf file:
>>>>
>>>> BASE dc=platalytics,dc=com
>>>>
>>>> URI ldap://127.0.0.1
>>>>
>>>> TLS_CACERT /etc/ldap/cacert.pem
>>>>
>>>>
>>>> On Wed, Aug 19, 2015 at 1:07 AM, Aneela Saleem <
>>>> <[email protected]>[email protected]> wrote:
>>>>
>>>>> Still i get following error:
>>>>>
>>>>> modifying entry "cn=config"
>>>>> ldap_result: Can't contact LDAP server (-1)
>>>>>
>>>>>
>>>>> On Wed, Aug 19, 2015 at 12:34 AM, Abdelkader Chelouah <
>>>>> <[email protected]>[email protected]> wrote:
>>>>>
>>>>>> On 18/08/2015 20:27, Aneela Saleem wrote:
>>>>>>
>>>>>> I get following result
>>>>>>
>>>>>> ldap_initialize( ldap://localhost:389/??base )
>>>>>> dn:cn=admin,cn=config
>>>>>> Result: Success (0)
>>>>>>
>>>>>>
>>>>>> On Tue, Aug 18, 2015 at 11:24 PM, Abdelkader Chelouah <
>>>>>> <[email protected]>[email protected]> wrote:
>>>>>>
>>>>>>> On 18/08/2015 20:11, Aneela Saleem wrote:
>>>>>>>
>>>>>>> When i add below file i.e., ssl_mod.ldif
>>>>>>>
>>>>>>> *dn: cn=config*
>>>>>>> *changetype: modify*
>>>>>>> *add: olcTLSCACertificateFile*
>>>>>>> *olcTLSCACertificateFile: /etc/ldap/cacert.pem*
>>>>>>> *-*
>>>>>>> *add: olcTLSCertificateFile*
>>>>>>> *olcTLSCertificateFile: /etc/ldap/servercrt.pem*
>>>>>>> *-*
>>>>>>> *add: olcTLSCertificateKeyFile*
>>>>>>> *olcTLSCertificateKeyFile: /etc/ldap/serverkey.pem*
>>>>>>> *-*
>>>>>>> *add: olcTLSCipherSuite*
>>>>>>> *olcTLSCipherSuite: HIGH:MEDIUM:!SSLv3:!SSLv2*
>>>>>>>
>>>>>>> using following command:
>>>>>>>
>>>>>>> ldapmodify -h localhost -p 389 -D "cn=admin,cn=config" -w 123 -f
>>>>>>> mod_ssl.ldif
>>>>>>>
>>>>>>> i get ldap_result: Can't contact LDAP server (-1) error.
>>>>>>>
>>>>>>> Although LDAP is running. I can run following command i.e.,
>>>>>>>
>>>>>>> ldapsearch -h localhost -p 389 -D "cn=admin,dc=platalytics,dc=com"
>>>>>>> -w 123 -b "dc=platalytics,dc=com" "objectclass=*"
>>>>>>>
>>>>>>> How can i make ldaps work?
>>>>>>>
>>>>>>> On Tue, Aug 18, 2015 at 7:37 PM, Aneela Saleem <
>>>>>>> <[email protected]>[email protected]> wrote:
>>>>>>>
>>>>>>>> Where i can find the logs?
>>>>>>>>
>>>>>>>> On Tue, Aug 18, 2015 at 7:36 PM, Aneela Saleem <
>>>>>>>> <[email protected]>[email protected]> wrote:
>>>>>>>>
>>>>>>>>> I wrote the above lines in olcDatabase={0}config.ldif file. When i
>>>>>>>>> restart slapd it gets failed.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Tue, Aug 18, 2015 at 7:14 PM, Aneela Saleem <
>>>>>>>>> <[email protected]>[email protected]> wrote:
>>>>>>>>>
>>>>>>>>>> Which file i need to write this in?
>>>>>>>>>>
>>>>>>>>>> On Tue, Aug 18, 2015 at 7:09 PM, Abdelkader Chelouah <
>>>>>>>>>> <[email protected]>[email protected]> wrote:
>>>>>>>>>>
>>>>>>>>>>> On 18/08/2015 16:05, Aneela Saleem wrote:
>>>>>>>>>>>
>>>>>>>>>>> I have no slapd.conf. I have cn=conf
>>>>>>>>>>>
>>>>>>>>>>> On Tue, Aug 18, 2015 at 6:54 PM, Abdelkader Chelouah <
>>>>>>>>>>> <[email protected]>[email protected]> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> On 18/08/2015 15:51, Aneela Saleem wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> Thanks Michael and Abdelkader.
>>>>>>>>>>>>
>>>>>>>>>>>> Abdelkaded the link you provided is for slapd.conf
>>>>>>>>>>>> distribution. Can you please guide me how to do "cn=config"
>>>>>>>>>>>> distribution?
>>>>>>>>>>>>
>>>>>>>>>>>> On Tue, Aug 18, 2015 at 6:45 PM, Abdelkader Chelouah <
>>>>>>>>>>>> <[email protected]>[email protected]> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> On 18/08/2015 15:41, Michael Ströder wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Aneela Saleem wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Can anyone please provide me some link for enabling "ldaps"
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> <http://www.openldap.org/doc/admin24/tls.html>
>>>>>>>>>>>>>> http://www.openldap.org/doc/admin24/tls.html
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Ciao, Michael.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> or <http://www.openldap.org/faq/data/cache/185.html>
>>>>>>>>>>>>> http://www.openldap.org/faq/data/cache/185.html
>>>>>>>>>>>>>
>>>>>>>>>>>>> regards
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> You can convert a slapd.conf to cn=config using slaptest
>>>>>>>>>>>>
>>>>>>>>>>>> slaptest -f path/to/slapd.conf -F path/to/slapd.d
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> # cn=config
>>>>>>>>>>> dn: cn=config
>>>>>>>>>>> objectClass: olcGlobal
>>>>>>>>>>> cn: config
>>>>>>>>>>> ...
>>>>>>>>>>> olcTLSCACertificateFile: /path/to/cacert
>>>>>>>>>>> olcTLSCertificateFile: /path/to/cert
>>>>>>>>>>> olcTLSCertificateKeyFile: /path/to/key
>>>>>>>>>>> olcTLSCipherSuite: HIGH:MEDIUM:!SSLv3:!SSLv2
>>>>>>>>>>> ...
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>> Can you run
>>>>>>>
>>>>>>> ldapwhoami -vxD cn=admin,cn=config -w 123 -H ldap://localhost:389
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>> Ok, retry the "ldapmodify" command using
>>>>>>
>>>>>> ldapmodify -xD cn=admin,cn=config -w 123 -H ldap://localhost:389 -f
>>>>>> mod_ssl.ldif
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>> There is something wrong with your setup.
>>>
>>> 1/ Stops your instance
>>> 2/ Exports your configuration
>>>
>>> slapcat -F /path/to/slapd.d -n 0 -l config.ldif
>>>
>>> 3/ Performs the modification directly on config.ldif
>>> 4/ Removes the old configuration
>>>
>>> rm -rf /path/to/slapd.d/*
>>>
>>> 5/ Imports the new configuration
>>>
>>> slapadd -F /path/to/slapd.d -n 0 -l config.ldif
>>>
>>> 6/ Starts your instance
>>>
>>
>>
> Did you removed the content of /path/to/slapd.d ?
>
