I am trying to get the rootDSE to work in openldap but phpldapadmin is
coming back with:
"Could not determine the root of your LDAP tree.
It appears that the LDAP server has been configured to not reveal its root.
Please specify it in config.php"
Here is my slapd.conf:
##### Schema
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/openldap.schema
include /etc/openldap/schema/redhat/autofs.schema
##### Allow LDAP v2
allow bind_v2
##### Some files
pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args
rootDSE /var/lib/ldap/rootdse.ldif
##### Global access control
access to attrs=userPassword
by self write
by * auth
##### Databases
##### LANNet
database bdb
suffix "dc=lannet,dc=com,dc=au"
directory /var/lib/ldap
mode 0600
rootdn XXX
rootpw YYY
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
access to attrs=telephoneNumber,
facsimileTelephoneNumber,
mobile,
street,
l,
st,
postOfficeBox,
postalCode,
o
by self write
by * read
##### Buller
database bdb
suffix "dc=buller,dc=com,dc=au"
directory /var/lib/ldap
mode 0600
rootdn XXX
rootpw YYY
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
access to attrs=telephoneNumber,
facsimileTelephoneNumber,
mobile,
street,
l,
st,
postOfficeBox,
postalCode,
o
by self write
by * read
and here is my rootdse.ldif:
dn:
namingContexts: dc=lannet,dc=com,dc=au
namingContexts: dc=buller,dc=com,dc=au
What I am trying to achieve is to get multiple suffix dn into the
directory structure. I can populate the database with slapadd, but when
I run slapcat with the -b "<suffix>" option I see all of the entries not
just the one for the suffix, but when I run ldapsearch I don't get much
even though slapcat produces output:
# ldapsearch -x -b "dc=lannet,dc=com,dc=au"
# extended LDIF
#
# LDAPv3
# base <dc=lannet,dc=com,dc=au> with scope sub
# filter: (objectclass=*)
# requesting: ALL
#
# search result
search: 2
result: 0 Success
# numResponses: 1
Should the rootDSE file have more entries - if so, what?
Thoughts and clues, please.
--
Howard.
LANNet Computing Associates - Your Linux people <http://lannetlinux.com>
--
When you want a computer system that works, just choose Linux;
When you want a computer system that works, just, choose Microsoft.
--
Flatter government, not fatter government; abolish the Australian states.
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
