Howard Lowndes wrote:
I am trying to get the rootDSE to work in openldap but phpldapadmin is
coming back with:
"Could not determine the root of your LDAP tree.
It appears that the LDAP server has been configured to not reveal its
root.
Please specify it in config.php"
There are a number of checks to ascertain this. These checks can't be done
completely because there are additional info required but you have not
supplied them.
1. Show us the output of
# cat /etc/openldap/ldap.conf
2. #slapcat is used to check a complete 'ldif' only on localhost.
As a matter of fact,
no need to start 'slapd' to run 'slapcat', and is not affected by
'access list' in your
'slapd.conf'.
3. #ldapsearch is used to check directory address info on any server
depending on
'ldap.conf' and on the format of 'ldapsearch' command. A 'slapd' server
is required
to be running on the server being interrogated. Ldapsearch is affected
by 'access list'
in your 'slapd.conf'.
4. Also, show us the output of
#ldapsearch -x -h localhost -s base -b "" +
or
#ldapsearch -x -h <ldap-server> -s base -b "" +
Here is my slapd.conf:
##### Schema
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/openldap.schema
include /etc/openldap/schema/redhat/autofs.schema
##### Allow LDAP v2
allow bind_v2
##### Some files
pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args
rootDSE /var/lib/ldap/rootdse.ldif
##### Global access control
access to attrs=userPassword
by self write
by * auth
##### Databases
##### LANNet
database bdb
suffix "dc=lannet,dc=com,dc=au"
directory /var/lib/ldap
mode 0600
rootdn XXX
rootpw YYY
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
access to attrs=telephoneNumber,
facsimileTelephoneNumber,
mobile,
street,
l,
st,
postOfficeBox,
postalCode,
o
by self write
by * read
##### Buller
database bdb
suffix "dc=buller,dc=com,dc=au"
directory /var/lib/ldap
mode 0600
rootdn XXX
rootpw YYY
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
access to attrs=telephoneNumber,
facsimileTelephoneNumber,
mobile,
street,
l,
st,
postOfficeBox,
postalCode,
o
by self write
by * read
and here is my rootdse.ldif:
dn:
namingContexts: dc=lannet,dc=com,dc=au
namingContexts: dc=buller,dc=com,dc=au
What I am trying to achieve is to get multiple suffix dn into the
directory structure. I can populate the database with slapadd, but
when I run slapcat with the -b "<suffix>" option I see all of the
entries not just the one for the suffix, but when I run ldapsearch I
don't get much even though slapcat produces output:
# ldapsearch -x -b "dc=lannet,dc=com,dc=au"
# extended LDIF
#
# LDAPv3
# base <dc=lannet,dc=com,dc=au> with scope sub
# filter: (objectclass=*)
# requesting: ALL
#
# search result
search: 2
result: 0 Success
# numResponses: 1
Should the rootDSE file have more entries - if so, what?
Try this command,
#ldapsearch -x -h <ldap-server> -s base -b "" +
O Plameras
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
