Public bug reported:
So I was trying to document configuring a new OpenLDAP install in
Maverick but I ran into problems pretty quick. After I import my
backend.ldif file I am unable to import the front end because of the
error "Invalid credentials (49)".
Here is what I did. I can't see any mistakes so far:
sudo apt-get install slapd ldap-utils
load some additional schema files
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/inetorgperson.ldif
create a file called "backend.lan.local.ldif"
----------------------------------------------------------------------------------------------------------------
# Load dynamic backend modules
dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulepath: /usr/lib/ldap
olcModuleload: back_hdb
# Database settings
dn: olcDatabase=hdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcSuffix: dc=lan,dc=local
olcDbDirectory: /var/lib/ldap
olcRootDN: cn=admin,dc=lan,dc=local
olcRootPW: secret
olcDbConfig: set_cachesize 0 2097152 0
olcDbConfig: set_lk_max_objects 1500
olcDbConfig: set_lk_max_locks 1500
olcDbConfig: set_lk_max_lockers 1500
olcDbIndex: objectClass eq
olcLastMod: TRUE
olcDbCheckpoint: 512 30
olcAccess: to attrs=userPassword by dn="cn=admin,dc=lan,dc=local" write by
anonymous auth by self write by * none
olcAccess: to attrs=shadowLastChange by self write by * read
olcAccess: to dn.base="" by * read
olcAccess: to * by dn="cn=admin,dc=lan,dc=local" write by * read
------------------------------------------------------------------------------------------------------------------------------------
load it into the LDAP
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f backend.lan.local.ldif
Create a file called "frontend.lan.local.ldif" on the server.
----------------------------------------------------------------------------------------------------------------------------------
# Create top-level object in domain
dn: dc=lan,dc=local
objectClass: top
objectClass: dcObject
objectclass: organization
o: lan Organization
dc: lan
description: LDAP lan
# Admin user.
dn: cn=admin,dc=lan,dc=local
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator
userPassword: secret
dn: ou=people,dc=lan,dc=local
objectClass: organizationalUnit
ou: people
dn: ou=groups,dc=lan,dc=local
objectClass: organizationalUnit
ou: groups
dn: ou=computers,dc=lan,dc=local
objectClass: organizationalUnit
ou: computers
dn: uid=john,ou=people,dc=lan,dc=local
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
uid: john
sn: Doe
givenName: John
cn: John Doe
displayName: John Doe
uidNumber: 1000
gidNumber: 10000
userPassword: password
gecos: John Doe
loginShell: /bin/bash
homeDirectory: /home/john
shadowExpire: -1
shadowFlag: 0
shadowWarning: 7
shadowMin: 8
shadowMax: 999999
shadowLastChange: 10877
mail: john....@lan.local
postalCode: 31000
l: Toulouse
o: lan
mobile: +33 (0)6 xx xx xx xx
homePhone: +33 (0)5 xx xx xx xx
title: System Administrator
postalAddress:
initials: JD
dn: cn=lan,ou=groups,dc=lan,dc=local
objectClass: posixGroup
cn: lan
gidNumber: 10000
--------------------------------------------------------------------------------------------------------------------------------
import front end configuration
sudo ldapadd -x -D cn=admin,dc=lan,dc=local -W -f
frontend.lan.local.ldif
Here is where I get
"Enter LDAP Password:
ldap_bind: Invalid credentials (49)"
>From what I can tell I haven't made any mistake.
** Affects: openldap (Ubuntu)
Importance: Undecided
Status: New
--
After importing backend.ldif I get "Invalid credentials (49) "
https://bugs.launchpad.net/bugs/636363
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in ubuntu.
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
