Hi, SLES9 (Novell Open Enterprise Server sp2) Open-xchange 0.8.2-rc1 Following the sles9 ox 0.8 howto linked in the wiki. I've tried doing some fixes to the ldap, but it doesn't help. I've deleted the /var/lib/ldap/* files when I rerun it. I'm also unable to start ldap at all, rcldap restart fails
when run: slapadd -l /data/ox/share/init_ldap.ldif -d 255 Everything seems fine until the following: line 70 (loglevel 5) line 71 (TLSCertificateFile /etc/ssl/servercerts/servercert.perm) line 72 (TLSCertificatePath /etc/ssl/certs) /etc/openldap/slapd.conf: line 72: unknown directive "TLSCertificatePath" outside backend info and database definitions (ignored) line 73 (TLSCertificateFile /etc/ssl/servercerts/serverkey.pem) line 75 (database bdb) bdb_db_init: Initializing BDB database line 76 (checkpoint 1024 5) line 77 (cachesize 10000) line 78 (suffix "dc=mvtest,dc=org") >>> dnPrettyNormal: <dc=mvtest,dc=org> <<< dnPrettyNormal: <dc=mvtest,dc=org>, <dc=mvtest,dc=org> line 79 (uid=mailadmin,dc=mvtest,dc=orgrootdn) /etc/openldap/slapd.conf: line 79: unknown directive "uid=mailadmin,dc=mvtest,dc=orgrootdn" inside backend database definition (igno red) line 80 (rootpw ***) /etc/openldap/slapd.conf: line 80: rootpw can only be set when rootdn is under suffix slapadd: bad configuration file! =========================== Here is my slapd.conf file ========================== # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/inetorgperson.schema #include /etc/openldap/schema/rfc2307bis.schema include /etc/openldap/schema/openxchange.schema include /etc/openldap/schema/yast.schema # Define global ACLs to disable default read access. # Do not enable referrals until AFTER you have working directory # service AND an understanding of referrals #referrals ldap://root.openldap.org pidfile /var/run/slapd/slapd.pid argsfile /var/run/slapd/slapd.args # Load dynamic backend modules: modulepath /usr/lib/openldap/modules # moduleload back_ldap.la # moduleload back_meta.la # moduleload back_monitor.la # moduleload back_perl.la #Sample security restrictions # Require integrity protection (prevent hijacking) # Require 112-bit (3DES or better) encryption for updates # Require 63-bit encryption for simple_bind=64 # security ssf=1 update_ssf=112 simple_bind=64 # Sample access control policy: # ROOT DSE: allow anyone to read it # Subschema (sub)entry DSE: allow anyone to read it # Other DESs: # Allow self write access to user password # Allow anoymous users to authenticate # Allow read access to implement policy: # access to dn.base="" # by * read # access to dn.base="cn=subschema" # by * read # access to attr=userPassword,userPKCS12 # by self write # by * auth # access to attr=shadowLastChange # by self write # by * read # access to * # by * read # if no access controls are present, the default policy # allows anyone and everyone to read anything but restricts # updates to rootdn. (e.g., "access to * by * read") # # rootdn can always read and write EVERYTHING! ####################################################################### # bdb database definitions ####################################################################### # allow bind_v2 loglevel 5 TLSCertificateFile /etc/ssl/servercerts/servercert.perm TLSCertificatePath /etc/ssl/certs TLSCertificateFile /etc/ssl/servercerts/serverkey.pem database bdb checkpoint 1024 5 cachesize 10000 suffix "dc=mvtest,dc=org" "uid=mailadmin,dc=mvtest,dc=org"rootdn rootpw "MYPASSWORD" directory /var/lib/ldap index objectClass,uidNumber,gidNumber eq index member,mail eq,pres index cn,displayname,uid,sn,givenname sub,pres index uid,mailEnabled,cn,sn,givenname,InetMailAccess,alias,loginDestination eq,sub index objectClass eq index uid,mailEnabled,cn,sn,givenname,lnetMailAccess,alias,loginDestination eq,sub include /etc/openldap/acl_ox.conf ======================End of slapd.conf========================== Thanks for any help, Mike --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
