View Single Post
Old 26th March 2009, 22:28
gring gring is offline
Join Date: Mar 2009
Posts: 53
Thanks: 2
Thanked 3 Times in 3 Posts

OpenLdap used to be configured with the file slapd.conf. With the latest Ubuntu packages, it is no more the case, and the server is configured with and internal ldap database, as it is explained here.

When you install slapd with apt-get, it creates the main configuration database (dc=config), and a default database.

Now, to edit the slapd configuration, take a ldap browser.
I used ldapAdmin

connect to the database: dc=config
with the user: cn=admin,cn=config
and the password you set during slapd installation.

As you can see, there are several entries:

- cn=schema, that should contain the default schema's and the 4 you added during the howto.

- olcDatabase={0}config, an occurence of the olcDatabaseConfig class, that holds the configuration of slapd's internal configuration database.

- olcDatabase={1}hdb, an occurence of olcDatabaseConfig AND olcHdbConfig, which holds the configuration of a database that is automatically created upon slapd installation.

(olcHdbConfig makes the entry hold configuration data like the path of the database, which is useless for the internal configuration db)

* I didn't manage to create a new database by adding an occurence of olcDatabaseConfig and olcHdbConfig, I keep having error messages saying the server can't initialise the db -> I cant' find any documentation about creating a db

* I didn't manage to change the suffix attribute, so I used dpkg-reconfigure slapd to set it during hdb's creation.

* I changed the database's location, to do that, copy the files in /var/lib/ldap to your directory, then change the olcDbDirectory attribute to match it. then restart your slapd server. I think it's a dirty way to do it, but it works

With your ldap browser, erase the olcAccess lines. (I'm not sure it works with all browsers). Then continue to follow the howto's instructions and add the acl's.

* the database contains a cn=admin entry, it seems to contain the admin's account data for the database

I go through the entire howto, but phamm keeps telling me "invalid credentials", though I can connect to the database with the ldap browser...

Any ideas?
Reply With Quote