| 1 |
Chris S wrote: |
| 2 |
> Paul Kölle wrote: |
| 3 |
> |
| 4 |
>> please post the ldif containing the entries for you intended base, I'll |
| 5 |
>> |
| 6 |
>> give it a shot. |
| 7 |
>> |
| 8 |
>> |
| 9 |
> Hi Paul, |
| 10 |
> Sorry for the delay.. been super busy. |
| 11 |
> |
| 12 |
> As previously mentioned, it's the base that I can't create with 3 dc |
| 13 |
> levels, however I can get around it by creating base level of two, then |
| 14 |
> adding the third dc, then switching the base back to 3 levels (although |
| 15 |
> this doesn't "feel" clean). All the same, here's my configuration. Any |
| 16 |
> pointers, slaps around the head appreciated. |
| 17 |
> |
| 18 |
> openldap 2.2.26 emerged and configured |
| 19 |
> |
| 20 |
> searching is successful: |
| 21 |
> |
| 22 |
> *code* |
| 23 |
> dually # ldapsearch -D "cn=Manager,dc=domain,dc=net,dc=au" -W -x |
| 24 |
> Enter LDAP Password: |
| 25 |
> # extended LDIF |
| 26 |
> # |
| 27 |
> # LDAPv3 |
| 28 |
> # base <> with scope sub |
| 29 |
> # filter: (objectclass=*) |
| 30 |
> # requesting: ALL |
| 31 |
> # |
| 32 |
> |
| 33 |
> # search result |
| 34 |
> search: 2 |
| 35 |
> result: 32 No such object |
| 36 |
> |
| 37 |
> # numResponses: 1 |
| 38 |
Again, this is NOT a successful search, there are no results. |
| 39 |
|
| 40 |
|
| 41 |
> */code* |
| 42 |
> |
| 43 |
> here is my base.ldif: |
| 44 |
> |
| 45 |
> *code* |
| 46 |
> dn: dc=net,dc=au |
| 47 |
^^^^^^^^^^^^^^^^^^ |
| 48 |
|
| 49 |
> when I try and insert it: |
| 50 |
> |
| 51 |
> *code* |
| 52 |
> dually / # ldapadd -D "cn=Manager,dc=domain,dc=net,dc=au" -W -f |
| 53 |
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ |
| 54 |
> /tmp/base.ldif -x |
| 55 |
> Enter LDAP Password: |
| 56 |
> adding new entry "dc=net,dc=au" |
| 57 |
> ldap_add: Server is unwilling to perform (53) |
| 58 |
> additional info: no global superior knowledge |
| 59 |
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ |
| 60 |
>From your ldapadd line, I assume you have in slapd.conf: |
| 61 |
|
| 62 |
database bdb |
| 63 |
suffix dc=domain,dc=net,dc=au |
| 64 |
|
| 65 |
The thing you probably missed: You don't need to and you are not allowed |
| 66 |
to add entries *below* the "suffix" from slapd.conf as it could be |
| 67 |
another suffix. If you try to add something like: "dn: dc=net,dc=au" |
| 68 |
slapd searches for *immediate parents* (here: dc=au) to that entry, |
| 69 |
either in the directory or for a "suffix" line in slapd.conf (remember, |
| 70 |
its a tree). If it couldn't find one you get the "no global superior |
| 71 |
knowledge" error or an "already exists" if the enty is already there. |
| 72 |
|
| 73 |
Solution: |
| 74 |
|
| 75 |
ldif |
| 76 |
|
| 77 |
dn: dc=domain,dc=net,dc=au |
| 78 |
dc=domain |
| 79 |
objectClass: top |
| 80 |
objectClass: dcObject |
| 81 |
objectClass: domain |
| 82 |
objectClass: domainRelatedObject |
| 83 |
associatedDomain: domain.net.au |
| 84 |
|
| 85 |
dn: ou=users,dc=domain,dc=net,dc=au |
| 86 |
ou: users |
| 87 |
objectClass: top |
| 88 |
objectClass: organizationalUnit |
| 89 |
objectClass: domainRelatedObject |
| 90 |
associatedDomain: domain.net.au |
| 91 |
|
| 92 |
end ldif |
| 93 |
|
| 94 |
slapd.conf |
| 95 |
|
| 96 |
database bdb |
| 97 |
suffix dc=domain,dc=net,dc=au |
| 98 |
rootdn cn=manager,dc=domain,dc=net,dc=au |
| 99 |
rootpw not24get |
| 100 |
|
| 101 |
directory /var/lib/openldap-data |
| 102 |
index objectClass eq |
| 103 |
|
| 104 |
end slapd.conf |
| 105 |
|
| 106 |
of course this is just the configuration for that backend, you'll need |
| 107 |
more info in slapd.conf for your server to run properly. |
| 108 |
|
| 109 |
|
| 110 |
cheers |
| 111 |
Paul |
| 112 |
|
| 113 |
|
| 114 |
|
| 115 |
-- |
| 116 |
gentoo-server@g.o mailing list |
Archives