|
Engin bey dediğiniz de haklıymışsınız. ldap destekli ve kurulu
php olmasına rağmen ve extensions.ini de ldap desteğinin olmasına rağmen ldap
yokmuş gibi davranıyormuş makine de uğraşmalarım sonunda açılamama gibi bir
sorunla karşılaştığım için yeniden kurdum. ama şu anda ldap a ekleme
yapamıyorum.
nedenini merak ekmekteyim. önceki kurulumdan hariç herhangi
birşey yapmadım. çıktılar aşağıdaki gibidir.
---------------------------------------------------------
# See ldap.conf(5) for details
# This file should be world
readable but not world writable.
#SIZELIMIT
12
#TIMELIMIT
15
#DEREF never
[EMAIL PROTECTED]# cat
/usr/local/etc/openldap/slapd.conf
#
# See slapd.conf(5)
for details on configuration options.
# This file should NOT be world
readable.
#
include
/usr/local/etc/openldap/schema/core.schema
include
/usr/local/etc/openldap/schema/cosine.schema
include
/usr/local/etc/openldap/schema/inetorgperson.schema
include
/usr/local/etc/openldap/schema/nis.schema
# Define global ACLs to disable
default read access.
# Do not enable referrals until AFTER you have a working
directory
# service AND an understanding of
referrals.
#referral ldap://root.openldap.org
pidfile
/var/run/openldap/slapd.pid
argsfile
/var/run/openldap/slapd.args
# Load dynamic backend
modules:
modulepath
/usr/local/libexec/openldap
moduleload
back_bdb
# moduleload back_ldap
#
moduleload back_ldbm
# moduleload
back_passwd
# moduleload back_shell
# Sample security
restrictions
# Require integrity
protection (prevent hijacking)
# Require
112-bit (3DES or better) encryption for
updates
# Require 63-bit encryption for
simple bind
# security ssf=1 update_ssf=112 simple_bind=64
# Sample access control
policy:
# Root DSE: allow anyone to read
it
# Subschema (sub)entry DSE: allow
anyone to read it
# Other
DSEs:
#
Allow self write
access
#
Allow authenticated users read
access
#
Allow anonymous users to authenticate
#
Directives needed to implement policy:
# access to dn.base="" by * read
#
access to dn.base="cn=Subschema" by * read
# access to
*
# by self
write
# by users
read
# by anonymous auth
#
# if no
access controls are present, the default policy
# allows anyone and everyone
to read anything but restricts
# updates to rootdn. (e.g., "access to *
by * read")
#
# rootdn can always read and write EVERYTHING!
#######################################################################
#
BDB database
definitions
#######################################################################
database
bdb
suffix
"dc=example,dc=com"
rootdn
"cn=Manager,dc=example,dc=com"
# Cleartext passwords, especially for the
rootdn, should
# be avoid. See slappasswd(8) and slapd.conf(5) for
details.
# Use of strong authentication
encouraged.
rootpw
secret
# The database directory MUST exist prior to running slapd AND
#
should only be accessible by the slapd and slap tools.
# Mode 700
recommended.
directory
/var/db/openldap-data
# Indices to maintain
index
objectClass eq
[EMAIL PROTECTED]#
sockstat -l
USER
COMMAND PID FD PROTO LOCAL
ADDRESS FOREIGN
ADDRESS
ldap
slapd 20882 6 tcp6
*:389
*:*
ldap slapd 20882
7 tcp4
*:389
*:*
mes
sshd 446 7 stream
/tmp/ssh-6Ul5CXgBe7/agent.446
root
sendmail 373 4 tcp4
127.0.0.1:25
*:*
root sshd
367 3 tcp6
*:22
*:*
root sshd
367 4 tcp4
*:22
*:*
root syslogd 234
3 dgram /var/run/log
root
syslogd 234 4 dgram
/var/run/logpriv
root syslogd
234 5 udp6
*:514
*:*
root syslogd 234
6 udp4
*:514
*:*
root devd
216 4 stream /var/run/devd.pipe
[EMAIL PROTECTED]# cat
ldif.txt
dn: dc=example, dc=com
objectClass:
Top
#dn: ou=adresler,dc=example,dc=com
#objectClass:
Top
#objectClass: OrganizationalUnit
#ou: adresler
[EMAIL PROTECTED]# ls
/var/db/pkg/ | grep
open
openldap-sasl-client-2.3.7
openldap-server-2.3.7
openslp-1.2.1_1
openssl-0.9.8_1
[EMAIL PROTECTED]# ls
/var/db/pkg/ | grep cyrus
cyrus-sasl-2.1.21
[EMAIL PROTECTED]# ldapadd
-D "cn=Manager,dc=example,dc=com" -x -W -f ldif.txt
Enter
LDAP Password:
adding new entry "dc=example,
dc=com"
ldap_add: Object class violation
(65)
additional info: no
structural object class provided
------------------------------------------------------------------------------------
nerede yanlış
yapıyorum..??
##################################################################
----- Original Message -----
Sent: Monday, October 10, 2005 4:24
PM
Subject: Re: [FreeBSD] Re: ldap - slapd -
phpldapadmin
Notice: Use of undefined constant
LDAP_DEREF_NEVER - assumed 'LDAP_DEREF_NEVER' in
/usr/local/www/phpldapadmin/config_default.php on line
174
buyuk ihtimal bu
uyarıyi ldap modulunu php'ye tanitamadiginizdan dolayi aliyorsunuz
eger
ldap aktif olsaydı, webserver'iniz basladigi zaman LDAP_DEREF_NEVER 'i php'ye constant olarak tanimlatacakti
php -m
veya <?php phpinfo(); ?> ile ldap'in aktif olup olmadigini kontrol edin
On 10/10/05, Mesut
GÜLNAZ <[EMAIL PROTECTED]>
wrote:
O
da daklıma gelmişti.
-su-2.05b# egrep register_globals
/usr/local/etc/php.ini
; register_globals to be on; Using form
variables as globals can easily
lead
register_globals = On
; to
initialize a session variable in the global scope, albeit
register_globals
-su-2.05b#
işin içinden
çıkamıyorum...
teşekkürler...
----- Original Message
-----
From: "Omer Faruk Sen" <[EMAIL PROTECTED] >
To: <freebsd@lists.enderunix.org>
Sent:
Monday, October 10, 2005 10:50 AM
Subject: [FreeBSD] Re: ldap - slapd -
phpldapadmin
> sanki php.ini 'de register_globals'i
acmamissiniz gibi ?
> [windows-1254] Mesut GÜLNAZ writes:
>>
ldapserver23-server ı sasl desteği ile kurdum.
>>
başlattım.
>> portunu dinliyor onda da sorunum yok.
>>
ldapadd komutu ile user aklayabiliyorum.
>> aşağıda gördüğünüz gibi
sorgulayabiliyorum da. -su-2.05b# ldapsearch -b
>>
"dc=example,dc=com" -x
>> # extended LDIF
>> #
>>
# LDAPv3
>> # base <dc=example,dc=com> with scope
subtree
>> # filter: (objectclass=*)
>> # requesting:
ALL
>> # # example.com
>>
dn: dc=example,dc=com
>> objectClass: dcObject
>>
objectClass: organization
>> o: Example Company
>> dc:
example # Manager, example.com
>>
dn: cn=Manager,dc=example,dc=com
>> objectClass:
organizationalRole
>> cn: Manager # Root, example.com
>> dn:
cn=Root,dc=example,dc=com
>> objectClass:
organizationalRole
>> cn: Root # qldapadmin, example.com
>> dn:
o=qldapadmin,dc=example,dc=com
>> objectClass: top
>>
objectClass: organization
>> o: qldapadmin # search
result
>> search: 2
>> result: 0 Success # numResponses:
5
>> # numEntries: 4
>> -su-2.05b# ama gelin
görün ki bir türlü phpldapadmin i çalıştıramadım.
>> aldığım hata
şu:
>> --------------------------------------------
>> Notice: Use of undefined constant LDAP_DEREF_NEVER -
assumed
>> 'LDAP_DEREF_NEVER' in
/usr/local/www/phpldapadmin/config_default.php on
>> line 174
Notice: Use of undefined constant LDAP_DEREF_ALWAYS - assumed
>>
'LDAP_DEREF_ALWAYS' in /usr/local/www/phpldapadmin/config_default.php
on
>> line 179 Notice: Use of undefined constant LDAP_DEREF_NEVER -
assumed
>> 'LDAP_DEREF_NEVER' in
/usr/local/www/phpldapadmin/config_default.php on
>> line 184
Notice: Use of undefined constant LDAP_DEREF_NEVER - assumed
>>
'LDAP_DEREF_NEVER' in /usr/local/www/phpldapadmin/config_default.php
on
>> line 189
Error
>> Your install of PHP
appears to be missing LDAP support. Please
>> install LDAP support
before using phpLDAPadmin. (Don't forget to restart
>> your web
server
>>
fterwards) --------------------------------------------------------------------------------------------------------
>>
>> ama php4-extensions tan kurduğum php nin ldap
desteğini verdim. [X] LDAP
>> OpenLDAP support buna rağmen hala
çalıştıramıyorum. önceden ana sayfa
>> gelirdi ama artık o da
gelemiyor.. :-) ayrıca mic. outlook adres
>> defterindeki
kullanıcılar da göremiyor. bağlanıyor ama göremiyor.
>> o anda
messages a düşen satırlar ise şu şekilde.
>> Oct 9
16:44:23 ldap slapd[61144]: OTP unavailable because can't
>>
read/write key database /etc/opiekeys: Permission denied
>>
Oct 9 16:45:29 ldap slapd[61144]: OTP unavailable because
can't
>> read/write key database /etc/opiekeys: Permission
denied
>> Oct 9 16:45:43 ldap slapd[61144]: OTP
unavailable because can't
>> read/write key database
/etc/opiekeys: Permission denied
>> Oct 9 16:47:10 ldap
slapd[61416]: OTP unavailable because can't
>> read/write key
database /etc/opiekeys: Permission denied
>> -------------------
>> bu şekle çevirdim ama nafile... -su-2.05b# ls -la
/etc/opie*
>> -rwxr-xr-x 1
root wheel 466 Oct 9 16:46
/etc/opieaccess
>> -rwxrwxrwx 1
root wheel 0 Sep 21 09:02
/etc/opiekeys
>> - su-2.05b#
>>
--------------------------------
>> bunun yanında sistemde
ldap.conf dosyasını bulamadım.
>> -su-2.05b# find / -name
ldap.con*
>> /usr/local/man/man5/ldap.conf.5.gz
>>
/usr/ports/net/openldap23-server/work/openldap-
2.3.7/doc/man/man5/ldap.conf.5
>>
/usr/ports/net/openldap23-server/work/openldap-2.3.7/doc/man/man5/ldap.conf.5.tmp
>>
/usr/ports/net/openldap23-server/work/openldap-2.3.7/libraries/libldap/ldap.conf
>>
/usr/ports/net/openldap22-sasl-client/work/openldap-2.2.23/doc/man/man5/ldap.conf.5
>>
/usr/ports/net/openldap22-sasl-client/work/openldap-2.2.23/doc/man/man5/ldap.conf.5.tmp
>>
/usr/ports/net/openldap22-sasl-client/work/openldap-
2.2.23/libraries/libldap/ldap.conf
>> -su-2.05b# yardımcı
olabilecek arkadaşlardan yardım bekliyorum.
>> eğer bunu
başarabilirsem bir doc yazmayı planlıyorum.. saygılarımla arz
>>
ederim...
>
>
> -----------------------
> Omer
Faruk Sen
> http://www.EnderUNIX.ORG
>
Software Development Team @ Turkey
> http://www.Faruk.NET
> For Public
key: http://www.enderunix.org/ofsen/ofsen.asc
>
********************************************************
>
>
First Turkish Qmail book is out! Go check it.
> Duydunuz mu!
Turkiye'nin ilk Qmail kitabi cikti.
> http://www.acikakademi.com/catalog/qmail/
>
>
---------------------------------------------------------------------
> Cikmak icin, e-mail: [EMAIL PROTECTED]
>
Liste arsivi: http://lists.enderunix.org
>
Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php
>
>
---------------------------------------------------------------------
Cikmak icin, e-mail: [EMAIL PROTECTED]
Liste
arsivi: http://lists.enderunix.org
Turkiye'nin
ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php
--
Engin Dumlu
|
