All right, now I have the files below in the directory
"/usr/local/openldap/etc/openldap/slapd.d/cn=config"
drwxr-x--- 2 ldap ldap 4096 Ago 16 13:53 cn=schema
-rw------- 1 ldap ldap 85100 Ago 16 13:53 cn=schema.ldif
-rw------- 1 ldap ldap 584 Ago 16 13:53 olcDatabase={0}config.ldif
drwxr-x--- 2 ldap ldap 4096 Ago 16 13:53 olcDatabase={1}bdb
-rw------- 1 ldap ldap 2907 Ago 16 13:53 olcDatabase={1}bdb.ldif
-rw------- 1 ldap ldap 810 Ago 16 13:53 olcDatabase={-1}frontend.ldif
-rw------- 1 ldap ldap 617 Ago 16 13:53 olcDatabase={2}monitor.ldif
I saw that "olcDatabase={1}bdb.ldif" has the "olcRootDN" and "olcRootPW",
but the comand do not work.
ldapsearch -Y EXTERNAL -H ldapi:/// -b olcDatabase={1}bdb,cn=config -s sub
"(objectClass=olcDatabaseConfig)" olcRootDN olcRootPW
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
# extended LDIF
#
# LDAPv3
# base <olcDatabase={1}bdb,cn=config> with scope subtree
# filter: (objectClass=olcDatabaseConfig)
# requesting: olcRootDN olcRootPW
#
# search result
search: 2
result: 32 No such object
# numResponses: 1
Begin of olcDatabase={1}bdb.ldif
# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
# CRC32 0b28ca48
dn: olcDatabase={1}bdb
objectClass: olcDatabaseConfig
objectClass: olcBdbConfig
olcDatabase: {1}bdb
olcSuffix: dc=company,dc=local
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: cn=admin,dc=company,dc=local
olcRootPW:: WW91J3JlIGtpZGRpbmcuCg==
olcSyncUseSubentry: FALSE
olcMonitoring: TRUE
olcDbDirectory: /usr/local/openldap/var/openldap-data
----- CUT -----
2017-08-16 13:39 GMT-03:00 Clément OUDOT <[email protected]
>:
>
>
> Le 16/08/2017 à 16:41, playerum a écrit :
>
> Hi...
>
> Are you sure to use cn=config to store configuration?
>
> That's right.. i'm not using cn=config, the command "slapcat -n0" did not
> work.
>
> If I use this setting (SLAPD_CONF_DIR) it will enable the OLC feature?
>
>
> It will just tell OpenLDAP to use cn=config to read configuration. See
> below
>
>
> Is these the right command to "populate" the SLAPD_CONF_DIR?
> slapcat -f /usr/local/openldap/etc/openldap/slapd.conf -F
> /usr/local/openldap/etc/openldap/slapd.d -n 0
>
>
> Yes, you need it to populate cn=config. Be sure to fix ownership before
> starting OpenLDAP :
> # chown -R ldap:ldap /usr/local/openldap/etc/openldap/slapd.d
>
> Another question...
> We ave samba integrated with OpenLDAP, to make he integration works after
> the password change i only need to remove the "secrets.tdb" and use the
> "smbpasswd" to create a new one?
>
>
>
> No idea.
>
>
> --
> Clément OUDOT
> Consultant en logiciels libres, Expert infrastructure et sécurité
> Savoir-faire Linux
> 137 boulevard de Magenta - 75010 PARIS
> Blog: http://sflx.ca/coudot
>
>
> _______________________________________________
> ltb-users mailing list
> [email protected]
> https://lists.ltb-project.org/cgi-bin/mailman/listinfo/ltb-users
>
_______________________________________________
ltb-users mailing list
[email protected]
https://lists.ltb-project.org/cgi-bin/mailman/listinfo/ltb-users
