sentinel wrote:
----------------->>>>
I'm currently evaluating openLDAP for a production environment. I've
carefully read through the fine manual and am a bit confused. After
creating my slapd.conf according to the docs found in tldp.org, I'm trying
to populate my database using ldapadd. Here is my command line
ldapadd -f /path/basics.ldif -D "cn=Manager,dc=mydomain,dc=com" -w password
I see the following output:
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Local error
Is this telling me I have a problem with my password?
In slapd.conf I have my rootdn set to the above (cn=Manager, dc=mydomain,
dc=com"). I have my rootpw set to password (Yes I'm trying clear text
just for now.).
I've also set my acess control directives.
access to *
by dn="Manager,dc=mydomain,dc=com" write
by * read
This I believe tells the slapd daemon to allow writing to the database by
Manager.
----------------->>>>
try
ldapadd -xW -h <ldap server> -D "cn=Manager,dc=mydomain,dc=com" -f
/path/basics.ldif
This should add things to the ldap database. The transfer is in clear text
though so I would suggest using SSL/TLS. Once implemented you can have your
data transmission done encrypted with Z or ZZ like:
ldapadd -xWZZ -h <ldap server> -D "cn=Manager,dc=mydomain,dc=com" -f
/path/basics.ldif
note Z is to try TLS where ZZ is require TLS.
Whatever your using LDAP for, spend time deciding on your schema and then
your access to it. Also, you should check out gq which is a cool tool to
browse your data and the schema tree in a gui.
--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list
