Re: [FUG-BR] Erro na inicialização do ldap
olá, depois de uma dia de paralisação, estamos de volta. Jorge, marquei sim. Assim como estas outras opções: SASL, PERL, SLP, TCP_WRAPPERS, DBD, ACCCESSLOG, AUDITLOG, DENYOP, DYNGROUP, DYNLIST, LASTMOD e PPOLICY. abraços. Quando vc compilou o ldap selecionou essa opção no make config?? [ ] ODBC With SQL backend cat um cat /var/db/ports/openldap23/options e manda as opções de compilação pra nós. Abraço. Jose Raimundo da S. Barbosa escreveu: Ok Jorge, levou uns 3 seg...mas a mensagem no log messages persiste. Em seguida alterei o nsswitch.conf conforme mensagem do thOLOko: mude para: /etc/nsswitch.conf #group: compat group: files ldap winbind group_compat: nis hosts: files dns networks: files #passwd: compat passwd: files ldap winbind shadow: files ldap winbind passwd_compat: nis shells: files e continua o mesmo problema...complementando minha duvida...sera que esse problema pode interferir na integracao com os outros servicos (Postfix,etc)? pois, apesar desse erro constatado via /var/log/messages o LDAP ta funcionando. Altere esses parâmetros nos arquivos nss_ldap.conf e ldap.conf que seu ldap vai iniciar bem mais rápido. Reporta ai depois. Abraço. timelimit 3 bind_timelimit 3 bind_policy soft _ * *Jorge Petry Neto * *Administrador de Redes e Servidores (48) 8401-4436 [EMAIL PROTECTED] [2]mailto:[EMAIL PROTECTED]* **www.jspnet.com.br * [3]http://www.jspnet.com.br/ Jose Raimundo da S. Barbosa escreveu: ola colegas, acabei de instalar e configurar um servidor LDAP. Parece que tudo ta funcionando legal: construi a base LDAP, importei minha base de usuário para dentro dele, estou consultando a base, etc. Mas agora vou partir para a integracao com o SAMBA, postfix, etc. Só que consultando meu /var/log/messages vejo as seguintes mensagens na inicializacao do LDAP: Jun 17 13:22:00 ariranha slapd[9073]: nss_ldap: could not search LDAP server - Server is unavailable Jun 17 13:22:00 ariranha slapd[9073]: sql_select option missing Jun 17 13:22:00 ariranha slapd[9073]: auxpropfunc error no mechanism available fiz um teste...parei o servidor (/usr/local/etc/rc.d/slapd stop) e startei novamente...reparei que a partir de entao ele leva uns 30 segundos para entrar no ar...dai visualizei novamente o log messages e a mensagem acima consta no arquivo. Alguma idéia? Acabei de instalar o FreeBSD 7.0 nss_ldap.conf -- @(#)$Id: ldap.conf,v 2.47 2006/05/15 08:13:44 lukeh Exp $ # # This is the configuration file for the LDAP nameservice # switch library and the LDAP PAM module. # # PADL Software # [4]http://www.padl.com # host 127.0.0.1 base dc=cpaa,dc=embrapa,dc=br uri [5]ldap://cegonha.cpaa.embrapa.br/ ldap_version 3 slapd.conf # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/qmail.schema include /usr/local/etc/openldap/schema/samba.schema # Ativando suporte a TLS TLSCertificateFile /usr/local/etc/openldap/ssl/servercrt.pem TLSCertificateKeyFile /usr/local/etc/openldap/ssl/serverkey.pem TLSCACertificateFile /usr/local/etc/openldap/ssl/cacert.pem #TLSCipherSuite HIGH:MEDIUM:+SSLv2 # Define global ACLs to disable default read access. # Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral [6]ldap://root.openldap.org pidfile /var/run/openldap/slapd.pid argsfile/var/run/openldap/slapd.args # Load dynamic backend modules: modulepath /usr/local/libexec/openldap moduleload back_bdb # moduleloadback_ldap # moduleloadback_ldbm # moduleloadback_passwd # moduleloadback_shell access to attrs=userPassword,sambaLMPassword,sambaNTPassword by dn=cn=root,dc=embrapa,dc=br write by anonymous auth by self write by * none access to attrs=uidNumber,gidNumber by dn=cn=root,dc=embrapa,dc=br write by * read access to * by dn=cn=root,dc=embrapa,dc=br write by self write by * read databasebdb suffix dc=embrapa,dc=br rootdn cn=root,dc=embrapa,dc=br rootpw secret # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /var/db/openldap-data # Indices to maintain index objectClass eq index uid pres,eq,sub index gidNumber eq index uidNumber eq index cn pres,eq,sub index
Re: [FUG-BR] Erro na inicialização do ldap
Como está o seu /etc/nsswitch.conf ? On Tue, Jun 17, 2008 at 3:34 PM, Jose Raimundo da S. Barbosa [EMAIL PROTECTED] wrote: ola colegas, acabei de instalar e configurar um servidor LDAP. Parece que tudo ta funcionando legal: construi a base LDAP, importei minha base de usuário para dentro dele, estou consultando a base, etc. Mas agora vou partir para a integracao com o SAMBA, postfix, etc. Só que consultando meu /var/log/messages vejo as seguintes mensagens na inicializacao do LDAP: Jun 17 13:22:00 ariranha slapd[9073]: nss_ldap: could not search LDAP server - Server is unavailable Jun 17 13:22:00 ariranha slapd[9073]: sql_select option missing Jun 17 13:22:00 ariranha slapd[9073]: auxpropfunc error no mechanism available fiz um teste...parei o servidor (/usr/local/etc/rc.d/slapd stop) e startei novamente...reparei que a partir de entao ele leva uns 30 segundos para entrar no ar...dai visualizei novamente o log messages e a mensagem acima consta no arquivo. Alguma idéia? Acabei de instalar o FreeBSD 7.0 nss_ldap.conf -- @(#)$Id: ldap.conf,v 2.47 2006/05/15 08:13:44 lukeh Exp $ # # This is the configuration file for the LDAP nameservice # switch library and the LDAP PAM module. # # PADL Software # http://www.padl.com # host 127.0.0.1 base dc=cpaa,dc=embrapa,dc=br uri ldap://cegonha.cpaa.embrapa.br/ ldap_version 3 slapd.conf # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/qmail.schema include /usr/local/etc/openldap/schema/samba.schema # Ativando suporte a TLS TLSCertificateFile /usr/local/etc/openldap/ssl/servercrt.pem TLSCertificateKeyFile /usr/local/etc/openldap/ssl/serverkey.pem TLSCACertificateFile /usr/local/etc/openldap/ssl/cacert.pem #TLSCipherSuite HIGH:MEDIUM:+SSLv2 # Define global ACLs to disable default read access. # Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral ldap://root.openldap.org pidfile /var/run/openldap/slapd.pid argsfile/var/run/openldap/slapd.args # Load dynamic backend modules: modulepath /usr/local/libexec/openldap moduleload back_bdb # moduleloadback_ldap # moduleloadback_ldbm # moduleloadback_passwd # moduleloadback_shell access to attrs=userPassword,sambaLMPassword,sambaNTPassword by dn=cn=root,dc=embrapa,dc=br write by anonymous auth by self write by * none access to attrs=uidNumber,gidNumber by dn=cn=root,dc=embrapa,dc=br write by * read access to * by dn=cn=root,dc=embrapa,dc=br write by self write by * read databasebdb suffix dc=embrapa,dc=br rootdn cn=root,dc=embrapa,dc=br rootpw secret # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /var/db/openldap-data # Indices to maintain index objectClass eq index uid pres,eq,sub index gidNumber eq index uidNumber eq index cn pres,eq,sub index memberuid pres,eq,sub index mailpres,eq,sub index mailAlternateAddresspres,eq,sub index sn pres,eq,sub #index displayName pres,eq,sub #index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq #index default sub - Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd -- ThOLOko ThOmaz BeLgine email: [EMAIL PROTECTED] msn: [EMAIL PROTECTED] -FrEEBSD- UniX TeaM BeFree = BeFreeBSD http://www.itexplorer.com.br - Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
Re: [FUG-BR] Erro na inicialização do ldap
Oi.. esta assim.. /etc/nsswitch.conf #group: compat group: files ldap group_compat: nis hosts: files dns networks: files #passwd: compat passwd: files ldap passwd_compat: nis shells: files Como está o seu /etc/nsswitch.conf ? On Tue, Jun 17, 2008 at 3:34 PM, Jose Raimundo da S. Barbosa [EMAIL PROTECTED] wrote: ola colegas, acabei de instalar e configurar um servidor LDAP. Parece que tudo ta funcionando legal: construi a base LDAP, importei minha base de usuário para dentro dele, estou consultando a base, etc. Mas agora vou partir para a integracao com o SAMBA, postfix, etc. Só que consultando meu /var/log/messages vejo as seguintes mensagens na inicializacao do LDAP: Jun 17 13:22:00 ariranha slapd[9073]: nss_ldap: could not search LDAP server - Server is unavailable Jun 17 13:22:00 ariranha slapd[9073]: sql_select option missing Jun 17 13:22:00 ariranha slapd[9073]: auxpropfunc error no mechanism available fiz um teste...parei o servidor (/usr/local/etc/rc.d/slapd stop) e startei novamente...reparei que a partir de entao ele leva uns 30 segundos para entrar no ar...dai visualizei novamente o log messages e a mensagem acima consta no arquivo. Alguma idéia? Acabei de instalar o FreeBSD 7.0 nss_ldap.conf -- @(#)$Id: ldap.conf,v 2.47 2006/05/15 08:13:44 lukeh Exp $ # # This is the configuration file for the LDAP nameservice # switch library and the LDAP PAM module. # # PADL Software # http://www.padl.com # host 127.0.0.1 base dc=cpaa,dc=embrapa,dc=br uri ldap://cegonha.cpaa.embrapa.br/ ldap_version 3 slapd.conf # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/qmail.schema include /usr/local/etc/openldap/schema/samba.schema # Ativando suporte a TLS TLSCertificateFile /usr/local/etc/openldap/ssl/servercrt.pem TLSCertificateKeyFile /usr/local/etc/openldap/ssl/serverkey.pem TLSCACertificateFile /usr/local/etc/openldap/ssl/cacert.pem #TLSCipherSuite HIGH:MEDIUM:+SSLv2 # Define global ACLs to disable default read access. # Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral ldap://root.openldap.org pidfile /var/run/openldap/slapd.pid argsfile/var/run/openldap/slapd.args # Load dynamic backend modules: modulepath /usr/local/libexec/openldap moduleload back_bdb # moduleloadback_ldap # moduleloadback_ldbm # moduleloadback_passwd # moduleloadback_shell access to attrs=userPassword,sambaLMPassword,sambaNTPassword by dn=cn=root,dc=embrapa,dc=br write by anonymous auth by self write by * none access to attrs=uidNumber,gidNumber by dn=cn=root,dc=embrapa,dc=br write by * read access to * by dn=cn=root,dc=embrapa,dc=br write by self write by * read databasebdb suffix dc=embrapa,dc=br rootdn cn=root,dc=embrapa,dc=br rootpw secret # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /var/db/openldap-data # Indices to maintain index objectClass eq index uid pres,eq,sub index gidNumber eq index uidNumber eq index cn pres,eq,sub index memberuid pres,eq,sub index mailpres,eq,sub index mailAlternateAddresspres,eq,sub index sn pres,eq,sub #index displayName pres,eq,sub #index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq #index default sub - Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd -- ThOLOko ThOmaz BeLgine email: [EMAIL PROTECTED] msn: [EMAIL PROTECTED] -FrEEBSD- UniX TeaM BeFree = BeFreeBSD http://www.itexplorer.com.br - Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd -- José Raimundo da S. Barbosa Embrapa Amazonia Ocidental Setor de Informação Fone: (92) 3621-0350) - Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
Re: [FUG-BR] Erro na inicialização do ldap
Altere esses parâmetros nos arquivos nss_ldap.conf e ldap.conf que seu ldap vai iniciar bem mais rápido. Reporta ai depois. Abraço. timelimit 3 bind_timelimit 3 bind_policy soft _ * *Jorge Petry Neto * *Administrador de Redes e Servidores (48) 8401-4436 [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]* **www.jspnet.com.br * http://www.jspnet.com.br/ Jose Raimundo da S. Barbosa escreveu: ola colegas, acabei de instalar e configurar um servidor LDAP. Parece que tudo ta funcionando legal: construi a base LDAP, importei minha base de usuário para dentro dele, estou consultando a base, etc. Mas agora vou partir para a integracao com o SAMBA, postfix, etc. Só que consultando meu /var/log/messages vejo as seguintes mensagens na inicializacao do LDAP: Jun 17 13:22:00 ariranha slapd[9073]: nss_ldap: could not search LDAP server - Server is unavailable Jun 17 13:22:00 ariranha slapd[9073]: sql_select option missing Jun 17 13:22:00 ariranha slapd[9073]: auxpropfunc error no mechanism available fiz um teste...parei o servidor (/usr/local/etc/rc.d/slapd stop) e startei novamente...reparei que a partir de entao ele leva uns 30 segundos para entrar no ar...dai visualizei novamente o log messages e a mensagem acima consta no arquivo. Alguma idéia? Acabei de instalar o FreeBSD 7.0 nss_ldap.conf -- @(#)$Id: ldap.conf,v 2.47 2006/05/15 08:13:44 lukeh Exp $ # # This is the configuration file for the LDAP nameservice # switch library and the LDAP PAM module. # # PADL Software # http://www.padl.com # host 127.0.0.1 base dc=cpaa,dc=embrapa,dc=br uri ldap://cegonha.cpaa.embrapa.br/ ldap_version 3 slapd.conf # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/qmail.schema include /usr/local/etc/openldap/schema/samba.schema # Ativando suporte a TLS TLSCertificateFile /usr/local/etc/openldap/ssl/servercrt.pem TLSCertificateKeyFile /usr/local/etc/openldap/ssl/serverkey.pem TLSCACertificateFile /usr/local/etc/openldap/ssl/cacert.pem #TLSCipherSuite HIGH:MEDIUM:+SSLv2 # Define global ACLs to disable default read access. # Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral ldap://root.openldap.org pidfile /var/run/openldap/slapd.pid argsfile/var/run/openldap/slapd.args # Load dynamic backend modules: modulepath /usr/local/libexec/openldap moduleload back_bdb # moduleloadback_ldap # moduleloadback_ldbm # moduleloadback_passwd # moduleloadback_shell access to attrs=userPassword,sambaLMPassword,sambaNTPassword by dn=cn=root,dc=embrapa,dc=br write by anonymous auth by self write by * none access to attrs=uidNumber,gidNumber by dn=cn=root,dc=embrapa,dc=br write by * read access to * by dn=cn=root,dc=embrapa,dc=br write by self write by * read databasebdb suffix dc=embrapa,dc=br rootdn cn=root,dc=embrapa,dc=br rootpw secret # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /var/db/openldap-data # Indices to maintain index objectClass eq index uid pres,eq,sub index gidNumber eq index uidNumber eq index cn pres,eq,sub index memberuid pres,eq,sub index mailpres,eq,sub index mailAlternateAddresspres,eq,sub index sn pres,eq,sub #index displayName pres,eq,sub #index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq #index default sub - Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd -- - Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
Re: [FUG-BR] Erro na inicialização do ldap
mude para: /etc/nsswitch.conf #group: compat group: files ldap winbind group_compat: nis hosts: files dns networks: files #passwd: compat passwd: files ldap winbind shadow: files ldap winbind passwd_compat: nis shells: files Não sei, mas depois de uma certa versao do samba precisa por o winbind para conversar com o ldap + samba. Abraços! 2008/6/17 Jose Raimundo da S. Barbosa [EMAIL PROTECTED]: Oi.. esta assim.. /etc/nsswitch.conf #group: compat group: files ldap group_compat: nis hosts: files dns networks: files #passwd: compat passwd: files ldap passwd_compat: nis shells: files Como está o seu /etc/nsswitch.conf ? On Tue, Jun 17, 2008 at 3:34 PM, Jose Raimundo da S. Barbosa [EMAIL PROTECTED] wrote: ola colegas, acabei de instalar e configurar um servidor LDAP. Parece que tudo ta funcionando legal: construi a base LDAP, importei minha base de usuário para dentro dele, estou consultando a base, etc. Mas agora vou partir para a integracao com o SAMBA, postfix, etc. Só que consultando meu /var/log/messages vejo as seguintes mensagens na inicializacao do LDAP: Jun 17 13:22:00 ariranha slapd[9073]: nss_ldap: could not search LDAP server - Server is unavailable Jun 17 13:22:00 ariranha slapd[9073]: sql_select option missing Jun 17 13:22:00 ariranha slapd[9073]: auxpropfunc error no mechanism available fiz um teste...parei o servidor (/usr/local/etc/rc.d/slapd stop) e startei novamente...reparei que a partir de entao ele leva uns 30 segundos para entrar no ar...dai visualizei novamente o log messages e a mensagem acima consta no arquivo. Alguma idéia? Acabei de instalar o FreeBSD 7.0 nss_ldap.conf -- @(#)$Id: ldap.conf,v 2.47 2006/05/15 08:13:44 lukeh Exp $ # # This is the configuration file for the LDAP nameservice # switch library and the LDAP PAM module. # # PADL Software # http://www.padl.com # host 127.0.0.1 base dc=cpaa,dc=embrapa,dc=br uri ldap://cegonha.cpaa.embrapa.br/ ldap_version 3 slapd.conf # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/qmail.schema include /usr/local/etc/openldap/schema/samba.schema # Ativando suporte a TLS TLSCertificateFile /usr/local/etc/openldap/ssl/servercrt.pem TLSCertificateKeyFile /usr/local/etc/openldap/ssl/serverkey.pem TLSCACertificateFile /usr/local/etc/openldap/ssl/cacert.pem #TLSCipherSuite HIGH:MEDIUM:+SSLv2 # Define global ACLs to disable default read access. # Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral ldap://root.openldap.org pidfile /var/run/openldap/slapd.pid argsfile/var/run/openldap/slapd.args # Load dynamic backend modules: modulepath /usr/local/libexec/openldap moduleload back_bdb # moduleloadback_ldap # moduleloadback_ldbm # moduleloadback_passwd # moduleloadback_shell access to attrs=userPassword,sambaLMPassword,sambaNTPassword by dn=cn=root,dc=embrapa,dc=br write by anonymous auth by self write by * none access to attrs=uidNumber,gidNumber by dn=cn=root,dc=embrapa,dc=br write by * read access to * by dn=cn=root,dc=embrapa,dc=br write by self write by * read databasebdb suffix dc=embrapa,dc=br rootdn cn=root,dc=embrapa,dc=br rootpw secret # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /var/db/openldap-data # Indices to maintain index objectClass eq index uid pres,eq,sub index gidNumber eq index uidNumber eq index cn pres,eq,sub index memberuid pres,eq,sub index mailpres,eq,sub index mailAlternateAddresspres,eq,sub index sn pres,eq,sub #index displayName pres,eq,sub #index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq #index default sub - Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd -- ThOLOko ThOmaz BeLgine email: [EMAIL PROTECTED] msn: [EMAIL PROTECTED] -FrEEBSD- UniX TeaM BeFree = BeFreeBSD http://www.itexplorer.com.br - Histórico:
Re: [FUG-BR] Erro na inicialização do ldap
O problema não é no winbind não,o winbind serve para fazer um servidor *nix fazer join em algum domínio do AD. Eu ficaria de olho no erro do messages sql_select option missing auxpropfunc error no mechanism available Outra coisa se observar e se o host uri ldap://cegonha.cpaa.embrapa.br/ aponta para a maquina que roda o ldap. 2008/6/17 ThOLOko [EMAIL PROTECTED]: mude para: /etc/nsswitch.conf #group: compat group: files ldap winbind group_compat: nis hosts: files dns networks: files #passwd: compat passwd: files ldap winbind shadow: files ldap winbind passwd_compat: nis shells: files Não sei, mas depois de uma certa versao do samba precisa por o winbind para conversar com o ldap + samba. Abraços! 2008/6/17 Jose Raimundo da S. Barbosa [EMAIL PROTECTED]: Oi.. esta assim.. /etc/nsswitch.conf #group: compat group: files ldap group_compat: nis hosts: files dns networks: files #passwd: compat passwd: files ldap passwd_compat: nis shells: files Como está o seu /etc/nsswitch.conf ? On Tue, Jun 17, 2008 at 3:34 PM, Jose Raimundo da S. Barbosa [EMAIL PROTECTED] wrote: ola colegas, acabei de instalar e configurar um servidor LDAP. Parece que tudo ta funcionando legal: construi a base LDAP, importei minha base de usuário para dentro dele, estou consultando a base, etc. Mas agora vou partir para a integracao com o SAMBA, postfix, etc. Só que consultando meu /var/log/messages vejo as seguintes mensagens na inicializacao do LDAP: Jun 17 13:22:00 ariranha slapd[9073]: nss_ldap: could not search LDAP server - Server is unavailable Jun 17 13:22:00 ariranha slapd[9073]: sql_select option missing Jun 17 13:22:00 ariranha slapd[9073]: auxpropfunc error no mechanism available fiz um teste...parei o servidor (/usr/local/etc/rc.d/slapd stop) e startei novamente...reparei que a partir de entao ele leva uns 30 segundos para entrar no ar...dai visualizei novamente o log messages e a mensagem acima consta no arquivo. Alguma idéia? Acabei de instalar o FreeBSD 7.0 nss_ldap.conf -- @(#)$Id: ldap.conf,v 2.47 2006/05/15 08:13:44 lukeh Exp $ # # This is the configuration file for the LDAP nameservice # switch library and the LDAP PAM module. # # PADL Software # http://www.padl.com # host 127.0.0.1 base dc=cpaa,dc=embrapa,dc=br uri ldap://cegonha.cpaa.embrapa.br/ ldap_version 3 slapd.conf # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/qmail.schema include /usr/local/etc/openldap/schema/samba.schema # Ativando suporte a TLS TLSCertificateFile /usr/local/etc/openldap/ssl/servercrt.pem TLSCertificateKeyFile /usr/local/etc/openldap/ssl/serverkey.pem TLSCACertificateFile /usr/local/etc/openldap/ssl/cacert.pem #TLSCipherSuite HIGH:MEDIUM:+SSLv2 # Define global ACLs to disable default read access. # Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral ldap://root.openldap.org pidfile /var/run/openldap/slapd.pid argsfile/var/run/openldap/slapd.args # Load dynamic backend modules: modulepath /usr/local/libexec/openldap moduleload back_bdb # moduleloadback_ldap # moduleloadback_ldbm # moduleloadback_passwd # moduleloadback_shell access to attrs=userPassword,sambaLMPassword,sambaNTPassword by dn=cn=root,dc=embrapa,dc=br write by anonymous auth by self write by * none access to attrs=uidNumber,gidNumber by dn=cn=root,dc=embrapa,dc=br write by * read access to * by dn=cn=root,dc=embrapa,dc=br write by self write by * read databasebdb suffix dc=embrapa,dc=br rootdn cn=root,dc=embrapa,dc=br rootpw secret # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /var/db/openldap-data # Indices to maintain index objectClass eq index uid pres,eq,sub index gidNumber eq index uidNumber eq index cn pres,eq,sub index memberuid pres,eq,sub index mailpres,eq,sub index mailAlternateAddresspres,eq,sub index sn pres,eq,sub #index displayName
Re: [FUG-BR] Erro na inicialização do ldap
Ok Jorge, levou uns 3 seg...mas a mensagem no log messages persiste. Em seguida alterei o nsswitch.conf conforme mensagem do thOLOko: mude para: /etc/nsswitch.conf #group: compat group: files ldap winbind group_compat: nis hosts: files dns networks: files #passwd: compat passwd: files ldap winbind shadow: files ldap winbind passwd_compat: nis shells: files e continua o mesmo problema...complementando minha duvida...sera que esse problema pode interferir na integracao com os outros servicos (Postfix,etc)? pois, apesar desse erro constatado via /var/log/messages o LDAP ta funcionando. Altere esses parâmetros nos arquivos nss_ldap.conf e ldap.conf que seu ldap vai iniciar bem mais rápido. Reporta ai depois. Abraço. timelimit 3 bind_timelimit 3 bind_policy soft _ * *Jorge Petry Neto * *Administrador de Redes e Servidores (48) 8401-4436 [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]* **www.jspnet.com.br * http://www.jspnet.com.br/ Jose Raimundo da S. Barbosa escreveu: ola colegas, acabei de instalar e configurar um servidor LDAP. Parece que tudo ta funcionando legal: construi a base LDAP, importei minha base de usuário para dentro dele, estou consultando a base, etc. Mas agora vou partir para a integracao com o SAMBA, postfix, etc. Só que consultando meu /var/log/messages vejo as seguintes mensagens na inicializacao do LDAP: Jun 17 13:22:00 ariranha slapd[9073]: nss_ldap: could not search LDAP server - Server is unavailable Jun 17 13:22:00 ariranha slapd[9073]: sql_select option missing Jun 17 13:22:00 ariranha slapd[9073]: auxpropfunc error no mechanism available fiz um teste...parei o servidor (/usr/local/etc/rc.d/slapd stop) e startei novamente...reparei que a partir de entao ele leva uns 30 segundos para entrar no ar...dai visualizei novamente o log messages e a mensagem acima consta no arquivo. Alguma idéia? Acabei de instalar o FreeBSD 7.0 nss_ldap.conf -- @(#)$Id: ldap.conf,v 2.47 2006/05/15 08:13:44 lukeh Exp $ # # This is the configuration file for the LDAP nameservice # switch library and the LDAP PAM module. # # PADL Software # http://www.padl.com # host 127.0.0.1 base dc=cpaa,dc=embrapa,dc=br uri ldap://cegonha.cpaa.embrapa.br/ ldap_version 3 slapd.conf # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/qmail.schema include /usr/local/etc/openldap/schema/samba.schema # Ativando suporte a TLS TLSCertificateFile /usr/local/etc/openldap/ssl/servercrt.pem TLSCertificateKeyFile /usr/local/etc/openldap/ssl/serverkey.pem TLSCACertificateFile /usr/local/etc/openldap/ssl/cacert.pem #TLSCipherSuite HIGH:MEDIUM:+SSLv2 # Define global ACLs to disable default read access. # Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral ldap://root.openldap.org pidfile /var/run/openldap/slapd.pid argsfile/var/run/openldap/slapd.args # Load dynamic backend modules: modulepath /usr/local/libexec/openldap moduleload back_bdb # moduleloadback_ldap # moduleloadback_ldbm # moduleloadback_passwd # moduleloadback_shell access to attrs=userPassword,sambaLMPassword,sambaNTPassword by dn=cn=root,dc=embrapa,dc=br write by anonymous auth by self write by * none access to attrs=uidNumber,gidNumber by dn=cn=root,dc=embrapa,dc=br write by * read access to * by dn=cn=root,dc=embrapa,dc=br write by self write by * read databasebdb suffix dc=embrapa,dc=br rootdn cn=root,dc=embrapa,dc=br rootpw secret # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /var/db/openldap-data # Indices to maintain index objectClass eq index uid pres,eq,sub index gidNumber eq index uidNumber eq index cn pres,eq,sub index memberuid pres,eq,sub index mailpres,eq,sub index mailAlternateAddresspres,eq,sub index sn pres,eq,sub #index displayName pres,eq,sub #index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq #index default sub - Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd -- - Histórico:
Re: [FUG-BR] Erro na inicialização do ldap
Quando vc compilou o ldap selecionou essa opção no make config?? [ ] ODBC With SQL backend cat um cat /var/db/ports/openldap23/options e manda as opções de compilação pra nós. Abraço. Jose Raimundo da S. Barbosa escreveu: Ok Jorge, levou uns 3 seg...mas a mensagem no log messages persiste. Em seguida alterei o nsswitch.conf conforme mensagem do thOLOko: mude para: /etc/nsswitch.conf #group: compat group: files ldap winbind group_compat: nis hosts: files dns networks: files #passwd: compat passwd: files ldap winbind shadow: files ldap winbind passwd_compat: nis shells: files e continua o mesmo problema...complementando minha duvida...sera que esse problema pode interferir na integracao com os outros servicos (Postfix,etc)? pois, apesar desse erro constatado via /var/log/messages o LDAP ta funcionando. Altere esses parâmetros nos arquivos nss_ldap.conf e ldap.conf que seu ldap vai iniciar bem mais rápido. Reporta ai depois. Abraço. timelimit 3 bind_timelimit 3 bind_policy soft _ * *Jorge Petry Neto * *Administrador de Redes e Servidores (48) 8401-4436 [EMAIL PROTECTED] [2]mailto:[EMAIL PROTECTED]* **www.jspnet.com.br * [3]http://www.jspnet.com.br/ Jose Raimundo da S. Barbosa escreveu: ola colegas, acabei de instalar e configurar um servidor LDAP. Parece que tudo ta funcionando legal: construi a base LDAP, importei minha base de usuário para dentro dele, estou consultando a base, etc. Mas agora vou partir para a integracao com o SAMBA, postfix, etc. Só que consultando meu /var/log/messages vejo as seguintes mensagens na inicializacao do LDAP: Jun 17 13:22:00 ariranha slapd[9073]: nss_ldap: could not search LDAP server - Server is unavailable Jun 17 13:22:00 ariranha slapd[9073]: sql_select option missing Jun 17 13:22:00 ariranha slapd[9073]: auxpropfunc error no mechanism available fiz um teste...parei o servidor (/usr/local/etc/rc.d/slapd stop) e startei novamente...reparei que a partir de entao ele leva uns 30 segundos para entrar no ar...dai visualizei novamente o log messages e a mensagem acima consta no arquivo. Alguma idéia? Acabei de instalar o FreeBSD 7.0 nss_ldap.conf -- @(#)$Id: ldap.conf,v 2.47 2006/05/15 08:13:44 lukeh Exp $ # # This is the configuration file for the LDAP nameservice # switch library and the LDAP PAM module. # # PADL Software # [4]http://www.padl.com # host 127.0.0.1 base dc=cpaa,dc=embrapa,dc=br uri [5]ldap://cegonha.cpaa.embrapa.br/ ldap_version 3 slapd.conf # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/qmail.schema include /usr/local/etc/openldap/schema/samba.schema # Ativando suporte a TLS TLSCertificateFile /usr/local/etc/openldap/ssl/servercrt.pem TLSCertificateKeyFile /usr/local/etc/openldap/ssl/serverkey.pem TLSCACertificateFile /usr/local/etc/openldap/ssl/cacert.pem #TLSCipherSuite HIGH:MEDIUM:+SSLv2 # Define global ACLs to disable default read access. # Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral [6]ldap://root.openldap.org pidfile /var/run/openldap/slapd.pid argsfile/var/run/openldap/slapd.args # Load dynamic backend modules: modulepath /usr/local/libexec/openldap moduleload back_bdb # moduleloadback_ldap # moduleloadback_ldbm # moduleloadback_passwd # moduleloadback_shell access to attrs=userPassword,sambaLMPassword,sambaNTPassword by dn=cn=root,dc=embrapa,dc=br write by anonymous auth by self write by * none access to attrs=uidNumber,gidNumber by dn=cn=root,dc=embrapa,dc=br write by * read access to * by dn=cn=root,dc=embrapa,dc=br write by self write by * read databasebdb suffix dc=embrapa,dc=br rootdn cn=root,dc=embrapa,dc=br rootpw secret # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /var/db/openldap-data # Indices to maintain index objectClass eq index uid pres,eq,sub index gidNumber eq index uidNumber eq index cn pres,eq,sub index memberuid pres,eq,sub index mailpres,eq,sub index mailAlternateAddresspres,eq,sub index sn pres,eq,sub #index displayName pres,eq,sub #index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq #index default sub - Histórico:
