OpenLDAP duplication
Hello Team, I just want to know the below According to my understanding, LDAP authenticates (binds) with DN (distinguish name) and password. E.g. CN=bob, OU=Users,DC=test,DC=com. So OpenLDAP allows the same CN in a different OU. Is there any option to prevent it. ? -- *Thanks & Regards, 25dollarTech Team https://sites.google.com/site/25dollartech/* *Email: 25dollartechh...@gmail.com*
str2entry: invalid value for attributeType objectClass #2 URGENT
Hello Team, I have a problem with OpenLDAP exporting and importing in to a different machine. When I use slapadd -l /backupfilname.ldif I used to get below error message _ 0.16% eta 05m31s elapsednone spd 6.7 k/s 51f0c75b str2entry: invalid value for attributeType objectClass #2 (syntax 1.3.6.1.4.1.1466.115.121.1.38) slapadd: could not parse entry (line=168) . 0.28% eta 04m29s elapsednone spd 12.1 k/s Closing DB... Below is the line 168 168 dn: ou=Idmap,dc=example,dc=test,dc=com 169 objectClass: top 170 objectClass: organizationalUnit 171 objectClass: sambaUnixIdPool 172 ou: Idmap 173 structuralObjectClass: organizationalUnit 174 entryUUID: 22da7a76-16e0-102f-87b0-799f55e47d38 175 creatorsName: cn=admin,dc=example,dc=test,dc=com 176 createTimestamp: 20100628090609Z 177 uidNumber: 1000 178 gidNumber: 20001 179 entryCSN: 20100814084304.552975Z#00#002#00 180 modifiersName: cn=admin,dc=example,dc=test,dc=com 181 modifyTimestamp: 20100814084304Z I already installed samba.schema. what could be the reason then. -- *Thanks & Regards, 25dollarTech Team https://sites.google.com/site/25dollartech/* *Email: 25dollartechh...@gmail.com*
OpenLDAP multimaster
Hello Team, I have a few concern about OpenLDAP multimaster restoration and migration. Scenario I have OpenLDAP multimaster configured on ubuntu 9.04 and OPenLDAP version is 2.4.15. i.e. NODE1 and NODE2 Unfortunatly NODE2 has crashed due to server hardware failure. and running my OpenLDAP infra for a while without multi-master server but I have multimaster confoguraiton on NODE1 which is working without any issues. Question 1) Is it possible to bind new OpenLDAP version and OS ubuntu 12.04 with existing OpenLDAP multimaster server; existing NODE1 server has config DB and HDB already configured and it contains more than 1 entry. and NODE2 is already crashed. 2) If yes then what will be procedure to replicate config DB or how to equalize the database. -- *Thanks & Regards, 25dollarTech Team https://sites.google.com/site/25dollartech/* *Email: 25dollartechh...@gmail.com*
Multi master replication
Hello Team, I am facing an issue with multi-master replication. After Multi-Master configuration when I add entry it is susccessfully replicating only one time second time it is not repplicating. what could be the reson. below is the logs (stat and -1) stat logs from one server when I add entry in server 2 Jun 20 11:37:06 vm2 slapd[1559]: conn=-1 fd=21 ACCEPT from IP= 192.168.122.87:46965 (IP=0.0.0.0:389) Jun 20 11:37:06 vm2 slapd[1559]: do_syncrep2: rid=005 LDAP_RES_INTERMEDIATE - SYNC_ID_SET Jun 20 11:37:06 vm2 slapd[1559]: do_syncrep2: rid=005 LDAP_RES_SEARCH_RESULT Jun 20 11:37:06 vm2 slapd[1559]: do_syncrep2: rid=005 cookie=rid=005,csn=20130620073703.737390Z#00#000#00 Jun 20 11:37:06 vm2 slapd[1559]: nonpresent_callback: rid=005 present UUID 0cbd9aa0-6dba-1032-8208-dff4fce29a41, dn dc=emb,dc=slb,dc=com Jun 20 11:37:06 vm2 slapd[1559]: nonpresent_callback: rid=005 present UUID 0cbe2902-6dba-1032-8209-dff4fce29a41, dn cn=admin,dc=emb,dc=slb,dc=com Jun 20 11:37:06 vm2 slapd[1559]: nonpresent_callback: rid=005 present UUID 5c8269b0-6dc1-1032-80e1-8fddbab869b5, dn ou=Groups,dc=emb,dc=slb,dc=com Jun 20 11:37:06 vm2 slapd[1559]: slap_queue_csn: queing 0x7f5f10109b40 20130620073703.737390Z#00#000#00 Jun 20 11:37:06 vm2 slapd[1559]: slap_graduate_commit_csn: removing 0x7f5f1010b540 20130620073703.737390Z#00#000#00 Jun 20 11:37:14 vm2 slapd[1559]: conn=1013 fd=19 ACCEPT from IP= 192.168.122.199:35866 (IP=0.0.0.0:389) Jun 20 11:37:14 vm2 slapd[1559]: conn=1013 op=0 BIND dn="cn=admin,dc=emb,dc=slb,dc=com" method=128 Jun 20 11:37:14 vm2 slapd[1559]: conn=1013 op=0 BIND dn="cn=admin,dc=emb,dc=slb,dc=com" mech=SIMPLE ssf=0 Jun 20 11:37:14 vm2 slapd[1559]: conn=1013 op=0 RESULT tag=97 err=0 text= Jun 20 11:37:14 vm2 slapd[1559]: conn=1013 op=1 SRCH base="dc=emb,dc=slb,dc=com" scope=2 deref=0 filter="(objectClass=*)" Jun 20 11:37:14 vm2 slapd[1559]: conn=1013 op=1 SRCH attr=* + Jun 20 11:37:14 vm2 slapd[1559]: conn=1013 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text= Jun 20 11:37:14 vm2 slapd[1559]: conn=1013 op=2 UNBIND Jun 20 11:37:14 vm2 slapd[1559]: conn=1013 fd=19 closed loglevel -1 enabled and below are the logs from the server1 when I add entry in server2 Jun 20 16:30:13 vm2 slapd[13074]: => access_allowed: search access to "dc=emb,dc=slb,dc=com" "entryCSN" requested Jun 20 16:30:13 vm2 slapd[13074]: <= root access granted Jun 20 16:30:13 vm2 slapd[13074]: => access_allowed: search access granted by manage(=mwrscxd) Jun 20 16:30:13 vm2 slapd[13074]: <= test_filter 6 Jun 20 16:30:13 vm2 slapd[13074]: <= test_filter_and 6 Jun 20 16:30:13 vm2 slapd[13074]: <= test_filter 6 Jun 20 16:30:13 vm2 slapd[13074]: nonpresent_callback: rid=005 present UUID b49be142-6dd7-1032-821e-bd2e8e19723c, dn dc=emb,dc=slb,dc=com Jun 20 16:30:13 vm2 slapd[13074]: => test_filter Jun 20 16:30:13 vm2 slapd[13074]: AND Jun 20 16:30:13 vm2 slapd[13074]: => test_filter_and Jun 20 16:30:13 vm2 slapd[13074]: => test_filter Jun 20 16:30:13 vm2 slapd[13074]: LE Jun 20 16:30:13 vm2 slapd[13074]: => access_allowed: search access to "cn=admin,dc=emb,dc=slb,dc=com" "entryCSN" requested Jun 20 16:30:13 vm2 slapd[13074]: <= root access granted Jun 20 16:30:13 vm2 slapd[13074]: => access_allowed: search access granted by manage(=mwrscxd) Jun 20 16:30:13 vm2 slapd[13074]: <= test_filter 6 Jun 20 16:30:13 vm2 slapd[13074]: <= test_filter_and 6 Jun 20 16:30:13 vm2 slapd[13074]: <= test_filter 6 Jun 20 16:30:13 vm2 slapd[13074]: nonpresent_callback: rid=005 present UUID b49c7e5e-6dd7-1032-821f-bd2e8e19723c, dn cn=admin,dc=emb,dc=slb,dc=com Jun 20 16:30:13 vm2 slapd[13074]: => test_filter Jun 20 16:30:13 vm2 slapd[13074]: AND Jun 20 16:30:13 vm2 slapd[13074]: => test_filter_and Jun 20 16:30:13 vm2 slapd[13074]: => test_filter Jun 20 16:30:13 vm2 slapd[13074]: LE Jun 20 16:30:13 vm2 slapd[13074]: => access_allowed: search access to "ou=Groups4,dc=emb,dc=slb,dc=com" "entryCSN" requested Jun 20 16:30:13 vm2 slapd[13074]: <= root access granted Jun 20 16:30:13 vm2 slapd[13074]: => access_allowed: search access granted by manage(=mwrscxd) Jun 20 16:30:13 vm2 slapd[13074]: <= test_filter 6 Jun 20 16:30:13 vm2 slapd[13074]: <= test_filter_and 6 Jun 20 16:30:13 vm2 slapd[13074]: <= test_filter 6 Jun 20 16:30:13 vm2 slapd[13074]: nonpresent_callback: rid=005 present UUID 3e8b5198-6dd9-1032-8006-655e62f4c8e4, dn ou=Groups4,dc=emb,dc=slb,dc=com Jun 20 16:30:13 vm2 slapd[13074]: => test_filter Jun 20 16:30:13 vm2 slapd[13074]: AND Jun 20 16:30:13 vm2 slapd[13074]: => test_filter_and Jun 20 16:30:13 vm2 slapd[13074]: => test_filter ANybody please help me to solve this issue. Operating system Ubuntu 12.04 OpenLDAP version: openldap-2.4.28 (Debian build) Note:- When I try to delete /var/lib/ldap/* and start one server it is able to replicate but after that again stoped for any new entry or any changes in another server. -- *Thanks & Regards, 25dollarTech Team https://sites.google.com/site/25dollartech/* *Email: 2
OpenLDAP multimaster
Hello Team, I am facing an issue with setting up OpenLDAP multimaster replicaiton. It is happening only one time and it is giving an error in the server log file that *"hdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found". * Below are my configuration details. Operating system: Ubuntu 12.04.2 cat /etc/ldap/slapd.d/cn\=config.ldif # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. # CRC32 96647d53 dn: cn=config objectClass: olcGlobal cn: config olcArgsFile: /var/run/slapd/slapd.args olcLogLevel: none olcLogLevel: -1 olcPidFile: /var/run/slapd/slapd.pid olcToolThreads: 1 structuralObjectClass: olcGlobal creatorsName: cn=config olcAllows: bind_v2 olcServerID: 3 ldap://vm3.test.example.com olcServerID: 4 ldap://vm4.test.example.com entryUUID: 7bfbb79a-6d19-1032-9008-c1a20821a82c createTimestamp: 20130619104813Z entryCSN: 20130619104813.603914Z#00#000#00 modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth modifyTimestamp: 20130619104813Z contextCSN: 20130619104818.925492Z#00#000#00 --- cat /etc/ldap/slapd.d/cn\=config/olcDatabase\=\{1\}hdb.ldif # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. # CRC32 2b434e34 dn: olcDatabase={1}hdb objectClass: olcDatabaseConfig objectClass: olcHdbConfig olcDatabase: {1}hdb olcDbDirectory: /var/lib/ldap olcSuffix: dc=test,dc=example,dc=com olcLastMod: TRUE olcDbCheckpoint: 512 30 olcDbConfig: {0}set_cachesize 0 2097152 0 olcDbConfig: {1}set_lk_max_objects 1500 olcDbConfig: {2}set_lk_max_locks 1500 olcDbConfig: {3}set_lk_max_lockers 1500 olcDbIndex: objectClass eq structuralObjectClass: olcHdbConfig entryUUID: 7bfd08b6-6d19-1032-9012-c1a20821a82c createTimestamp: 20130619104813Z creatorsName: cn=config olcRootDN: cn=admin,dc=test,dc=example,dc=com olcRootPW:: YWRtaW5AMTIz olcSyncrepl: {0}rid=500 provider=ldap://vm3.test.example.combinddn="cn=admin,dc=te st,dc=example,dc=com" bindmethod=simple credentials=admin@123searchbase="dc=emb,d c=slb,dc=com" type=refreshOnly interval=00:00:00:10 retry="5 5 300 +" timeout =1 olcSyncrepl: {1}rid=600 provider=ldap://vm4.test.example.combinddn="cn=admin,dc=te st,dc=example,dc=com" bindmethod=simple credentials=admin@123searchbase="dc=emb,d c=slb,dc=com" type=refreshOnly interval=00:00:00:10 retry="5 5 300 +" timeout =1 olcMirrorMode: TRUE entryCSN: 20130619105336.281097Z#00#000#00 modifiersName: cn=admin,cn=config modifyTimestamp: 20130619105336Z cat /etc/ldap/slapd.d/cn\=config/olcDatabase\=\{0\}config.ldif # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. # CRC32 882cef38 dn: olcDatabase={0}config objectClass: olcDatabaseConfig olcDatabase: {0}config olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external ,cn=auth manage by * break structuralObjectClass: olcDatabaseConfig entryUUID: e237277c-6d1b-1032-87ac-4153a9d6c230 creatorsName: cn=config createTimestamp: 20130619110523Z olcRootDN: cn=admin,cn=config olcRootPW:: YWRtaW5AMTIz olcSyncrepl: {0}rid=100 provider=ldap://vm3.test.example.combinddn="cn=admin,cn=co nfig" bindmethod=simple credentials=admin@123 searchbase="cn=config" type=ref reshAndPersist retry="5 5 300 5" timeout=1 olcSyncrepl: {1}rid=200 provider=ldap://vm4.test.example.combinddn="cn=admin,cn=co nfig" bindmethod=simple credentials=admin@123 searchbase="cn=config" type=ref reshAndPersist retry="5 5 300 5" timeout=1 olcMirrorMode: TRUE entryCSN: 20130619110524.008790Z#00#000#00 modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth modifyTimestamp: 20130619110524Z - :/var/lib/ldap# ls -ltrh total 1.4M -rw-r--r-- 1 openldap openldap 96 Jun 19 15:05 DB_CONFIG -rw--- 1 openldap openldap 8.0K Jun 19 15:05 objectClass.bdb -rw--- 1 openldap openldap 32K Jun 19 15:05 id2entry.bdb -rw--- 1 openldap openldap 8.0K Jun 19 15:05 dn2id.bdb -rw--- 1 openldap openldap 10M Jun 19 15:05 log.01 -rw--- 1 openldap openldap 32K Jun 19 15:05 __db.006 -rw--- 1 openldap openldap 160K Jun 19 15:05 __db.004 -rw--- 1 openldap openldap 360K Jun 19 15:05 __db.002 -rw--- 1 openldap openldap 24K Jun 19 15:05 __db.001 -rw-r--r-- 1 openldap openldap 2.0K Jun 19 15:05 alock -rw--- 1 openldap openldap 2.6M Jun 19 15:05 __db.003 -rw--- 1 openldap openldap 1.3M Jun 19 15:05 __db.005 -- *Thanks & Regards, 25dollarTech Team https://sites.google.com/site/25dollartech/* *Email: 25dollartechh..