[Fedora-directory-users] command line client usage and simple bind

Richard Megginson rmeggins at redhat.com
Sat Dec 3 21:00:52 UTC 2005 

Craig White wrote:

>If this is too newbie - please ignore (I'm used to openldap and I'm
>struggling)
>
>commands like ldapsearch only seem to work if my cwd is
>/opt/fedora-ds/shared/bin
># cd ~
>[root at lin-workstation ~]# ldapsearch
>ldapsearch: error while loading shared libraries: libldap50.so: cannot
>open shared object file: No such file or directory
>  
>
Yep.  You can either set your PATH to have /opt/fedora-ds/shared/bin 
before /usr/bin and set LD_LIBRARY_PATH to contain 
/opt/fedora-ds/shared/lib, or just use the ldapsearch in your PATH 
(/usr/bin) which is the OpenLDAP version.

>anyway, I can cd /opt/fedora-ds/shared/bin but it's a PITA
>
>the bigger problem, I wanted to simple bind and cannot do that...
>
># ldapsearch -v -b "ou=people,dc=azapple,dc=com" "(objectclass=*)"
>
>gives me everyone in the container (I am obviously going to have to set
>up ACL's)
>
># ldapsearch -v -b "ou=people,dc=azapple,dc=com" \
>-D "cn=Directory Manager,dc=azapple,dc=com" -w - \
>"(objectclass=*)"
>
>and
>
># ldapsearch -v -b "ou=people,dc=azapple,dc=com" \
>-D "cn=admin,dc=azapple,dc=com" -w - \
>"(objectclass=*)"
>
>both fail with
>
>ldapsearch: started Sat Dec  3 13:32:13 2005
>
>ldap_init( localhost, 389 )
>ldap_simple_bind: No such object
>ldap_simple_bind: matched: dc=azapple,dc=com
>
>I know it must be something obvious that I am missing but I have tried
>and tried with no success - is simple bind not permitted by default?
>  
>
That's not it.  In Fedora DS, the directory manager is not a 'real' 
entry - it's just a DN and a password.  So yours is probably just 
"cn=directory manager" not "cn=directory manager,dc=azapple,dc=com".  I 
think in OpenLDAP they have a per-database or per-naming context 
directory manager - not so in Fedora DS.

Also, the console admin user is usually somewhere under o=netscaperoot, 
like uid=admin,cn=administrators,cn=topology management,o=netscaperoot.

>Craig
>
>--
>Fedora-directory-users mailing list
>Fedora-directory-users at redhat.com
>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>  
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20051203/8b8db7be/attachment.bin>

More information about the Fedora-directory-users mailing list