[Fedora-directory-users] slapd password
Gregory P. Ennis
PoMec at PoMec.Net
Mon May 21 18:07:12 UTC 2007
On Mon, 2007-05-21 at 11:33 -0600, Richard Megginson wrote:
> Gregory P. Ennis wrote:
> > On Mon, 2007-05-21 at 11:15 -0600, Richard Megginson wrote:
> >
> >> Gregory P. Ennis wrote:
> >>
> >>> I ma trying to install fedora-ds and am having some beginner problems.
> >>> The installation was accomplished on a Fedora 5 system from an rpm
> >>> download off of the fedora-ds site. I originally used a yum install but
> >>> could not get anything to work so I did a yum remove before I did an rpm
> >>> install. The setup script seemed to work ok, and now I am trying to
> >>> load a *.ldif file without success. I do not have a gui on this machine
> >>> so command line entry is necessary.
> >>>
> >>> The command I am using to enter the data is :
> >>> ldapmodify -a -D cn=Directory Manager,dc=example,dc=com -W -f
> >>> newdat.ldif
> >>>
> >>> The response I am getting is :
> >>> ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
> >>> additional info: SASL(-4): no mechanism available:
> >>>
> >>> I thought perhaps I memorized the password wrong, but could not find
> >>> config file that the password is stored.
> >>>
> >>>
> >> Add "-x" after ldapmodify. /usr/bin/ldapmodify (et. al.) are the
> >> openldap tools - they all require the -x argument after the command name
> >> in order to use simple auth - without -x, by default, they all attempt
> >> to use sasl auth.
> >>
> >>> Sorry for the beginner question.
> >>>
> >>> Any help would be appreciated.
> >>>
> >>> Greg Ennis
> >>>
> >>> --
> >>>
> >
> > Richard,
> >
> > That helped, but now I am getting :
> >
> > ldap_bind: No such object (32)
> > matched DN: dc=domain,dc=com
> >
> > I am not certain that I have the correct password is there a way to get
> > to the password or should I rerun the setup script?
> >
> Sorry, I didn't notice this earlier. The correct bind DN is
> "cn=Directory Manager" - without the domain.
> > I did try to use openldap but could not get it to work remotely, I do
> > not have it running. Are their tools peculiar to fedora-ds that I
> > should be using to load data?
> >
> > Thanks for your help!!!
> >
> > Greg
> >
> > --
Richard,
Thank you, one step further.... but still no cigar.
I had about 10 users to enter as test data, but am not sure if the data
made it to the server.
My entry command was :
ldapmodify -v -x -a -D "cn=Directory Manager" -W -f ./EcCare.ldif
And the response was :
add objectclass:
top
domain
add dc:
EcCare
add aci:
(target ="ldap:///dc=EcCare,dc=com")(targetattr !
="userPassword")(version 3.0;acl "Anonymous read-search access";allow
(read, search, compare)(userdn = "ldap:///anyone");)
(target="ldap:///dc=EcCare,dc=com") (targetattr = "*")(version
3.0; acl "allow all Admin group"; allow(all) groupdn =
"ldap:///cn=Directory Administrators,ou=Groups,dc=EcCare,dc=com";)
adding new entry "dc=EcCare,dc=com"
modify complete
ldap_add: Already exists (68)
When I perform :
ldapsearch -x -b 'dc=eccare,dc=com' '(objectclass=*)'
I get :
dn: dc=EcCare,dc=com
objectClass: top
objectClass: domain
dc: EcCare
# Directory Administrators, EcCare.com
dn: cn=Directory Administrators, dc=EcCare,dc=com
objectClass: top
objectClass: groupofuniquenames
cn: Directory Administrators
Note: I used the Example.ldif as a template with some changes of the
data.
When I do :
ldapsearch -x -b 'dc=eccare,dc=com' '(cn=Ennis)'
I get :
# search result
search: 2
result: 0 Success
Which causes me to believe the details of the data did not make it to
the server.
If my questions are too newbie I will certianly take some direction to
read, but so far I have not found the appropriate docs.
Thanks again!!!!
Greg
More information about the Fedora-directory-users
mailing list