關於Openldap
各位前輩:
最近好不容易把Openldap裝好了,make test & make install都通過了。
修改了下slapd.conf文件。
Server端:
# cd /usr/local/openldap/libexec
# ./slapd -d 256
@(#) $OpenLDAP: slapd 2.3.30 (Jan 3 2007 19:21:49) $
root@localhost:/root/temp/openldap-2.3.30/servers/slapd
daemon: IPv6 socket() failed errno=97 (Address family not supported by protocol)bdb_db_open: Warning - No DB_CONFIG file found in directory /usr/local/openldap/var/openldap-data: (2)
Expect poor performance for suffix dc=ccs,dc=next,dc=ksp,dc=fujixerox,dc=co,dc=jp.
slapd starting
Client端:
# cd /usr/local/openldap/bin
# ./ldapsearch -x
ldap_bind: Can't contact LDAP server (-1)
#
請各位前輩指教。多謝。
《解決方案》
client是指在本機還是在其他機器上
如果在其他機器上,加-h 參數
《解決方案》
原帖由 lijiong 於 2007-1-4 14:23 發表
client是指在本機還是在其他機器上
如果在其他機器上,加-h 參數
就是在本機上啊。還可能是什麼原因?我是新手,不大明白,請多指教。
《解決方案》
那也有可能是ldap沒有正常啟動吧,看看它的日誌或者進程表,具體我對openldap不熟
《解決方案》
有配置LDAP的日誌文件嗎?
沒有的話就輸入這條指令試試:
#echo "local4.debug /var/log/slapd.log" >> /etc/syslog.conf
#service syslog reload
然後你再運行一行/usr/local/libexec/slapd
然後打開/var/log/slapd.log,把裡面的內容貼出來看看。
《解決方案》
原帖由 sheng_jb 於 2007-1-4 13:16 發表
各位前輩:
最近好不容易把Openldap裝好了,make test & make install都通過了。
修改了下slapd.conf文件。
Server端:
# cd /usr/local/openldap/libexec
已經正常啟動了,看看你的ldap.conf文件的設置吧,另外就是本地的網路和389埠
《解決方案》
原帖由 lg8080 於 2007-1-4 19:41 發表
有配置LDAP的日誌文件嗎?
沒有的話就輸入這條指令試試:
#echo "local4.debug /var/log/slapd.log" >> /etc/syslog.conf
#service syslog reload
然後你再運行一行/usr/local/libexec/sla ...
多謝lg8080的恢復,我現在在家,明天上班再試試。如果還有問題還得麻煩你。
我的/usr/local/libexec/下是空的,而在/usr/local/openldap/libexec/下有slapd,是不是有什麼問題?
請指教。
《解決方案》
原帖由 py 於 2007-1-4 21:16 發表
已經正常啟動了,看看你的ldap.conf文件的設置吧,另外就是本地的網路和389埠
多謝版主熱心回復,是不是看看389是否被監聽?就是自己的本機還需要網路嗎?請多指點
,拜託。
《解決方案》
查看slapd是否在啟動,你可以這樣看看:
ps -ef | grep slapd
這樣可以看到slapd是否啟動。
在/usr/local/openldap/libexec/下有slapd應該不會有問題吧。你./configure時的路徑指的是哪裡?
py是個好版主,經驗也足,我的好多問題都是在他的幫助下解決的。也許我的經驗不足於幫到你什麼,但是我盡量。
[ 本帖最後由 lg8080 於 2007-1-4 23:00 編輯 ]
《解決方案》
原帖由 lg8080 於 2007-1-4 22:59 發表
查看slapd是否在啟動,你可以這樣看看:
ps -ef | grep slapd
這樣可以看到slapd是否啟動。
在/usr/local/openldap/libexec/下有slapd應該不會有問題吧。你./configure時的路徑指的是哪裡?
py是 ...
./configure的路徑:/usr/local/openldap
slapd.log 文件:
Jan 4 19:19:59 localhost slapd: @(#) $OpenLDAP: slapd 2.3.30 (Jan 3 2007 19:21:49) $ ^Iroot@localhost:/root/temp/openldap-2.3.30/servers/slapd
Jan 4 19:19:59 localhost slapd: daemon: IPv6 socket() failed errno=97 (Address family not supported by protocol)
Jan 4 19:19:59 localhost slapd: bdb_db_init: Initializing BDB database
Jan 4 19:19:59 localhost slapd: >>> dnPrettyNormal: <dc=ccs,dc=next,dc=ksp,dc=fujixerox,dc=co,dc=jp>
Jan 4 19:19:59 localhost slapd: <<< dnPrettyNormal: <dc=ccs,dc=next,dc=ksp,dc=fujixerox,dc=co,dc=jp>, <dc=ccs,dc=next,dc=ksp,dc=fujixerox,dc=co,dc=jp>
Jan 4 19:19:59 localhost slapd: >>> dnPrettyNormal: <cn=root,dc=ccs,dc=next,dc=ksp,dc=fujixerox,dc=co,dc=jp>
Jan 4 19:19:59 localhost slapd: <<< dnPrettyNormal: <cn=root,dc=ccs,dc=next,dc=ksp,dc=fujixerox,dc=co,dc=jp>, <cn=root,dc=ccs,dc=next,dc=ksp,dc=fujixerox,dc=co,dc=jp>
Jan 4 19:19:59 localhost slapd: >>> dnNormalize: <cn=Subschema>
Jan 4 19:19:59 localhost slapd: <<< dnNormalize: <cn=subschema>
Jan 4 19:19:59 localhost slapd: matching_rule_use_init
Jan 4 19:19:59 localhost slapd: 1.2.840.113556.1.4.804 (integerBitOrMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 1.2.840.113556.1.4.804 NAME 'integerBitOrMatch' APPLIES ( supportedLDAPVersion $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcDbCacheFree $ olcDbCacheSize $ olcDbIDLcacheSize $ olcDbMode $ olcDbSearchStack $ olcDbShmKey $ olcSpSessionlog $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpcNumber ) )
Jan 4 19:19:59 localhost slapd: 1.2.840.113556.1.4.803 (integerBitAndMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 1.2.840.113556.1.4.803 NAME 'integerBitAndMatch' APPLIES ( supportedLDAPVersion $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcDbCacheFree $ olcDbCacheSize $ olcDbIDLcacheSize $ olcDbMode $ olcDbSearchStack $ olcDbShmKey $ olcSpSessionlog $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpcNumber ) )
Jan 4 19:19:59 localhost slapd: 1.3.6.1.4.1.1466.109.114.2 (caseIgnoreIA5Match):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' APPLIES ( altServer $ mail $ dc $ associatedDomain $ email $ aRecord $ mDRecord $ mXRecord $ nSRecord $ sOARecord $ cNAMERecord $ janetMailbox $ gecos $ homeDirectory $ loginShell $ memberUid $ memberNisNetgroup $ ipHostNumber $ ipNetworkNumber $ ipNetmaskNumber $ macAddress $ bootFile $ nisMapEntry $ automountInformation ) )
Jan 4 19:19:59 localhost slapd: 1.3.6.1.4.1.1466.109.114.1 (caseExactIA5Match):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' APPLIES ( altServer $ mail $ dc $ associatedDomain $ email $ aRecord $ mDRecord $ mXRecord $ nSRecord $ sOARecord $ cNAMERecord $ janetMailbox $ gecos $ homeDirectory $ loginShell $ memberUid $ memberNisNetgroup $ ipHostNumber $ ipNetworkNumber $ ipNetmaskNumber $ macAddress $ bootFile $ nisMapEntry $ automountInformation ) )
Jan 4 19:19:59 localhost slapd: 2.5.13.35 (certificateMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.35 NAME 'certificateMatch' APPLIES ( userCertificate $ cACertificate ) )
Jan 4 19:19:59 localhost slapd: 2.5.13.34 (certificateExactMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.34 NAME 'certificateExactMatch' APPLIES ( userCertificate $ cACertificate ) )
Jan 4 19:19:59 localhost slapd: 2.5.13.30 (objectIdentifierFirstComponentMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.30 NAME 'objectIdentifierFirstComponentMatch' APPLIES ( supportedControl $ supportedExtension $ supportedFeatures $ ldapSyntaxes $ supportedApplicationContext ) )
Jan 4 19:19:59 localhost slapd: 2.5.13.29 (integerFirstComponentMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.29 NAME 'integerFirstComponentMatch' APPLIES ( supportedLDAPVersion $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcDbCacheFree $ olcDbCacheSize $ olcDbIDLcacheSize $ olcDbMode $ olcDbSearchStack $ olcDbShmKey $ olcSpSessionlog $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpcNumber ) )
Jan 4 19:19:59 localhost slapd: 2.5.13.27 (generalizedTimeMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.27 NAME 'generalizedTimeMatch' APPLIES ( createTimestamp $ modifyTimestamp ) )
Jan 4 19:19:59 localhost slapd: 2.5.13.24 (protocolInformationMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.24 NAME 'protocolInformationMatch' APPLIES protocolInformation )
Jan 4 19:19:59 localhost slapd: 2.5.13.23 (uniqueMemberMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.23 NAME 'uniqueMemberMatch' APPLIES uniqueMember )
Jan 4 19:19:59 localhost slapd: 2.5.13.22 (presentationAddressMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.22 NAME 'presentationAddressMatch' APPLIES presentationAddress )
Jan 4 19:19:59 localhost slapd: 2.5.13.20 (telephoneNumberMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.20 NAME 'telephoneNumberMatch' APPLIES ( telephoneNumber $ homePhone $ mobile $ pager ) )
Jan 4 19:19:59 localhost slapd: 2.5.13.17 (octetStringMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.17 NAME 'octetStringMatch' APPLIES userPassword )
Jan 4 19:19:59 localhost slapd: 2.5.13.16 (bitStringMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.16 NAME 'bitStringMatch' APPLIES x500UniqueIdentifier )
Jan 4 19:19:59 localhost slapd: 2.5.13.14 (integerMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.14 NAME 'integerMatch' APPLIES ( supportedLDAPVersion $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcDbCacheFree $ olcDbCacheSize $ olcDbIDLcacheSize $ olcDbMode $ olcDbSearchStack $ olcDbShmKey $ olcSpSessionlog $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpcNumber ) )
Jan 4 19:19:59 localhost slapd: 2.5.13.13 (booleanMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.13 NAME 'booleanMatch' APPLIES ( hasSubordinates $ olcGentleHUP $ olcLastMod $ olcReadOnly $ olcReverseLookup $ olcDbNoSync $ olcDbDirtyRead $ olcDbLinearIndex $ olcSpNoPresent $ olcSpReloadHint ) )
Jan 4 19:19:59 localhost slapd: 2.5.13.11 (caseIgnoreListMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.11 NAME 'caseIgnoreListMatch' APPLIES ( postalAddress $ registeredAddress $ homePostalAddress ) )
Jan 4 19:19:59 localhost slapd: 2.5.13.8 (numericStringMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.8 NAME 'numericStringMatch' APPLIES ( x121Address $ internationaliSDNNumber ) )
Jan 4 19:19:59 localhost slapd: 2.5.13.7 (caseExactSubstringsMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.7 NAME 'caseExactSubstringsMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) )
Jan 4 19:19:59 localhost slapd: 2.5.13.6 (caseExactOrderingMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.6 NAME 'caseExactOrderingMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) )
Jan 4 19:19:59 localhost slapd: 2.5.13.5 (caseExactMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.5 NAME 'caseExactMatch' APPLIES ( supportedSASLMechanisms $ vendorName $ vendorVersion $ ref $ name $ cn $ uid $ labeledURI $ description $ olcConfigFile $ olcConfigDir $ olcAccess $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcBackend $ olcDatabase $ olcDisallows $ olcDitContentRules $ olcInclude $ olcLimits $ olcLogFile $ olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectClasses $ olcObjectIdentifier $ olcOverlay $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPlugin $ olcPluginLogFile $ olcReferral $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDSE $ olcRootPW $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcSizeLimit $ olcSrvtab $ olcSubordinate $ olcSyncrepl $ olcTimeLimit $ olcTLSCACertificateFile $ olcTLSCACertificatePath $ olcTLSCertificateFile $ olcTLSCertificateKe
Jan 4 19:19:59 localhost slapd: 2.5.13.4 (caseIgnoreSubstringsMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.4 NAME 'caseIgnoreSubstringsMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) )
Jan 4 19:19:59 localhost slapd: 2.5.13.3 (caseIgnoreOrderingMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.3 NAME 'caseIgnoreOrderingMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) )
Jan 4 19:19:59 localhost slapd: 2.5.13.2 (caseIgnoreMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.2 NAME 'caseIgnoreMatch' APPLIES ( supportedSASLMechanisms $ vendorName $ vendorVersion $ ref $ name $ cn $ uid $ labeledURI $ description $ olcConfigFile $ olcConfigDir $ olcAccess $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcBackend $ olcDatabase $ olcDisallows $ olcDitContentRules $ olcInclude $ olcLimits $ olcLogFile $ olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectClasses $ olcObjectIdentifier $ olcOverlay $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPlugin $ olcPluginLogFile $ olcReferral $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDSE $ olcRootPW $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcSizeLimit $ olcSrvtab $ olcSubordinate $ olcSyncrepl $ olcTimeLimit $ olcTLSCACertificateFile $ olcTLSCACertificatePath $ olcTLSCertificateFile $ olcTLSCertificateK
Jan 4 19:19:59 localhost slapd: 1.2.36.79672281.1.13.3 (rdnMatch):
Jan 4 19:19:59 localhost slapd: 2.5.13.1 (distinguishedNameMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.1 NAME 'distinguishedNameMatch' APPLIES ( creatorsName $ modifiersName $ subschemaSubentry $ namingContexts $ aliasedObjectName $ distinguishedName $ seeAlso $ olcDefaultSearchBase $ olcRootDN $ olcSchemaDN $ olcSuffix $ olcUpdateDN $ member $ owner $ roleOccupant $ manager $ documentAuthor $ secretary $ associatedName $ dITRedirect ) )
Jan 4 19:19:59 localhost slapd: 2.5.13.0 (objectIdentifierMatch):
Jan 4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.0 NAME 'objectIdentifierMatch' APPLIES ( supportedControl $ supportedExtension $ supportedFeatures $ supportedApplicationContext ) )
Jan 4 19:19:59 localhost slapd: slapd startup: initiated.
Jan 4 19:19:59 localhost slapd: backend_startup_one: starting "cn=config"
Jan 4 19:19:59 localhost slapd: config_back_db_open
Jan 4 19:19:59 localhost slapd: config_build_entry: "cn=config"
Jan 4 19:19:59 localhost slapd: config_build_entry: "cn=include{0}"
Jan 4 19:19:59 localhost slapd: config_build_entry: "cn=include{1}"
Jan 4 19:19:59 localhost slapd: config_build_entry: "cn=include{2}"
Jan 4 19:19:59 localhost slapd: config_build_entry: "cn=include{3}"
Jan 4 19:19:59 localhost slapd: config_build_entry: "cn=include{4}"
Jan 4 19:19:59 localhost slapd: config_build_entry: "cn=schema"
Jan 4 19:19:59 localhost slapd: config_build_entry: "cn={0}core"
Jan 4 19:19:59 localhost slapd: config_build_entry: "cn={1}cosine"
Jan 4 19:19:59 localhost slapd: config_build_entry: "cn={2}inetorgperson"
Jan 4 19:19:59 localhost slapd: config_build_entry: "cn={3}nis"
Jan 4 19:19:59 localhost slapd: config_build_entry: "cn={4}autofs"
Jan 4 19:19:59 localhost slapd: config_build_entry: "olcDatabase={-1}frontend"
Jan 4 19:19:59 localhost slapd: config_build_entry: "olcDatabase={0}config"
Jan 4 19:19:59 localhost slapd: config_build_entry: "olcDatabase={1}bdb"
Jan 4 19:19:59 localhost slapd: backend_startup_one: starting "dc=ccs,dc=next,dc=ksp,dc=fujixerox,dc=co,dc=jp"
Jan 4 19:19:59 localhost slapd: bdb_db_open: Warning - No DB_CONFIG file found in directory /usr/local/openldap/var/openldap-data: (2) Expect poor performance for suffix dc=ccs,dc=next,dc=ksp,dc=fujixerox,dc=co,dc=jp.
Jan 4 19:19:59 localhost slapd: bdb_db_open: dbenv_open(/usr/local/openldap/var/openldap-data)
Jan 4 19:19:59 localhost slapd: slapd starting
# ps -ef | grep slapd
root 2188 1 0 19:11 ? 00:00:04 gedit file:///usr/local/openldap/etc/openldap/slapd.conf
root 2267 2077 0 19:19 pts/0 00:00:00 ./slapd -d 256
root 2275 2210 0 19:23 pts/1 00:00:00 grep slapd
可是:
# cd /usr/local/openldap/bin
# ./ldapsearch -x
ldap_bind: Can't contact LDAP server (-1)
#
還請版主和各位前輩指點,多多拜託。