關於Openldap

關於Openldap

各位前輩：
    最近好不容易把Openldap裝好了，make test & make install都通過了。
修改了下slapd.conf文件。
Server端:
    # cd /usr/local/openldap/libexec
# ./slapd -d 256
@(#) $OpenLDAP: slapd 2.3.30 (Jan  3 2007 19:21:49) $
        root@localhost:/root/temp/openldap-2.3.30/servers/slapd
daemon: IPv6 socket() failed errno=97 (Address family not supported by protocol)bdb_db_open: Warning - No DB_CONFIG file found in directory /usr/local/openldap/var/openldap-data: (2)
Expect poor performance for suffix dc=ccs,dc=next,dc=ksp,dc=fujixerox,dc=co,dc=jp.
slapd starting

Client端:
     # cd /usr/local/openldap/bin
# ./ldapsearch -x
ldap_bind: Can't contact LDAP server (-1)
#



請各位前輩指教。多謝。

client是指在本機還是在其他機器上
如果在其他機器上，加-h 參數

原帖由 lijiong 於 2007-1-4 14:23 發表
client是指在本機還是在其他機器上
如果在其他機器上，加-h 參數



就是在本機上啊。還可能是什麼原因?我是新手，不大明白，請多指教。

那也有可能是ldap沒有正常啟動吧，看看它的日誌或者進程表，具體我對openldap不熟

有配置LDAP的日誌文件嗎？
沒有的話就輸入這條指令試試：
#echo "local4.debug /var/log/slapd.log" >> /etc/syslog.conf
#service syslog reload

然後你再運行一行/usr/local/libexec/slapd

然後打開/var/log/slapd.log，把裡面的內容貼出來看看。

原帖由 sheng_jb 於 2007-1-4 13:16 發表
各位前輩：
    最近好不容易把Openldap裝好了，make test & make install都通過了。
修改了下slapd.conf文件。
Server端:
    # cd /usr/local/openldap/libexec

已經正常啟動了，看看你的ldap.conf文件的設置吧，另外就是本地的網路和389埠

原帖由 lg8080 於 2007-1-4 19:41 發表
有配置LDAP的日誌文件嗎？
沒有的話就輸入這條指令試試：
#echo "local4.debug /var/log/slapd.log" >> /etc/syslog.conf
#service syslog reload

然後你再運行一行/usr/local/libexec/sla ...



多謝lg8080的恢復，我現在在家，明天上班再試試。如果還有問題還得麻煩你。

我的/usr/local/libexec/下是空的，而在/usr/local/openldap/libexec/下有slapd，是不是有什麼問題？
請指教。

原帖由 py 於 2007-1-4 21:16 發表

已經正常啟動了，看看你的ldap.conf文件的設置吧，另外就是本地的網路和389埠


多謝版主熱心回復，是不是看看389是否被監聽？就是自己的本機還需要網路嗎？請多指點
，拜託。

查看slapd是否在啟動，你可以這樣看看：

ps -ef | grep slapd

這樣可以看到slapd是否啟動。


在/usr/local/openldap/libexec/下有slapd應該不會有問題吧。你./configure時的路徑指的是哪裡？


py是個好版主，經驗也足，我的好多問題都是在他的幫助下解決的。也許我的經驗不足於幫到你什麼，但是我盡量。

[ 本帖最後由 lg8080 於 2007-1-4 23:00 編輯 ]

原帖由 lg8080 於 2007-1-4 22:59 發表
查看slapd是否在啟動，你可以這樣看看：

ps -ef | grep slapd

這樣可以看到slapd是否啟動。


在/usr/local/openldap/libexec/下有slapd應該不會有問題吧。你./configure時的路徑指的是哪裡？


py是 ...

./configure的路徑：/usr/local/openldap


slapd.log 文件：

Jan  4 19:19:59 localhost slapd: @(#) $OpenLDAP: slapd 2.3.30 (Jan  3 2007 19:21:49) $ ^Iroot@localhost:/root/temp/openldap-2.3.30/servers/slapd
Jan  4 19:19:59 localhost slapd: daemon: IPv6 socket() failed errno=97 (Address family not supported by protocol)
Jan  4 19:19:59 localhost slapd: bdb_db_init: Initializing BDB database
Jan  4 19:19:59 localhost slapd: >>> dnPrettyNormal: <dc=ccs,dc=next,dc=ksp,dc=fujixerox,dc=co,dc=jp>
Jan  4 19:19:59 localhost slapd: <<< dnPrettyNormal: <dc=ccs,dc=next,dc=ksp,dc=fujixerox,dc=co,dc=jp>, <dc=ccs,dc=next,dc=ksp,dc=fujixerox,dc=co,dc=jp>
Jan  4 19:19:59 localhost slapd: >>> dnPrettyNormal: <cn=root,dc=ccs,dc=next,dc=ksp,dc=fujixerox,dc=co,dc=jp>
Jan  4 19:19:59 localhost slapd: <<< dnPrettyNormal: <cn=root,dc=ccs,dc=next,dc=ksp,dc=fujixerox,dc=co,dc=jp>, <cn=root,dc=ccs,dc=next,dc=ksp,dc=fujixerox,dc=co,dc=jp>
Jan  4 19:19:59 localhost slapd: >>> dnNormalize: <cn=Subschema>
Jan  4 19:19:59 localhost slapd: <<< dnNormalize: <cn=subschema>
Jan  4 19:19:59 localhost slapd: matching_rule_use_init
Jan  4 19:19:59 localhost slapd:     1.2.840.113556.1.4.804 (integerBitOrMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 1.2.840.113556.1.4.804 NAME 'integerBitOrMatch' APPLIES ( supportedLDAPVersion $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcDbCacheFree $ olcDbCacheSize $ olcDbIDLcacheSize $ olcDbMode $ olcDbSearchStack $ olcDbShmKey $ olcSpSessionlog $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpcNumber ) )
Jan  4 19:19:59 localhost slapd:     1.2.840.113556.1.4.803 (integerBitAndMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 1.2.840.113556.1.4.803 NAME 'integerBitAndMatch' APPLIES ( supportedLDAPVersion $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcDbCacheFree $ olcDbCacheSize $ olcDbIDLcacheSize $ olcDbMode $ olcDbSearchStack $ olcDbShmKey $ olcSpSessionlog $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpcNumber ) )
Jan  4 19:19:59 localhost slapd:     1.3.6.1.4.1.1466.109.114.2 (caseIgnoreIA5Match):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' APPLIES ( altServer $ mail $ dc $ associatedDomain $ email $ aRecord $ mDRecord $ mXRecord $ nSRecord $ sOARecord $ cNAMERecord $ janetMailbox $ gecos $ homeDirectory $ loginShell $ memberUid $ memberNisNetgroup $ ipHostNumber $ ipNetworkNumber $ ipNetmaskNumber $ macAddress $ bootFile $ nisMapEntry $ automountInformation ) )
Jan  4 19:19:59 localhost slapd:     1.3.6.1.4.1.1466.109.114.1 (caseExactIA5Match):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' APPLIES ( altServer $ mail $ dc $ associatedDomain $ email $ aRecord $ mDRecord $ mXRecord $ nSRecord $ sOARecord $ cNAMERecord $ janetMailbox $ gecos $ homeDirectory $ loginShell $ memberUid $ memberNisNetgroup $ ipHostNumber $ ipNetworkNumber $ ipNetmaskNumber $ macAddress $ bootFile $ nisMapEntry $ automountInformation ) )
Jan  4 19:19:59 localhost slapd:     2.5.13.35 (certificateMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.35 NAME 'certificateMatch' APPLIES ( userCertificate $ cACertificate ) )
Jan  4 19:19:59 localhost slapd:     2.5.13.34 (certificateExactMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.34 NAME 'certificateExactMatch' APPLIES ( userCertificate $ cACertificate ) )
Jan  4 19:19:59 localhost slapd:     2.5.13.30 (objectIdentifierFirstComponentMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.30 NAME 'objectIdentifierFirstComponentMatch' APPLIES ( supportedControl $ supportedExtension $ supportedFeatures $ ldapSyntaxes $ supportedApplicationContext ) )
Jan  4 19:19:59 localhost slapd:     2.5.13.29 (integerFirstComponentMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.29 NAME 'integerFirstComponentMatch' APPLIES ( supportedLDAPVersion $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcDbCacheFree $ olcDbCacheSize $ olcDbIDLcacheSize $ olcDbMode $ olcDbSearchStack $ olcDbShmKey $ olcSpSessionlog $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpcNumber ) )
Jan  4 19:19:59 localhost slapd:     2.5.13.27 (generalizedTimeMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.27 NAME 'generalizedTimeMatch' APPLIES ( createTimestamp $ modifyTimestamp ) )
Jan  4 19:19:59 localhost slapd:     2.5.13.24 (protocolInformationMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.24 NAME 'protocolInformationMatch' APPLIES protocolInformation )
Jan  4 19:19:59 localhost slapd:     2.5.13.23 (uniqueMemberMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.23 NAME 'uniqueMemberMatch' APPLIES uniqueMember )
Jan  4 19:19:59 localhost slapd:     2.5.13.22 (presentationAddressMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.22 NAME 'presentationAddressMatch' APPLIES presentationAddress )
Jan  4 19:19:59 localhost slapd:     2.5.13.20 (telephoneNumberMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.20 NAME 'telephoneNumberMatch' APPLIES ( telephoneNumber $ homePhone $ mobile $ pager ) )
Jan  4 19:19:59 localhost slapd:     2.5.13.17 (octetStringMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.17 NAME 'octetStringMatch' APPLIES userPassword )
Jan  4 19:19:59 localhost slapd:     2.5.13.16 (bitStringMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.16 NAME 'bitStringMatch' APPLIES x500UniqueIdentifier )
Jan  4 19:19:59 localhost slapd:     2.5.13.14 (integerMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.14 NAME 'integerMatch' APPLIES ( supportedLDAPVersion $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcDbCacheFree $ olcDbCacheSize $ olcDbIDLcacheSize $ olcDbMode $ olcDbSearchStack $ olcDbShmKey $ olcSpSessionlog $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpcNumber ) )
Jan  4 19:19:59 localhost slapd:     2.5.13.13 (booleanMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.13 NAME 'booleanMatch' APPLIES ( hasSubordinates $ olcGentleHUP $ olcLastMod $ olcReadOnly $ olcReverseLookup $ olcDbNoSync $ olcDbDirtyRead $ olcDbLinearIndex $ olcSpNoPresent $ olcSpReloadHint ) )
Jan  4 19:19:59 localhost slapd:     2.5.13.11 (caseIgnoreListMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.11 NAME 'caseIgnoreListMatch' APPLIES ( postalAddress $ registeredAddress $ homePostalAddress ) )
Jan  4 19:19:59 localhost slapd:     2.5.13.8 (numericStringMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.8 NAME 'numericStringMatch' APPLIES ( x121Address $ internationaliSDNNumber ) )
Jan  4 19:19:59 localhost slapd:     2.5.13.7 (caseExactSubstringsMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.7 NAME 'caseExactSubstringsMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) )
Jan  4 19:19:59 localhost slapd:     2.5.13.6 (caseExactOrderingMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.6 NAME 'caseExactOrderingMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) )
Jan  4 19:19:59 localhost slapd:     2.5.13.5 (caseExactMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.5 NAME 'caseExactMatch' APPLIES ( supportedSASLMechanisms $ vendorName $ vendorVersion $ ref $ name $ cn $ uid $ labeledURI $ description $ olcConfigFile $ olcConfigDir $ olcAccess $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcBackend $ olcDatabase $ olcDisallows $ olcDitContentRules $ olcInclude $ olcLimits $ olcLogFile $ olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectClasses $ olcObjectIdentifier $ olcOverlay $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPlugin $ olcPluginLogFile $ olcReferral $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDSE $ olcRootPW $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcSizeLimit $ olcSrvtab $ olcSubordinate $ olcSyncrepl $ olcTimeLimit $ olcTLSCACertificateFile $ olcTLSCACertificatePath $ olcTLSCertificateFile $ olcTLSCertificateKe
Jan  4 19:19:59 localhost slapd:     2.5.13.4 (caseIgnoreSubstringsMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.4 NAME 'caseIgnoreSubstringsMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) )
Jan  4 19:19:59 localhost slapd:     2.5.13.3 (caseIgnoreOrderingMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.3 NAME 'caseIgnoreOrderingMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) )
Jan  4 19:19:59 localhost slapd:     2.5.13.2 (caseIgnoreMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.2 NAME 'caseIgnoreMatch' APPLIES ( supportedSASLMechanisms $ vendorName $ vendorVersion $ ref $ name $ cn $ uid $ labeledURI $ description $ olcConfigFile $ olcConfigDir $ olcAccess $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcBackend $ olcDatabase $ olcDisallows $ olcDitContentRules $ olcInclude $ olcLimits $ olcLogFile $ olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectClasses $ olcObjectIdentifier $ olcOverlay $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPlugin $ olcPluginLogFile $ olcReferral $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDSE $ olcRootPW $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcSizeLimit $ olcSrvtab $ olcSubordinate $ olcSyncrepl $ olcTimeLimit $ olcTLSCACertificateFile $ olcTLSCACertificatePath $ olcTLSCertificateFile $ olcTLSCertificateK
Jan  4 19:19:59 localhost slapd:     1.2.36.79672281.1.13.3 (rdnMatch):
Jan  4 19:19:59 localhost slapd:     2.5.13.1 (distinguishedNameMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.1 NAME 'distinguishedNameMatch' APPLIES ( creatorsName $ modifiersName $ subschemaSubentry $ namingContexts $ aliasedObjectName $ distinguishedName $ seeAlso $ olcDefaultSearchBase $ olcRootDN $ olcSchemaDN $ olcSuffix $ olcUpdateDN $ member $ owner $ roleOccupant $ manager $ documentAuthor $ secretary $ associatedName $ dITRedirect ) )
Jan  4 19:19:59 localhost slapd:     2.5.13.0 (objectIdentifierMatch):
Jan  4 19:19:59 localhost slapd: matchingRuleUse: ( 2.5.13.0 NAME 'objectIdentifierMatch' APPLIES ( supportedControl $ supportedExtension $ supportedFeatures $ supportedApplicationContext ) )
Jan  4 19:19:59 localhost slapd: slapd startup: initiated.
Jan  4 19:19:59 localhost slapd: backend_startup_one: starting "cn=config"
Jan  4 19:19:59 localhost slapd: config_back_db_open
Jan  4 19:19:59 localhost slapd: config_build_entry: "cn=config"
Jan  4 19:19:59 localhost slapd: config_build_entry: "cn=include{0}"
Jan  4 19:19:59 localhost slapd: config_build_entry: "cn=include{1}"
Jan  4 19:19:59 localhost slapd: config_build_entry: "cn=include{2}"
Jan  4 19:19:59 localhost slapd: config_build_entry: "cn=include{3}"
Jan  4 19:19:59 localhost slapd: config_build_entry: "cn=include{4}"
Jan  4 19:19:59 localhost slapd: config_build_entry: "cn=schema"
Jan  4 19:19:59 localhost slapd: config_build_entry: "cn={0}core"
Jan  4 19:19:59 localhost slapd: config_build_entry: "cn={1}cosine"
Jan  4 19:19:59 localhost slapd: config_build_entry: "cn={2}inetorgperson"
Jan  4 19:19:59 localhost slapd: config_build_entry: "cn={3}nis"
Jan  4 19:19:59 localhost slapd: config_build_entry: "cn={4}autofs"
Jan  4 19:19:59 localhost slapd: config_build_entry: "olcDatabase={-1}frontend"
Jan  4 19:19:59 localhost slapd: config_build_entry: "olcDatabase={0}config"
Jan  4 19:19:59 localhost slapd: config_build_entry: "olcDatabase={1}bdb"
Jan  4 19:19:59 localhost slapd: backend_startup_one: starting "dc=ccs,dc=next,dc=ksp,dc=fujixerox,dc=co,dc=jp"
Jan  4 19:19:59 localhost slapd: bdb_db_open: Warning - No DB_CONFIG file found in directory /usr/local/openldap/var/openldap-data: (2) Expect poor performance for suffix dc=ccs,dc=next,dc=ksp,dc=fujixerox,dc=co,dc=jp.
Jan  4 19:19:59 localhost slapd: bdb_db_open: dbenv_open(/usr/local/openldap/var/openldap-data)
Jan  4 19:19:59 localhost slapd: slapd starting





# ps -ef | grep slapd
root      2188     1  0 19:11 ?        00:00:04 gedit file:///usr/local/openldap/etc/openldap/slapd.conf
root      2267  2077  0 19:19 pts/0    00:00:00 ./slapd -d 256
root      2275  2210  0 19:23 pts/1    00:00:00 grep slapd




可是：

# cd /usr/local/openldap/bin
# ./ldapsearch -x
ldap_bind: Can't contact LDAP server (-1)
#



還請版主和各位前輩指點，多多拜託。

Tags: