#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2004
    Posts
    12
    Rep Power
    0

    Screwing OpenLDAP - Error : Referrals Received


    Hey guys,
    after spending the last 72h installing crappy openldap i'm getting tired of all those messy errors ... now the server is up somehow, next i'm getting the next error when trying to connect from ldap browser 2.6 to my openldap 2.2.17 on debian...

    i can browse the first directive on my domain but when i try to enter the dn i receive Error 10 - Referral Received ... Any suggestions before i throw all the crap out the window...

    here is my config and an example ldif:

    #
    # See slapd.conf(5) for details on configuration options.
    # This file should NOT be world readable.
    #
    include /usr/local/etc/openldap/schema/core.schema

    schemacheck on
    referral ldap://localhost/

    # Define global ACLs to disable default read access.

    # Do not enable referrals until AFTER you have a working directory
    # service AND an understanding of referrals.
    #referral ldap://root.openldap.org

    pidfile /usr/local/var/run/slapd.pid
    argsfile /usr/local/var/run/slapd.args

    # Load dynamic backend modules:
    # modulepath /usr/local/libexec/openldap
    # moduleload back_bdb.la
    # moduleload back_ldap.la
    # moduleload back_ldbm.la
    # moduleload back_passwd.la
    # moduleload back_shell.la

    # Sample security restrictions
    # Require integrity protection (prevent hijacking)
    # Require 112-bit (3DES or better) encryption for updates
    # Require 63-bit encryption for simple bind
    # security ssf=1 update_ssf=112 simple_bind=64

    # Sample access control policy:
    # Root DSE: allow anyone to read it
    # Subschema (sub)entry DSE: allow anyone to read it
    # Other DSEs:
    # Allow self write access
    # Allow authenticated users read access
    # Allow anonymous users to authenticate
    # Directives needed to implement policy:
    # access to dn.base="" by * read
    # access to dn.base="cn=Subschema" by * read
    # access to *
    # by self write
    # by users read
    # by anonymous auth
    #
    # if no access controls are present, the default policy
    # allows anyone and everyone to read anything but restricts
    # updates to rootdn. (e.g., "access to * by * read")
    #
    # rootdn can always read and write EVERYTHING!

    #######################################################################
    # BDB database definitions
    #######################################################################

    database bdb
    suffix "dc=Emedia-Office,dc=de"
    rootdn "cn=Manager,dc=Emedia-Office,dc=de"
    # Cleartext passwords, especially for the rootdn, should
    # be avoid. See slappasswd(8) and slapd.conf(5) for details.
    # Use of strong authentication encouraged.
    rootpw yahoo
    # The database directory MUST exist prior to running slapd AND
    # should only be accessible by the slapd and slap tools.
    # Mode 700 recommended.
    directory /usr/local/var/openldap-data
    # Indices to maintain
    index objectClass eq

    ___________________________
    LDIF


    dn: o=Emedia-Office, c=DE
    o: Emedia-Office
    l: Berlin
    streetaddress: Emscherstr. 41
    postalCode: 45891
    telephonenumber: 0209-4711
    objectclass: organization

    dn: cn=Manager, o=Emedia-Office, c=DE
    cn: Manager
    sn: Manager
    objectclass: person

    dn: ou=IT, o=Emedia-Office, c=DE
    ou: IT
    objectclass: top
    objectclass: organizationalUnit

    dn: ou=Finanzen, o=Emedia-Office, c=DE
    ou: Finanzen
    objectclass: top
    objectclass: organizationalUnit

    dn: cn=Volker Schwaberow, ou=IT, o=Emedia-Office, c=DE
    objectclass: top
    objectclass: person
    objectclass: organizationalPerson
    objectclass: inetOrgPerson
    cn: Volker Schwabero
    sn: Schwabero
    telephonenumber: 0209/4712

    dn: cn=Bernd Schlaefer, ou=Finanzen, o=Emedia-Office, c=DE
    objectclass: top
    objectclass: person
    objectclass: organizationalPerson
    objectclass: inetOrgPerson
    cn: Bernd Schlaefer
    sn: Schlaefer
    telephonenumber: 0209/4713




    anybody running into the same prob?
    help is appreciated ...
    thx in advance
    Marcel
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2004
    Location
    Stuttgart
    Posts
    50
    Rep Power
    10
    1.:

    include /usr/local/etc/openldap/schema/core.schema

    schemacheck on
    referral ldap://localhost/
    Do not enable referrals until AFTER you have a working directory
    # service AND an understanding of referrals.
    2.:

    dn: o=Emedia-Office, c=DE
    o: Emedia-Office
    l: Berlin
    streetaddress: Emscherstr. 41
    postalCode: 45891
    telephonenumber: 0209-4711
    objectclass: organization
    do NOT use blanks in the dn of you LDIF entry

IMN logo majestic logo threadwatch logo seochat tools logo