directory-fortress mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Shawn McKinney <smckin...@apache.org>
Subject Re: [Fortress] Install of fortess core with Open Ldap 2-4.31 fails
Date Wed, 12 Apr 2017 01:54:28 GMT
Gigen, thanks for following up on this.

Shawn

> On Apr 11, 2017, at 7:03 PM, Gigen Thomas <gigenthomasdev@gmail.com> wrote:
> 
> Hi Shawn,
> 
> Thank you for the suggestions. I got this to work with slapd.conf. The
> default install of openldap uses dynamic config - you can tell this by the
> presence of slap.d  directory under /etc/ldap.
> 
> All I did to get this to work was to delete the slap.d directory and copy
> the slapd.conf to /etc/ldap
> 
> I would imagine that if were to now convert  slapd.conf to dynamic config,
> this should work as well. Have not tried this yet. Just happy to get this
> to work for now .
> 
> Here's my environment if someone else runs into this:
> 
> openldap-2.4.42
> Ubuntu 16.04.1 LTS
> 
> 
> Regards,
> Gigen Thomas
> 
> 
> 
> 
> On Thu, Apr 6, 2017 at 6:32 AM, Shawn McKinney <smckinney@apache.org> wrote:
> 
>> 
>>> On Apr 5, 2017, at 10:00 PM, Gigen Thomas <gigenthomasdev@gmail.com>
>> wrote:
>>> 
>>> I am trying to install directory-fortress-core with openldap-2.4.31 and
>> am following the instructions from https://github.com/apache/
>> directory-fortress-core/blob/master/README.md
>>> 
>> 
>> Hello Gigen, welcome!
>> 
>>> 
>>> On Apr 5, 2017, at 10:00 PM, Gigen Thomas <gigenthomasdev@gmail.com>
>> wrote:
>>> 
>>> What's missing in the above referenced documentation is that open ldap
>> 2.4 and above versions uses the dynamic config and hence require the
>> conversion of slapd.conf
>> 
>> The usage of the openldap dynamic config is not yet required and so the
>> static config (slapd.conf) continues to work.
>> 
>> Regardless, you should be able to use either option.
>> 
>>> On Apr 5, 2017, at 10:00 PM, Gigen Thomas <gigenthomasdev@gmail.com>
>> wrote:
>>> 
>>> and here's command that I use for the conversion:
>>> 
>>> sudo -u openldap slaptest -f slapd.conf -F slapd.d   -v
>>> 
>>> 58e59f4d slapd.conf: line 67: rootdn is always granted unlimited
>> privileges.
>>> 58e59f4d mdb_db_open: database "cn=log" cannot be opened, err 2. Restore
>> from backup!
>>> 58e59f4d backend_startup_one (type=mdb, suffix="cn=log"): bi_db_open
>> failed! (2)
>>> slap_startup failed (test would succeed using the -u switch)
>>> 
>>> The Conversion fails to create the required databases ( log and fortress
>> )
>>> 
>>> Have checked permissions on the various ldap folders and have not been
>> able to resolve this. Hoping that someone on this mailing list has run into
>> this. Any help will be greatly appreciated !!
>> 
>> I don’t have much experience with the dynamic configuration utility in
>> slapd so this specific error is unfamiliar, but I can offer some ideas.
>> 
>> There’s a problem with the slapd history DB setup used by fortress' audit
>> log.  What is the config for yours?  For example, the README has this:
>> 
>> # History DB Settings  (optional)
>> database         mdb
>> …
>> directory        "/var/openldap/hist"
>> 
>> Here we see a DB that has been mapped to the /var/openldap/hist folder.
>> Does that corresponding folder exist on your machine and does it have the
>> proper permissions to allow your openldap user write access?
>> 
>> Thanks,
>> Shawn


Mime
View raw message