[FUG-BR] Erro na inicialização do ldap

Jose Raimundo da S. Barbosa jose.barbosa em cpaa.embrapa.br
Terça Junho 17 15:34:34 BRT 2008


ola colegas, acabei de instalar e configurar um servidor LDAP. Parece que
tudo ta funcionando legal: construi a base LDAP, importei minha base de
usuário para dentro dele, estou consultando a base, etc. Mas agora vou
partir para a integracao com o SAMBA, postfix, etc. Só que consultando meu
/var/log/messages vejo as seguintes mensagens na inicializacao do LDAP:

Jun 17 13:22:00 ariranha slapd[9073]: nss_ldap: could not search LDAP
server - Server is unavailable
Jun 17 13:22:00 ariranha slapd[9073]: sql_select option missing
Jun 17 13:22:00 ariranha slapd[9073]: auxpropfunc error no mechanism
available

fiz um teste...parei o servidor (/usr/local/etc/rc.d/slapd stop) e startei
novamente...reparei que a partir de entao ele leva uns 30 segundos para
entrar no ar...dai visualizei novamente o log messages e a mensagem acima
consta no arquivo.

Alguma idéia?

Acabei de instalar o FreeBSD 7.0

nss_ldap.conf
--------------
 @(#)$Id: ldap.conf,v 2.47 2006/05/15 08:13:44 lukeh Exp $
#
# This is the configuration file for the LDAP nameservice
# switch library and the LDAP PAM module.
#
# PADL Software
# http://www.padl.com
#

host 127.0.0.1
base dc=cpaa,dc=embrapa,dc=br
uri ldap://cegonha.cpaa.embrapa.br/
ldap_version 3


slapd.conf
------------
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include         /usr/local/etc/openldap/schema/core.schema
include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/nis.schema
include         /usr/local/etc/openldap/schema/inetorgperson.schema
include         /usr/local/etc/openldap/schema/qmail.schema
include         /usr/local/etc/openldap/schema/samba.schema

# Ativando suporte a TLS
TLSCertificateFile /usr/local/etc/openldap/ssl/servercrt.pem
TLSCertificateKeyFile /usr/local/etc/openldap/ssl/serverkey.pem
TLSCACertificateFile /usr/local/etc/openldap/ssl/cacert.pem
#TLSCipherSuite HIGH:MEDIUM:+SSLv2

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral       ldap://root.openldap.org

pidfile         /var/run/openldap/slapd.pid
argsfile        /var/run/openldap/slapd.args

# Load dynamic backend modules:
modulepath      /usr/local/libexec/openldap
moduleload      back_bdb
# moduleload    back_ldap
# moduleload    back_ldbm
# moduleload    back_passwd
# moduleload    back_shell

access to attrs=userPassword,sambaLMPassword,sambaNTPassword
     by dn="cn=root,dc=embrapa,dc=br" write
     by anonymous auth
     by self write
     by * none

access to attrs=uidNumber,gidNumber
   by dn="cn=root,dc=embrapa,dc=br" write
   by * read

access to *
   by dn="cn=root,dc=embrapa,dc=br" write
   by self write
   by * read

database        bdb
suffix          "dc=embrapa,dc=br"
rootdn          "cn=root,dc=embrapa,dc=br"

rootpw  secret
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory       /var/db/openldap-data
# Indices to maintain
index   objectClass             eq
index   uid                     pres,eq,sub
index   gidNumber               eq
index   uidNumber               eq
index   cn                      pres,eq,sub
index   memberuid               pres,eq,sub
index   mail                    pres,eq,sub
index   mailAlternateAddress    pres,eq,sub
index   sn                      pres,eq,sub
#index   displayName             pres,eq,sub
#index   sambaSID,sambaPrimaryGroupSID,sambaDomainName  eq
#index   default                 sub





Mais detalhes sobre a lista de discussão freebsd