[FUG-BR] Erro na inicialização do ldap

Jose Raimundo da S. Barbosa jose.barbosa em cpaa.embrapa.br
Terça Junho 17 15:44:30 BRT 2008


Oi..

esta assim..

/etc/nsswitch.conf
#group: compat
group: files ldap
group_compat: nis
hosts: files dns
networks: files
#passwd: compat
passwd: files ldap
passwd_compat: nis
shells: files

> Como está o seu /etc/nsswitch.conf ?
>
>
>
> On Tue, Jun 17, 2008 at 3:34 PM, Jose Raimundo da S. Barbosa <
> jose.barbosa em cpaa.embrapa.br> wrote:
>
>> ola colegas, acabei de instalar e configurar um servidor LDAP. Parece
>> que
>> tudo ta funcionando legal: construi a base LDAP, importei minha base de
>> usuário para dentro dele, estou consultando a base, etc. Mas agora vou
>> partir para a integracao com o SAMBA, postfix, etc. Só que consultando
>> meu
>> /var/log/messages vejo as seguintes mensagens na inicializacao do LDAP:
>>
>> Jun 17 13:22:00 ariranha slapd[9073]: nss_ldap: could not search LDAP
>> server - Server is unavailable
>> Jun 17 13:22:00 ariranha slapd[9073]: sql_select option missing
>> Jun 17 13:22:00 ariranha slapd[9073]: auxpropfunc error no mechanism
>> available
>>
>> fiz um teste...parei o servidor (/usr/local/etc/rc.d/slapd stop) e
>> startei
>> novamente...reparei que a partir de entao ele leva uns 30 segundos para
>> entrar no ar...dai visualizei novamente o log messages e a mensagem
>> acima
>> consta no arquivo.
>>
>> Alguma idéia?
>>
>> Acabei de instalar o FreeBSD 7.0
>>
>> nss_ldap.conf
>> --------------
>>  @(#)$Id: ldap.conf,v 2.47 2006/05/15 08:13:44 lukeh Exp $
>> #
>> # This is the configuration file for the LDAP nameservice
>> # switch library and the LDAP PAM module.
>> #
>> # PADL Software
>> # http://www.padl.com
>> #
>>
>> host 127.0.0.1
>> base dc=cpaa,dc=embrapa,dc=br
>> uri ldap://cegonha.cpaa.embrapa.br/
>> ldap_version 3
>>
>>
>> slapd.conf
>> ------------
>> #
>> # See slapd.conf(5) for details on configuration options.
>> # This file should NOT be world readable.
>> #
>> include         /usr/local/etc/openldap/schema/core.schema
>> include         /usr/local/etc/openldap/schema/cosine.schema
>> include         /usr/local/etc/openldap/schema/nis.schema
>> include         /usr/local/etc/openldap/schema/inetorgperson.schema
>> include         /usr/local/etc/openldap/schema/qmail.schema
>> include         /usr/local/etc/openldap/schema/samba.schema
>>
>> # Ativando suporte a TLS
>> TLSCertificateFile /usr/local/etc/openldap/ssl/servercrt.pem
>> TLSCertificateKeyFile /usr/local/etc/openldap/ssl/serverkey.pem
>> TLSCACertificateFile /usr/local/etc/openldap/ssl/cacert.pem
>> #TLSCipherSuite HIGH:MEDIUM:+SSLv2
>>
>> # Define global ACLs to disable default read access.
>>
>> # Do not enable referrals until AFTER you have a working directory
>> # service AND an understanding of referrals.
>> #referral       ldap://root.openldap.org
>>
>> pidfile         /var/run/openldap/slapd.pid
>> argsfile        /var/run/openldap/slapd.args
>>
>> # Load dynamic backend modules:
>> modulepath      /usr/local/libexec/openldap
>> moduleload      back_bdb
>> # moduleload    back_ldap
>> # moduleload    back_ldbm
>> # moduleload    back_passwd
>> # moduleload    back_shell
>>
>> access to attrs=userPassword,sambaLMPassword,sambaNTPassword
>>     by dn="cn=root,dc=embrapa,dc=br" write
>>     by anonymous auth
>>     by self write
>>     by * none
>>
>> access to attrs=uidNumber,gidNumber
>>   by dn="cn=root,dc=embrapa,dc=br" write
>>   by * read
>>
>> access to *
>>   by dn="cn=root,dc=embrapa,dc=br" write
>>   by self write
>>   by * read
>>
>> database        bdb
>> suffix          "dc=embrapa,dc=br"
>> rootdn          "cn=root,dc=embrapa,dc=br"
>>
>> rootpw  secret
>> # The database directory MUST exist prior to running slapd AND
>> # should only be accessible by the slapd and slap tools.
>> # Mode 700 recommended.
>> directory       /var/db/openldap-data
>> # Indices to maintain
>> index   objectClass             eq
>> index   uid                     pres,eq,sub
>> index   gidNumber               eq
>> index   uidNumber               eq
>> index   cn                      pres,eq,sub
>> index   memberuid               pres,eq,sub
>> index   mail                    pres,eq,sub
>> index   mailAlternateAddress    pres,eq,sub
>> index   sn                      pres,eq,sub
>> #index   displayName             pres,eq,sub
>> #index   sambaSID,sambaPrimaryGroupSID,sambaDomainName  eq
>> #index   default                 sub
>>
>>
>>
>> -------------------------
>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>
>
>
>
> --
> ThOLOko
> ThOmaz BeLgine
> email: tholoko em gmail.com
> msn: tholoko em hotmail.com
> -FrEEBSD-
> UniX TeaM
> BeFree => BeFreeBSD
> http://www.itexplorer.com.br
> -------------------------
> Histórico: http://www.fug.com.br/historico/html/freebsd/
> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>


-- 
José Raimundo da S. Barbosa
Embrapa Amazonia Ocidental
Setor de Informação
Fone: (92) 3621-0350)



Mais detalhes sobre a lista de discussão freebsd