[FUG-BR] Erro na inicialização do ldap
Jose Raimundo da S. Barbosa
jose.barbosa em cpaa.embrapa.br
Terça Junho 17 16:11:31 BRT 2008
Ok Jorge, levou uns 3 seg...mas a mensagem no log messages persiste. Em
seguida alterei o nsswitch.conf conforme mensagem do thOLOko:
mude para:
/etc/nsswitch.conf
#group: compat
group: files ldap winbind
group_compat: nis
hosts: files dns
networks: files
#passwd: compat
passwd: files ldap winbind
shadow: files ldap winbind
passwd_compat: nis
shells: files
e continua o mesmo problema...complementando minha duvida...sera que esse
problema pode interferir na integracao com os outros servicos
(Postfix,etc)? pois, apesar desse erro constatado via /var/log/messages o
LDAP ta funcionando.
> Altere esses parâmetros nos arquivos nss_ldap.conf e ldap.conf que seu
> ldap vai iniciar bem mais rápido.
> Reporta ai depois.
>
> Abraço.
>
> timelimit 3
> bind_timelimit 3
> bind_policy soft
>
>
>
>
> _________________________________________
> * *Jorge Petry Neto *
> *Administrador de Redes e Servidores
> (48) 8401-4436
> jorge em jspnet.com.br <mailto:jorge em jspnet.com.br>*
> **www.jspnet.com.br * <http://www.jspnet.com.br/>
>
>
>
>
> Jose Raimundo da S. Barbosa escreveu:
>> ola colegas, acabei de instalar e configurar um servidor LDAP. Parece
>> que
>> tudo ta funcionando legal: construi a base LDAP, importei minha base de
>> usuário para dentro dele, estou consultando a base, etc. Mas agora vou
>> partir para a integracao com o SAMBA, postfix, etc. Só que consultando
>> meu
>> /var/log/messages vejo as seguintes mensagens na inicializacao do LDAP:
>>
>> Jun 17 13:22:00 ariranha slapd[9073]: nss_ldap: could not search LDAP
>> server - Server is unavailable
>> Jun 17 13:22:00 ariranha slapd[9073]: sql_select option missing
>> Jun 17 13:22:00 ariranha slapd[9073]: auxpropfunc error no mechanism
>> available
>>
>> fiz um teste...parei o servidor (/usr/local/etc/rc.d/slapd stop) e
>> startei
>> novamente...reparei que a partir de entao ele leva uns 30 segundos para
>> entrar no ar...dai visualizei novamente o log messages e a mensagem
>> acima
>> consta no arquivo.
>>
>> Alguma idéia?
>>
>> Acabei de instalar o FreeBSD 7.0
>>
>> nss_ldap.conf
>> --------------
>> @(#)$Id: ldap.conf,v 2.47 2006/05/15 08:13:44 lukeh Exp $
>> #
>> # This is the configuration file for the LDAP nameservice
>> # switch library and the LDAP PAM module.
>> #
>> # PADL Software
>> # http://www.padl.com
>> #
>>
>> host 127.0.0.1
>> base dc=cpaa,dc=embrapa,dc=br
>> uri ldap://cegonha.cpaa.embrapa.br/
>> ldap_version 3
>>
>>
>> slapd.conf
>> ------------
>> #
>> # See slapd.conf(5) for details on configuration options.
>> # This file should NOT be world readable.
>> #
>> include /usr/local/etc/openldap/schema/core.schema
>> include /usr/local/etc/openldap/schema/cosine.schema
>> include /usr/local/etc/openldap/schema/nis.schema
>> include /usr/local/etc/openldap/schema/inetorgperson.schema
>> include /usr/local/etc/openldap/schema/qmail.schema
>> include /usr/local/etc/openldap/schema/samba.schema
>>
>> # Ativando suporte a TLS
>> TLSCertificateFile /usr/local/etc/openldap/ssl/servercrt.pem
>> TLSCertificateKeyFile /usr/local/etc/openldap/ssl/serverkey.pem
>> TLSCACertificateFile /usr/local/etc/openldap/ssl/cacert.pem
>> #TLSCipherSuite HIGH:MEDIUM:+SSLv2
>>
>> # Define global ACLs to disable default read access.
>>
>> # Do not enable referrals until AFTER you have a working directory
>> # service AND an understanding of referrals.
>> #referral ldap://root.openldap.org
>>
>> pidfile /var/run/openldap/slapd.pid
>> argsfile /var/run/openldap/slapd.args
>>
>> # Load dynamic backend modules:
>> modulepath /usr/local/libexec/openldap
>> moduleload back_bdb
>> # moduleload back_ldap
>> # moduleload back_ldbm
>> # moduleload back_passwd
>> # moduleload back_shell
>>
>> access to attrs=userPassword,sambaLMPassword,sambaNTPassword
>> by dn="cn=root,dc=embrapa,dc=br" write
>> by anonymous auth
>> by self write
>> by * none
>>
>> access to attrs=uidNumber,gidNumber
>> by dn="cn=root,dc=embrapa,dc=br" write
>> by * read
>>
>> access to *
>> by dn="cn=root,dc=embrapa,dc=br" write
>> by self write
>> by * read
>>
>> database bdb
>> suffix "dc=embrapa,dc=br"
>> rootdn "cn=root,dc=embrapa,dc=br"
>>
>> rootpw secret
>> # The database directory MUST exist prior to running slapd AND
>> # should only be accessible by the slapd and slap tools.
>> # Mode 700 recommended.
>> directory /var/db/openldap-data
>> # Indices to maintain
>> index objectClass eq
>> index uid pres,eq,sub
>> index gidNumber eq
>> index uidNumber eq
>> index cn pres,eq,sub
>> index memberuid pres,eq,sub
>> index mail pres,eq,sub
>> index mailAlternateAddress pres,eq,sub
>> index sn pres,eq,sub
>> #index displayName pres,eq,sub
>> #index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq
>> #index default sub
>>
>>
>>
>> -------------------------
>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>
>>
>
> --
>
> -------------------------
> Histórico: http://www.fug.com.br/historico/html/freebsd/
> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>
--
José Raimundo da S. Barbosa
Embrapa Amazonia Ocidental
Setor de Informação
Fone: (92) 3621-0350)
Mais detalhes sobre a lista de discussão freebsd