Slaptest, bad configuration file
6,310
Remove the CRC lines, and don't edit these files by hand ever again. Use an LDAP browser.
Related videos on Youtube
27 : 36
OpenLDAP Server Configuration on RHEL 7 / CentOS 7 - 100% Working Step by Step Procedure
02 : 08
OpenLDAP: Converting flat file (slapd.conf) to OLC (slapd.d)...can't access cn=config
24 : 19
Openldap ppolicy and replication (replica &multimaster)
02 : 11
DevOps & SysAdmins: Slaptest, bad configuration file
21 : 31
LDAP Server & Client Configuration in RHEL 7 With AutoFS | Setup LDAP User Authentication in Linux
26 : 17
Making the OpenLDAP Online Configuration (OLC) Permanent
Author by
vector8188
Updated on September 18, 2022Comments
-
vector8188 over 1 year
I have been struggling to start LDAP server and I am failing miserably at it, from journalctl -xn I it clearly say bad configuration files!, but there are three configuration files, but what is missing/wrong.
I do not have a clue.(Noob QA guy, with little experience in setting up server of any kind, taken this responsibility to test a product which requires kerberos+LDAP setup)
1:olcDatabase={0}config.ldif
1 # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. 2 # CRC32 5b8d3eae 3 dn: olcDatabase={0}config 4 objectClass: olcDatabaseConfig 5 olcDatabase: {0}config 6 olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external 7 ,cn=auth" manage by * none 8 structuralObjectClass: olcDatabaseConfig 9 entryUUID: c1537b28-ed16-1034-9396-7188a52812eb 10 creatorsName: cn=config 11 createTimestamp: 20150911212105Z 12 entryCSN: 20150911212105.249119Z#000000#000#000000 13 modifiersName: cn=config 14 modifyTimestamp: 20150911212105Z 15 olcRootPW: {SSHA}WJTAm3glD5O87VKlhz5v3u4+1A3MVB8E1:olcDatabase={1}monitor.ldif
1 # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. 2 # CRC32 e5f82fb5 3 dn: olcDatabase={1}monitor 4 objectClass: olcDatabaseConfig 5 olcDatabase: {1}monitor 6 olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external 7 ,cn=auth" read by dn.base="cn=Manager,dc=ixsystems,dc=com" read by * none 8 structuralObjectClass: olcDatabaseConfig 9 entryUUID: c153c754-ed16-1034-9397-7188a52812eb 10 creatorsName: cn=config 11 createTimestamp: 20150911212105Z 12 entryCSN: 20150911212105.251069Z#000000#000#000000 13 modifiersName: cn=config 14 modifyTimestamp: 20150911212105Z1:olcDatabase={2}hdb.ldif
1 # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. 2 # CRC32 2e34b404 3 dn: olcDatabase={2}hdb 4 objectClass: olcDatabaseConfig 5 objectClass: olcHdbConfig 6 olcDatabase: {2}hdb 7 olcDbDirectory: /var/lib/ldap 8 olcSuffix: dc=ixsystems,dc=com 9 olcRootDN: cn=Manager,dc=ixsystems,dc=com 10 olcRootPW: {SSHA}WJTAm3glD5O87VKlhz5v3u4+1A3MVB8E 11 olcDbIndex: objectClass eq,pres 12 olcDbIndex: ou,cn,mail,surname,givenname eq,pres,sub 13 structuralObjectClass: olcHdbConfig 14 entryUUID: c153cf4c-ed16-1034-9398-7188a52812eb 15 creatorsName: cn=config 16 createTimestamp: 20150911212105Z 17 entryCSN: 20150911212105.251273Z#000000#000#000000 18 modifiersName: cn=config 19 modifyTimestamp: 20150911212105Z 20 olcAccess: {0}to attrs=userPassword by self write by dn.base="cn=Manager,dc=ixsystems,dc=com" write by anonymous auth by * none 21 olcAccess: {1}to * by dn.base="cn=Manager,dc=ixsystems,dc=com" write by self write by * read[root@qa-ldap-kerb cn=config]# journalctl -xn
-- Logs begin at Sun 2015-09-13 04:31:08 EDT, end at Mon 2015-09-14 20:17:13 EDT. -- Sep 14 20:17:13 qa-ldap-kerb slapd[4348]: @(#) $OpenLDAP: slapd 2.4.39 (Mar 6 2015 04:35:49) $ [email protected]:/builddir/build/BUILD/openldap-2.4.39/openldap-2.4.39/servers/slapd Sep 14 20:17:13 qa-ldap-kerb slapd[4348]: ldif_read_file: checksum error on "/etc/openldap/slapd.d/cn=config/olcDatabase={0}config.ldif" Sep 14 20:17:13 qa-ldap-kerb slapd[4348]: ldif_read_file: checksum error on "/etc/openldap/slapd.d/cn=config/olcDatabase={1}monitor.ldif" Sep 14 20:17:13 qa-ldap-kerb slapd[4348]: ldif_read_file: checksum error on "/etc/openldap/slapd.d/cn=config/olcDatabase={2}hdb.ldif" Sep 14 20:17:13 qa-ldap-kerb slapd[4348]: str2entry: entry -1 has no dn Sep 14 20:17:13 qa-ldap-kerb slapd[4348]: slapd stopped. Sep 14 20:17:13 qa-ldap-kerb slapd[4348]: connections_destroy: nothing to destroy. Sep 14 20:17:13 qa-ldap-kerb systemd[1]: slapd.service: control process exited, code=exited status=1 Sep 14 20:17:13 qa-ldap-kerb systemd[1]: Failed to start OpenLDAP Server Daemon. -- Subject: Unit slapd.service has failed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit slapd.service has failed. -- -- The result is failed. Sep 14 20:17:13 qa-ldap-kerb systemd[1]: Unit slapd.service entered failed state.