Вопросы Теги

Плохой hdb.ldif, нуждайтесь в помощи для конфигурирования его

содержание/etc/openldap/slapd.d/cn=config/olcDatabase = {2} hdb.ldif

   1 # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
   2 # CRC32 2e34b404
   3 dn: olcDatabase={2}hdb
   4 objectClass: olcDatabaseConfig
   5 objectClass: olcHdbConfig
   6 olcDatabase: {2}hdb
   7 olcDbDirectory: /var/lib/ldap
   8 olcSuffix: dc=ixsystems,dc=com
   9 olcRootDN: cn=Manager,dc=ixsystems,dc=com
  10 olcRootPW: {SSHA}WJTAm3glD5O87VKlhz5v3u4+1A3MVB8E
  11 olcDbIndex: objectClass eq,pres
  12 olcDbIndex: ou,cn,mail,surname,givenname eq,pres,sub
  13 structuralObjectClass: olcHdbConfig
  14 entryUUID: c153cf4c-ed16-1034-9398-7188a52812eb
  15 creatorsName: cn=config
  16 createTimestamp: 20150911212105Z
  17 entryCSN: 20150911212105.251273Z#000000#000#000000
  18 modifiersName: cn=config
  19 modifyTimestamp: 20150911212105Z
  20 olcAccess: {0}to attrs=userPassword by self write by dn.base="cn=Manager,dc=ixsystems,dc=com" write by anonymous auth by * none
  21 olcAccess: {1}to * by dn.base="cn=Manager,dc=ixsystems,dc=com" write by self write by * read

Содержание slapd.service

[root@qa-ldap-kerb ~]# systemctl status slapd.service
slapd.service - OpenLDAP Server Daemon
   Loaded: loaded (/usr/lib/systemd/system/slapd.service; enabled)
   Active: failed (Result: exit-code) since Sun 2015-09-13 02:46:27 EDT; 9s ago
     Docs: man:slapd
           man:slapd-config
           man:slapd-hdb
           man:slapd-mdb
           file:///usr/share/doc/openldap-servers/guide.html
  Process: 7692 ExecStart=/usr/sbin/slapd -u ldap -h ${SLAPD_URLS} $SLAPD_OPTIONS (code=exited, status=1/FAILURE)
  Process: 7678 ExecStartPre=/usr/libexec/openldap/check-config.sh (code=exited, status=0/SUCCESS)

Sep 13 02:46:27 qa-ldap-kerb check-config.sh[7678]: Checking configuration file failed:
Sep 13 02:46:27 qa-ldap-kerb check-config.sh[7678]: 55f51bc3 ldif_read_file: checksum error on "/etc/openldap/slapd.d/cn=config/olcDatabase={0}config.ldif"
Sep 13 02:46:27 qa-ldap-kerb check-config.sh[7678]: 55f51bc3 ldif_read_file: checksum error on "/etc/openldap/slapd.d/cn=config/olcDatabase={1}monitor.ldif"
Sep 13 02:46:27 qa-ldap-kerb check-config.sh[7678]: 55f51bc3 ldif_read_file: checksum error on "/etc/openldap/slapd.d/cn=config/olcDatabase={2}hdb.ldif"
Sep 13 02:46:27 qa-ldap-kerb check-config.sh[7678]: 55f51bc3 str2entry: entry -1 has no dn
Sep 13 02:46:27 qa-ldap-kerb check-config.sh[7678]: slaptest: bad configuration file!
Sep 13 02:46:27 qa-ldap-kerb slapd[7692]: @(#) $OpenLDAP: slapd 2.4.39 (Mar  6 2015 04:35:49) $
                                                  mockbuild@worker1.bsys.centos.org:/builddir/build/BUILD/openldap-2.4.39/openldap-2.4.39/servers/slapd
Sep 13 02:46:27 qa-ldap-kerb systemd[1]: slapd.service: control process exited, code=exited status=1
Sep 13 02:46:27 qa-ldap-kerb systemd[1]: Failed to start OpenLDAP Server Daemon.
Sep 13 02:46:27 qa-ldap-kerb systemd[1]: Unit slapd.service entered failed state.

Содержание systemctl запускает slapd

[root@qa-ldap-kerb ~]# systemctl start slapd
Job for slapd.service failed. See 'systemctl status slapd.service' and 'journalctl -xn' for details.

Содержание systemctl состояния-l slapd

[root@qa-ldap-kerb ~]# systemctl status -l slapd
slapd.service - OpenLDAP Server Daemon
   Loaded: loaded (/usr/lib/systemd/system/slapd.service; enabled)
   Active: failed (Result: exit-code) since Sun 2015-09-13 04:54:29 EDT; 1min 32s ago
     Docs: man:slapd
           man:slapd-config
           man:slapd-hdb
           man:slapd-mdb
           file:///usr/share/doc/openldap-servers/guide.html
  Process: 2401 ExecStart=/usr/sbin/slapd -u ldap -h ${SLAPD_URLS} $SLAPD_OPTIONS (code=exited, status=1/FAILURE)
  Process: 2387 ExecStartPre=/usr/libexec/openldap/check-config.sh (code=exited, status=0/SUCCESS)

Sep 13 04:54:29 qa-ldap-kerb check-config.sh[2387]: Checking configuration file failed:
Sep 13 04:54:29 qa-ldap-kerb check-config.sh[2387]: 55f539c5 ldif_read_file: checksum error on "/etc/openldap/slapd.d/cn=config/olcDatabase={0}config.ldif"
Sep 13 04:54:29 qa-ldap-kerb check-config.sh[2387]: 55f539c5 ldif_read_file: checksum error on "/etc/openldap/slapd.d/cn=config/olcDatabase={1}monitor.ldif"
Sep 13 04:54:29 qa-ldap-kerb check-config.sh[2387]: 55f539c5 ldif_read_file: checksum error on "/etc/openldap/slapd.d/cn=config/olcDatabase={2}hdb.ldif"
Sep 13 04:54:29 qa-ldap-kerb check-config.sh[2387]: 55f539c5 str2entry: entry -1 has no dn
Sep 13 04:54:29 qa-ldap-kerb check-config.sh[2387]: slaptest: bad configuration file!
Sep 13 04:54:29 qa-ldap-kerb slapd[2401]: @(#) $OpenLDAP: slapd 2.4.39 (Mar  6 2015 04:35:49) $
                                                  mockbuild@worker1.bsys.centos.org:/builddir/build/BUILD/openldap-2.4.39/openldap-2.4.39/servers/slapd
Sep 13 04:54:29 qa-ldap-kerb systemd[1]: slapd.service: control process exited, code=exited status=1
Sep 13 04:54:29 qa-ldap-kerb systemd[1]: Failed to start OpenLDAP Server Daemon.
Sep 13 04:54:29 qa-ldap-kerb systemd[1]: Unit slapd.service entered failed state.
-2
задан 13 September 2015 в 12:13
2 ответа

Похоже, у вас ошибка в последней строке (#21)

olcAccess: {1}to * by dn.base="cn=Manager,dc=ixsystems,dc=com" write by * auth by read

Измените ее на 

olcAccess: {1}to * by dn.base="cn=Manager,dc=ixsystems,dc=com" write by self write by * read

Обновите конфигурацию и попробуйте.

.
0
ответ дан 5 December 2019 в 21:42

файл базы данных выглядит правильно, вы получаете ошибки контрольной суммы, потому что вы редактировали файлы напрямую, что не приведет к полному сбою ldap

, но у вас, очевидно, есть неправильная запись конфигурации в одном из файлы, которые вы редактировали 

entry -1 has no dn 
slaptest: bad configuration file!
0
ответ дан 5 December 2019 в 21:42

Теги

Похожие вопросы