Installation serveur LDAP sous Debian Fermé

Question

Bonjour, 

J'essaye d'installer un serveur LDAP sur une distribution debian et j'ai une erreur lors de la configuration.  :

Lorsque je tape 

ldapadd -f racine.ldif -D "cn=admin,dc=pti,dc=local" -w admin


J'ai un message d'erreur 

ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)


Si quelqu'un peut m'aider je désespère :(

cocoche95 · Answer

Et si tu rajoutes l'option : "-h localhost" ?

pingouin77 · Answer

comme ca : ldapadd -f racine.ldif -D "cn=admin,dc=pti,dc=local" -w admin -h localhost ?

Toujours le même message :(

cocoche95 · Answer

Et avec :  

ldapadd -f racine.ldif -D "cn=admin,dc=pti,dc=local" -W -h localhost  

en tapant le mot de passe au prompt ?

Et un "ps aux | grep slapd" ?

pinguin77 · Answer

Salut cocoche95

une fois le mot de passe tapé, j'ai :

SASL/DIGEST-MD5 authentication started
ldap_sasl_interactive_bind_s: Invalid credentials (49)

et un "ps aux | grep slapd" donne :


openldap 30952  0.0  3.3  28868  4232 ?        Ssl  23:20   0:00 /usr/sbin/slapd -h ldap://127.0.0.1:389/ -g openldap -u openldap -f /etc/ldap/slapd.conf -4
root     31047  0.0  0.6   3024   796 pts/0    R+   23:49   0:00 grep slapd

cocoche95 · Answer

Essayes de faire un : 'dpkg-reconfigure slapd'

Cela va tout reconfigurer au niveau de l'install d'openldap et notamment le mot de passe.

pingouin77 · Answer

Toujours la même chose après reconfiguration

ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)

cocoche95 · Answer

Tu peux mettre ici ton fichier : /etc/ldap/slapd.conf ?

pingouin77 · Answer

# This is the main slapd configuration file. See slapd.conf(5) for more # info on the configuration options. ####################################################################### # Global Directives: # Features to permit #allow bind_v2 # Schema and objectClass definitions include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/nis.schema include /etc/ldap/schema/inetorgperson.schema # Where the pid file is put. The init.d script # will not stop the server if you change this. pidfile /var/run/slapd/slapd.pid # List of arguments that were passed to the server argsfile /var/run/slapd/slapd.args # Read slapd.conf(5) for possible values loglevel none # Where the dynamically loaded modules are stored modulepath /usr/lib/ldap moduleload back_hdb # The maximum number of entries that is returned for a search operation sizelimit 500 # The tool-threads parameter sets the actual amount of cpu's that is used # for indexing. tool-threads 1 ####################################################################### # Specific Backend Directives for hdb: # Backend specific directives apply to this backend until another # 'backend' directive occurs backend hdb ####################################################################### # Specific Backend Directives for 'other': # Backend specific directives apply to this backend until another # 'backend' directive occurs #backend ####################################################################### # Specific Directives for database #1, of type hdb: # Database specific directives apply to this databasse until another # 'database' directive occurs database hdb # The base of your directory in database #1 suffix "dc=pti,dc=local" # rootdn directive for specifying a superuser on the database. This is needed # for syncrepl. rootdn "cn=admin,dc=pti,dc=local" rootpw "mon mot de passe" # Where the database file are physically stored for database #1 directory "/var/lib/ldap" # The dbconfig settings are used to generate a DB_CONFIG file the first # time slapd starts. They do NOT override existing an existing DB_CONFIG # file. You should therefore change these settings in DB_CONFIG directly # or remove DB_CONFIG and restart slapd for changes to take effect. # For the Debian package we use 2MB as default but be sure to update this # value if you have plenty of RAM dbconfig set_cachesize 0 2097152 0 # Sven Hartge reported that he had to set this value incredibly high # to get slapd running at all. See http://bugs.debian.org/303057 for more # information. # Number of objects that can be locked at the same time. dbconfig set_lk_max_objects 1500 # Number of locks (both requested and granted) dbconfig set_lk_max_locks 1500 # Number of lockers dbconfig set_lk_max_lockers 1500 # Indexing options for database #1 index objectClass eq # Save the time that the entry gets modified, for database #1 lastmod on # Checkpoint the BerkeleyDB database periodically in case of system # failure and to speed slapd shutdown. checkpoint 512 30 # Where to store the replica logs for database #1 # replogfile /var/lib/ldap/replog # The userPassword by default can be changed # by the entry owning it if they are authenticated. # Others should not be able to see it, except the # admin entry below # These access lines apply to database #1 only access to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=pti,dc=local" write by anonymous auth by self write by * none # Ensure read access to the base for things like # supportedSASLMechanisms. Without this you may # have problems with SASL not knowing what # mechanisms are available and the like. # Note that this is covered by the 'access to *' # ACL below too but if you change that as people # are wont to do you'll still need this if you # want SASL (and possible other things) to work # happily. access to dn.base="" by * read # The admin dn has full write access, everyone else # can read everything. access to * by dn="cn=admin,dc=pti,dc=local" write by * read # For Netscape Roaming support, each user gets a roaming # profile for which they have write access to #access to dn=".*,ou=Roaming,o=morsnet" by dn="cn=admin,dc=pti,dc=local" write by dnattr=owner write ####################################################################### # Specific Directives for database #2, of type 'other' (can be hdb too): # Database specific directives apply to this databasse until another # 'database' directive occurs #database # The base of your directory for database #2 #suffix "dc=debian,dc=org"

cocoche95 · Answer

Pour moi, il y a pas de pb particulier.

Si tu fais un 'ldapsearch -x -D dn=pti,dn=local -h localhost', il te liste le contenu du ldap ?

pingouin77 · Answer

Cette fois : ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

Le fait que j'ai choisis database hdb  lors de la config de pose pas de problème ?

cocoche95 · Answer

Non, le problème c'est l'authentification ! Tel le message que t'as eu précédemment :

"SASL/DIGEST-MD5 authentication started
ldap_sasl_interactive_bind_s: Invalid credentials (49) "

J'ai l'impression qu'il y a un pb au niveau du mot de passe ou de l'association login/mdp : a chaque fois, on a le process d'authentification en cause (ldap_sasl).

Question con : t'es sur du mdp que tu rentres ?

pingouin77 · Answer

Je viens de réessayer .. oui je te confirme je suis sûr du mot de passe lol

c'est pourtant étrange dans les logs j'ai :

slapd[12731]: SASL [conn=2] Failure: no secret in database

N'y a t-il pas d'autre log disponible du serveur LDAP ? même si je dois avouer que ce message a l'air clair... :-/

cocoche95 · Answer

La, je dois t'avouer que je suis perplexe ...

Installation serveur LDAP sous Debian

13 réponses

Discussions similaires