PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : Problem mit Ldap Konfiguration



Der Gnusbrick
30.03.05, 12:35
Hallo ich habe Probleme mit der Konfiguration eines Ldap Servers,bzw mit dem Client...ich hab mir schon nen paar HowTo's und Help-Threads durch gelesen komm aber trotzdem ned weiter...
Problem:
Ich habe den LDAP Server soweit konfiguriert ,und er startet ihn auch ohne murren.Die Datenbank legt er auch an...wenn ich jedoch Versuche mit dem Ldap Client zu connecten ,kommt die Fehlermeldung das er nicht zum Ldap Server connecten kann......????

Hier einmal meine Configs vielleicht liegt ja hier irgendwo der Fehler:

ldap.conf



# See ldap.conf(5) for details
# This file should be world readable but not world writable.
#BASE dc=example, dc=com
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666 #SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
#TLS_REQCERT allow
#host server.unimess.hof
# base dc=unimess,dc=hof host
localhost base o=BIGDOM


slapd.conf




#
# LDAP Defaults
#

# See ldap.conf(5) for details
# This file should be world readable but not world writable.

#BASE dc=example, dc=com
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666

#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
#TLS_REQCERT allow
#host server.unimess.hof
# base dc=unimess,dc=hof
host localhost
base o=BIGDOM
File-dom:/etc/openldap #
File-dom:/etc/openldap # more sldap.conf
sldap.conf: No such file or directory
File-dom:/etc/openldap # more slapd.conf
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/rfc2307bis.schema
include /etc/openldap/schema/yast.schema
include /etc/openldap/schema/dnszone.schema
# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org

pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args

# Load dynamic backend modules:
modulepath /usr/lib/openldap/modules
# moduleload back_ldap.la
# moduleload back_meta.la
# moduleload back_monitor.la
# moduleload back_perl.la

# Sample security restrictions
# Require integrity protection (prevent hijacking)
# Require 112-bit (3DES or better) encryption for updates
# Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:
# Root DSE: allow anyone to read it
# Subschema (sub)entry DSE: allow anyone to read it
# Other DSEs:
# Allow self write access to user password
# Allow anonymous users to authenticate
# Allow read access to everything else
# Directives needed to implement policy:
access to dn.base=""
by * read

access to dn.base="cn=Subschema"
by * read

access to attr=userPassword,userPKCS12
by self write
by * auth

access to attr=shadowLastChange
by self write
by * read

access to *
by * read

# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn. (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!

################################################## #####################
# bdb database definitions
################################################## #####################

loglevel 0
TLSCertificateFile /etc/ssl/servercerts/servercert.pem
TLSCACertificatePath /etc/ssl/certs/
TLSCertificateKeyFile /etc/ssl/servercerts/serverkey.pem
allow bind_v2 bind_anon_cred bind_anon_dn
database bdb
suffix "dc=BIGDOM"
rootdn "cn=administrator,dc=BIGDOM"
rootpw "wfg321"
directory /var/lib/ldap
checkpoint 1024 5
cachesize 10000
index objectClass,uidNumber,gidNumber eq
index member,mail eq,pres
index cn,displayname,uid,sn,givenname sub,eq,pres



*.ldif


# Die Organisation SUSE
dn: dc=BIGDOM
dc: BIGDOM
objectClass: dcObject
objectClass: organization
o: BIGDOM
# cn: unimess Judenhof
objectClass: top

# Die Organisationseinheit Entwicklung (devel)
dn: ou=devel, dc=BIGDOM
objectClass: organizationalUnit
ou: devel

# Die Organisationseinheit Dokumentation (doc)
dn: ou=doc, dc=BIGDOM
objectClass: organizationalUnit
ou: doc

# Die Organisationseinheit Interne EDV (it)
dn: ou=it, dc=BIGDOM
objectClass: organizationalUnit
ou: it