PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : Kolab Installation: OpenLDAP Problem



clumsy
29.03.06, 18:47
Servus,
versuche mich an Kolab...gibt das Problem beim bootstrapping:


# /kolab/etc/kolab/kolab_bootstrap -b

KOLAB BOOTSTRAP

Check for running webserver on port 80
Check for running webserver on port 443
Check for running imap server on port 143
Check for running imap server on port 220
Check for running imap server on port 585
Check for running imap server on port 993
Check for running pop3 server on port 109
Check for running pop3 server on port 110
Check for running pop3 server on port 473
Check for running pop3 server on port 995
Check for running smtp server on port 25
Check for running smtp server on port 465
Check for running ftp server on port 21
Check for running Amavis Virus Scanner Interface on port 10024
Check for running Kolab daemon on port 9999
Check for running OpenLDAP server on port 636
Check for running OpenLDAP server on port 389
Check for running Sieve server on port 2000
Excellent all required Ports are available!
LDAP repository is empty - assuming fresh install
Please enter Hostname including Domain Name (e.g. thishost.domain.tld) [server.domain.de]:
Proceeding with Hostname server.domain.de
Do you want to set up (1) a master Kolab server or (2) a slave [1] (1/2): 1
Proceeding with master server setup

Please enter your Maildomain - if you do not know your mail domain use the fqdn from above [domain.de]:
proceeding with Maildomain domain.de
Kolab primary email addresses will be of the type user@domain.de
Generating default configuration:
Top level DN for Kolab [dc=domain.de]:
base_dn : dc=domain,dc=de
bind_dn : cn=manager,cn=internal,dc=domain,dc=de
Please choose a manager password [blabla]:
bind_pw : blabla
done modifying /kolab/etc/kolab/kolab.conf

IMPORTANT NOTE:
use login=manager and passwd=blabla when you log into the webinterface!

Enter fully qualified hostname of slave kolab server e.g. thishost.domain.tld [empty when done]:
prepare LDAP database...
temporarily starting slapd
Waiting for OpenLDAP to start
could not connect ldap server ldap://127.0.0.1:389/ at /kolab/etc/kolab/kolab_bootstrap line 490

Dann hab ich im Skript kolab_bootstrap nachgeschaut...der genau Startaufruf des Ldap-Servers:


/kolab/libexec/openldap/slapd -h ldap://127.0.0.1:389/ -f /kolab/etc/openldap/slapd.conf

ich hab dann das debugging dazugeschaltet und von Hand aufgerufen:


/kolab/libexec/openldap/slapd -h ldap://127.0.0.1:389/ -f /kolab/etc/openldap/slapd.conf -d 2

Das ergibt folgende Meldungen:


@(#) $OpenLDAP: slapd 2.3.11 (Mar 29 2006 04:22:50) $
kolab@server:/kolab/RPM/TMP/openldap-2.3.11/servers/slapd
/kolab/etc/openldap/slapd.conf: line 91: "attr" is deprecated (and undocumented); use "attrs" instead.
/kolab/etc/openldap/slapd.conf: line 96: "attr" is deprecated (and undocumented); use "attrs" instead.
/kolab/etc/openldap/slapd.conf: line 101: "attr" is deprecated (and undocumented); use "attrs" instead.
/kolab/etc/openldap/slapd.conf: line 106: "attr" is deprecated (and undocumented); use "attrs" instead.
/kolab/etc/openldap/slapd.conf: line 111: "attr" is deprecated (and undocumented); use "attrs" instead.
/kolab/etc/openldap/slapd.conf: line 116: "attr" is deprecated (and undocumented); use "attrs" instead.
/kolab/etc/openldap/slapd.conf: line 121: "attr" is deprecated (and undocumented); use "attrs" instead.
bdb_db_open: unclean shutdown detected; attempting recovery.
bdb(dc=domain,dc=de): architecture lacks fast mutexes: applications cannot be threaded
bdb(dc=domain,dc=de): architecture lacks fast mutexes: applications cannot be threaded
bdb_db_open: dbenv_open failed: Invalid argument (22)
backend_startup_one: bi_db_open failed! (22)
slapd stopped.
connections_destroy: nothing to destroy.


Die "attr"-Fehler (in Zeilen 91-121) sind es nicht. Hab die LDAP-Konfig angepasst und dann tauchen diese Fehler nicht mehr auf. Aber der Rest trotzdem...

Hier die /kolab/etc/openldap/sldap.conf:


include /kolab/etc/openldap/schema/core.schema
include /kolab/etc/openldap/schema/cosine.schema
include /kolab/etc/openldap/schema/inetorgperson.schema
include /kolab/etc/openldap/schema/rfc2739.schema
include /kolab/etc/openldap/schema/kolab2.schema

pidfile /kolab/var/openldap/run/slapd.pid
replica-pidfile /kolab/var/openldap/run/slurpd.pid
argsfile /kolab/var/openldap/slapd.args
replogfile /kolab/var/openldap/replog
replicationinterval 5

schemacheck on

#TLSCertificateFile /kolab/etc/kolab/cert.pem
#TLSCertificateKeyFile /kolab/etc/kolab/key.pem

rootDSE /kolab/etc/kolab/rootDSE.ldif

defaultsearchbase "dc=domain,dc=de"

#require none
allow bind_v2

loglevel 0
database monitor

database bdb
suffix "dc=domain,dc=de"
cachesize 2000
checkpoint 512 10
idlcachesize 10000
idletimeout 80 # The value can be increased if some clients develop problems.
# Please report to kolab-devel@kolab.org if you encounter such a client.

directory /kolab/var/openldap/openldap-data

rootdn "cn=manager,cn=internal,dc=domain,dc=de"
rootpw "blabla"

replica uri=ldap://127.0.0.1:9999
binddn="cn=replicator"
bindmethod=simple
credentials=secret

index objectClass pres,eq
index uid approx,sub,pres,eq
index mail approx,sub,pres,eq
index alias approx,sub,pres,eq
index cn approx,sub,pres,eq
index sn approx,sub,pres,eq
index givenName approx,sub,pres,eq
index kolabHomeServer pres,eq
index member pres,eq

include /kolab/etc/openldap/slapd.access

access to dn="dc=domain,dc=de" attrs=children
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=domain,dc=de" write
by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=domain,dc=de" write
by group/kolabGroupOfNames="cn=domain-maintainer,cn=internal,dc=domain,dc=de" write
access to dn="cn=internal,dc=domain,dc=de" attrs=children
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=domain,dc=de" write
by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=domain,dc=de" write
by group/kolabGroupOfNames="cn=domain-maintainer,cn=internal,dc=domain,dc=de" write
access to dn.subtree="cn=Monitor"
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=domain,dc=de" write
by * none stop
access to attr=userPassword
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=domain,dc=de" =wx
by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=domain,dc=de" =wx
by self =wx
by anonymous =x
by * none stop
access to attr=mail
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=domain,dc=de" write
by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=domain,dc=de" write
by * read stop
access to attr=alias
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=domain,dc=de" write
by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=domain,dc=de" write
by * read stop
access to attr=uid
by group/kolabGroupOfNames="cn=admin,cn=internal,dc=domain,dc=de" write
by group/kolabGroupOfNames="cn=maintainer,cn=internal,dc=domain,dc=de" write
by * read stop
###hier gehts noch weiter, aber das reicht doch, oder? sonst bescheid geben...

Diese Konfig hab ich natürlich nicht selber gemacht sondern die wurde beim Bootstrapping so erstellt.

Ich weiß leider nicht mehr, wie ich weitermachen kann.
System ist SLES9 auf einem Intel 64bit-Rechner. domain.de ist natürlich in Wirklichkeit nen FQDN,


#uname -a
Linux server 2.6.5-7.191-smp #1 SMP Tue Jun 28 14:58:56 UTC 2005 x86_64 x86_64 x86_64 GNU/Linux


Habt ihr Tips? Danke schonmal!
clumsy

clumsy