From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <haw@inbox.ru>
X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on sa.int.altlinux.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.0 required=5.0 tests=AWL,BAYES_00 autolearn=ham
	version=3.2.3
From: =?utf-8?b?0JLQu9Cw0LTQuNC80LjRgA==?= <haw@inbox.ru>
To: ALT Linux sysadmin discuss <sysadmins@lists.altlinux.org>
Date: Tue, 25 Dec 2007 11:37:48 +0300
User-Agent: KMail/1.9.7
References: <200712231933.19415.haw@inbox.ru>
	<6c7be88d0712240214l770f9906v58f88f02b67c1260@mail.gmail.com>
In-Reply-To: <6c7be88d0712240214l770f9906v58f88f02b67c1260@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="utf-8"
Content-Transfer-Encoding: 8bit
Content-Disposition: inline
Message-Id: <200712251137.49213.haw@inbox.ru>
Subject: Re: [Sysadmins] LDAP
X-BeenThere: sysadmins@lists.altlinux.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: ALT Linux sysadmin discuss <sysadmins@lists.altlinux.org>
List-Id: ALT Linux sysadmin discuss <sysadmins.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/listinfo/sysadmins>,
	<mailto:sysadmins-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/sysadmins>
List-Post: <mailto:sysadmins@lists.altlinux.org>
List-Help: <mailto:sysadmins-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/sysadmins>,
	<mailto:sysadmins-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Dec 2007 08:38:04 -0000
Archived-At: <http://lore.altlinux.org/sysadmins/200712251137.49213.haw@inbox.ru/>
List-Archive: <http://lore.altlinux.org/sysadmins/>

>Почемуто мне кажется, что у вас базовый DN слегка не тот,
>в каком-то из двух подходов...
упс.. ну это.. я типа зашифроваться пытался

в общем сообщаю, как я такого добивабсь.
ставлю сервер и клиент, открываю slapd-hdb-db01.conf и делаю замену
dc=example,dc=com на  dc=firma,dc=lan :)

потом делаю ldif
dn: dc=firma,dc=lan
objectClass: organization
objectClass: dcObject
dc: firma
o: lan

dn: cn=admin,dc=firma,dc=lan
objectclass: organizationalRole
cn: admin


dn: ou=People,dc=firma,dc=lan
objectClass: organizationalUnit
ou: People

dn: ou=Group,dc=firma,dc=lan
objectClass: organizationalUnit
ou: Group



заливаю, пишет, что добавил...

такое ощущение, что что-то не доконца доделываю... 
потом, эта версия не устарела случайно, вместо nis схема другая, вроде должна 
быть.

#ldapsearch -LL -h localhost

SASL/SRP authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Invalid credentials (49)
        additional info: SASL(-13): user not found: no secret in database

а вот

# ldapsearch -x -H 'ldap://localhost/' -d -1

<i>
# ldapsearch -x -H 'ldap://localhost/' -d -1
ldap_create
ldap_url_parse_ext(ldap://localhost/)
ldap_bind
ldap_simple_bind
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP localhost:389
ldap_new_socket: 4
ldap_prepare_socket: 4
ldap_connect_to_host: Trying 127.0.0.1:389
ldap_connect_timeout: fd: 4 tm: -1 async: 0
ldap_open_defconn: successful
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_dump: buf=0x08060128 ptr=0x08060128 end=0x08060136 len=14
  0000:  30 0c 02 01 01 60 07 02  01 03 04 00 80 00         0....`........
ber_scanf fmt ({i) ber:
ber_dump: buf=0x08060128 ptr=0x0806012d end=0x08060136 len=9
  0000:  60 07 02 01 03 04 00 80  00                        `........
ber_flush: 14 bytes to sd 4
  0000:  30 0c 02 01 01 60 07 02  01 03 04 00 80 00         0....`........
ldap_write: want=14, written=14
  0000:  30 0c 02 01 01 60 07 02  01 03 04 00 80 00         0....`........
ldap_result ld 0x8057f30 msgid 1
ldap_chkResponseList ld 0x8057f30 msgid 1 all 1
ldap_chkResponseList returns ld 0x8057f30 NULL
wait4msg ld 0x8057f30 msgid 1 (infinite timeout)
wait4msg continue ld 0x8057f30 msgid 1 all 1
** ld 0x8057f30 Connections:
* host: localhost  port: 389  (default)
  refcnt: 2  status: Connected
  last used: Tue Dec 25 11:25:55 2007

** ld 0x8057f30 Outstanding Requests:
 * msgid 1,  origid 1, status InProgress
   outstanding referrals 0, parent count 0
** ld 0x8057f30 Response Queue:
   Empty
ldap_chkResponseList ld 0x8057f30 msgid 1 all 1
ldap_chkResponseList returns ld 0x8057f30 NULL
ldap_int_select
read1msg: ld 0x8057f30 msgid 1 all 1
ber_get_next
ldap_read: want=8, got=8
  0000:  30 0c 02 01 01 61 07 0a                            0....a..
ldap_read: want=6, got=6
  0000:  01 00 04 00 04 00                                  ......
ber_get_next: tag 0x30 len 12 contents:
ber_dump: buf=0x080612a8 ptr=0x080612a8 end=0x080612b4 len=12
  0000:  02 01 01 61 07 0a 01 00  04 00 04 00               ...a........
read1msg: ld 0x8057f30 msgid 1 message type bind
ber_scanf fmt ({eaa) ber:
ber_dump: buf=0x080612a8 ptr=0x080612ab end=0x080612b4 len=9
  0000:  61 07 0a 01 00 04 00 04  00                        a........
read1msg: ld 0x8057f30 0 new referrals
read1msg:  mark request completed, ld 0x8057f30 msgid 1
request done: ld 0x8057f30 msgid 1
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 1, msgid 1)
ldap_free_connection 0 1
ldap_free_connection: refcnt 1
ldap_parse_result
ber_scanf fmt ({iaa) ber:
ber_dump: buf=0x080612a8 ptr=0x080612ab end=0x080612b4 len=9
  0000:  61 07 0a 01 00 04 00 04  00                        a........
ber_scanf fmt (}) ber:
ber_dump: buf=0x080612a8 ptr=0x080612b4 end=0x080612b4 len=0

ldap_msgfree
# extended LDIF
#
# LDAPv3
# base <> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

ldap_search_ext
put_filter: "(objectclass=*)"
put_filter: simple
put_simple_filter: "objectclass=*"
ldap_build_search_req ATTRS: *
ldap_send_initial_request
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_dump: buf=0x08060128 ptr=0x08060128 end=0x0806014f len=39
  0000:  30 25 02 01 02 63 20 04  00 0a 01 02 0a 01 00 02   0%...c .........
  0010:  01 00 02 01 00 01 01 00  87 0b 6f 62 6a 65 63 74   ..........object
  0020:  63 6c 61 73 73 30 00                               class0.
ber_scanf fmt ({) ber:
ber_dump: buf=0x08060128 ptr=0x0806012d end=0x0806014f len=34
  0000:  63 20 04 00 0a 01 02 0a  01 00 02 01 00 02 01 00   c ..............
  0010:  01 01 00 87 0b 6f 62 6a  65 63 74 63 6c 61 73 73   .....objectclass
  0020:  30 00                                              0.
ber_flush: 39 bytes to sd 4
  0000:  30 25 02 01 02 63 20 04  00 0a 01 02 0a 01 00 02   0%...c .........
  0010:  01 00 02 01 00 01 01 00  87 0b 6f 62 6a 65 63 74   ..........object
  0020:  63 6c 61 73 73 30 00                               class0.
ldap_write: want=3  0000:  30 25 02 01 02 63 20 04  00 0a 01 02 0a 01 00 02   
0%...c .........
  0010:  01 00 02 01 00 01 01 00  87 0b 6f 62 6a 65 63 74   ..........object
  0020:  63 6c 61 73 73 30 00                               class0.
ldap_result ld 0x8057f30 msgid -1
ldap_chkResponseList ld 0x8057f30 msgid -1 all 0
ldap_chkResponseList returns ld 0x8057f30 NULL
wait4msg ld 0x8057f30 msgid -1 (infinite timeout)
wait4msg continue ld 0x8057f30 msgid -1 all 0
** ld 0x8057f30 Connections:
* host: localhost  port: 389  (default)
  refcnt: 2  status: Connected
  last used: Tue Dec 25 11:25:55 2007

** ld 0x8057f30 Outstanding Requests:
 * msgid 2,  origid 2, status InProgress
   outstanding referrals 0, parent count 0
** ld 0x8057f30 Response Queue:
   Empty
ldap_chkResponseList ld 0x8057f30 msgid -1 all 0
ldap_chkResponseList returns ld 0x8057f30 NULL
ldap_int_select
read1msg: ld 0x8057f30 msgid -1 all 0
ber_get_next
ldap_read: want=8, got=8
  0000:  30 0c 02 01 02 65 07 0a                            0....e..
ldap_read: want=6, got=6
  0000:  01 20 04 00 04 00                                  . ....
ber_get_next: tag 0x30 len 12 contents:
ber_dump: buf=0x080612a8 ptr=0x080612a8 end=0x080612b4 len=12
  0000:  02 01 02 65 07 0a 01 20  04 00 04 00               ...e... ....
read1msg: ld 0x8057f30 msgid 2 message type search-result
ber_scanf fmt ({eaa) ber:
ber_dump: buf=0x080612a8 ptr=0x080612ab end=0x080612b4 len=9
  0000:  65 07 0a 01 20 04 00 04  00                        e... ....
read1msg: ld 0x8057f30 0 new referrals
read1msg:  mark request completed, ld 0x8057f30 msgid 2
request done: ld 0x8057f30 msgid 2
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 2, msgid 2)
ldap_free_connection 0 1
ldap_free_connection: refcnt 1
# search result
search: 2
ldap_parse_result
ber_scanf fmt ({iaa) ber:
ber_dump: buf=0x080612a8 ptr=0x080612ab end=0x080612b4 len=9
  0000:  65 07 0a 01 20 04 00 04  00                        e... ....
ber_scanf fmt (}) ber:
ber_dump: buf=0x080612a8 ptr=0x080612b4 end=0x080612b4 len=0

ldap_err2string
result: 32 No such object
ldap_msgfree

# numResponses: 1
ldap_free_connection 1 1
ldap_send_unbind
ber_flush: 7 bytes to sd 4
  0000:  30 05 02 01 03 42 00                               0....B.
ldap_write: want=7, written=7
  0000:  30 05 02 01 03 42 00                               0....B.
ldap_free_connection: actually freed
</i>