[FUG-BR] Erro na inicialização do ldap

Jose Raimundo da S. Barbosa jose.barbosa em cpaa.embrapa.br
Terça Junho 17 16:11:31 BRT 2008 

Ok Jorge, levou uns 3 seg...mas a mensagem no log messages persiste. Em
seguida alterei o nsswitch.conf conforme mensagem do thOLOko:

mude para:

/etc/nsswitch.conf
#group: compat
group: files ldap winbind
group_compat: nis
hosts: files dns
networks: files
#passwd: compat
passwd:     files ldap winbind
shadow:     files ldap winbind
passwd_compat: nis
shells: files

e continua o mesmo problema...complementando minha duvida...sera que esse
problema pode interferir na integracao com os outros servicos
(Postfix,etc)? pois, apesar desse erro constatado via /var/log/messages o
LDAP ta funcionando.

> Altere esses parâmetros nos arquivos nss_ldap.conf e ldap.conf que seu
> ldap vai iniciar bem mais rápido.
> Reporta ai depois.
>
> Abraço.
>
> timelimit 3
> bind_timelimit 3
> bind_policy soft
>
>
>
>
> _________________________________________
> * *Jorge Petry Neto *
> *Administrador de Redes e Servidores
> (48) 8401-4436
> jorge em jspnet.com.br <mailto:jorge em jspnet.com.br>*
> **www.jspnet.com.br * <http://www.jspnet.com.br/>
>
>
>
>
> Jose Raimundo da S. Barbosa escreveu:
>> ola colegas, acabei de instalar e configurar um servidor LDAP. Parece
>> que
>> tudo ta funcionando legal: construi a base LDAP, importei minha base de
>> usuário para dentro dele, estou consultando a base, etc. Mas agora vou
>> partir para a integracao com o SAMBA, postfix, etc. Só que consultando
>> meu
>> /var/log/messages vejo as seguintes mensagens na inicializacao do LDAP:
>>
>> Jun 17 13:22:00 ariranha slapd[9073]: nss_ldap: could not search LDAP
>> server - Server is unavailable
>> Jun 17 13:22:00 ariranha slapd[9073]: sql_select option missing
>> Jun 17 13:22:00 ariranha slapd[9073]: auxpropfunc error no mechanism
>> available
>>
>> fiz um teste...parei o servidor (/usr/local/etc/rc.d/slapd stop) e
>> startei
>> novamente...reparei que a partir de entao ele leva uns 30 segundos para
>> entrar no ar...dai visualizei novamente o log messages e a mensagem
>> acima
>> consta no arquivo.
>>
>> Alguma idéia?
>>
>> Acabei de instalar o FreeBSD 7.0
>>
>> nss_ldap.conf
>> --------------
>>  @(#)$Id: ldap.conf,v 2.47 2006/05/15 08:13:44 lukeh Exp $
>> #
>> # This is the configuration file for the LDAP nameservice
>> # switch library and the LDAP PAM module.
>> #
>> # PADL Software
>> # http://www.padl.com
>> #
>>
>> host 127.0.0.1
>> base dc=cpaa,dc=embrapa,dc=br
>> uri ldap://cegonha.cpaa.embrapa.br/
>> ldap_version 3
>>
>>
>> slapd.conf
>> ------------
>> #
>> # See slapd.conf(5) for details on configuration options.
>> # This file should NOT be world readable.
>> #
>> include         /usr/local/etc/openldap/schema/core.schema
>> include         /usr/local/etc/openldap/schema/cosine.schema
>> include         /usr/local/etc/openldap/schema/nis.schema
>> include         /usr/local/etc/openldap/schema/inetorgperson.schema
>> include         /usr/local/etc/openldap/schema/qmail.schema
>> include         /usr/local/etc/openldap/schema/samba.schema
>>
>> # Ativando suporte a TLS
>> TLSCertificateFile /usr/local/etc/openldap/ssl/servercrt.pem
>> TLSCertificateKeyFile /usr/local/etc/openldap/ssl/serverkey.pem
>> TLSCACertificateFile /usr/local/etc/openldap/ssl/cacert.pem
>> #TLSCipherSuite HIGH:MEDIUM:+SSLv2
>>
>> # Define global ACLs to disable default read access.
>>
>> # Do not enable referrals until AFTER you have a working directory
>> # service AND an understanding of referrals.
>> #referral       ldap://root.openldap.org
>>
>> pidfile         /var/run/openldap/slapd.pid
>> argsfile        /var/run/openldap/slapd.args
>>
>> # Load dynamic backend modules:
>> modulepath      /usr/local/libexec/openldap
>> moduleload      back_bdb
>> # moduleload    back_ldap
>> # moduleload    back_ldbm
>> # moduleload    back_passwd
>> # moduleload    back_shell
>>
>> access to attrs=userPassword,sambaLMPassword,sambaNTPassword
>>      by dn="cn=root,dc=embrapa,dc=br" write
>>      by anonymous auth
>>      by self write
>>      by * none
>>
>> access to attrs=uidNumber,gidNumber
>>    by dn="cn=root,dc=embrapa,dc=br" write
>>    by * read
>>
>> access to *
>>    by dn="cn=root,dc=embrapa,dc=br" write
>>    by self write
>>    by * read
>>
>> database        bdb
>> suffix          "dc=embrapa,dc=br"
>> rootdn          "cn=root,dc=embrapa,dc=br"
>>
>> rootpw  secret
>> # The database directory MUST exist prior to running slapd AND
>> # should only be accessible by the slapd and slap tools.
>> # Mode 700 recommended.
>> directory       /var/db/openldap-data
>> # Indices to maintain
>> index   objectClass             eq
>> index   uid                     pres,eq,sub
>> index   gidNumber               eq
>> index   uidNumber               eq
>> index   cn                      pres,eq,sub
>> index   memberuid               pres,eq,sub
>> index   mail                    pres,eq,sub
>> index   mailAlternateAddress    pres,eq,sub
>> index   sn                      pres,eq,sub
>> #index   displayName             pres,eq,sub
>> #index   sambaSID,sambaPrimaryGroupSID,sambaDomainName  eq
>> #index   default                 sub
>>
>>
>>
>> -------------------------
>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>
>>
>
> --
>
> -------------------------
> Histórico: http://www.fug.com.br/historico/html/freebsd/
> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>


-- 
José Raimundo da S. Barbosa
Embrapa Amazonia Ocidental
Setor de Informação
Fone: (92) 3621-0350)

Mais detalhes sobre a lista de discussão freebsd