Re: [Debian-sf-users] how to configure ldap password?

[Soon-Son Kwon]

Can anyone please send me a working copy of
slapd.conf and local.inc after installing sourceforge correctly?
(The up-to-date version is preferred of course. :-))

The default slapd/sourceforge combination seems to have
some configuration problem and I want to root cause it.

Thanks very much....


On Tue, Mar 12, 2002 at 09:15:43PM +0100, Christian BAYLE wrote:
> ldap is a tricky stuff :)
> 
> There are 2 reasons for this kind of message:
>       -password in sf is not the same that the one set in ldap
>       -/etc/ldap/slapd.conf does not give enough permissions to admin user
> 
> access lines for dn="cn=admin,dc=..."
> 
> take care to use the same dn ($sys_ldap_admin_dn var) in
> /etc/sourceforge/local.inc
> 
> I display $sys_ldap_admin_dn during install, this should help you
> this ldapmodify try to set the password for 
>  
> $sys_ldap_bind_dn="cn=SF_robot,dc=....
> that is used after to add/change ldap records, by the ldap php4 modules
> 
> for debugging the best is to modify the config files
> and to use install-ldap.sh script, until you manage to run it without
> errors
> one this done, sf setup should go smoothly.
> 
> Hope this help
> 
> Christian
> 
> Soon-Son Kwon wrote:
> > 
> > Hello: I found that 2.5-26 released for sid.
> > 
> > I tried to install it but failed....again.... :-(
> > 
> > The error occurred at the same location with "invalid credentials" message.
> > 
> > Error occurred while running this part at install-ldap.sh
> > 
> > echo "Changing SF_robot passwd using admin account"
> > ldapmodify -v -c -D "$sys_ldap_admin_dn" -x -w"$secret"<<-FIN
> > dn: $sys_ldap_bind_dn
> > changetype: modify
> > replace: userPassword
> > userPassword: $cryptedpasswd
> > FIN
> > 
> > It seems that the problem comes from the "$secret".
> > This seems to be the global password that enables the user
> > to add/del/modify any record on the ldap database.
> > 
> > When installing the newest slapd package, dselect shows the password
> > which it generated randomly and as far as I know, the "rootpw" directive
> > of slapd.conf contains this global password but the default installation
> > does not contain "rootpw blahblah" at slapd.conf.
> > 
> Take care that the newest package always keep ancient configuration
> that can use ancient admin with 
> dn=cn=admin,ou=People...
> 
> in this case a 
> apt-get remove --purge ldap should reset ldap correctly (this desinstall
> sourceforge that depends
> on it)
> 
> > Is the above installation error has anything to do with not having "rootpw"
> > in slapd.conf or is there any way to specify the global password
> > for slapd? "man slapd.conf" recommends using SASL instead of
> > having "rootpw". Should I use SASL in order to install sourceforge?
> 
> Normally you don't have to touch anything in SASL
> I never tried to make work ldap with kerberos, maybe you use this?
> 
> > 
> > I wonder if anyone successfully installed the sourceforge just by
> > following the default dselect choices without hand-editting any files.
> > 
> We do this regularily testing the package, the hardest is the first time
> in fact :)
> Once ldap is happy things are going smoother.
> 
> We are doing many checks, but our error message can probably be
> improved, 
> your remarks are welcome
> 
> > Thanks always....
> > --
> > -*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
> >            (o_             **WTFM**
> > (o_  (o_   //\
> > (/)_ (/)_  V_/_        http://kldp.org
> > -*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
> > 
> > _______________________________________________
> > Debian-sf-users mailing list
> > address@hidden
> > http://mail.freesoftware.fsf.org/mailman/listinfo/debian-sf-users
> 
> -- 
> Christian Bayle 
> ===============================================================================
> E-mail: address@hidden

-- 
-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
           (o_             **WTFM**
(o_  (o_   //\
(/)_ (/)_  V_/_        http://kldp.org
-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*