写给所有OpenLDAP不能正常启动的人

shangyilong

提醒一下，配置文件别写错了，注意大小写。

Mythikal

用ports安装openldap（配合extmail用）启动不了，什么原因呢？

显示错误：

slapd[98306]: sql_select option missing
slapd[98306]: auxpropfunc error no mechanism available

slapd -d 256：

@(#) $OpenLDAP: slapd 2.3.38 (Oct 23 2007 22:28:25) $
        root@xena.abc.org:/usr/ports/net/openldap23-server/work/openldap-2.3.38/servers/slapd
Oct 24 08:49:47 xena slapd[98306]: sql_select option missing
Oct 24 08:49:47 xena slapd[98306]: auxpropfunc error no mechanism available
bdb_db_open: Warning - No DB_CONFIG file found in directory /var/db/openldap-data: (2)
Expect poor performance for suffix dc=abc.org.
slapd starting

Mythikal

# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include         /usr/local/etc/openldap/schema/core.schema
include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/nis.schema
include         /usr/local/etc/openldap/schema/extmail.schema


# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral       ldap://root.openldap.org

pidfile         /var/run/openldap/slapd.pid
argsfile        /var/run/openldap/slapd.args

# Load dynamic backend modules:
modulepath      /usr/local/libexec/openldap
moduleload      back_bdb
moduleload      back_ldap
# moduleload    back_ldbm
# moduleload    back_passwd
# moduleload    back_shell

# Sample security restrictions
#       Require integrity protection (prevent hijacking)
#       Require 112-bit (3DES or better) encryption for updates
#       Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:
#       Root DSE: allow anyone to read it
#       Subschema (sub)entry DSE: allow anyone to read it
#       Other DSEs:
#               Allow self write access
#               Allow authenticated users read access
#               Allow anonymous users to authenticate
#       Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
#       by self write
#       by users read
#       by anonymous auth
#
# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn.  (e.g., "access to * by * read"
#
# rootdn can always read and write EVERYTHING!

#######################################################################
# BDB database definitions
#######################################################################

database        bdb
suffix          "dc=abc.org"
rootdn          "cn=Manager,dc=abc.org"
# Cleartext passwords, especially for the rootdn, should
# be avoid.  See slappasswd( and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw          secret
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory       /var/db/openldap-data
# Indices to maintain
index   objectClass     eq
index   mail,active,virtualDomain,mailLocalAddress         eq,pres

# Performance tuning directives
sizelimit       5000
threads         8
idletimeout     14400
cachesize       10000
checkpoint      256     15

戏园子

环境：redhat as4 up4
现在遇到一个怪现象：用slapd直接起LDAP，可以起来，用sldap -d进行跟踪，也没有什么错。可是用service ldap start就是起不来LDAP。

做过这样的操作：将redhat as4 up4的LDAP的RPM包均删掉，降级用redhat as4没有up包的LDAP版本。这样做是因为以前的LDAP是as4 no up的，备份的LDAP库用up4的LDAP好像不能正确识别。

atyu30

系统环境：
AS 5
openldap-2.3.27-5
db4-4.3.29-9.fc6
启动日志:
Feb 22 17:14:27 wiki slapd[1601]: @(#) $OpenLDAP: slapd 2.3.27 (Jan  3 2007 13:11:16) $         brewbuilder@ls20-bc1-14.build.redhat.com:/builddir/build/BUILD/openldap-2.3.27/openldap-2.3.27/build-servers/servers/slapd
Feb 22 17:14:29 wiki slapd[1602]: bdb_db_open: Database cannot be opened, err 13. Restore from backup!
Feb 22 17:14:29 wiki slapd[1602]: bdb(dc=test,dc=com): DB_ENV->lock_id_free interface requires an environment configured for the locking subsystem
Feb 22 17:14:29 wiki slapd[1602]: bdb(dc=openbsdonly,dc=org): txn_checkpoint interface requires an environment configured for the transaction subsystem
Feb 22 17:14:29 wiki slapd[1602]: bdb_db_close: txn_checkpoint failed: Invalid argument (22)
Feb 22 17:14:30 wiki slapd[1602]: backend_startup_one: bi_db_open failed! (13)
Feb 22 17:14:30 wiki slapd[1602]: bdb_db_close: alock_close failed
Feb 22 17:14:30 wiki slapd[1602]: slapd stopped.
Feb 22 17:14:30 wiki slapd[1602]: connections_destroy: nothing to destroy.

ngcode

我的openldap启动正常，也能添加entry，但用ldappasswd修改密码时提示：ldap_bind: Invalid credentials (49)

li_xiqing

os:rhel5

[root@dns usr]# /usr/local/libexec/slapd -d 256
@(#) $OpenLDAP: slapd 2.3.39 (Mar  6 2008 06:43:12) $
        root@dns.mysina.com:/var/spool/samba/ldap/openldap-2.3.39/servers/slapd
daemon: bind(7) failed errno=98 (Address already in use)
daemon: bind(7) failed errno=98 (Address already in use)
slapd stopped.
connections_destroy: nothing to destroy.

moocky

以前一直运行稳定，前两天突然出现问题，启动部了
/var磁盘空间也足够，不知道那儿出问题导致的错误，请高人指点
@(#) $OpenLDAP: slapd 2.2.13 (Aug 13 2006 01:27:00) $
        buildcentos@build-i386:/home/buildcentos/rpmbuild/BUILD/openldap-2.2.13/openldap-2.2.13/build-servers/servers/slapd
bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December  3, 2003)
bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December  3, 2003)
bdb_db_init: Initializing BDB database
bdb(dc=extmail.org): Lock table is out of available locker entries
bdb_db_open: db_open(/var/lib/ldap) failed: Cannot allocate memory (12)
backend_startup: bi_db_open(0) failed! (12)
bdb(dc=extmail.org): Database handles open during environment close
bdb_db_destroy: close failed: Invalid argument (22)
slapd stopped.
connections_destroy: nothing to destroy.

jetchan

/usr/bin/db_recover   to recover 2.2.XX  ldap corrupted database

jetchan

/usr/bin/db_recover to fix the problem