_ldapinit doesn't work with default slapd configuration
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ldapscripts (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: ldapscripts
steps to reproduce:
- install slapd
- install and configure ldapscripts
- execute _ldapinit
detailed info:
when you install slapd debconf creates two objects, root organization and admin user:
dn: dc=nodomain
objectClass: top
objectClass: dcObject
objectClass: organization
o: nodomain
dc: nodomain
dn: cn=admin,
objectClass: simpleSecurityO
objectClass: organizationalRole
cn: admin
description: LDAP administrator
_ldapinit is intented to initially populate ldap with basic entries but it fails with default slapd configuration:
# _ldapinit
Error initializing LDAP tree
tail /var/log/
>> 07/18/07 - 15:02 : Command : /usr/bin/_ldapinit
ldap_add: Already exists (68)
Error initializing LDAP tree
to avoid this error there's two options:
1- stop the slapd server, remove the BDB files on /var/lib/ldap/*, start slapd again, execute _ldapinit
2- modify _ldapinit to avoid conflicts with pre-populated slapd
i think second approach is better and i recommend a new file (_ldapinit.debian). this is a diff against _ldapinit and _ldapinit.debian (a copy of the first) that solves the problem:
diff -u _ldapinit _ldapinit.debian
--- _ldapinit 2007-07-18 14:59:28.000000000 +0200
+++ _ldapinit.debian 2007-07-18 15:04:32.000000000 +0200
@@ -35,13 +35,6 @@
end_ok "Successfully initialized LDAP tree"
# Ldif info #######
-##dn: <suffix>
-##objectClass: dcObject
-##objectClass: organization
-##dc: <_suffix>
-##o: <_suffix>
-##description: <_suffix>
-##
##dn: <usuffix>,<suffix>
##objectClass: top
##objectClass: organizationalUnit
as you can see, is enough with removing the root object to avoid errors.
instead of creating a file called _ldapinit.debian we could rename the original to something like _ldapinit.flat and keep modified one as _ldapinit
related info:
lsb_release --all
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 7.04
Release: 7.04
Codename: feisty
Package: ldapscripts
Priority: optional
Section: universe/admin
Installed-Size: 216
Maintainer: Pierre Habouzit <email address hidden>
Architecture: all
Version: 1.4-2
This bug was fixed in the package ldapscripts - 1.8.0-0ubuntu1
---------------
ldapscripts (1.8.0-0ubuntu1) intrepid; urgency=low
* New Upstream release (LP: #261462) s/ldapscripts. passwd is used by default (LP: #49007)
* Package no longer needs the workstation to be configured
for LDAP auth in order to work (LP: #114006, LP #256091)
- Removed debian.runtime
- Package doesn't depend on libnss-ldap
* Updated Homepage field
* Improved the Description language, to make it clearer
* /etc/ldapscript
* ldapinit now uses the 'ldapadd -c' option allowing the script to continue if
objects are already present (LP: #126759)
* Adjusted the default ldapscripts.conf file for new options.
-- Adam Sommer <email address hidden> Tue, 26 Aug 2008 00:31:28 -0400