[turba] Re:LDAP ADD CONTACT

Partha parth11 at yahoo.com
Wed Dec 4 19:00:38 2002 

Hi

I tried ldappasswd binddn as root and the way u
sugegsted but got errors:
Result:No such object
Additioan info:Could not locate authorization entry

from my log:
Dec  4 07:33:34 intranet slapd[9873]: daemon: conn=0
fd=9 connection from IP=192.168.0.3:34297
(IP=0.0.0.0:34049) accepted. 
Dec  4 07:33:34 intranet slapd[9884]: conn=0 op=0 BIND
dn="CN=MY-LOGIN@MY-DOMAIN.COM,OU=PEOPLE,DC=MY-DOMAIN,DC=COM"
method=128 
Dec  4 07:33:34 intranet slapd[9873]: deferring
operation 
Dec  4 07:33:34 intranet slapd[9884]: conn=0 op=0
RESULT tag=97 err=0 text= 
Dec  4 07:33:34 intranet slapd[9886]: conn=0 op=2
UNBIND 
Dec  4 07:33:34 intranet slapd[9885]: conn=-1 fd=9
closed 
Dec  4 07:34:50 intranet slapd[9873]: daemon: conn=1
fd=9 connection from IP=192.168.0.3:34300
(IP=0.0.0.0:34049) accepted. 
Dec  4 07:34:50 intranet slapd[9884]: conn=1 op=0 BIND
dn="CN=ROOT,DC=MY-DOMAIN,DC=COM" method=128 
Dec  4 07:34:50 intranet slapd[9884]: conn=1 op=0
RESULT tag=97 err=0 text= 
Dec  4 07:34:50 intranet slapd[9885]: conn=1 op=2
UNBIND 
Dec  4 07:34:50 intranet slapd[9885]: conn=-1 fd=9
closed 

from all my tries my access control has endedup like
this:

access to *
	by * read
      	by dn="cn=root,dc=MY-DOMAIN,dc=com" write
        by self write
	by anonymous	read
access to dn="ou=.+,ou=Personal Address
Book,dc=MY-DOMAIN,dc=com"
	by * read
	by self write
        by * none

There might something be very simple but I am dumb..

Thanks,

Partha



--- eculp@encontacto.net wrote:
> Quoting Partha <parth11@yahoo.com>:
> 
>  | Hi
>  | 
>  | sorry,I meant was I needed to add password for
>  |
>
cn=my-login@my-domain.com,ou=people,dc=my-domain,dc=com.
>  | I did ldapmodify to add userpassword attribute,is
> it
>  | any different than that you suggested.I see a
> user
>  | password attribute on list in the directory but I
>  | still have same error in my log(does not write
> acces
>  | to parent directory).
> 
> Can you now do 
> 
> ldappasswd -x -D
>
'cn=my-login@my-domain.com,ou=people,dc=my-domain,dc=com'
> \
> -w thePasswordYouAddedWithLdapModify -s aNewPassword
> \
>
'cn=my-login@my-domain.com,ou=people,dc=my-domain,dc=com'
> 
> with success?  If I recall, the acl's you sent
> previously allowed each
> user to modify their entry.  If you are successful,
> try logging in again
> and if that isn't successful please send the lines
> from your slapd.log
> that are not "err 0" during the attempt.
> 
> Thanks,
> 
> ed
> 
>  | 
>  | I did uncomment this line:
>  | #'bind_password' =>
> Auth::getCredential('password'),
>  | from /home/turba/config/sources.php file
>  | 
>  | I am a newbie to ldap.....
>  | 
>  | Thanks a lot
>  | 
>  | Partha
>  | 
>  | --- eculp@encontacto.net wrote:
>  | > Quoting Partha <parth11@yahoo.com>:
>  | >
>  | >  | Hi,
>  | >  | Thanks for your patience and time.This is
> first
>  | > time I
>  | >  | am posting so I am not sure reply to your
> mail id
>  | > or
>  | >  | to turba's list.
>  | >  |
>  | >  | I have directory structure:
>  | >  | dc=my-domain,dc=com
>  | >  |     |
>  | >  |     |-ou=Personal Address book
>  | >  |     |         |-ou=my-login@my-domain.com
>  | >  |     |                  |-cn=james Bond
>  | >  |     |
>  | >  |     |-ou=people
>  | >  |               |-cn=my-login@my-domain.com
>  | >  |
>  | >  | I do not have password entry for ou=people,I
>  | > don't
>  | >  | know how to add one or modify.
>  | >  |
>  | >  | My problem might be the password- How do I
> add
>  | >  | password and use it .
>  | >
>  | > If I remember correctly from your previous
> email,
>  | > you have commented
>  | > out the password for the user in your
>  | > horde/turba/sources.php
>  | > I don't see why you need a password for
> ou=people
>  | > but you do need one
>  | > for
>  | >
>  |
>
cn=my-login@my-domain.com,ou=people,dc=my-domain,dc=com
>  | >
>  | > If you don't have one you can add it with the
>  | > following command changing
>  | > the example to your real values.
>  | >
>  | > ldappasswd -x -D
> 'cn=manager,dc=my-domain,dc=com' -w
>  | > rootpassword \
>  | >    -s YourPassword
>  | >
>  |
>
'cn=my-login@my-domain.com,ou=people,dc=my-domain,dc=com'
>  | >
>  | > The above is actually one line as shown by the
> "\"
>  | > escape char.
>  | >
>  | > You will then need to remove the # from the
>  | >
>  | > #'bind_password' =>
> Auth::getCredential('password'),
>  | >
>  | > line and if we are lucky, it might just work
> :-)
>  | >
>  | > good luck,
>  | >
>  | > ed
>  | >  |
>  | >  | Thanks in advance
>  | >  | Partha
>  | >  |
>  | >  | | Hi All
>  | >  |  | I want to use LDAP for my personal
> address
>  | > book.I
>  | >  | went
>  | >  |  | through lot of reading material but still
>  | > can't get
>  | >  | it
>  | >  |  | right.
>  | >  | I've got a few questions below that could
>  | > possibly be
>  | >  | part of the
>  | >  | problem but again they could just be typos
>  | > because
>  | >  | this may not
>  | >  | be a cut and paste of your sources.php.
>  | >  |
>  | >  |  |
>  | >  |  | I have problem adding contact to my
> personal
>  | >  | address
>  | >  |  | book.
>  | >  |  |
>  | >  |  | my sources.php looks like this--->
>  | >  |  | $cn = Auth::getAuth();
>  | >  |
>  | >  | You are sure that the above returns the
> value of
>  | > the
>  | >  | directory
>  | >  | attribute
>  | >  | for cn in all cases?  CN then is what you
> use for
>  | >  | login.
>  | >  |
>  | >  |  | #$temp = Auth::getCredential('password');
>  | >  |  | #preg_match = ("/(^.*)@/"),$cn,$cn);
>  | >  |  | #Print $cn ."-This is cn--";
>  | >  |  |
>  | >  |  | /**
>  | >  |  |  * A local directory in an LDAP
> directory.
>  | > This
>  | >  |  | implements a public (shared)
>  | >  |  |  * address book.
>  | >  |  |  */
>  | >  |  | $cfgSources['localldap'] = array(
>  | >  |  |     'title' => 'Shared LDAP Directory',
>  | >  |  |     'type' => 'ldap',
>  | >  |  |     'params' => array(
>  | >  |  |         'server' => 'localhost',
>  | >  |  |         'port' => 389,
>  | >  |  |         'root' => 'ou='.$cn.',ou=Personal
>  | > Address
>  | >  |  | Book,dc=my-domain,dc=com',
>  | >  |
>  | >  | How can you have a dynamic value for the
> above ou
>  | >  | attribute?  That
>  | >  | would
>  | >  | mean that there is an entry in your
> directory
>  | >  | something like the
>  | >  | following
>  | >  | for each user.
>  | >  |
>  | >  | dn: ou=user1,ou=Personal Address
>  | >  | Book,dc=my-domain,dc=com
>  | >  | ou: user1
>  | >  | objectClass: top
>  | >  | objectClass: organizationalUnit
>  | >  |
>  | >  | dn: ou=user2,ou=Personal Address
>  | >  | Book,dc=my-domain,dc=com
>  | >  | ou: user1
>  | >  | objectClass: top
>  | >  | objectClass: organizationalUnit
>  | >  |
> 
=== message truncated ===


__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

More information about the turba mailing list