Hiya.. I've had a disk failure, and I managed to save the root and var partitions, but after recreating the structure I'm in trouble.. LDAP can't start, I have no ideas on what to do next, I did a re-install of all LDAP, Berkeley-DB, SLP apps, but still I get errors. When trying 'rcldap start' I get this: Starting ldap-serverstartproc: exit status of parent of /usr/lib/openldap/slapd: 1 failed Then in my /var/log/messages I have: Aug 26 22:34:39 beata slapd[8580]: @(#) $OpenLDAP: slapd 2.2.6 (Dec 9 2004 14:56:36) $ abuild@xenakis:/usr/src/packages/BUILD/openldap-2.2.6/servers/slapd Aug 26 22:34:39 beata slapd[8580]: bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (June 30, 2004) slpd.log contains: **************************************** Fri Aug 26 22:27:07 2005 SLPD daemon started **************************************** Command line = /usr/sbin/slpd Using configuration file = /etc/slp.conf Using registration file = /etc/slp.reg Using SPI file = /etc/slp.spi Listening on loopback... Listening on 192.168.111.10 ... Multicast socket on 192.168.111.10 ready Unicast socket on 192.168.111.10 ready Broadcast socket for 255.255.255.255 ready Multicast MDNS socket on 192.168.111.10 ready Unicast MDNS socket on 192.168.111.10 ready Agent Interfaces = 192.168.111.10 Agent URL = service:service-agent://192.168.111.10 Startup complete entering main run loop ... I don't know where to look further for the problem... When I do a 'slapcat', it lists all posts that should be there. Anders.
On 2005-08-26 22:39 Anders Norrbring wrote:
Hiya.. I've had a disk failure, and I managed to save the root and var partitions, but after recreating the structure I'm in trouble..
LDAP can't start, I have no ideas on what to do next, I did a re-install of all LDAP, Berkeley-DB, SLP apps, but still I get errors.
When trying 'rcldap start' I get this: Starting ldap-serverstartproc: exit status of parent of /usr/lib/openldap/slapd: 1 failed
Then in my /var/log/messages I have: Aug 26 22:34:39 beata slapd[8580]: @(#) $OpenLDAP: slapd 2.2.6 (Dec 9 2004 14:56:36) $ abuild@xenakis:/usr/src/packages/BUILD/openldap-2.2.6/servers/slapd Aug 26 22:34:39 beata slapd[8580]: bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (June 30, 2004)
slpd.log contains: **************************************** Fri Aug 26 22:27:07 2005 SLPD daemon started **************************************** Command line = /usr/sbin/slpd Using configuration file = /etc/slp.conf Using registration file = /etc/slp.reg Using SPI file = /etc/slp.spi Listening on loopback... Listening on 192.168.111.10 ... Multicast socket on 192.168.111.10 ready Unicast socket on 192.168.111.10 ready Broadcast socket for 255.255.255.255 ready Multicast MDNS socket on 192.168.111.10 ready Unicast MDNS socket on 192.168.111.10 ready Agent Interfaces = 192.168.111.10 Agent URL = service:service-agent://192.168.111.10 Startup complete entering main run loop ...
I don't know where to look further for the problem... When I do a 'slapcat', it lists all posts that should be there.
More info.. I turned on almost all debug logging functions to LDAP,
here's the output from the last try.
Aug 26 22:53:18 beata slapd[6016]: @(#) $OpenLDAP: slapd 2.2.6 (Dec 9
2004 14:56:36) $
abuild@xenakis:/usr/src/packages/BUILD/openldap-2.2.6/servers/slapd
Aug 26 22:53:18 beata slapd[6016]: bdb_initialize: Sleepycat Software:
Berkeley DB 4.2.52: (June 30, 2004)
Aug 26 22:53:18 beata slapd[6016]: line 75 (TLSCertificateFile
/etc/ssl/servercerts/servercert.pem)
Aug 26 22:53:18 beata slapd[6016]: line 76 (TLSCACertificatePath
/etc/ssl/certs/)
Aug 26 22:53:18 beata slapd[6016]: line 77 (TLSCertificateKeyFile
/etc/ssl/servercerts/serverkey.pem)
Aug 26 22:53:18 beata slapd[6016]: line 78 (database bdb)
Aug 26 22:53:18 beata slapd[6016]: bdb_db_init: Initializing bdb database
Aug 26 22:53:18 beata slapd[6016]: line 79 (suffix "dc=the-server,dc=net")
Aug 26 22:53:18 beata slapd[6016]: >>> dnPrettyNormal:
Anders Norrbring wrote:
Aug 26 22:53:18 beata slapd[6016]: main: TLS init def ctx failed: -1 Aug 26 22:53:18 beata slapd[6016]: slapd shutdown: freeing system resources. Aug 26 22:53:18 beata slapd[6016]: slapd stopped. Aug 26 22:53:18 beata slapd[6016]: connections_destroy: nothing to destroy. Aug 26 22:53:22 beata smbd[5354]: [2005/08/26 22:53:22, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(1971) Aug 26 22:53:22 beata smbd[5354]: ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (unknown) (Timed out) Aug 26 22:53:30 beata master[4087]: process 5674 exited, status 0
This is the best I could find, I hope it helps: http://www.openldap.org/lists/openldap-software/200304/msg00984.html James W
On 2005-08-26 23:20 James Wright wrote:
Anders Norrbring wrote:
Aug 26 22:53:18 beata slapd[6016]: main: TLS init def ctx failed: -1 Aug 26 22:53:18 beata slapd[6016]: slapd shutdown: freeing system resources. Aug 26 22:53:18 beata slapd[6016]: slapd stopped. Aug 26 22:53:18 beata slapd[6016]: connections_destroy: nothing to destroy. Aug 26 22:53:22 beata smbd[5354]: [2005/08/26 22:53:22, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(1971) Aug 26 22:53:22 beata smbd[5354]: ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (unknown) (Timed out) Aug 26 22:53:30 beata master[4087]: process 5674 exited, status 0
This is the best I could find, I hope it helps:
http://www.openldap.org/lists/openldap-software/200304/msg00984.html
James W
Thanks a lot James! It helped me to look in the right place.. :) I was staring myself blind on LDAP and SLP, I didn't even think about the SSL.. Problem solved by simply going to YaST2 ldap-server, and to select certificate in the TLS settings. It seems like it had just forgot which cert to use. Gratefully, Anders.
On 2005-08-27 09:57 Anders Norrbring wrote:
On 2005-08-26 23:20 James Wright wrote:
Anders Norrbring wrote:
Aug 26 22:53:18 beata slapd[6016]: main: TLS init def ctx failed: -1 Aug 26 22:53:18 beata slapd[6016]: slapd shutdown: freeing system resources. Aug 26 22:53:18 beata slapd[6016]: slapd stopped. Aug 26 22:53:18 beata slapd[6016]: connections_destroy: nothing to destroy. Aug 26 22:53:22 beata smbd[5354]: [2005/08/26 22:53:22, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(1971) Aug 26 22:53:22 beata smbd[5354]: ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (unknown) (Timed out) Aug 26 22:53:30 beata master[4087]: process 5674 exited, status 0
This is the best I could find, I hope it helps:
http://www.openldap.org/lists/openldap-software/200304/msg00984.html
James W
Thanks a lot James!
It helped me to look in the right place.. :) I was staring myself blind on LDAP and SLP, I didn't even think about the SSL..
Problem solved by simply going to YaST2 ldap-server, and to select certificate in the TLS settings. It seems like it had just forgot which cert to use.
Gratefully, Anders.
Seems like I was a little too enthusiastic... The LDAP works now, but still Samba doesn't work as it should, it can't verify the workstations in the domain, they're there when I look with slapcat, but workstations can't be found when trying to log on. Anders.
On 2005-08-27 11:02 Anders Norrbring wrote:
On 2005-08-27 09:57 Anders Norrbring wrote:
On 2005-08-26 23:20 James Wright wrote:
Anders Norrbring wrote:
Aug 26 22:53:18 beata slapd[6016]: main: TLS init def ctx failed: -1 Aug 26 22:53:18 beata slapd[6016]: slapd shutdown: freeing system resources. Aug 26 22:53:18 beata slapd[6016]: slapd stopped. Aug 26 22:53:18 beata slapd[6016]: connections_destroy: nothing to destroy. Aug 26 22:53:22 beata smbd[5354]: [2005/08/26 22:53:22, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(1971) Aug 26 22:53:22 beata smbd[5354]: ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (unknown) (Timed out) Aug 26 22:53:30 beata master[4087]: process 5674 exited, status 0
This is the best I could find, I hope it helps:
http://www.openldap.org/lists/openldap-software/200304/msg00984.html
James W
Thanks a lot James!
It helped me to look in the right place.. :) I was staring myself blind on LDAP and SLP, I didn't even think about the SSL..
Problem solved by simply going to YaST2 ldap-server, and to select certificate in the TLS settings. It seems like it had just forgot which cert to use.
Gratefully, Anders.
Seems like I was a little too enthusiastic... The LDAP works now, but still Samba doesn't work as it should, it can't verify the workstations in the domain, they're there when I look with slapcat, but workstations can't be found when trying to log on.
It feels like a complete re-install could be in place here.. Here's the latest from log.smbd [2005/08/27 12:29:28, 0] smbd/server.c:main(764) smbd version 3.0.9-2.1.5-SUSE started. Copyright Andrew Tridgell and the Samba Team 1992-2004 [2005/08/27 12:29:28, 0] param/loadparm.c:map_parameter(2435) Unknown parameter encountered: "enable privileges" [2005/08/27 12:29:28, 0] param/loadparm.c:lp_do_parameter(3125) Ignoring unknown parameter "enable privileges" [2005/08/27 12:29:28, 1] lib/smbldap.c:add_new_domain_info(1347) failed to add domain dn= sambaDomainName=NORRBRING,dc=the-server,dc=net with: Already exists [2005/08/27 12:29:28, 0] lib/smbldap.c:smbldap_search_domain_info(1396) Adding domain info for NORRBRING failed with NT_STATUS_UNSUCCESSFUL And here's the /var/log/warn Aug 27 12:29:51 beata net: Adding domain info for NORRBRING failed with NT_STATUS_UNSUCCESSFUL Aug 27 12:29:52 beata nmbd[6009]: [2005/08/27 12:29:52, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2(396) Aug 27 12:29:52 beata nmbd[6009]: ***** Aug 27 12:29:52 beata nmbd[6009]: Aug 27 12:29:52 beata nmbd[6009]: Samba name server BEATA is now a local master browser for workgroup NORRBRING on subnet 192.168.111.10 Aug 27 12:29:52 beata nmbd[6009]: Aug 27 12:29:52 beata nmbd[6009]: ***** Aug 27 12:42:03 beata smbd[6151]: [2005/08/27 12:42:03, 0] rpc_server/srv_netlog_nt.c:get_md4pw(244) Aug 27 12:42:03 beata smbd[6151]: get_md4pw: Workstation SIGNE$: no account in domain
participants (2)
-
Anders Norrbring
-
James Wright