silly.agent - hard to say what is wrong as there are many variables, but try this one change:
When it works, Thunderbird won't show you a list. You have to do a search for a name, or simply for "@".Code:Base DN: dc=servername,dc=org
silly.agent - hard to say what is wrong as there are many variables, but try this one change:
When it works, Thunderbird won't show you a list. You have to do a search for a name, or simply for "@".Code:Base DN: dc=servername,dc=org
Thanks for your reply.
I tried your suggestion but didn't work.
I didn't mention earlier that I change the target location of the db (also changed permissions to openldap : openldap)
Also noticed that after wiping out the db withCode:directory "/var/lib/ldap/mozilla/db"
when I do a searchCode:sudo rm -rf /var/lib/ldap/mozilla/db/*
I get the following output:Code:ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts
Then, after adding data:Code:# extended LDIF # # LDAPv3 # base <> with scope baseObject # filter: (objectclass=*) # requesting: namingContexts # # dn: namingContexts: dc=servername,dc=org # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1
and restarting serverCode:sudo slapadd -v -l init.ldif sudo slapadd -v -l template.ldif
I get the following error message:Code:sudo /etc/init.d/slapd restart ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts
Any ideas?Code:ldap_bind: Can't contact LDAP server (-1)
Thanks again.
Last edited by silly.agent; May 9th, 2007 at 12:52 AM.
Still no white smoke.
I managed to solve this problem though:
looks like it was the byproduct of running slapd manually without adding the "-u openldap" parameter, consequently the db files were not owned anymore by openldap : openldap but by root : root instead.Code:ldap_bind: Can't contact LDAP server (-1)
Now running
generates the following output:Code:ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts
Code:# extended LDIF # # LDAPv3 # base <> with scope baseObject # filter: (objectclass=*) # requesting: namingContexts # # dn: namingContexts: dc=servername,dc=org # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1
Unfortunately, T'Bird still cannot retrieve the single entry from the LDAP server.
These are the db file permissions:
Any suggestions anyone?Code:ls -l /var/lib/ldap/mozilla/db/ -rw------- 1 openldap openldap 2048 2007-05-08 19:59 alock -rw------- 1 openldap openldap 8192 2007-05-08 16:55 __db.001 -rw------- 1 openldap openldap 2629632 2007-05-08 16:55 __db.002 -rw------- 1 openldap openldap 98304 2007-05-08 16:55 __db.003 -rw------- 1 openldap openldap 565248 2007-05-08 16:55 __db.004 -rw------- 1 openldap openldap 24576 2007-05-08 16:55 __db.005 -rw------- 1 openldap openldap 96 2007-05-08 16:55 DB_CONFIG -rw------- 1 openldap openldap 8192 2007-05-08 19:59 dn2id.bdb -rw------- 1 openldap openldap 32768 2007-05-08 19:59 id2entry.bdb -rw------- 1 openldap openldap 58149 2007-05-08 19:59 log.0000000001 -rw------- 1 openldap openldap 8192 2007-05-08 19:59 objectClass.bdb
More baby steps.
I managed to connect locally (LAN ip) and retrieve data from the LDAP server.
Attempts to connect to ldap.servername.org have failed (most likely a firewall/router problem, I will look into that later on)
In the meantime, I tried to get the TLS part going but after restarting the LDAP server I get the following syslog output:
looks like a problem with the certificatesCode:main: TLS init def ctx failed: -1 slapd stopped. connections_destroy: nothing to destroy
any suggestions?
thanks
silly.agent - I don't think the certificates work unless you connect via the FQDN (e.g. ldap.servername.org).
Thanks for writing a good HOWTO. I am fairly new to all of this, and was able to get this working without much difficulty.
I must admit though, that now having it set up and running I feel a bit like I have wasted my time. I thought that Thunderbird would be able to edit and add LDAP entries which would have been great; the fact that it cannot seems odd to me.
Making it worse, I am not sure how to even go about doing so. Obviously, the template can be used - but what if I want to delete an entry? How can that be accomplished?
Luma sounded like a reasonable option, but after installing it I gather it is for a graphical Linux installation (as opposed to server-based)? Or possibly a linux based workstation? I couldn't find any documentation or information about it on the website.
Is there another option for windows based machines, Thunderbird, and a linux LDAP server?
Any tips would be appreciated; my plan was to switch everyone to Thunderbird for use with LDAP, but this is a bit of a snag!
Ashaman074 - Your post is like the gameshow Jeopardy. You just posted the answer. Now I will give you the question!
And you gave a fantastic answer - congratulations!Why don't more people move from Windows to Linux?
Of course, I say this with much sarcasm. Linux has made huge leaps in the past couple years, but one place it really lags is in competing with the MS Exchange Server. This method of LDAP and editing with Luma is clunky at best. It works quite well for my small household, but is not up to par for even a small office, in my view.
Hopefully an Open Source project such as Zimbra will soon change that.
Heheh, well thanks for the reply. If nothing else, I figure some of these projects are good learning experiences.
Actually, I have looked at zimbra before and was shocked at what all it can do - I guess that is why I was surprised that sharing an address book via LDAP had limitations.
Is there a way to delete entries at least? It wouldn't really be what I had hoped for, but it would at least allow me to provide an up-to-date address book for everyone - and that would be of some benefit
If you are looking for a command-line option, I would suggest looking at ldapdelete Do a "man ldapdelete" before you tried it though.
If you would prefer a more GUI-approach, try some of the web based ones out there. There are lots. You can put that on your server, then it will not matter what OS you are on.
This can be done for evolution. The schema is probably already sitting there on your system.
open up /etc/ldap/slapd.conf in a text editor and add this line to the includesCode:michael@michael-desktop:~$ sudo cp /usr/share/evolution-data-server-1.10/evolutionperson.schema /etc/ldap/schema/
Code:include /etc/ldap/schema/evolutionperson.schema
Bookmarks