Re: [EXT] Re: ppolicy: attempting to load ppolicy module

Mon, 08 Jun 2020 09:28:12 -0700 

Apologies Quanah,

Yes - the first thing I did was to load the ppolicy schema.

Here is the full cn=module{0} from ldapsearch:

# module{0}, config
dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module{0}
olcModulePath: /usr/lib64/openldap
olcModuleLoad: {0}back_bdb
olcModuleLoad: {1}syncprov
olcModuleLoad: {2}ppolicy

Here is the contents of cn=module{0}.ldif

dn: cn=module{0}
objectClass: olcModuleList
cn: module{0}
olcModulePath: /usr/lib64/openldap
olcModuleLoad: {0}back_bdb
olcModuleLoad: {1}syncprov

I don't have the initial error that I got when attempting to load the
ppolicy module, but subsequent attempts yield this error:
  add olcModuleLoad:
         ppolicy
  modifying entry "cn=module{0},cn=config"
  ldap_modify: Type or value exists (20)
         additional info: modify/add: olcModuleLoad: value #0 already
exists

Then after (ill-advisedly) applying the ppolicy overlay, slapcat -n 0
yields the following:

5ede54b5 UNKNOWN attributeDescription "OLCPPOLICYDEFAULT" inserted.
5ede54b5 config error processing
olcOverlay={1}ppolicy,olcDatabase={2}hdb,cn=config:
slapcat: bad configuration file!

Thank you,

John Alexander

On Mon, Jun 8, 2020 at 9:12 AM Quanah Gibson-Mount <[email protected]> wrote:

>
>
> --On Monday, June 8, 2020 9:55 AM -0700 John Alexander
> <[email protected]> wrote:
>
> >
> >
> > Hi Quanah,
> >
> >
> > I figured that was the problem, but after I ran the module load:
> >
> >
> > dn: cn=module{0},cn=config
> > changetype: modify
> > add: olcModuleLoad
> > olcModuleLoad: ppolicy
> >
> >
> > I received errors.  slapcat -n 0 | grep olcModuleLoad did not indicate
> > that ppolicy was loaded.  However ldapsearch indicated that it was
> > loaded.
>
> If you receive errors, you need to show what those errors are.  You also
> need to show what your *full* cn=module{0} entry looks like, and you've
> never stated whether or not you've loaded the mandatory ppolicy schema.
>
> Regards,
> Quanah
>
> --
>
> Quanah Gibson-Mount
> Product Architect
> Symas Corporation
> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
> <http://www.symas.com>
>


-- 
John Alexander
Systems Administrator
E: [email protected]
Concentric Sky, Inc
https://www.concentricsky.com

Reply via email to