Re: Guide to setup syncrepl with proxy-based push config

Tue, 04 Jan 2022 12:57:12 -0800 

Next question, and if this is veering off topic, or there is documentation 
somewhere that I haven't found yet, I can try to go that route.

I have most of my cn=config rebuilt on Symas v2.6 that was originally in Ubuntu 
v2.4, but for some reason, slapcat can't see it (I assumed that cn=config would 
be represented with `-n 0`). Slapcat can only see my "real" database (which is 
represented with '-n 1`). My permissions are still a little bit wonky though, 
because right now (on v2.6), every time I run ldapsearch to get something out 
of the `cn=config` database, I have to specify the following parameters for it 
to work: `-W -D "cn=config"

I can, for example, view the `cn=config` ACL that I have setup for a certain 
user:
root@ldap-provider:~# ldapsearch -H ldap:/// -LLL -b cn=config 
'(olcSuffix=dc=example,dc=com)' olcAccess -W -D "cn=config"
Enter LDAP Password: 

dn: olcDatabase={1}mdb,cn=config
olcAccess: {0}to * by dn.exact="cn=replicate,dc=example,dc=com
 m" read by * break


What am I missing here?



root@ldap-provider:~# slapcat -b cn=config
slapcat: could not open database.

root@ldap-provider:~# slapcat -n0
slapcat: could not open database.

root@ldap-provider:~# ldapsearch -H ldap:/// -x -s base -b "" + -LLL
dn:
structuralObjectClass: OpenLDAProotDSE
configContext: cn=config
namingContexts: dc=example,dc=com
{snip}

root@ldap-provider:~# slapcat -n1 | grep "dn:"
dn: dc=example,dc=com
dn: dc=us,dc=example,dc=com
dn: ou=People,dc=example,dc=com
dn: ou=Groups,dc=example,dc=com

Sent with ProtonMail Secure Email.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐

On Tuesday, January 4th, 2022 at 3:12 PM, Quanah Gibson-Mount 
<[email protected]> wrote:

> --On Tuesday, January 4, 2022 8:04 PM +0000 David White
> 

> [email protected] wrote:
> 

> > Thank you. I just ran "find /opt/symas -name 'slapcat'" and realized that
> > 

> > the binary does indeed exist. A simple `ln -s` into /usr/local/sbin did
> > 

> > the trick.
> > 

> > I'm learning!
> 

> Better solution would be to adjust your PATH variable to include the symas
> 

> paths. But the Symas packages actually already do that, too... You just
> 

> have to log out/in to regenerate your shell env to pick them up.
> 

> --Quanah
> 

> 

> -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
> 

> Quanah Gibson-Mount
> 

> Product Architect
> 

> Symas Corporation
> 

> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
> 

> http://www.symas.com

Attachment: publickey - [email protected] - 0x320CD582.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to