Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

#4021 Ldap admin user not found / displayed

1.570
closed-fixed
Jamie Cameron
5
2011-11-08
2011-11-06
Anonymous
No

I have a Webmin 1.570 installed on a fully patched Ubuntu 10.04 server install. I have set-up openldap server according to Ubuntu server documentation.
When I use the ldap module in Webmin under OpenLDAP Server Configuration I see this:

Administration password No password set

A password has been set and I can admin the system from the cli with out issue. When I set a password using:

New administration password Don't change Set to

I can see the new crypt password. Where I run into further issue is that if I try to load other schemas and the such I get the following error:

modifying entry "olcDatabase={1}hdb,cn=config"
ldap_modify: Constraint violation (19)
additional info: attribute 'olcRootPW' cannot have multiple values

When I run ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b cn=config olcRootDN=cn=admin,dc=XXXX dn olcRootDN olcRootPW

I get two olcRootPW entries. If I do not set the password in the webmin openldap module I do not get two olcRootPW entries.

Any help would be greatly appreciated.

Discussion

  • Jamie Cameron
    Jamie Cameron
    2011-11-07

    Could you check in your system's /etc/ldap/slapd.d directory for which files contain the olcRootPW line, and what those lines contain exactly?

     
  • File name requested:

    /etc/ldap/slapd.d/cn=config/olcDatabase={1}hdb.ldif

    Here is the relevant content file content:

    olcLastMod: TRUE
    olcRootDN: cn=admin,dc=XXXX,dc=XX,dc=XX
    olcRootPW:: XXXXXXXXXXXXXXX
    olcDbCheckpoint: 512 30
    olcDbConfig: {0}set_cachesize 0 2097152 0
    olcDbConfig: {1}set_lk_max_objects 1500
    olcDbConfig: {2}set_lk_max_locks 1500
    olcDbConfig: {3}set_lk_max_lockers 1500
    olcDbIndex: objectClass eq
    structuralObjectClass: olcHdbConfig
    entryUUID: XXX
    creatorsName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
    createTimestamp: 20111031222153Z
    entryCSN: 20111031222153.482885Z#000000#000#000000
    modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
    modifyTimestamp: 20111031222153Z
    olcRootPW: {crypt}XXXXXXXXXXX

    There is a second olcRootPW entry at the bottom of the file that matched the crypt hash found in the webmin module.
    I did some testing and prior to the update in the webmin interface there is no second entry.

    Thanks for your help!

    Rich

     
  • Jamie Cameron
    Jamie Cameron
    2011-11-07

    So which file is the second olcRootPW line in?

     
  • /etc/ldap/slapd.d/cn=config/olcDatabase={1}hdb.ldif

    Same as the first.

     
  • Jamie Cameron
    Jamie Cameron
    2011-11-08

    I think I see why now .. there are two colons after olcRootPW in the first line, like :

    olcRootPW::

    This is confusing Webmin ... but is presumably accepted by OpenLDAP. Webmin thinks there is no olcRootPW line yet, so adds a new one at the end.

    I will correct Webmin to handle this case in future, but as a work-around I would recommend removing the second : from the olcRootPW line.

     
  • Jamie Cameron
    Jamie Cameron
    2011-11-08

    • status: open --> closed-fixed
     
  • Thanks very much. I really appreciate the support and this wonderful product. Take care!!

    Rich