Re: [Cpu-users] problem running cpu

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi Blake,

Thanks for the speedy reply. I've done some more testing.

Blake Matheny wrote:
> What happens when you specify the user base with -U at the command line?

It lists the users just fine. Great. The grouplist is empty though. Bummer.

I've also tried specifying the groupbase as well. I get:

slapd[14168]: conn=754 op=0 BIND dn="DC=NFG,DC=NL" method=128
slapd[14168]: conn=754 op=0 RESULT tag=97 err=0 text=
slapd[14170]: conn=754 op=1 SRCH base="ou=People,dc=nfg,dc=nl" scope=2 
filter="(objectClass=posixAccount)"
slapd[14170]: conn=754 op=1 SEARCH RESULT tag=101 err=0 text=
slapd[13654]: conn=754 op=2 SRCH base="ou=People,dc=nfg,dc=nl" scope=2 
filter="(objectClass=posixGroup)"
slapd[13654]: conn=754 op=2 SEARCH RESULT tag=101 err=0 text=
slapd[13532]: conn=-1 fd=17 closed

Mmm, looks like -B is ignored and the -U optvalue is used for the 
groupbase. Let try.

Yep, when I specify -U <groupbase> I do get the groups but an empty 
userlist.

But when I do -B <groupbase> I get an ldap_search_st: no such object error.

Looks like my build is seriously broken when it comes to reading the 
config. Lets run a strace....

Ah problem solved, bug located :-)

The machine I was testing this on didn't have a BASE defined in 
/etc/ldap/ldap.conf. Defining the BASE makes cpu work as far as I can 
tell. I never ran into this one before because pam-ldap and nss-ldap 
worked just fine.

> 
> -Blake
> 
> Paul Stevens wrote:
> 
>>
>> Hi all,
>>
>> I've compiled and installed 1.3.99a
>>
>> I think I have it configured correctly but I keep getting
>>
>> #> cpu cat
>> ldap: ldapCat: ldap_search_st: No such object (32)
>> ldap: CPU_init: Error in ldapOperation.
>> #>
>>
>> Setting the debug level on my ldap server reveals:
>>
>> slapd[13539]: conn=113 op=0 BIND dn="DC=NFG,DC=NL" method=128
>> slapd[13539]: conn=113 op=0 RESULT tag=97 err=0 text=
>> slapd[13654]: conn=113 op=1 SRCH base="" scope=2 
>> filter="(objectClass=posixAccount)"
>> slapd[13654]: conn=113 op=1 RESULT tag=101 err=32 text=
>> slapd[13532]: conn=-1 fd=9 closed
>>
>> even though I've set cpu.conf to read:
>>
>> BIND_DN         = dc=nfg,dc=nl
>> BIND_PASS       = xxxxxxx
>> USER_BASE       = ou=People,dc=nfg,dc=nl
>> GROUP_BASE      = ou=Groups,dc=nfg,dc=nl
>> USER_OBJECT_CLASS       = posixAccount,shadowAccount,top
>> GROUP_OBJECT_CLASS      = posixGroup,top
>> USER_FILTER     = (objectClass=posixAccount)
>> GROUP_FILTER    = (objectClass=posixGroup)
>> CN_STRING       = cn
>>
>> Running
>>
>> ldapsearch -D dc=nfg,dc=nl -x -w xxxxxxx -b ou=People,dc=nfg,dc=nl 
>> '(objectClass=posixAccount)'
>>
>> works just fine though.
>>
>> So why doesn't cpu sent the correct basedn ?
>>
>>
>>
> 
> 

-- 
   ________________________________________________________________
   Paul Stevens                                  mailto:pa...@nf...
   NET FACILITIES GROUP                     PGP: finger pa...@nf...
   The Netherlands________________________________http://www.nfg.nl