Re: [Ldapdns-users] Ldapdns v3 questions

[Chris H. <ch...@am...>]

Quoting "Mrs. Brisby" <mrs...@ni...>:

> On Sun, 2003-11-23 at 14:50, Chris Hamilton wrote:
> > Thank you for replying.
> >
> > Quoting "Mrs. Brisby" <mrs...@ni...>:
> >
> > > A couple things:
> > >
> > > 1. Instead of using sudo, set UID and GID to the uid and gid of the
> > > ldapdns user and let ldapdns-dg setuid/setgid itself. This way, when
> > > ready, you can set PORT to 53.
> > Hmm, -bash: UID: readonly variable. I can set it from ksh.
>
> Set it temporarily to another name; I use REAL_UID and REAL_GID then use
> ENV to rewrite:
>
> env UID=$REAL_UID GID=$REAL_GID ldapdns-dg
OK, I can set UID this way thanks.
...
> > > 4. Your dig statement doesn't list a fully qualified domain name.
> > > Perhaps you meant:
> > > dig @localhost -p 5300 -t any ns.ambigc.com.sg
> > Yes, sorry. it doesnt work fully qualified either.
>
> What does ldapdns output when you do that?
# dig @localhost -p 5300 -t any ns.ambigc.com.sg

; <<>> DiG 9.2.2 <<>> @localhost -p 5300 -t any ns.ambigc.com.sg
;; global options:  printcmd
;; connection timed out; no servers could be reached
This is all I have ever gotten before.  See below.
>
>
> > >...
> Read that text (requested protocol version not allowed)-- bind with
> protocol 2 is apparently not allowed- at least for your cn=root user.
> Try using no "dn" or "password" settings and allow LDAPDNS to connect
> anonymously.
No, I found the problem.  It is strange because I could use simple bind in
ldapsearch, yet slapd.conf wasn't configured correctly for it.  I had an second
allow call line after the 'allow bind_v2' and it appears slapd.conf only
permits one allow call. So I combined them to one line and everything worked.

Sorry to trouble you and thanks for your help.
-Chris Hamilton


----------------------------------------------------------------
Mail by Ambiguous Computer Computer Ltd. an open source company.
http://www.ambigc.com