slapadd: could not parse entry in config-core.ldif

inejge / ldap3

A pure-Rust LDAP library using the Tokio stack

Apache License 2.0

220 stars 38 forks source link

slapadd: could not parse entry in config-core.ldif #72

Closed harshasrisri closed 3 years ago

harshasrisri commented 3 years ago

Hi, Thanks a lot for making this. 👍🏾 I'm quite inexperienced with LDAP and I hope you can help me here. I know that your example ldap server is specifically for Debian, and I'm trying to setup this on a Mac with OpenLDAP installed. I do have slapadd in my $PATH. How do I deal with this error:

make clean && make db
rm -rf db config
mkdir db db/main db/run config
slapadd -n0 -q -F config -l config-core.ldif
60f09fa5 str2entry: invalid value for attributeType objectClass #0 (syntax 1.3.6.1.4.1.1466.115.121.1.38)
slapadd: could not parse entry (line=19)
_###############       75.00% eta   none elapsed            none spd 203.1 k/s
Closing DB...
make: *** [do-db] Error 1

inejge commented 3 years ago

Hi, sorry for the delay, my access to GH is intermittent. I suppose that OpenLDAP is installed from Homebrew or MacPorts; can you post the output of slapd -VVV?

harshasrisri commented 3 years ago

That is true. I've installed OpenLDAP from Homebrew. I don't have slapd in $PATH and instead have it at /usr/libexec/slapd.

/usr/libexec/slapd -VVV
@(#) $OpenLDAP: slapd 2.4.28 (Apr 12 2021 02:54:21) $
        root@osx307.apple.com:/AppleInternal/BuildRoot/Library/Caches/com.apple.xbs/Binaries/OpenLDAP/install/TempContent/Objects/servers/slapd

Included static overlays:
    accesslog
    dynid
    odlocales
    odusers
    auditlog
    constraint
    dds
    deref
    dyngroup
    nestedgroup
    dynlist
    memberof
    ppolicy
    pcache
    refint
    retcode
    seqmod
    syncprov
    translucent
    unique
    valsort
Included static backends:
    config
    ldif
    monitor
    bdb
    hdb
    relay

inejge commented 3 years ago

That looks like the system-supplied slapd: it's a very old version (2.4.28 was released in 2011) and has an apple.com address in the version string. I'd expect that Homebrew keeps its slapd somewhere below /usr/local. I need the -VVV output from that one.

harshasrisri commented 3 years ago

Gotcha. Here you go:

@(#) $OpenLDAP: slapd 2.5.5 (Jun  4 2021 01:28:36) $
        openldap

Included static overlays:
    accesslog
    auditlog
    constraint
    dds
    deref
    dyngroup
    dynlist
    memberof
    ppolicy
    pcache
    refint
    retcode
    seqmod
    syncprov
    translucent
    unique
    valsort
Included static backends:
    config
    ldif
    monitor
    mdb
    relay

inejge commented 3 years ago

Homebrew's slapd is built without module support and chokes on the attempt to initialize the module list. You could try to remove the cn=modules, cn=config entry from config-core.ldif (from dn: cn=module,... to the next blank line) and run make clean && make db. Make sure that slapd is in your $PATH before starting the server.

harshasrisri commented 3 years ago

Seems like that worked.

rm -rf db config
mkdir db db/main db/run config
"/usr/local/Cellar/openldap/2.5.5/sbin/slapadd" -n0 -q -F config -l config-core.ldif
Closing DB...
"/usr/local/Cellar/openldap/2.5.5/sbin/slapadd" -n0 -q -F config -l core.ldif
Closing DB...
"/usr/local/Cellar/openldap/2.5.5/sbin/slapadd" -n0 -q -F config -l cosine.ldif
Closing DB...
"/usr/local/Cellar/openldap/2.5.5/sbin/slapadd" -n0 -q -F config -l inetorgperson.ldif
Closing DB...
"/usr/local/Cellar/openldap/2.5.5/sbin/slapadd" -n0 -q -F config -l nis.ldif
Closing DB...
"/usr/local/Cellar/openldap/2.5.5/libexec/slapd" -h ldapi://ldapi -F config
sleep 1
"/usr/local/Cellar/openldap/2.5.5/bin/ldapadd" -x -D "cn=config" -w secret -H ldapi://ldapi -f add-db.ldif
adding new entry "olcDatabase={1}mdb,cn=config"

adding new entry "olcDatabase={2}monitor,cn=config"

kill `cat db/run/db.pid`
"/usr/local/Cellar/openldap/2.5.5/sbin/slapadd" -n1 -qw -F config -l example.ldif
Closing DB...

Thank you!