OpenLDAP server instructions out of date: slapd no longer creates initial directory

Bug #459403 reported by Alissa Harrison on 2009-10-23
56
This bug affects 11 people
Affects Status Importance Assigned to Milestone
ubuntu-docs (Ubuntu)
Undecided
Unassigned
Nominated for Karmic by Swami
Nominated for Lucid by Swami

Bug Description

Binary package hint: ubuntu-docs

According to the latest docs for Ubuntu Servert 9.10 at <http://doc.ubuntu.com/ubuntu/serverguide/C/openldap-server.html> the package slapd can be configured (via sudo dpkg-reconfigure slapd) with a domain and password to create a new LDAP directory. This was true for 9.04 and earlier versions of slapd, but the latest version (2.4.18-0ubuntu1) no longer creates a default directory. Information on this change can be found at <https://lists.ubuntu.com/archives/ubuntu-server/2009-August/003179.html>. In short, the user is now expected to create the default directory using "sudo ldapadd -Y EXTERNAL -H ldapi:/// ..." I would give more details on how to do it, but I, myself, cannot successfully create a new directory. I believe that is due to my lack of experience with LDAP and documentation, and hopefully not a bug in slapd. The doc team members are welcome to read my post on Ubuntu forums at <http://ubuntuforums.org/showthread.php?t=1295934> to see what things I have already tried.

Related branches

After getting some help in #ldap, I have come up with a way to get a basic LDAP directory working in Karmic. My guide is here http://ubuntuforums.org/showthread.php?p=8161118#post8161118 I hope that this could help the doc team up date the LDAP guide.

Matthew East (mdke) on 2009-10-25
tags: added: serverguide
Swami (cuppax) wrote :

Alissa, thanks a ton. You are a life-saver for posting the steps.
I'm a Linux newbie and wanted to setup a sample ldap server to test. It took me the whole of today to stumble upon Alissa's post to get something working.
The deprecated documentation is extremely frustrating for noobs like me.

Ro (robert-markula) wrote :

I've just written another HowTo that I'll gladly throw into the mix: http://ubuntuforums.org/showthread.php?t=1313472

By the way: it is really a shame that there is no official word from canonical on this. Not even an official tutorial on how to deal with the new situation. It's nice that canonical is slowly seeing the importance of an LDAP-based (heck, even Kerberos-based) network infrastructure, but this whole situation should have been handled more carefully.

Would it be possible to setup some ppa with the version of slapd from jaunty and compatible with Karmic?

Launchpad Janitor (janitor) wrote :
Download full text (4.3 KiB)

This bug was fixed in the package ubuntu-docs - 10.04.1

---------------
ubuntu-docs (10.04.1) lucid; urgency=low

  * First upload for lucid
  * General:
    - Refresh pot files
    - Changed 'Text Editor' to 'gedit Text Editor' LP: #442417 (Connor Imes)
  * Advanced-topics:
    - Added link in advanced-topics to a description about Users and Groups in
      Debian systems. LP: #145055 (Connor Imes)
  * Hardware:
    - Added mention of ext4 to hardware.xml and changed the mentioning of the
      default filesystem in Ubuntu from ext3 to ext4 LP #449667 (Connor Imes)
    - Removed subsection in hardware about quirk-checker script - link was
      broken, script is outdated LP: #461158 (Connor Imes)
  * Keeping-safe:
    - Updating instructions for automatic login for new GDM LP: #442676
     (Dean Sas)
    - String adjustment (period inside of a quote tag), Scott Shields,
      LP: #496885
  * Internet:
    - Changes remaining mention of flashplugin-nonfree to flashplugin-installer
      in web-apps.xml LP: #444546 (Connor Imes)
    - Change some <guimenu> tags to <guimenuitem> tags in web-apps.xml to show
      arrows in HTML documentation instead of + signs LP: #453512 (Connor Imes)
    - Removed reference to network-manager radio buttons, as radio buttons
      aren't used in this version of NM for wired networks (Jim Campbell)
    - Aligned similar strings in 'internet' section to benefit translators;
      some small adjustments. LP: #460360 (Connor Imes)
  * Musicvideophotos:
    - Fixed apturl for mtp-tools package in music.xml LP #452262 (Connor Imes)
    - Improve ipod section, patch by Michael Fitzhugh. LP: #370085
  * Printing:
    - Updated printer setup directions in printing section LP: #435510
      (Connor Imes)
    - Fix scanning typo. Patch by Shane Fagan LP: #447250
  * Programming:
    - Removed entire programming section LP: #414035 (Connor Imes)
  * Serverguide:
    - Adjusted wording in serverguide package-management file to more
      clearly describe apticron. LP: #473280 (Connor Imes)
    - Updated LDAP section for changes to the Jaunty package.
      Fixes LP: #475492, LP: #459403, LP: #463684 (Adam Sommer)
    - In OpenSSH section, .ssh/authorized_keys permissions should be
      600, not 644 LP: #491159 (Connor Imes)
    - Replaced description of ebox Log Observer in serverguide with a real
      description of the event's purpose LP: #405926 (Connor Imes)
    - Fixed IP example in serverguide's postfix configuration section
      LP: #495202 (Connor Imes)
    - Include 'auto eth1' in interfaces file for static IP configuration
      LP: #441802 (Connor Imes)
    - Fix for disabling Control-Alt-Delete in serverguide. Scott Shields,
      LP: #496465
    - Typo fix, Scott Shields, LP: #497867
    - PostgreSQL setup fix for config file pg_hba.conf, Scott Shields,
      LP: #492286
    - Misc fixes in windows-networking section. Vikram Dhillon, LP: #462607
    - Changes to RAID installation section LP: #428036, LP: #462719
      (Connor Imes)
    - Fixes and adjustments to web-servers LP: #462621 (Connor Imes)
  * Switching:
    - Replaced Pidgin with Empathy in applications-equivalents
      LP: #490980 (Connor Ime...

Read more...

Changed in ubuntu-docs (Ubuntu):
status: New → Fix Released

This bug was only fixed for Lucid?

The docs for Karmic here https://help.ubuntu.com/9.10/serverguide/C/openldap-server.html are still wrong

Thomas Schweikle (tps) wrote :

Does not work for lucid too. Error:

SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "cn=module,cn=config"
ldap_add: Other (e.g., implementation specific) error (80)
        additional info: <olcModuleLoad> handler exited with 1

This is for the documentation found for Ubuntu-Server. I do not see it fixed, as stated in comment #5

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Related blueprints