Ldif_read_file Checksum Error
Contents |
a GitHub account Sign in Create a gist now Instantly share code, notes, and snippets. Star 0 Fork 0 Shaltz/gist:1d65a07a0901a36fb7f1 Created Sep 16, 2015 Embed What ldif_read_file: checksum error ubuntu would you like to do? Embed Embed this gist in your website.
Str2entry: Entry -1 Has No Dn
Embed Share Copy sharable URL for this gist. Share Clone via HTTPS Clone with Git or checkout with etc openldap slapd d cn config olcdatabase 2 bdb ldif SVN using the repository's web address. HTTPS Learn more about clone URLs Download ZIP Code Revisions 1 HOW TO fix openLDAP checksum error on config files Raw gistfile1.txt (source : http://injustfiveminutes.com/category/openldap)
Linux Crc32 Command
How to fix “ldif_read_file: checksum error” Posted on October 28, 2014 15 Well, in spite of you did read a banner saying “# AUTO-GENERATED FILE – DO NOT EDIT!! Use ldapmodify.” you ignored it and made some manual modifications in any of the LDIF files in /etc/ldap/slapd.d/. Don’t worry it happened to me too :) When you need to quickly setup
here for a quick overview of the site Help Center Detailed answers to any questions you might
Ldapmodify
have Meta Discuss the workings and policies of this site
Ldapmodify Example
About Us Learn more about Stack Overflow the company Business Learn more about hiring developers or posting openldap configuration ads with us Stack Overflow Questions Jobs Documentation Tags Users Badges Ask Question x Dismiss Join the Stack Overflow Community Stack Overflow is a community of 6.2 https://gist.github.com/1d65a07a0901a36fb7f1 million programmers, just like you, helping each other. Join them; it only takes a minute: Sign up Error install OpenLdap for RedHat6(checksum error on “/etc/openldap/slapd.d/cn=config/olcDatabase={2}bdb.ldif”) up vote 0 down vote favorite 1 I tried to install OpenLdap for linux redhat6, but i recive an error and looks like this "5511c732 ldif_read_file: checksum error on "/etc/openldap/slapd.d/cn=config/olcDatabase={1}monitor.ldif" http://stackoverflow.com/questions/29242556/error-install-openldap-for-redhat6checksum-error-on-etc-openldap-slapd-d-cn-c below is the code # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. # CRC32 03c4de5f dn: olcDatabase={1}monitor objectClass: olcDatabaseConfig olcDatabase: {1}monitor olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=externa l,cn=auth" read by dn.base="cn=Manager,dc=my-domain,dc=com" read by * none olcAddContentAcl: FALSE olcLastMod: TRUE olcMaxDerefDepth: 15 olcReadOnly: FALSE olcSyncUseSubentry: FALSE olcMonitoring: FALSE structuralObjectClass: olcDatabaseConfig entryUUID: 7f788d0a-66a8-1034-968a-61cac64128b9 creatorsName: cn=config createTimestamp: 20150324193414Z entryCSN: 20150324193414.304614Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20150324193414Z and 5511c732 ldif_read_file: checksum error on "/etc/openldap/slapd.d/cn=config/olcDatabase={2}bdb.ldif" below is the code : # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. # CRC32 dd2c457a dn: olcDatabase={2}bdb objectClass: olcDatabaseConfig objectClass: olcBdbConfig olcDatabase: {2}bdb olcSuffix: dc=example,dc=com olcAddContentAcl: FALSE olcLastMod: TRUE olcMaxDerefDepth: 15 olcReadOnly: FALSE olcRootDN: cn=Manager,dc=example,dc=com olcSyncUseSubentry: FALSE olcMonitoring: TRUE olcDbDirectory: /var/lib/ldap olcDbCacheSize: 1000 olcDbCheckpoint: 1024 15 olcDbNoSync: FALSE olcDbDirtyRead: FALSE olcDbIDLcacheSize: 0 olcDbIndex: objectClass pres,eq olcDbIndex: cn pres,eq,sub olcDbIndex: uid pres,eq,sub olcDbIndex: uidNumber pres,eq olcDbIndex: gidNumber pres,eq olcDbIndex: ou pres,eq,sub olcDbIndex: mail pres,eq,sub olcDbIndex: sn pres,eq,sub olcDbIndex: givenName pres,eq,sub olcDbIndex: memberUid pres,eq,sub olcDbIndex: loginShell pres,eq olcDbIndex: nisMapName pres,eq,sub olcDbIndex: nisMapEntry pres,eq,sub olcDbLinearInde
17:29:37 -0400 I was following an Ubuntu howto at https://help.ubuntu.com/12.04/serverguide/openldap-server.html ,which has served me well so far, and I was working on the part where TLS is set http://www.openldap.org/lists/openldap-technical/201208/msg00049.html up. I made an ldif file like: dn: cn=configadd: olcTLSCACertificateFileolcTLSCACertificateFile: /etc/ssl/certs/cacert.pem -add: olcTLSCertificateFileolcTLSCertificateFile: /etc/ssl/certs/grackle_slapd_cert.pem -add: olcTLSCertificateKeyFileolcTLSCertificateKeyFile: /etc/ssl/private/grackle_slapd_key.pem and, well, I blew it.. I initially had a typo in it, https://www.certdepot.net/ldap-configure-ldap-server-for-user-connection/ and the server cert and key weren't where I said they were. I ran ldapmodify to load the ldif file above: ldapmodify -Y EXTERNAL -H ldapi:/// -f /etc/ssl/certinfo.ldif checksum error Then I tried to restart slapd, and perhaps unsurprisingly it did not restart. Aug 8 16:41:30 grackle slapd[1660]: @(#) $OpenLDAP: slapd (Jul 26 2012 00:10:41) $#012#011buildd@aatxe:/build/buildd/openldap-2.4.28/debian/build/servers/slapd Aug 8 16:41:30 grackle slapd[1660]: main: TLS init def ctx failed: -1Aug 8 16:41:30 grackle slapd[1660]: slapd stopped. Aug 8 16:41:30 grackle slapd[1660]: connections_destroy: nothing to destroy. So I thought ldif_read_file checksum error I just fix my ldif file, which I did, and then run ldapmodify again. But no, that clearly wasn't going to work because slapd wasn't running. Not knowing what else to do, I removed the lines containing "olcTLS" from /etc/ldap/slapd.d/cn=config.ldif. Then I was able to restart slapd (congratulating myself) and then re-ran my ldapmodify command to enter the correct locations of the cert and key. But I still get a checksum error in syslog: Aug 8 17:04:53 grackle slapd[2028]: slapd starting Aug 8 17:05:01 grackle slapd[2028]: ldif_read_file: checksum error on "/etc/ldap /slapd.d/cn=config.ldif" I haven't even tried to see if I have TLS working, but I have two questions: #1. How should I have recovered from this (human) error? What I did didn't seem to work out very well. and#2. How do I un-screw my config and resolve the checksum problem? Thanks in advance for any assistance.-- Jeff Dickens IT Manager 978-632-1513 Prev by Date: Re: Virtual view using slapd-relay: dn mapping failure Next by Date: o
overview RHEL6 RHCSA Exam objectives RHEL6 RHCSA Other requirements RHEL6 RHCSA & RHCE FAQ RHEL6 RHCSA Quiz RHEL6 RHCSA Sample exam 1 RHEL6 RHCSA Sample exam 2 RHEL6 RHCE (EX300) RHEL6 Red Hat Certification overview RHEL6 RHCE Exam objectives RHEL6 RHCE Other requirements RHEL6 RHCSA & RHCE FAQ RHEL6 RHCE Quiz RHEL6 RHCE Sample exam 1 RHEL6 LFCS RHEL6 LFCS Exam objectives RHEL6 LFCE RHEL6 LFCE Exam objectives RHEL7 RHEL7 Free available resources RHEL7 Book review RHEL7 RHCSA (EX200) RHEL7 Red Hat Certification overview RHEL7 RHCSA Exam objectives RHEL7 RHCSA What's new? RHEL7 RHCSA Other requirements RHEL7 RHCSA Quiz RHEL7 RHCSA Sample exam 1 RHEL7 RHCE (EX300) RHEL7 Red Hat Certification overview RHEL7 RHCE Exam objectives RHEL7 RHCE What's new? RHEL7 RHCE Other requirements RHEL7 RHCE Quiz RHEL7 LFCS RHEL7 LFCS Exam objectives RHEL7 LFCE RHEL7 LFCE Exam objectives RHEL7 Changes RHEL7 Quick recipes RHEL7 Advanced recipes RHEL7 Latest tutorials VCP5-DCV VCP5-DCV Free available resources LDAP: Configure a LDAP directory service for user connection. Last updated on July 27, 2014 (7,179 views) — 6 Comments ↓ Share this linkTwitter0Facebook0Google+0LinkedIn0Try to follow the instructions very precisely because LDAP syntax is sometimes cumbersome (case sensitive, space, etc) and prone to errors (dn/dc/cn). Let's assume that we use the example.com domain and the instructor.example.com hostname. Install the following packages: # yum install -y openldap openldap-servers migrationtools Generate a LDAP password from a secret key (here redhat): # slappasswd -s redhat -n > /etc/openldap/passwd Generate a X509 certificate valid for 365 days: # openssl req -new -x509 -nodes -out /etc/openldap/certs/cert.pem -keyout /etc/openldap/certs/priv.pem -days 365 Generating a 2048 bit RSA private key .....+++ ..............+++ writing new private key to '/etc/openldap/certs/priv.pem' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called