ClearFoundation

Hi All,

ClearOS 6.2 Community Edition - I've tried three times from a fresh installation, but LDAP always fails to initialize, and the GUI stays waiting for the initialisation to proceed. I've tried this both with, and without, the OpenLDAP application installed. Basically, any other application that requires LDAP, when you go in to do settings, say for example Account Manager, the two directory apps - Active Directory and Built-In Directory are displayed. If you select to initialize the built-in directory, it just hangs with the spinning wheel ...

The system log contains the following :-
openldap: preparing system...
openldap: generating configuration...
engine: exception: error: /usr/clearos/apps/base/libraries/Shell.php (207): /bin/touch: cannot touch `/var/lib/ldap/accesslog/DB_CONFIG': No such file or directory
engine: exception: debug backtrace: /usr/clearos/apps/base/libraries/File.php (578): execute
engine: exception: debug backtrace: /usr/clearos/apps/openldap/libraries/LDAP_Driver.php (1320): create
engine: exception: debug backtrace: /usr/clearos/apps/openldap/libraries/LDAP_Driver.php (1164): _initialize_configuration
engine: exception: debug backtrace: /usr/clearos/apps/openldap/libraries/LDAP_Driver.php (709): _initialize
engine: exception: debug backtrace: /usr/clearos/apps/openldap_directory/libraries/OpenLDAP.php (335): initialize_standalone
engine: exception: debug backtrace: /usr/clearos/apps/accounts/libraries/Bootstrap.php (107): initialize
engine: exception: debug backtrace: /usr/clearos/apps/accounts/controllers/bootstrap.php (63): initialize
engine: exception: debug backtrace: GUI (0): index
engine: exception: debug backtrace: /usr/clearos/framework/system/core/CodeIgniter.php (297): call_user_func_array
engine: exception: debug backtrace: /usr/clearos/framework/htdocs/app/index.php (179): require_once
engine: exception: error: /usr/clearos/apps/openldap_directory/libraries/OpenLDAP.php (351): /bin/touch: cannot touch `/var/lib/ldap/accesslog/DB_CONFIG': No such file or directory
engine: exception: debug backtrace: /usr/clearos/apps/accounts/libraries/Bootstrap.php (107): initialize
engine: exception: debug backtrace: /usr/clearos/apps/accounts/controllers/bootstrap.php (63): initialize
engine: exception: debug backtrace: GUI (0): index
engine: exception: debug backtrace: /usr/clearos/framework/system/core/CodeIgniter.php (297): call_user_func_array
engine: exception: debug backtrace: /usr/clearos/framework/htdocs/app/index.php (179): require_once

After this, for any application requiring LDAP, there are no settings available.

In /var/lib/ldap there is the DB_CONFIG file, but there is no sub-directory /var/lib/ldap/accesslog, and therefore no DB_CONFIG in there.

Any help to sort this out would be much appreciated.

Regards, Steve.

I upgraded from 6.2 to 6.3 and LDAP broke on me. Mine gets a little further than yours and hangs at "Importing Data".

I noticed that when uninstalling the deployment of openldap and reinstalling, that the /var/lib/ldap files were all owned by root. Running "service slapd configtest" shed some light on it. After fixing the perms slapd starts fine but I get the following errors:


Jul 4 13:51:53 testrouter openldap: preparing system...
Jul 4 13:51:54 testrouter openldap: preparing system...
Jul 4 13:51:55 testrouter openldap: generating configuration...
Jul 4 13:51:55 testrouter openldap: importing data...
Jul 4 13:51:56 testrouter engine: exception: error: /usr/clearos/apps/base/libraries/Shell.php (207): str2entry: invalid value for attributeType objectClass #0 (syntax 1.3.6.1.4.1.1466.115.121.1.38)
Jul 4 13:51:56 testrouter engine: exception: debug backtrace: /usr/clearos/apps/openldap/libraries/LDAP_Driver.php (1400): execute
Jul 4 13:51:56 testrouter engine: exception: debug backtrace: /usr/clearos/apps/openldap/libraries/LDAP_Driver.php (1180): _import_ldif
Jul 4 13:51:56 testrouter engine: exception: debug backtrace: /usr/clearos/apps/openldap/libraries/LDAP_Driver.php (709): _initialize
Jul 4 13:51:56 testrouter engine: exception: debug backtrace: /usr/clearos/apps/openldap_directory/libraries/OpenLDAP.php (335): initialize_standalone
Jul 4 13:51:56 testrouter engine: exception: debug backtrace: /usr/clearos/apps/openldap_directory/controllers/settings.php (98): initialize
Jul 4 13:51:56 testrouter engine: exception: debug backtrace: GUI (0): action
Jul 4 13:51:56 testrouter engine: exception: debug backtrace: /usr/clearos/framework/system/core/CodeIgniter.php (297): call_user_func_array
Jul 4 13:51:56 testrouter engine: exception: debug backtrace: /usr/clearos/framework/htdocs/app/index.php (179): require_once
Jul 4 13:51:56 testrouter engine: exception: error: /usr/clearos/apps/openldap_directory/libraries/OpenLDAP.php (351): str2entry: invalid value for attributeType objectClass #0 (syntax 1.3.6.1.4.1.1466.115.121.1.38)
Jul 4 13:51:56 testrouter engine: exception: debug backtrace: /usr/clearos/apps/openldap_directory/controllers/settings.php (98): initialize
Jul 4 13:51:56 testrouter engine: exception: debug backtrace: GUI (0): action
Jul 4 13:51:56 testrouter engine: exception: debug backtrace: /usr/clearos/framework/system/core/CodeIgniter.php (297): call_user_func_array
Jul 4 13:51:56 testrouter engine: exception: debug backtrace: /usr/clearos/framework/htdocs/app/index.php (179): require_once

LDAP config files changed with 2.4 ... probably a fresh install works fine but i updated from 6.2

slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d should convert your old config but you might have to remove some schemas that have duplicated references.

I only just now got it to work on my test box.. nervous about upgrading the live one.

get the same issue

Yup - same with me. Just sits and spins forever, and never returns. I'm not going to waste hours and hours doing thru LDAP packages. I thought I'd try 6.x again, and it's still broken. Back to 5.2 I go AGAIN for the 3rd time. First the OpenVPN stuff is broken, now the LDAP, what's going on? I'm gradually losing faith in what was once such a solid platform. I've been using it for like 10 years now.

Why are they working on 6.3 or whatever when 6.2 is still not ready for prime-time?

Jeff

Sorry to see you are having problems with the LDAP setup...

I recall from one of Peters other posts that the initialisation bit is a pain due to the Samba implementation (read as Microsoft issues). It repeatedly attempts to setup in a bit of a loop...at present i'm not sure what breaks this loop? DNS? connection issues perhaps?

Is there some pattern to your configuration that you can give us to help diagnose - Gateway? standalone? etc.

Tim - thanks for the response. This is just a simple initial install. I tried 3 times, all 3 LDAP initializations failed. I didn't install any extra packages whatsoever. Gateway mode. I did patch the system with all the patches offered however, beforehand. I just finished re-installing 5.2 and I won't make the mistake of installing 6.x again other than as a VM for testing purposes on my ESX cluster. Is no one aware of this issue? It seems it's not just me that's experiencing this issue by the looks of these posts.

Thanks again,

Jeff

got it working with a full re-install

however, when I change the "base domain" after the installing it breaks the windows networking.
get a bunch of these errors:
ldap_connect_system: Failed to retrieve password from secrets.tdb

And I have an update as well from some testing I did on a VM.

OpenLDAP initializes just fine, but ONLY before you do all the patches that are available on a fresh install.

I did a fresh install, then the main core patches the Install Wizard forces you to do, then I installed only OpenLDAP from the Marketplace, and initialized it just fine. It's when you take all the other patches and do those, THEN try to install/initialize OpenLDAP that it fails.

So, right now I'm trying all those patches AFTER I initialized OpenLDAP to see if it still works.

Yup, looks like it does.

So - something to think about here.

Jeff

Did you restart slapd after the updates? Just curious. I think the upgrade in deployment works fine on ldap already configured but trying to migrate to ldap 2.4 where config files are stored in ldif format on a system not yet configured under the previous ldap format is what is failing.