No Root DSE returned from OpenLDAP Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern) Come Celebrate our 10 Year Anniversary!Configure Jenkins with LDAP : parameter 'Root DN'Retrieve operational attributes from OpenLDAPLDAP (slapd) authenticated user cannot modify selfHow to add ACIs to OpenLDAP properlyModifying OpenLDAP configuration using cn=configtracking down root cause for openldap account lockinghow to self change attrs in openldaphow to set permission the manager in openldap?OpenLDAP: Index to olcDatabase not respectedslapd with mozillaAbPersonAlpha schemaPass through authentication from Openldap to Openldap
prime numbers and expressing non-prime numbers
Dating a Former Employee
How to align text above triangle figure
Overriding an object in memory with placement new
The logistics of corpse disposal
At the end of Thor: Ragnarok why don't the Asgardians turn and head for the Bifrost as per their original plan?
In predicate logic, does existential quantification (∃) include universal quantification (∀), i.e. can 'some' imply 'all'?
Why did the IBM 650 use bi-quinary?
51k Euros annually for a family of 4 in Berlin: Is it enough?
Can an alien society believe that their star system is the universe?
A coin, having probability p of landing heads and probability of q=(1-p) of landing on heads.
How does debian/ubuntu knows a package has a updated version
Identifying polygons that intersect with another layer using QGIS?
How to call a function with default parameter through a pointer to function that is the return of another function?
porting install scripts : can rpm replace apt?
What is the role of the transistor and diode in a soft start circuit?
Why is "Consequences inflicted." not a sentence?
Using audio cues to encourage good posture
What LEGO pieces have "real-world" functionality?
What's the meaning of 間時肆拾貳 at a car parking sign
What exactly is a "Meth" in Altered Carbon?
What causes the vertical darker bands in my photo?
ListPlot join points by nearest neighbor rather than order
Why aren't air breathing engines used as small first stages
No Root DSE returned from OpenLDAP
Announcing the arrival of Valued Associate #679: Cesar Manara
Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)
Come Celebrate our 10 Year Anniversary!Configure Jenkins with LDAP : parameter 'Root DN'Retrieve operational attributes from OpenLDAPLDAP (slapd) authenticated user cannot modify selfHow to add ACIs to OpenLDAP properlyModifying OpenLDAP configuration using cn=configtracking down root cause for openldap account lockinghow to self change attrs in openldaphow to set permission the manager in openldap?OpenLDAP: Index to olcDatabase not respectedslapd with mozillaAbPersonAlpha schemaPass through authentication from Openldap to Openldap
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
I'm trying to set up an OpenLDAP server on ubuntu 9.10, which uses slapd version 2.4.18.
After initializing and populating a new hdb database, everything seems OK, but I can not get the server to return a root DSE. Running
ldapsearch -x -W -D 'cn=manager,dc=example,dc=org'
-b '' -s base '(objectclass=*)' +
just returns
# extended LDIF
#
# LDAPv3
# base <> with scope baseObject
# filter: (objectclass=*)
# requesting: +
#
# search result
search: 2
result: 0 Success
# numResponses: 1
My hdb database ACLs are set up as follows:
olcAccess: to attrs=userPassword,shadowLastChange
by self write
by anonymous auth
by dn.base="cn=manager,dc=example,dc=org" write
by * none
olcAccess: to dn.base=""
by * read
olcAccess: to *
by self write
by dn.base="cn=manager,dc=example,dc=org" write
by * read
From my experience this setup should have returned a valid root DSE, so if anyone could give me a clue as to what is going on...
ldap openldap
add a comment |
I'm trying to set up an OpenLDAP server on ubuntu 9.10, which uses slapd version 2.4.18.
After initializing and populating a new hdb database, everything seems OK, but I can not get the server to return a root DSE. Running
ldapsearch -x -W -D 'cn=manager,dc=example,dc=org'
-b '' -s base '(objectclass=*)' +
just returns
# extended LDIF
#
# LDAPv3
# base <> with scope baseObject
# filter: (objectclass=*)
# requesting: +
#
# search result
search: 2
result: 0 Success
# numResponses: 1
My hdb database ACLs are set up as follows:
olcAccess: to attrs=userPassword,shadowLastChange
by self write
by anonymous auth
by dn.base="cn=manager,dc=example,dc=org" write
by * none
olcAccess: to dn.base=""
by * read
olcAccess: to *
by self write
by dn.base="cn=manager,dc=example,dc=org" write
by * read
From my experience this setup should have returned a valid root DSE, so if anyone could give me a clue as to what is going on...
ldap openldap
add a comment |
I'm trying to set up an OpenLDAP server on ubuntu 9.10, which uses slapd version 2.4.18.
After initializing and populating a new hdb database, everything seems OK, but I can not get the server to return a root DSE. Running
ldapsearch -x -W -D 'cn=manager,dc=example,dc=org'
-b '' -s base '(objectclass=*)' +
just returns
# extended LDIF
#
# LDAPv3
# base <> with scope baseObject
# filter: (objectclass=*)
# requesting: +
#
# search result
search: 2
result: 0 Success
# numResponses: 1
My hdb database ACLs are set up as follows:
olcAccess: to attrs=userPassword,shadowLastChange
by self write
by anonymous auth
by dn.base="cn=manager,dc=example,dc=org" write
by * none
olcAccess: to dn.base=""
by * read
olcAccess: to *
by self write
by dn.base="cn=manager,dc=example,dc=org" write
by * read
From my experience this setup should have returned a valid root DSE, so if anyone could give me a clue as to what is going on...
ldap openldap
I'm trying to set up an OpenLDAP server on ubuntu 9.10, which uses slapd version 2.4.18.
After initializing and populating a new hdb database, everything seems OK, but I can not get the server to return a root DSE. Running
ldapsearch -x -W -D 'cn=manager,dc=example,dc=org'
-b '' -s base '(objectclass=*)' +
just returns
# extended LDIF
#
# LDAPv3
# base <> with scope baseObject
# filter: (objectclass=*)
# requesting: +
#
# search result
search: 2
result: 0 Success
# numResponses: 1
My hdb database ACLs are set up as follows:
olcAccess: to attrs=userPassword,shadowLastChange
by self write
by anonymous auth
by dn.base="cn=manager,dc=example,dc=org" write
by * none
olcAccess: to dn.base=""
by * read
olcAccess: to *
by self write
by dn.base="cn=manager,dc=example,dc=org" write
by * read
From my experience this setup should have returned a valid root DSE, so if anyone could give me a clue as to what is going on...
ldap openldap
ldap openldap
asked Nov 5 '09 at 12:06
Magne
add a comment |
add a comment |
4 Answers
4
active
oldest
votes
This is actually filed as bug #427842 agains Ubuntu 9.10 (karmic).
To fix this, copy the following to fixRootDSE.ldif:
dn: olcDatabase=-1frontend,cn=config
changetype: modify
add: olcAccess
olcAccess: to dn.base="" by * read
olcAccess: to dn.base="cn=subschema" by * read
And execute
sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f fixRootDSE.ldif
This should give anonymous access to the root DSE.
add a comment |
Isn't the Root DSE supposed to be queried anonymously, before binding as a user? So you shouldn't be using -W or -D at all.
My OpenLDAP server responds to the following:
$ ldapsearch -x -b '' -s base
with
# extended LDIF
#
# LDAPv3
# base <> with scope baseObject
# filter: (objectclass=*)
# requesting: ALL
#
#
dn:
objectClass: top
objectClass: OpenLDAProotDSE
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
answered Nov 5 '09 at 17:44
ptmanptman
19.9k12142
You're right, if the ldap server is configured right, you don't need to bind a user. But I get the same result both when I query anonymously and bind a user. And I don't get a unauthenticated response. So somehow the server don't answer any details about itself.
– Magne
Nov 5 '09 at 18:33
add a comment |
For those who will get this error in Apache Directory Studio.
If you can see root DSE content in other browsers or ldapsearch, try create new connection. It helped me. I think it is a bug in Apache DS.
answered Sep 30 '13 at 11:24
rominfrominf
1216
For others passing by, and having Apache DS or PHPLdapAdmin bug where Root DSE has no children, this is more likely to be a server problem (especially since LDAPAdmin does not have encounter it)
– mveroone
Jun 5 '18 at 5:48
add a comment |
For those who will get this error in Apache Directory Studio. also a restart on the studio helped.
answered Apr 11 at 10:37
Vinish GeorgeVinish George
1113
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f81684%2fno-root-dse-returned-from-openldap%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
4 Answers
4
active
oldest
votes
4 Answers
4
active
oldest
votes
active
oldest
votes
active
oldest
votes
This is actually filed as bug #427842 agains Ubuntu 9.10 (karmic).
To fix this, copy the following to fixRootDSE.ldif:
dn: olcDatabase=-1frontend,cn=config
changetype: modify
add: olcAccess
olcAccess: to dn.base="" by * read
olcAccess: to dn.base="cn=subschema" by * read
And execute
sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f fixRootDSE.ldif
This should give anonymous access to the root DSE.
add a comment |
This is actually filed as bug #427842 agains Ubuntu 9.10 (karmic).
To fix this, copy the following to fixRootDSE.ldif:
dn: olcDatabase=-1frontend,cn=config
changetype: modify
add: olcAccess
olcAccess: to dn.base="" by * read
olcAccess: to dn.base="cn=subschema" by * read
And execute
sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f fixRootDSE.ldif
This should give anonymous access to the root DSE.
add a comment |
This is actually filed as bug #427842 agains Ubuntu 9.10 (karmic).
To fix this, copy the following to fixRootDSE.ldif:
dn: olcDatabase=-1frontend,cn=config
changetype: modify
add: olcAccess
olcAccess: to dn.base="" by * read
olcAccess: to dn.base="cn=subschema" by * read
And execute
sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f fixRootDSE.ldif
This should give anonymous access to the root DSE.
This is actually filed as bug #427842 agains Ubuntu 9.10 (karmic).
To fix this, copy the following to fixRootDSE.ldif:
dn: olcDatabase=-1frontend,cn=config
changetype: modify
add: olcAccess
olcAccess: to dn.base="" by * read
olcAccess: to dn.base="cn=subschema" by * read
And execute
sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f fixRootDSE.ldif
This should give anonymous access to the root DSE.
answered Nov 18 '09 at 15:00
Magne
add a comment |
add a comment |
Isn't the Root DSE supposed to be queried anonymously, before binding as a user? So you shouldn't be using -W or -D at all.
My OpenLDAP server responds to the following:
$ ldapsearch -x -b '' -s base
with
# extended LDIF
#
# LDAPv3
# base <> with scope baseObject
# filter: (objectclass=*)
# requesting: ALL
#
#
dn:
objectClass: top
objectClass: OpenLDAProotDSE
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
answered Nov 5 '09 at 17:44
ptmanptman
19.9k12142
You're right, if the ldap server is configured right, you don't need to bind a user. But I get the same result both when I query anonymously and bind a user. And I don't get a unauthenticated response. So somehow the server don't answer any details about itself.
– Magne
Nov 5 '09 at 18:33
add a comment |
Isn't the Root DSE supposed to be queried anonymously, before binding as a user? So you shouldn't be using -W or -D at all.
My OpenLDAP server responds to the following:
$ ldapsearch -x -b '' -s base
with
# extended LDIF
#
# LDAPv3
# base <> with scope baseObject
# filter: (objectclass=*)
# requesting: ALL
#
#
dn:
objectClass: top
objectClass: OpenLDAProotDSE
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
answered Nov 5 '09 at 17:44
ptmanptman
19.9k12142
You're right, if the ldap server is configured right, you don't need to bind a user. But I get the same result both when I query anonymously and bind a user. And I don't get a unauthenticated response. So somehow the server don't answer any details about itself.
– Magne
Nov 5 '09 at 18:33
add a comment |
Isn't the Root DSE supposed to be queried anonymously, before binding as a user? So you shouldn't be using -W or -D at all.
My OpenLDAP server responds to the following:
$ ldapsearch -x -b '' -s base
with
# extended LDIF
#
# LDAPv3
# base <> with scope baseObject
# filter: (objectclass=*)
# requesting: ALL
#
#
dn:
objectClass: top
objectClass: OpenLDAProotDSE
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
answered Nov 5 '09 at 17:44
ptmanptman
19.9k12142
Isn't the Root DSE supposed to be queried anonymously, before binding as a user? So you shouldn't be using -W or -D at all.
My OpenLDAP server responds to the following:
$ ldapsearch -x -b '' -s base
with
# extended LDIF
#
# LDAPv3
# base <> with scope baseObject
# filter: (objectclass=*)
# requesting: ALL
#
#
dn:
objectClass: top
objectClass: OpenLDAProotDSE
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
answered Nov 5 '09 at 17:44
ptmanptman
19.9k12142
edited Nov 5 '09 at 18:18
answered Nov 5 '09 at 17:44
ptmanptman
19.9k12142
answered Nov 5 '09 at 17:44
ptmanptman
19.9k12142
answered Nov 5 '09 at 17:44
ptmanptman
19.9k12142
19.9k12142
You're right, if the ldap server is configured right, you don't need to bind a user. But I get the same result both when I query anonymously and bind a user. And I don't get a unauthenticated response. So somehow the server don't answer any details about itself.
– Magne
Nov 5 '09 at 18:33
add a comment |
You're right, if the ldap server is configured right, you don't need to bind a user. But I get the same result both when I query anonymously and bind a user. And I don't get a unauthenticated response. So somehow the server don't answer any details about itself.
– Magne
Nov 5 '09 at 18:33
You're right, if the ldap server is configured right, you don't need to bind a user. But I get the same result both when I query anonymously and bind a user. And I don't get a unauthenticated response. So somehow the server don't answer any details about itself.
– Magne
Nov 5 '09 at 18:33
You're right, if the ldap server is configured right, you don't need to bind a user. But I get the same result both when I query anonymously and bind a user. And I don't get a unauthenticated response. So somehow the server don't answer any details about itself.
– Magne
Nov 5 '09 at 18:33
add a comment |
For those who will get this error in Apache Directory Studio.
If you can see root DSE content in other browsers or ldapsearch, try create new connection. It helped me. I think it is a bug in Apache DS.
answered Sep 30 '13 at 11:24
rominfrominf
1216
For others passing by, and having Apache DS or PHPLdapAdmin bug where Root DSE has no children, this is more likely to be a server problem (especially since LDAPAdmin does not have encounter it)
– mveroone
Jun 5 '18 at 5:48
add a comment |
For those who will get this error in Apache Directory Studio.
If you can see root DSE content in other browsers or ldapsearch, try create new connection. It helped me. I think it is a bug in Apache DS.
answered Sep 30 '13 at 11:24
rominfrominf
1216
For others passing by, and having Apache DS or PHPLdapAdmin bug where Root DSE has no children, this is more likely to be a server problem (especially since LDAPAdmin does not have encounter it)
– mveroone
Jun 5 '18 at 5:48
add a comment |
For those who will get this error in Apache Directory Studio.
If you can see root DSE content in other browsers or ldapsearch, try create new connection. It helped me. I think it is a bug in Apache DS.
answered Sep 30 '13 at 11:24
rominfrominf
1216
For those who will get this error in Apache Directory Studio.
If you can see root DSE content in other browsers or ldapsearch, try create new connection. It helped me. I think it is a bug in Apache DS.
answered Sep 30 '13 at 11:24
rominfrominf
1216
answered Sep 30 '13 at 11:24
rominfrominf
1216
answered Sep 30 '13 at 11:24
rominfrominf
1216
answered Sep 30 '13 at 11:24
rominfrominf
1216
1216
For others passing by, and having Apache DS or PHPLdapAdmin bug where Root DSE has no children, this is more likely to be a server problem (especially since LDAPAdmin does not have encounter it)
– mveroone
Jun 5 '18 at 5:48
add a comment |
For others passing by, and having Apache DS or PHPLdapAdmin bug where Root DSE has no children, this is more likely to be a server problem (especially since LDAPAdmin does not have encounter it)
– mveroone
Jun 5 '18 at 5:48
For others passing by, and having Apache DS or PHPLdapAdmin bug where Root DSE has no children, this is more likely to be a server problem (especially since LDAPAdmin does not have encounter it)
– mveroone
Jun 5 '18 at 5:48
For others passing by, and having Apache DS or PHPLdapAdmin bug where Root DSE has no children, this is more likely to be a server problem (especially since LDAPAdmin does not have encounter it)
– mveroone
Jun 5 '18 at 5:48
add a comment |
For those who will get this error in Apache Directory Studio. also a restart on the studio helped.
answered Apr 11 at 10:37
Vinish GeorgeVinish George
1113
add a comment |
For those who will get this error in Apache Directory Studio. also a restart on the studio helped.
answered Apr 11 at 10:37
Vinish GeorgeVinish George
1113
add a comment |
For those who will get this error in Apache Directory Studio. also a restart on the studio helped.
answered Apr 11 at 10:37
Vinish GeorgeVinish George
1113
For those who will get this error in Apache Directory Studio. also a restart on the studio helped.
answered Apr 11 at 10:37
Vinish GeorgeVinish George
1113
answered Apr 11 at 10:37
Vinish GeorgeVinish George
1113
answered Apr 11 at 10:37
Vinish GeorgeVinish George
1113
answered Apr 11 at 10:37
Vinish GeorgeVinish George
1113
1113
add a comment |
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f81684%2fno-root-dse-returned-from-openldap%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
