Ldap commands doesnot execute in Centos 6.6

Question

Ldap commands doesnot execute in Centos 6.6

obaidskhan opened this issue 10 years ago · 1 comments

Hi,
I have centos 6.6 x64 installed on my vm and have setup everything with yum. I am currently experiencing some problem with ldap.

Please find details.

[root@opensoc ~]# more /etc/redhat-release
CentOS release 6.6 (Final)
[root@opensoc ~]# rpm -qa | grep ldap
compat-openldap-2.3.43-2.el6.x86_64
openldap-2.4.39-8.el6.x86_64
phpldapadmin-1.2.3-1.el6.noarch
openldap-servers-2.4.39-8.el6.x86_64
python-ldap-2.3.10-1.el6.x86_64
sssd-ldap-1.11.6-30.el6.x86_64
openldap-devel-2.4.39-8.el6.x86_64
openldap-clients-2.4.39-8.el6.x86_64
apr-util-ldap-1.3.9-3.el6_0.1.x86_64
php-ldap-5.3.3-40.el6_6.x86_64
[root@opensoc ~]#

I have following directory structure setup in my vm.

[root@opensoc ~]# cd /opt/opensoc

[root@opensoc opensoc]# ls -ltr
total 140
-rw-r--r-- 1 root root 4747 Nov 14 03:10 Vagrantfile
drwxr-xr-x 2 root root 4096 Nov 14 03:10 test
drwxr-xr-x 4 root root 4096 Nov 14 03:10 seed
-rw-r--r-- 1 root root 3226 Nov 14 03:10 README.md
-rw-r--r-- 1 root root 1536 Nov 14 03:10 package.json
-rw-r--r-- 1 root root 613 Nov 14 03:10 Makefile
drwxr-xr-x 4 root root 4096 Nov 14 03:10 lib
drwxr-xr-x 2 root root 4096 Nov 14 03:10 kibana
-rw-r--r-- 1 root root 497 Nov 14 03:10 index.js
-rw-r--r-- 1 root root 739 Nov 14 03:10 Gruntfile.js
drwxr-xr-x 4 root root 4096 Nov 14 03:10 examples
drwxr-xr-x 2 root root 4096 Nov 14 03:10 doc
-rw-r--r-- 1 root root 425 Nov 14 03:10 bower.json
-rw-r--r-- 1 root root 1151 Nov 26 00:02 readme.md
-rw-r--r-- 1 root root 3412 Nov 26 00:02 pom.xml.versionsBackup
-rw-r--r-- 1 root root 4134 Nov 26 00:02 pom.xml
drwxr-xr-x 3 root root 4096 Nov 26 00:02 OpenSOC-Topologies
drwxr-xr-x 3 root root 4096 Nov 26 00:02 OpenSOC-PlatformScripts
drwxr-xr-x 3 root root 4096 Nov 26 00:02 OpenSOC-Pcap_Service
drwxr-xr-x 3 root root 4096 Nov 26 00:02 OpenSOC-MessageParsers
drwxr-xr-x 3 root root 4096 Nov 26 00:02 OpenSOC-Indexing
drwxr-xr-x 2 root root 4096 Nov 26 00:02 OpenSOC-FlumeConfigs
drwxr-xr-x 3 root root 4096 Nov 26 00:02 OpenSOC-EnrichmentAdapters
drwxr-xr-x 4 root root 4096 Nov 26 00:02 OpenSOC-DataServices
drwxr-xr-x 3 root root 4096 Nov 26 00:02 OpenSOC-DataLoads
drwxr-xr-x 3 root root 4096 Nov 26 00:02 OpenSOC-Common
drwxr-xr-x 3 root root 4096 Nov 26 00:02 OpenSOC-Alerts
-rw-r--r-- 1 root root 11324 Nov 26 00:02 LICENSE
drwxr-xr-x 2 root root 4096 Dec 2 00:53 script
-rw-r--r-- 1 root root 494 Dec 2 01:19 config.json
drwxr-xr-x 29 root root 4096 Dec 2 01:20 node_modules
[root@opensoc opensoc]#

I have used following commands for ldap authentication.

slappasswd -T /opt/opensoc/seed/slapd.seed
cd /opt/opensoc/seed/ldap
ldapmodify -Y EXTERNAL -H ldapi:/// -f logging.ldif
ldapmodify -Y EXTERNAL -H ldapi:/// -f config.ldif
ldapadd -D cn=admin,cn=config -w "opensoc" -H ldapi:/// -f memberof_add.ldif
ldapadd -D cn=admin,cn=config -w "opensoc" -H ldapi:/// -f memberof_config.ldif

its gives an error message and wont allow me login into UI.

[root@opensoc ldap]# slappasswd -T /opt/opensoc/seed/slapd.seed
Warning: Password file /opt/opensoc/seed/slapd.seed is publicly readable/writeable
{SSHA}AX0iR4MF8ZN1dwuByCzOrmfAzBmeZmtP
[root@opensoc ldap]# ldapmodify -Y EXTERNAL -H ldapi:/// -f logging.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
modifying entry "cn=config"
ldap_modify: Type or value exists (20)
additional info: modify/add: olcLogLevel: value #0 already exists

[root@opensoc ldap]# ldapmodify -Y EXTERNAL -H ldapi:/// -f config.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
modifying entry "cn=config"

modifying entry "olcDatabase={0}config,cn=config"
ldap_modify: Constraint violation (19)
additional info: attribute 'olcRootDN' cannot have multiple values

[root@opensoc ldap]# ldapadd -D cn=admin,cn=config -w "opensoc" -H ldapi:/// -f memberof_add.ldif
ldap_bind: Invalid credentials (49)
[root@opensoc ldap]# ldapadd -D cn=admin,cn=config -w "opensoc" -H ldapi:/// -f memberof_config.ldif
ldap_bind: Invalid credentials (49)
[root@opensoc ldap]#

I am not setting up opensoc development environment, can some one tell me how to fix this issue.

above commands are copied from /script/provision and I have changed directory path in ldap script and setup accordingly.

P.S: I have all pre-requiste required for opensoc such as kafka, elasticsearch, hive, hbase, mysql server.

Answer 1 · 2015-01-06T13:33:20.000Z

http://www.unixmen.com/setup-directory-serverldap-in-centos-6-4-rhel-6-4/
http://linuxserverathome.com/articles/installing-and-configuring-openldap-2423-centos-63
http://www.youtube.com/watch?v=0WJuPkJEX-U
http://www.overclockers.com/forums/showthread.php?t=707070
http://huinn.wordpress.com/2012/01/01/centos-6-2-ldap-with-tls-quick-dirty/
http://wiki.openiam.com/pages/viewpage.action?pageId=7635198

Refer the above url for installing the openldap in centos6.6. and let me know i'm also trying to install on it the same scenario.