Comments -
Todd Bernard replied to a discussion, Dynamic DNS poweredbyclear.com not workingexternal lookups are still failing, so something is up with clear's dns servers
erver: 8.8.4.4
Address: 8.8.4.4#53
** server can't find vpn.abcnetworks.com: SERVFAIL
> -
-
Todd Bernard replied to a discussion, October 20th update has broken ldap
Dave Loper wrote:
NOTE: You can see a template copy of slapd.conf in this post: https://www.clearos.com/clearfoundation/social/community/account-manager-won-t-start,-slapd,-smb-fail-to-start-on-reboot
Dave,
Thanks for pointing me in the right direction. Ldap and services are backup and running. -
-
Todd Bernard replied to a discussion, October 20th update has broken ldap
Dave Loper wrote:
NOTE: You can see a template copy of slapd.conf in this post: https://www.clearos.com/clearfoundation/social/community/account-manager-won-t-start,-slapd,-smb-fail-to-start-on-reboot
Dave, thanks for pointing me in the right direction. I was able to rebuild the config file and bring everything back online. -
-
Todd Bernard replied to a discussion, October 20th update has broken ldap
Dave Loper wrote:
NOTE: You can see a template copy of slapd.conf in this post: https://www.clearos.com/clearfoundation/social/community/account-manager-won-t-start,-slapd,-smb-fail-to-start-on-reboot
Dave,
Thanks for pointing me in the right direction. Ldap and services are backup and running. -
-
Todd Bernard voted on the post, Re: October 20th update has broken ldap
Some systems were running a patch that originated from CentOS that borks their LDAP. The 3 steps to validate are:
1) Move the /etc/openldap/slapd.d folder out of the way. (The CentOS RPM creates this folder)
mv /etc/openldap/slapd.d /tmp/
2) Make sure that you have a valid slapd.conf file in the /etc/openldap/ directory. This file should have (at least) all of the schema:
# Schemas
#----------------------------------------------------------
# Core schemas
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
# ClearFoundation base
include /etc/openldap/schema/rfc2307bis.schema
include /etc/openldap/schema/clearfoundation.schema
# ClearCenter extension
include /etc/openldap/schema/clearcenter.schema
# Password policy extension
include /etc/openldap/schema/ppolicy.schema
# RADIUS extension
include /etc/openldap/schema/RADIUS-LDAPv3.schema
# Kolab extension
include /etc/openldap/schema/rfc2739.schema
include /etc/openldap/schema/kolab2.schema
# Horde extension
include /etc/openldap/schema/horde.schema
# Samba extension
include /etc/openldap/schema/samba3.schema
# OwnCloud
include /etc/openldap/schema/owncloud.schema
# Zarafa extension
include /etc/openldap/schema/zarafa.schema
# Kopano extension
include /etc/openldap/schema/kopano.schema
The Kopano is new so if the file you have doesn't have all of these and the Kopano as well, please find a valid copy in backup or as one of the files in this directory. Restore this file to its proper place.
3) Validate that the slapd.conf file is owned by ldap. If not, run:
chown ldap:ldap /etc/openldap/slapd.conf
NOTE: You can see a template copy of slapd.conf in this post: https://www.clearos.com/clearfoundation/social/community/account-manager-won-t-start,-slapd,-smb-fail-to-start-on-reboot -
-
Todd Bernard replied to a discussion, October 20th update has broken ldap
System updated last night to the 10/20 release. And now LDAP is not running. Here's the service status. Looks like a bad schema attribute. Any idea's how to fix?
[root@portkey openldap]# systemctl status slapd.service -l
● slapd.service - OpenLDAP Server Daemon
Loaded: loaded (/usr/lib/systemd/system/slapd.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Fri 2017-11-03 10:15:33 EDT; 43s ago
Docs: man:slapd
man:slapd-config
man:slapd-hdb
man:slapd-mdb
file:///usr/share/doc/openldap-servers/guide.html
Process: 5239 ExecStart=/usr/sbin/slapd -u ldap -h ${SLAPD_URLS} $SLAPD_OPTIONS (code=exited, status=1/FAILURE)
Process: 5221 ExecStartPre=/usr/libexec/openldap/prestart.sh (code=exited, status=0/SUCCESS)
Nov 03 10:15:33 portkey.inbandnetworks.com runuser[5225]: pam_unix(runuser:session): session opened for user ldap by (uid=0)
Nov 03 10:15:33 portkey.inbandnetworks.com prestart.sh[5221]: Checking configuration file failed:
Nov 03 10:15:33 portkey.inbandnetworks.com prestart.sh[5221]: 59fc7a05 User Schema load failed for attribute "pwdMaxRecordedFailure". Error code 17: attribute type undefined
Nov 03 10:15:33 portkey.inbandnetworks.com prestart.sh[5221]: 59fc7a05 config error processing olcOverlay={0}ppolicy,olcDatabase={3}bdb,cn=config: User Schema load failed for attribute "pwdMaxRecordedFailure". Error code 17: attribute type undefined
Nov 03 10:15:33 portkey.inbandnetworks.com prestart.sh[5221]: slaptest: bad configuration file!
Nov 03 10:15:33 portkey.inbandnetworks.com slapd[5239]: @(#) $OpenLDAP: slapd 2.4.44 (Aug 12 2017 06:10:11) $
mockbuild@build64-1.clearsdn.local:/builddir/build/BUILD/openldap-2.4.44/openldap-2.4.44/servers/slapd
Nov 03 10:15:33 portkey.inbandnetworks.com systemd[1]: slapd.service: control process exited, code=exited status=1
Nov 03 10:15:33 portkey.inbandnetworks.com systemd[1]: Failed to start OpenLDAP Server Daemon.
Nov 03 10:15:33 portkey.inbandnetworks.com systemd[1]: Unit slapd.service entered failed state.
Nov 03 10:15:33 portkey.inbandnetworks.com systemd[1]: slapd.service failed. -
-
Todd Bernard just registered on the site
Toggle Sidebar
