ldap sous Thunderbird

[Shinigami]

Bonjour a tous !

Je dois metrte en oeuvre un serveur LDAP dans mon entreprise, pour y stocker tout les contacts de tout del de monde.

Seulement je rencontre quelques petits problèmes, je viens donc demander de l'aide aux pros

Je suis Ubuntu 8.04 .
J'ai suivi ce tuto .

Apres de multiples galère j'ai reussi a faire de la première partie qui consiste a recompiler Thunderbird.

J'ai reussi a charger mon init.ldif qui est :
Init.ldif :

Code : Tout sélectionner

dn: dc=annuaire,dc=com
objectClass: top
objectClass: dcObject
objectClass: organizationalUnit
dc: annuaire
ou: annuaire

dn: ou=personel,dc=annuaire,dc=com
objectClass: organizationalUnit
ou: personel

Mais lorsque que je fais :

Code : Tout sélectionner

sudo /etc/init.d/slapd start 

J'obtiens :

Code : Tout sélectionner

Starting OpenLDAP: slapd - failed.
The operation failed but no output was produced. For hints on what went
wrong please refer to the system's logfiles (e.g. /var/log/syslog) or
try running the daemon in Debug mode like via "slapd -d 16383" (warning:
this will create copious output).

Below, you can find the command line options used by this script to 
run slapd. Do not forget to specify those options if you
want to look to debugging output:
  slapd -g openldap -u openldap -f /etc/ldap/slapd.conf

Dans mon syslog j'ai :

Code : Tout sélectionner

Jun 10 15:59:08 laptop slapd[29639]: @(#) $OpenLDAP: slapd 2.4.7 (Apr 29 2008 08:44:27) $ ^Ibuildd@rothera:/build/buildd/openldap2.3-2.4.7/debian/build/servers/slapd 
Jun 10 15:59:08 laptop slapd[29639]: /etc/ldap/slapd.conf: line 68: invalid path: Permission denied 
Jun 10 15:59:08 laptop slapd[29639]: slapd stopped. 
Jun 10 15:59:08 laptop slapd[29639]: connections_destroy: nothing to destroy.

Lorsque j'essaie d'injecter un .ldif avec des contacts dedans j'obtiens :
slapadd -v -l petit_carnet.ldif

Code : Tout sélectionner

slapadd: line 1: database (dc=annuaire,dc=com) not configured to hold "cn=personel,mail=bouh@laposte.net"
slapadd: line 1: database (dc=annuaire,dc=com) not configured to hold "cn=personel,mail=bouh@laposte.net"

Voici mon petit_carnet.ldif :

Code : Tout sélectionner

dn: cn=personel,mail=bouh@laposte.net
objectClass: top
objectClass: dcObject
objectClass: organizationalUnit
givenName:bouh
cn: bouh@laposte.net
mail: bouh@laposte.net

Je n'arrive pas a outrepasser ces erreurs..
Voici mon slapd.conf

Code : Tout sélectionner

#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include		/etc/ldap/schema/core.schema
include		/etc/ldap/schema/cosine.schema
#include		/etc/ldap/schema/nis.schema
#include			/etc/ldap/schema/monschema.schema

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral	ldap://root.openldap.org

pidfile		/etc/run/slapd.pid
argsfile	/etc/run/slapd.args

# Load dynamic backend modules:
modulepath	/usr/lib/ldap/
moduleload	back_bdb.la
# moduleload	back_ldap.la
# moduleload	back_ldbm.la
# moduleload	back_passwd.la
# moduleload	back_shell.la

# Sample security restrictions
#	Require integrity protection (prevent hijacking)
#	Require 112-bit (3DES or better) encryption for updates
#	Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:
#	Root DSE: allow anyone to read it
#	Subschema (sub)entry DSE: allow anyone to read it
#	Other DSEs:
#		Allow self write access
#		Allow authenticated users read access
#		Allow anonymous users to authenticate
#	Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
#	by self write
#	by users read
#	by anonymous auth
#
# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn.  (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!

#######################################################################
# BDB database definitions
#######################################################################

database	bdb
suffix		"dc=annuaire,dc=com"
rootdn		"cn=Manager,dc=annuaire,dc=com"
# Cleartext passwords, especially for the rootdn, should
# be avoid.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw		secret
# The database directory MUST exist prior to running slapd AND 
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory	/etc/ldap/data/
# Indices to maintain
index	objectClass	eq

Et voici mon ldap.conf

Code : Tout sélectionner

#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.

BASE	dc=annuaire,dc=com
URI	ldap://ldap.annuaire.com ldap://ldap-master.annuaire.com:389

#SIZELIMIT	12
#TIMELIMIT	15
#DEREF		never

Voila, je pense n'avoir rien oublié, si c'est pas le cas, demander ce qu'il vous manque, je le posterai.

Merci d'avoir pris le temps de lire ce topic, et encore plus merci si vous me repondez
Message envoyé avec : Mozilla/5.0 (X11; U; Linux i686; fr; rv:1.9) Gecko/2008060309 Firefox/3.0

[frans0023]

Salut,

Je ne comprends pas trop tes erreurs avec slapd.
Perso, j'ai galéré quelques temps pour monter un serveur LDAP sur ma debian.
Maintenant ça tourne bien, avec thunderbird c'est nikel.

Voilà mon /etc/ldap/slapd.conf :

Code : Tout sélectionner

# This is the main slapd configuration file. See slapd.conf(5) for more
# info on the configuration options.

#######################################################################
# Global Directives:

# Features to permit
#allow bind_v2

# Schema and objectClass definitions
include         /etc/ldap/schema/core.schema
include         /etc/ldap/schema/cosine.schema
include         /etc/ldap/schema/nis.schema
include         /etc/ldap/schema/inetorgperson.schema
include         /etc/ldap/schema/thunderbird.schema
#include         /etc/ldap/schema/mozillaAddressBookEntry.schema
#include         /etc/ldap/schema/mozillaOrgPerson.schema

# Where the pid file is put. The init.d script
# will not stop the server if you change this.
pidfile         /var/run/slapd/slapd.pid

# List of arguments that were passed to the server
argsfile        /var/run/slapd/slapd.args

# Read slapd.conf(5) for possible values
loglevel	256 

# Where the dynamically loaded modules are stored
modulepath	/usr/lib/ldap
moduleload	back_bdb

# The maximum number of entries that is returned for a search operation
sizelimit 500

# The tool-threads parameter sets the actual amount of cpu's that is used
# for indexing.
tool-threads 1

#######################################################################
# Specific Backend Directives for bdb:
# Backend specific directives apply to this backend until another
# 'backend' directive occurs
backend		bdb
checkpoint 512 30

#######################################################################
# Specific Backend Directives for 'other':
# Backend specific directives apply to this backend until another
# 'backend' directive occurs
#backend		<other>

#######################################################################
# Specific Directives for database #1, of type bdb:
# Database specific directives apply to this databasse until another
# 'database' directive occurs
database        bdb

# The base of your directory in database #1
suffix          "dc=frans-web,dc=com"

# rootdn directive for specifying a superuser on the database. This is needed
# for syncrepl.
#rootdn          "cn=admin,dc=frans-web,dc=com"

# Where the database file are physically stored for database #1
directory       "/var/lib/ldap"

# For the Debian package we use 2MB as default but be sure to update this
# value if you have plenty of RAM
dbconfig set_cachesize 0 2097152 0

# Sven Hartge reported that he had to set this value incredibly high
# to get slapd running at all. See http://bugs.debian.org/303057
# for more information.

# Number of objects that can be locked at the same time.
dbconfig set_lk_max_objects 1500
# Number of locks (both requested and granted)
dbconfig set_lk_max_locks 1500
# Number of lockers
dbconfig set_lk_max_lockers 1500

# Indexing options for database #1
index           objectClass eq

# Save the time that the entry gets modified, for database #1
lastmod         on

# Where to store the replica logs for database #1
# replogfile	/var/lib/ldap/replog

# The userPassword by default can be changed
# by the entry owning it if they are authenticated.
# Others should not be able to see it, except the
# admin entry below
# These access lines apply to database #1 only
access to attrs=userPassword,shadowLastChange
        by dn="cn=admin,dc=frans-web,dc=com" write
        by anonymous auth
        by self write
        by * none

# Ensure read access to the base for things like
# supportedSASLMechanisms.  Without this you may
# have problems with SASL not knowing what
# mechanisms are available and the like.
# Note that this is covered by the 'access to *'
# ACL below too but if you change that as people
# are wont to do you'll still need this if you
# want SASL (and possible other things) to work 
# happily.
access to dn.base="" by * read

# The admin dn has full write access, everyone else
# can read everything.
access to *
        by dn="cn=admin,dc=frans-web,dc=com" write
        by * read

# For Netscape Roaming support, each user gets a roaming
# profile for which they have write access to
#access to dn=".*,ou=Roaming,o=morsnet"
#        by dn="cn=admin,dc=frans-web,dc=com" write
#        by dnattr=owner write

#######################################################################
# Specific Directives for database #2, of type 'other' (can be bdb too):
# Database specific directives apply to this databasse until another
# 'database' directive occurs
#database        <other>

# The base of your directory for database #2
#suffix		"dc=debian,dc=org"

Voilà le fichier /etc/ldap/schema/thunderbird.schema

Code : Tout sélectionner

#
# mozillaOrgPerson schema v. 0.6.3
#

# req. core
# req. cosine
# req. inetorgperson

# attribute defs

attributetype ( 1.3.6.1.4.1.13769.2.1.1 
        NAME ( 'mozillaNickname' ) 
        SUP name )

attributetype ( 1.3.6.1.4.1.13769.2.1.2 
        NAME ( 'mozillaUseHtmlMail' ) 
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.13769.2.1.3
        NAME 'mozillaSecondEmail' 
        EQUALITY caseIgnoreIA5Match
        SUBSTR caseIgnoreIA5SubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

attributetype ( 1.3.6.1.4.1.13769.2.1.4
        NAME 'mozillaHomeLocalityName' 
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )

attributetype ( 1.3.6.1.4.1.13769.2.1.5 
        NAME 'mozillaPostalAddress2'
        EQUALITY caseIgnoreListMatch
        SUBSTR caseIgnoreListSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )

attributetype ( 1.3.6.1.4.1.13769.2.1.6 
        NAME 'mozillaHomePostalAddress2'
        EQUALITY caseIgnoreListMatch
        SUBSTR caseIgnoreListSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )

attributetype ( 1.3.6.1.4.1.13769.2.1.7 
        NAME ( 'mozillaHomeState' ) SUP name )

attributetype ( 1.3.6.1.4.1.13769.2.1.8 
        NAME 'mozillaHomePostalCode'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )

attributetype ( 1.3.6.1.4.1.13769.2.1.9 
        NAME ( 'mozillaHomeCountryName' ) 
        SUP name SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.13769.2.1.10
        NAME ( 'mozillaHomeFriendlyCountryName' )
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

attributetype ( 1.3.6.1.4.1.13769.2.1.11
        NAME ( 'mozillaHomeUrl' )
        EQUALITY caseIgnoreIA5Match
        SUBSTR caseIgnoreIA5SubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

attributetype ( 1.3.6.1.4.1.13769.2.1.12
        NAME ( 'mozillaWorkUrl' )
        EQUALITY caseIgnoreIA5Match
        SUBSTR caseIgnoreIA5SubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

# un-comment for all LDAP server NOT supporting SYNTAX 2.16.840.1.113730.3.7.1
attributetype ( 1.3.6.1.4.1.13769.2.1.13
        NAME ( 'nsAIMid' )
        DESC 'AOL Instant Messenger (AIM) Identity'
        EQUALITY telephoneNumberMatch
        SUBSTR telephoneNumberSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )

attributetype ( 1.3.6.1.4.1.13769.2.1.14 NAME ( 'mozillaHomeStreet' )
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )

# un-comment for Netscape 6.x and all other LDAP server supporting SYNTAX 2.16.840.1.113730.3.7.1
# attributeTypes ( 2.16.840.1.113730.3.1.2013
#       NAME ( 'nsAIMid' )
#       DESC 'AOL Instant Messenger (AIM) Identity'
#       SYNTAX 2.16.840.1.113730.3.7.1 )

attributetype ( 1.3.6.1.4.1.13769.2.1.96
        NAME ( 'mozillaCustom1' )
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.13769.2.1.97
        NAME ( 'mozillaCustom2' )
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.13769.2.1.98
        NAME ( 'mozillaCustom3' )
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.13769.2.1.99
        NAME ( 'mozillaCustom4' )
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )
 
# defined in "A Summary of the X.500(96) User Schema for use with LDAPv3" - RFC 2256
#
# attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' )
#       DESC 'RFC2256: ISO-3166 country 2-letter code'
#       SUP name SINGLE-VALUE )

# defined in "The COSINE and Internet X.500 Schema" - RFC 1274
#
# attributetype ( 0.9.2342.19200300.100.1.43
#       NAME ( 'co' 'friendlyCountryName' )
#       DESC 'RFC1274: friendly country name'
#       EQUALITY caseIgnoreMatch
#       SUBSTR caseIgnoreSubstringsMatch
#       SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )


# objectClass defs 

objectclass ( 1.3.6.1.4.1.13769.2.2.1 
        NAME 'mozillaOrgPerson' 
        SUP top 
        AUXILIARY 
        MAY ( 
        sn $ 
        givenName $ 
        cn $ 
        displayName $ 
        mozillaNickname $ 
        title $ 
        telephoneNumber $ 
        facsimileTelephoneNumber $ 
        mobile $ 
        pager $ 
        homePhone $ 
        street $ 
        postalCode $ 
        mozillaPostalAddress2 $ 
        mozillaHomeStreet $ 
        mozillaHomePostalAddress2 $ 
        l $ 
        mozillaHomeLocalityName $ 
        st $ 
        mozillaHomeState $ 
        mozillaHomePostalCode $ 
        c $ 
        mozillaHomeCountryName $ 
        co $ 
        mozillaHomeFriendlyCountryName $  
        ou $ 
        o $ 
        mail $ 
        mozillaSecondEmail $ 
        mozillaUseHtmlMail $ 
        nsAIMid $ 
        mozillaHomeUrl $ 
        mozillaWorkUrl $ 
        description $ 
        mozillaCustom1 $ 
        mozillaCustom2 $ 
        mozillaCustom3 $ 
        mozillaCustom4 ) ) 

# not part of the official Mozilla schema but read by Mozilla: 'departmentNumber' and 'postOfficeBox'
# 

Si tu as besoin de plus d'aide, avec le LDIF par exemple, n'hésites pas à me demander !