Error in LdapClient configuration

sathya47 · September 25, 2010, 11:43am

Hi all,

My code for configuring ldapclient is as follows:

ldapclient manual \
-a credentialLevel=proxy \
-a authenticationMethod=simple \
-a proxyDN=cn=proxyagent,cn=user1,dc=sema,dc=com \
-a proxyPassword=user1 \
-a defaultSearchBase=dc=sema,dc=com \
-a domainName=sema.com \
-a "defaultServerList=192.168.1.1" \
-a attributeMap=group:userpassword=userPassword \
-a attributeMap=group:memberuid=memberUid \
-a attributeMap=group:gidnumber=gidNumber \
-a attributeMap=passwd:gecos=cn \
-a attributeMap=passwd:gidnumber=gidNumber \
-a attributeMap=passwd:uidnumber=uidNumber \
-a attributeMap=passwd:homedirectory=unixHomeDirectory \
-a attributeMap=passwd:loginshell=loginShell \
-a attributeMap=shadow:shadowflag=shadowFlag \
-a attributeMap=shadow:userpassword=userPassword \
-a objectClassMap=group: posixGroup=group \
-a objectClassMap=passwd: posixAccount=user \
-a objectClassMap=shadow:shadowAccount=user \
-a serviceSearchDescriptor=passwd:dc=sema,dc=com?sub \
-a serviceSearchDescriptor=group:dc=sema,dc=com?sub

While executing the code I am getting the following error:

"Error parsing command line"

Please help me in resolving this....

Warm regards,
Sathya

jlliagre · September 25, 2010, 3:32pm

There are extra spaces in the arguments you pass:

-a objectClassMap=group: posixGroup=group \
                        ^
-a objectClassMap=passwd: posixAccount=user \
                         ^

sathya47 · September 26, 2010, 4:39am

Removed the extra space but after that also getting the same error.

Kindly help me in resolving this as I have to finish it by the end of this day.

---------- Post updated at 03:39 AM ---------- Previous update was at 02:27 AM ----------

Sry i forget to mention this..
I am getting this msg also after
Error parsing command line

"Set up a server or workstation as a client of an LDAP namespace"

What does this mean? Is it LDAP directory service setup was not successful?

sathya47 · September 26, 2010, 2:59pm

Hi all,

When i enter the lpadclient i am getting the error

"Set up a server or workstation as a client of an LDAP namespace"

What does this mean? Do i missed out any installation?

jlliagre · September 26, 2010, 4:05pm

This isn't an error message. Please don't start a new thread while you have one alive on the same topic.

jlliagre · September 26, 2010, 4:12pm

Please post the whole command you run and the whole message you get. When the two bugs in the command you posted in your first thread are fixed, ldapclient should complete correctly.

sathya47 · September 26, 2010, 4:36pm

The code i executed is:

ldapclient manual \
-a credentialLevel=proxy \
-a authenticationMethod=simple \
-a proxyDN=cn=proxyagent,cn=user1,dc=sema,dc=com \
-a proxyPassword=user1 \
-a defaultSearchBase=dc=sema,dc=com \
-a domainName=sema.com \
-a "defaultServerList=192.168.1.1" \
-a attributeMap=group:userpassword=userPassword \
-a attributeMap=group:memberuid=memberUid \
-a attributeMap=group:gidnumber=gidNumber \
-a attributeMap=passwd:gecos=cn \
-a attributeMap=passwd:gidnumber=gidNumber \
-a attributeMap=passwd:uidnumber=uidNumber \
-a attributeMap=passwd:homedirectory=unixHomeDirectory \
-a attributeMap=passwd:loginshell=loginShell \
-a attributeMap=shadow:shadowflag=shadowFlag \
-a attributeMap=shadow:userpassword=userPassword \
-a objectClassMap=group:posixGroup=group \
-a objectClassMap=passwd:posixAccount=user \
-a objectClassMap=shadow:shadowAccount=user \
-a serviceSearchDescriptor=passwd:dc=sema,dc=com?sub \
-a serviceSearchDescriptor=group:dc=sema,dc=com?sub

And I am getting the msg:

Error parsing command line
Usage: ldapclient [-v ....
....
Set up a server or workstation as a client of an LDAP namespace.
<args> take from the form of '-a attrName=attrVal' as described in
man page ldapclient(1M)

sathya47 · September 26, 2010, 4:38pm

I didnt get any reply for that. Thats why created new. Sorry..

jlliagre · September 26, 2010, 5:01pm

Please use code tags to avoid smileys:

-a objectClassMap=group:posixGroup=group \
-a objectClassMap=passwd:posixAccount=user \

Otherwise, I just ran you command with verbose enabled and it worked correctly:

# ldapclient -v manual \
-a credentialLevel=proxy \
-a authenticationMethod=simple \
-a proxyDN=cn=proxyagent,cn=user1,dc=sema,dc=com \
-a proxyPassword=user1 \
-a defaultSearchBase=dc=sema,dc=com \
-a domainName=sema.com \
-a "defaultServerList=192.168.1.1" \
-a attributeMap=group:userpassword=userPassword \
-a attributeMap=group:memberuid=memberUid \
-a attributeMap=group:gidnumber=gidNumber \
-a attributeMap=passwd:gecos=cn \
-a attributeMap=passwd:gidnumber=gidNumber \
-a attributeMap=passwd:uidnumber=uidNumber \
-a attributeMap=passwd:homedirectory=unixHomeDirectory \
-a attributeMap=passwd:loginshell=loginShell \
-a attributeMap=shadow:shadowflag=shadowFlag \
-a attributeMap=shadow:userpassword=userPassword \
-a objectClassMap=group:posixGroup=group \
-a objectClassMap=passwd:posixAccount=user \
-a objectClassMap=shadow:shadowAccount=user \
-a serviceSearchDescriptor=passwd:dc=sema,dc=com?sub \
-a serviceSearchDescriptor=group:dc=sema,dc=com?sub

Parsing credentialLevel=proxy
Parsing authenticationMethod=simple
Parsing proxyDN=cn=proxyagent,cn=user1,dc=sema,dc=com
Parsing proxyPassword=user1
Parsing defaultSearchBase=dc=sema,dc=com
Parsing domainName=sema.com
Parsing defaultServerList=192.168.1.1
Parsing attributeMap=group:userpassword=userPassword
Parsing attributeMap=group:memberuid=memberUid
Parsing attributeMap=group:gidnumber=gidNumber
Parsing attributeMap=passwd:gecos=cn
Parsing attributeMap=passwd:gidnumber=gidNumber
Parsing attributeMap=passwd:uidnumber=uidNumber
Parsing attributeMap=passwd:homedirectory=unixHomeDirectory
Parsing attributeMap=passwd:loginshell=loginShell
Parsing attributeMap=shadow:shadowflag=shadowFlag
Parsing attributeMap=shadow:userpassword=userPassword
Parsing objectClassMap=group:posixGroup=group
Parsing objectClassMap=passwd:posixAccount=user
Parsing objectClassMap=shadow:shadowAccount=user
Parsing serviceSearchDescriptor=passwd:dc=sema,dc=com?sub
Parsing serviceSearchDescriptor=group:dc=sema,dc=com?sub
Arguments parsed:
        authenticationMethod: simple
        defaultSearchBase: dc=sema,dc=com
        credentialLevel: proxy
        domainName: sema.com
        proxyDN: cn=proxyagent,cn=user1,dc=sema,dc=com
        objectclassMap: 
                arg[0]: group:posixGroup=group
                arg[1]: passwd:posixAccount=user
                arg[2]: shadow:shadowAccount=user
        attributeMap: 
                arg[0]: group:userpassword=userPassword
                arg[1]: group:memberuid=memberUid
                arg[2]: group:gidnumber=gidNumber
                arg[3]: passwd:gecos=cn
                arg[4]: passwd:gidnumber=gidNumber
                arg[5]: passwd:uidnumber=uidNumber
                arg[6]: passwd:homedirectory=unixHomeDirectory
                arg[7]: passwd:loginshell=loginShell
                arg[8]: shadow:shadowflag=shadowFlag
                arg[9]: shadow:userpassword=userPassword
        serviceSearchDescriptor: 
                arg[0]: passwd:dc=sema,dc=com?sub
                arg[1]: group:dc=sema,dc=com?sub
        proxyPassword: user1
        defaultServerList: 192.168.1.1
Handling manual option
Proxy DN: cn=proxyagent,cn=user1,dc=sema,dc=com
Proxy password: {NS1}8a494587c0
Credential level: 1
Authentication method: 1
Shadow Update is not enabled, no adminDN/adminPassword is required.
About to modify this machines configuration by writing the files
Stopping network services
Stopping sendmail
stop: network/smtp:sendmail... failed: entity not found
Stopping sendmail failed with (1). You may need to restart it manually for changes to take effect.
Stopping nscd
stop: sleep 100000 microseconds
stop: system/name-service-cache:default... success
Stopping autofs
stop: sleep 100000 microseconds
stop: system/filesystem/autofs:default... success
ldap not running
nis(yp) not running
file_backup: stat(/etc/nsswitch.conf)=0
file_backup: (/etc/nsswitch.conf -> /var/ldap/restore/nsswitch.conf)
file_backup: stat(/etc/defaultdomain)=0
file_backup: (/etc/defaultdomain -> /var/ldap/restore/defaultdomain)
file_backup: nis domain is "sema.com"
file_backup: stat(/var/yp/binding/sema.com)=-1
file_backup: No /var/yp/binding/sema.com directory.
file_backup: stat(/var/ldap/ldap_client_file)=-1
file_backup: No /var/ldap/ldap_client_file file.
Starting network services
start: /usr/bin/domainname sema.com... success
...

Try again with verbose enabled to see where it fails.

sathya47 · September 28, 2010, 2:55am

Hi jlliagre,

Thanks for your try.
I tried verbose enabled also but got the same error.

Every time when I boot the Solaris machine I got lots of errors regarding LDAP. I thought some LDAP server configuration problem. So I uninstalled both LDAP server and client with the command
# directoryserver uninstall
# ldapclient uninit

After that I installed LDAP server using iPlant Directory Server using
# directoryserver setup

and prepared the directory server using
# cd /usr/lib/ldap
# ./idsconfig

Both was successful.
After that gave the ldapclient code with verbose enabled. Same error I am getting now.

To check the contents i gave:
#ldaplist
Got new error:

ldaplist: LDAP configuration problem (Unable to load configuration '/var/ldap/ldap_client_file' ('').)

#ls /var/ldap
cachemgr.log

There is only one file in /var/ldap folder.

Is there anything wrong with the LDAP setup? If so please help me how to do that as I am new to this..

jlliagre · September 28, 2010, 3:39am

There are many things that you might have done wrong. I'm afraid that's too complex a problem to be solved in a forum ...