Hello! I was try to reboot my system and I was try to restore my oldest backup but still account system is offline. I only can use the default root user. My configured accounts doesn't work. I don't able to login just the root only.
Share this post:
Accepted AnswerKelemen MihályOfflineHello! I dont give any errors
[root@gateway ~]# slapd -h "ldap://127.0.0.1/" -u ldap -f "/etc/openldap/slapd.conf" -d 256
5b544a1b @(#) $OpenLDAP: slapd 2.4.44 (Aug 12 2017 06:10:11) $
5b544a1b /etc/openldap/slapd.conf: line 63: invalid path: No such file or directory
5b544a1b slapd stopped.
5b544a1b connections_destroy: nothing to destroy.
Thank you I was write an email about my problem to the support.
Accepted AnswerI've seen your ticket, thanks. If it is not a certificate problem the devs may not be interested. What did you see from starting OpenLDAP in debug mode?
Also please post your OpenVPN problem to a separate thread in the forum although there may be a chance they are linked.
Also do you have an /etc/openldap/slapd.d folder. You should not, but if you do, it may be part of an older problem.
Accepted AnswerHas your system just upgraded to 7.5? ("cat /etc/clearos_release")
Please can you try starting LDAP from the command line in debug mode:
If you get a certificate error something like:
slapd -h "ldap://127.0.0.1/" -u ldap -f "/etc/openldap/slapd.conf" -d 256
Please try copying in your certificates again. Details are in this post. If it works, please post back to say it is working.
$ slapd -h "ldap://127.0.0.1/" -u ldap -f "/etc/openldap/slapd.conf" -d 256
5b4055f3 @(#) $OpenLDAP: slapd 2.4.44 (Jul 4 2018 20:05:05) $
TLSMC: MozNSS compatibility interception begins.
tlsmc_convert: INFO: cannot open the NSS DB, expecting PEM configuration is present.
tlsmc_intercept_initialization: INFO: successfully intercepted TLS initialization. Continuing with OpenSSL only.
TLSMC: MozNSS compatibility interception ends.
TLS: could not use key file `/etc/openldap/certs/clearos-key.pem'.
TLS: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch x509_cmp.c:341
5b4055f3 main: TLS init def ctx failed: -1
5b4055f3 slapd stopped.
5b4055f3 connections_destroy: nothing to destroy.
If it did not work and you don't need LDAP right now, please can you raise a ticket at clearcenter.com and provide remote login credentials @ https://secure.clearcenter.com/portal/system_password.jsp. Raise the ticket as a general enquiry and they will provide free support. They really want to troubleshoot this one.
If you do need LDAP now and can't wait, you'll need to downgrade openlap:
Then block the re-upgrade by adding a line to /etc/yum.conf:
yum downgrade openldap openldap-servers openldap-clients
If you could then raise a ticket and agree a suitable time for the devs to have a look, they can log in, re-upgrade openldap and troubleshoot. Mention in the ticket that you have blocked openldap from upgrading.
If you can work with the devs on this one, it would be greatly appreciated. Clearly it is Saturday now so I don't know when they will be around, but as 7.5 has just come out, they may be on standby for issues.
Also, can you send them a configuration backup from prior to the update because they may be able to troubleshoot from that as well? If you can e-mail it to firstname.lastname@example.org they will pick it up.