ldap-server start error

I am trying to get openldap configured and running on my Suse 11.0 system and receive the following error when I do /etc/init.d/ldap start

Starting ldap-server/usr/lib/openldap/slapd: symbol lookup error: /usr/lib/openldap/slapd: undefined symbol: ber_sockbuf_io_udp
startproc: exit status of parent of /usr/lib/openldap/slapd: 127

The system is running the following openldap apps:

openldap2-2.4.9-7.1
openldap2-client-2.4.9-7.1
openldap2-devel-2.4.9-7.1

I did a google search on the ber_sokcbuf_io_udp symbol, but didn’t find much useful information.

Can someone please assist me with this error, thanks.

I will provide any requested information if needed.

Strange, it works ok here and I have the same version. Are you running 32 or 64 bit? Please do this also and report the output.

ldd /usr/lib/openldap/slapd

Thank you for your initial response

This is 32bit

output from ldd is
linux-gate.so.1 => (0xffffe000)
libldap_r-2.4.so.2 => /usr/local/lib/libldap_r-2.4.so.2 (0xb7d36000)
liblber-2.4.so.2 => /usr/local/lib/liblber-2.4.so.2 (0xb7d28000)
libltdl.so.3 => /usr/lib/libltdl.so.3 (0xb7d20000)
libdb-4.5.so => /usr/lib/libdb-4.5.so (0xb7bfd000)
libslp.so.1 => /usr/lib/libslp.so.1 (0xb7be6000)
libm.so.6 => /lib/libm.so.6 (0xb7bc0000)
libnsl.so.1 => /lib/libnsl.so.1 (0xb7ba8000)
libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7b8f000)
libdl.so.2 => /lib/libdl.so.2 (0xb7b8b000)
libssl.so.0.9.8 => /usr/lib/libssl.so.0.9.8 (0xb7b46000)
libcrypto.so.0.9.8 => /usr/lib/libcrypto.so.0.9.8 (0xb7a02000)
libcrypt.so.1 => /lib/libcrypt.so.1 (0xb79cc000)
libresolv.so.2 => /lib/libresolv.so.2 (0xb79b8000)
libwrap.so.0 => /lib/libwrap.so.0 (0xb79ae000)
libpthread.so.0 => /lib/libpthread.so.0 (0xb7996000)
libc.so.6 => /lib/libc.so.6 (0xb7853000)
/lib/ld-linux.so.2 (0xb7d86000)
libz.so.1 => /lib/libz.so.1 (0xb783f000)

You have some foreign libraries in /usr/local/lib which are the wrong version. Don’t know how you got those there. Remove them and rerun

ldconfig

and slapd should bind to the correct libraries in /usr/lib.

Okay please help me out…

You said to remove the foreign binaries. Is there a specific command I need to run? I assume simply deleting them is not correct.

Why not? If you don’t know a reason why they should be there, then surely you can delete them? :slight_smile:

Seriously, somehow you put those libraries on your system. OpenSUSE doesn’t come with anything in /usr/local/lib. So you have to rack your brain and try to recall how you installed those libraries there. Did you for example try to build openldap2 from source sometime back?

Thanks so much for clearing that issue up I am no able to start ldap without any errors!!!

Now there is something else I hope you can help with.

in the slapd.conf file I am trying to use something besides a clear text password for the rootpw. I generated a secure password by using the slappasswd command and copied it to the slapd.conf file on the rootpw line, ie:

rootpw {SSHA}valuehere

I also did smbpasswd -w {SSHA}valuehere

now when I start Samba or do a smbpasswd -a I am getting a failed to bind to server Invalid Credentials error

If I set rootpw and smbpasswd -w to lets say password it works fine. What am I doing wrong with the secured password I am tyring to use?

I would recommend that you start a new thread. This is a samba issue and you would get more people who know more about samba than me if you start a new thread with a new subject.

okay, thanks again for the assistance you provided!

how do you know that this libraries are foreign? im learning ldap…i have the same problem even I delete them.

suse1:/usr/local/lib # ldd /usr/lib/openldap/slapd
        linux-gate.so.1 =>  (0xffffe000)
        libldap_r-2.4.so.2 => /usr/lib/libldap_r-2.4.so.2 (0xb74ec000)
        liblber-2.4.so.2 => /usr/lib/liblber-2.4.so.2 (0xb74dc000)
        libltdl.so.7 => /usr/lib/libltdl.so.7 (0xb74d1000)
        libdb-4.5.so => /usr/lib/libdb-4.5.so (0xb7393000)
        libslp.so.1 => /usr/lib/libslp.so.1 (0xb7379000)
        libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb735f000)
        libcrypto.so.0.9.8 => /usr/lib/libcrypto.so.0.9.8 (0xb71ed000)
        libcrypt.so.1 => /lib/libcrypt.so.1 (0xb71b7000)
        libwrap.so.0 => /lib/libwrap.so.0 (0xb71ac000)
        libpthread.so.0 => /lib/libpthread.so.0 (0xb7192000)
        libc.so.6 => /lib/libc.so.6 (0xb7031000)
        libresolv.so.2 => /lib/libresolv.so.2 (0xb701b000)
        libssl.so.0.9.8 => /usr/lib/libssl.so.0.9.8 (0xb6fd0000)
        libdl.so.2 => /lib/libdl.s
suse1:/usr/local/lib # cat /etc/openldap/slapd.conf
#                                                  
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.                
#                                                        
include         /etc/openldap/schema/core.schema         
include         /etc/openldap/schema/cosine.schema       
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/rfc2307bis.schema   
include         /etc/openldap/schema/yast.schema         

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.                      
#referral       ldap://root.openldap.org                          

pidfile         /var/run/slapd/slapd.pid
argsfile        /var/run/slapd/slapd.args

# Load dynamic backend modules:
# modulepath    /usr/lib/openldap/modules
# moduleload    back_bdb.la              
# moduleload    back_hdb.la              
# moduleload    back_ldap.la             

# Sample security restrictions
#       Require integrity protection (prevent hijacking)
#       Require 112-bit (3DES or better) encryption for updates
#       Require 63-bit encryption for simple bind              
# security ssf=1 update_ssf=112 simple_bind=64                 

# Sample access control policy:
#       Root DSE: allow anyone to read it
#       Subschema (sub)entry DSE: allow anyone to read it
#       Other DSEs:                                      
#               Allow self write access to user password 
#               Allow anonymous users to authenticate    
#               Allow read access to everything else     
#       Directives needed to implement policy:
access to dn.base=""
        by * read

access to dn.base="cn=Subschema"
        by * read

access to attrs=userPassword,userPKCS12
        by self write
        by * auth

access to attrs=shadowLastChange
        by self write
        by * read

access to *
        by * read

# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn.  (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!

#######################################################################
# BDB database definitions
#######################################################################

database        bdb
#suffix         "dc=my-domain,dc=com"
suffix          "dc=suse1,dc=internal"
checkpoint      1024    5
cachesize       10000
#rootdn         "cn=Manager,dc=my-domain,dc=com"
rootdn          "cn=Manager,dc=suse1,dc=internal"
# Cleartext passwords, especially for the rootdn, should
# be avoid.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
#rootpw         secret
rootpw          abc123
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory       /var/lib/ldap
# Indices to maintain
index   objectClass     eq

#####
#REPLICATION
#####

replogfile /var/lib/ldap/slapd.replog
replication host=suse2.internal:389
        binddn="cn=Manager,dc=suse1,dc=internal"
        credentials=abc123
        bindmethod=simple
        tls=no
suse1:/usr/local/lib #

suse2:/usr/local/lib # cat /etc/openldap/slapd.conf
#                                                  
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.                
#                                                        
include         /etc/openldap/schema/core.schema         
include         /etc/openldap/schema/cosine.schema       
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/rfc2307bis.schema   
include         /etc/openldap/schema/yast.schema         

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.                      
#referral       ldap://root.openldap.org                          

pidfile         /var/run/slapd/slapd.pid
argsfile        /var/run/slapd/slapd.args

# Load dynamic backend modules:
# modulepath    /usr/lib/openldap/modules
# moduleload    back_bdb.la              
# moduleload    back_hdb.la              
# moduleload    back_ldap.la             

# Sample security restrictions
#       Require integrity protection (prevent hijacking)
#       Require 112-bit (3DES or better) encryption for updates
#       Require 63-bit encryption for simple bind              
# security ssf=1 update_ssf=112 simple_bind=64                 

# Sample access control policy:
#       Root DSE: allow anyone to read it
#       Subschema (sub)entry DSE: allow anyone to read it
#       Other DSEs:
#               Allow self write access to user password
#               Allow anonymous users to authenticate
#               Allow read access to everything else
#       Directives needed to implement policy:
access to dn.base=""
        by * read

access to dn.base="cn=Subschema"
        by * read

access to attrs=userPassword,userPKCS12
        by self write
        by * auth

access to attrs=shadowLastChange
        by self write
        by * read

access to *
        by * read

# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn.  (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!

#######################################################################
# BDB database definitions
#######################################################################

database        bdb
#suffix         "dc=my-domain,dc=com"
suffix          "dc=suse1,dc=internal"
checkpoint      1024    5
cachesize       10000
#rootdn         "cn=Manager,dc=my-domain,dc=com"
rootdn          "cn=Manager,dc=suse1,dc=internal"
updatedn "cn=Manager,dc=suse1,dc=internal"
updateref ldap://suse1.internal
# Cleartext passwords, especially for the rootdn, should
# be avoid.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
#rootpw         secret
rootpw          abc123
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory       /var/lib/ldap
# Indices to maintain
index   objectClass     eq
suse2:/usr/local/

suse1:/usr/local/lib # slaptest
/etc/openldap/slapd.conf: line 87: <replogfile> keyword is obsolete (ignored)
/etc/openldap/slapd.conf: line 92: unknown directive <replication> inside backend database definition.
slaptest: bad configuration file!
suse1:/usr/local/lib

still kind of learning…cant find anything wrong with it.

thank you.

julie

I’ve setup ldap with help of yast and got error pressing “Finish” button: “Starting the LDAP service failed”. When I’ve pressed “Details…” nothing happens, i.e. no details. I’ve tried to start ldap server manually (/etc/init.d/ldap start) and got this message “exit status of parent of /usr/lib/openldap/slapd: 1 failed”. I’ve tried to find logs at “/var/log/ldap” with no success - no logs. How to resolve issue?

Update: found “TLS init def ctx failed: -1” in /var/log/messages. Now googling, but waiting for help.

Started ldap with “/usr/lib/openldap/slapd -d -1” and got message: “hdb_monitor_db_open: monitoring disabled; configure monitor database to enable slapd starting”. Googling for how to enable the monitor, but still waiting for help.

SOLVED.

I’ve added common server sertificate and recreated ldap using it.

Guys, I have installed openldap following the below documentation, got struck with the below error message “command not found”. The slapd script is unable to locate the function for log_info_msg. My understanding is that there should be some softlink or something like that got missed or broken and thats the reason the log_info_msg function is not trackable.

Please advice. I Hope this should be related to openLDAP configuration. I have installed on Linux OS.

OpenLDAP-2.4.35

Error:

[root@celvph0204 /]# /etc/rc.d/init.d/slapd start
/etc/rc.d/init.d/slapd: line 40: log_info_msg: command not found

Thanks a lot

=================================================================================

Hi Team,

Please help me… I’m in very urgent need

Thanks & Regards,
Shakeer Ahmed