07 June 2006

Fedora Core 5, Openldap address book and ldbm vs. bdb

I make attempts at using Openldap as an address book running on my Fedora linux box. It works, for the most part, but ldap is clearly built to be more than just a simple address book server. Because it is by no means user-friendly, setting it up and maintaining for this simple use is a challenge. There's just not an easy way to tie everything together and keep the address book entries up-to-date on the server. Someone please show me an address book application that will update ldap.

I occasionally tinker around with perl scripts and such in a meager attempt to make something useful. Right now it involves exporting my Palm Desktop address book entries to vcard format, and running those through a web-based perl script to convert them to ldif and ldapadd them to the DB.

Anyway, I recently upgraded from Fedora Core 4 to FC5 and noticed later that my ldap was acting funny. By funny, I mean this: from Thunderbird, name lookups would only find anything if I entered 3 characters or less. For example, "h", "ha", and "har" would find "harold", but "haro" would not find anything. From the Mac Address Book, it would never find anything.

I also received a warning at startup about using an ldbm database. So... I figured this would be a good time to switch over to using bdb since that seems to be what most posts talk about on various ldap forums.

The switch was not as easy as changing "database ldbm" to "database bdb" in slapd.conf and restarting. When I did this, I got errors. First, this:

bdb_db_open: Warning - No DB_CONFIG file found in directory /var/lib/ldap: (2)

So, I copied DB_CONFIG.example to DB_CONFIG and put it in /var/lib/ldap.

Then, I got errors like this:

Checking configuration files for slapd: bdb_db_open: db_open(/var/lib/ldap/id2entry.bdb) failed: No such file or directory (2)
bdb(dc=mydomain,dc=com): Unknown locker ID: 0
backend_startup_one: bi_db_open failed! (2)
slap_startup failed (test would succeed using the -u switch) [FAILED]
stale lock files may be present in /var/lib/ldap [WARNING]


Where do I get an id2entry.bdb file?

I decided to start from scratch. I started by uninstalling openldap-clients, openldap-server, openldap-devel from my server. But stopped short of removing openldap when it complained about something like 150 other packages that were dependent on it. So, instead, I deleted all the files from /var/lib/ldap and forced a reinstall of openldap. Then, reinstalled all the packages I had removed. My guess is that the only step I really needed to do was to remove the files in /var/lib/ldap.

Then, I put the DB_CONFIG file back into /var/lib/ldap, restored my slapd.conf, and what-da-ya-know? It started right up.

Repopulated my database and it all works great now.

Google searches on the ldap errors didn't help much. Anything I did come across was vague and spoken like you don't have any business messing with ldap unless you are already an expert. But, unless I'm missing something, Openldap is the only free option available to use as an address book server. And it really doesn't need to be so mystified to keep people like me from trying to use it.

Now that it's working again, I plan to try to get it to play nice with Mac Address Book. There seems to be a problem with the default schema mapping that causes fields to be missing in Address Book. And then, I just need to come up with a solution to keeping the damned entries updated and synched.

8 comments:

Andy Loughran said...

I have had the same error come up on a fresh (2 day old) of openldap on Gentoo. I'm trying to use samba as the pdc with ldap auth... not going to plan. Hopefully this solution will work for me too. I'm assuming you still use bdb as your backend after the reinstall?

harold said...

Yes, still using bdb and it's still working.

Josh Miller said...

You may want to consider Fedora Directory Server. I have heard that it is much more user friendly than OpenLDAP. I am in the process of testing it out for myself. I administer several large LDAP installations using OpenLDAP at the moment.

http://directory.fedora.redhat.com/

Unknown said...

i am using openldap on FC5 but i would like to make it work using mysql as backend insted of bdb, i started with libiodbc installation, but at time to test with iodbctest a got this error:

[root@mail openldap-2.3.24]# vi /etc/odbc.ini
[root@mail openldap-2.3.24]# iodbctest
iODBC Demonstration program
This program shows an interactive SQL processor
Driver Manager: 03.52.0406.0126

Enter ODBC connect string (? shows list): DSN=ldap
[MYODBCUtilReadDataSource.c][210][ERROR] Unknown attribute (Host).
[MYODBCUtilReadDataSource.c][210][ERROR] Unknown attribute (ServerType).
[MYODBCUtilReadDataSource.c][210][ERROR] Unknown attribute (FetchBufferSize).
[MYODBCUtilReadDataSource.c][210][ERROR] Unknown attribute (ReadOnly).
1: SQLDriverConnect = [MySQL][ODBC 3.51 Driver]Invalid window handle for connection completion argument. (0) SQLSTATE=IM008
1: ODBC_Connect = [MySQL][ODBC 3.51 Driver]Invalid window handle for connection completion argument. (0) SQLSTATE=IM008

This is my odbc.ini
[ODBC Data Sources]
ldap=MySQL LDAP DSN

[ldap]
Driver=/usr/lib/libmyodbc3.so
Description=OpenLDAP Database
Host=localhost
#Server=loclahost
ServerType=MySQL
Port=3306
FetchBufferSize=99
User=root
Password=vefer
Database=ldap
ReadOnly=no
Socket=

[ODBC]
InstallDir=/usr/local/lib

My odbcinst.ini

# Example driver definitinions
#
#

# Included in the unixODBC package
#[PostgreSQL]
#Description = ODBC for PostgreSQL
#Driver = /usr/lib/libodbcpsql.so
#Setup = /usr/lib/libodbcpsqlS.so
#FileUsage = 1


# Driver from the MyODBC package
# Setup from the unixODBC package
#[MySQL]
#Description = ODBC for MySQL
#Driver = /usr/lib/libmyodbc.so
#Setup = /usr/lib/libodbcmyS.so
#FileUsage = 1

[MySQL ODBC 3.51 Driver]
DRIVER =/usr/lib/libmyodbc3.so
FileUsage =1

I have not idea how to resolve, if you have any idea i will appreciate.

Chris Brind said...

Hi,

Just wanted to let you know that I found this useful, so thanks!

But I realised before uninstalling everything that all you really needed to do is stop ldap, clear down /var/lib/ldap, copy in the DB_CONFIG and then restart it. =)

Thanks again,
Chris

Ish said...

This was very helpful, you solved my problem

thanks :)

Unknown said...

this works for me!
Thanks a lot!

S. Potter said...

I know this is years old now, but this issue still crops up now and then. I wrote a script to take care of it:
http://gist.github.com/612203

HTH
@SusanPotter