Hi, On Thu, 24 Mar 2022 at 09:20, Johannes Kastl <kastl@xxxxxxxxxxxxx> wrote: > > Hi everyone, > > sorry if this question was asked before, but as I found nothing in the docs I am > blocked at the moment. > > I got 389ds running in Kubernetes, which uses a very simple container.inf file: This is actually a .dsrc file (even though it's named differently), so it's not used to create an instance, but to help you to connect to your instance using dsconf inside the container. > > > [localhost] > > # Note that '/' is replaced to '%%2f' for ldapi url format. > > # So this is pointing to /data/run/slapd-localhost.socket > > uri = ldapi://%%2fdata%%2frun%%2fslapd-localhost.socket > > binddn = cn=Directory Manager > > # Set your basedn here > > basedn = dc=example,dc=com > > So no sample entries are being generated (no "sample_entries = yes"). > > I tried to follow and see which steps I need from the quickstart: > https://www.port389.org/docs/389ds/howto/quickstart.html > > Checking the status is the first thing that does not work, as dsctl inside the > container does not have a "status" subcommand: > > 389server-6fff4cb6d8-kjjd4:/ # dsctl slapd-localhost status > > usage: dsctl [-h] [-v] [-j] [-l] [instance] {db2index,db2bak,db2ldif,dbverify,bak2db,ldif2db,backups,ldifs,tls,healthcheck,get-nsstate,ldifgen,dsrc,cockpit,dblib} ... > > dsctl: error: invalid choice: 'status' (choose from 'db2index', 'db2bak', 'db2ldif', 'dbverify', 'bak2db', 'ldif2db', 'backups', 'ldifs', 'tls', 'healthcheck', 'get-nsstate', 'ldifgen', 'dsrc', 'cockpit', 'dblib') > > 389server-6fff4cb6d8-kjjd4:/ # > > The "healthcheck" seems to be successful. Puuh. > > Adding a user fails with "Error: 105 - 4 - 32 - No such object - []", most > probably because there is no content inside the server yet (no base object, > users OU or similar). > > So I tried to query the server using ldapsearch (from the outside) and got a > working connection, even with "-ZZ": > > > $ ldapsearch -x -W -H ldap://my-389ds-server -D "cn=Directory Manager" -ZZ -b cn=config > > [...] > > # search result > > search: 3 > > result: 0 Success > > > > # numResponses: 161 > > # numEntries: 160 > > OK, let's add a base object using ldapadd: > > > dn: dc=example,dc=com > > objectClass: domain > > objectClass: dcObject > > > $ ldapadd -x -f base_only.ldif -D "cn=Directory Manager" -W -H ldap://my-389ds-server > > Enter LDAP Password: > > adding new entry "dc=example,dc=com" > > ldap_add: No such object (32) > > I tried different combinations of objectClass'es, but always got error 32. > > Question: How do I get content into the server initially? It seems I have an > empty server, but I found no documentation on what to do at this point. You have to create a backend and suffix first, because they are not created by default: dsconf localhost backend create --suffix="dc=example,dc=com" \ --be-name userRoot --create-suffix --create-entries Leave --create-entries if you don't need sample entries present. Sorry about the missing docs. I'm working on a howto doc for running DS in OpenShift, hope to publish it soon. > > Am I missing some schema? If so, how would I bootstrap it? > > Sorry if those are obvious questions, but either I am lacking the deep LDAP > knowledge to answer them myself or there is an error in my setup. > > Thanks in advance! > > Johannes > > -- > Johannes Kastl > Linux Consultant & Trainer > Tel.: +49 (0) 151 2372 5802 > Mail: kastl@xxxxxxxxxxxxx > > B1 Systems GmbH > Osterfeldstraße 7 / 85088 Vohburg > http://www.b1-systems.de > GF: Ralph Dehner > Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537 > _______________________________________________ > 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx > Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx > Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure -- Viktor _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
