Skip navigation

LDAP is not running after 10.6.5 update - Help!

14840 Views 28 Replies Latest reply: Jan 14, 2014 4:02 PM by jhdore RSS
  • gobi876h Calculating status...
    Currently Being Moderated
    Dec 18, 2010 6:01 PM (in response to root 66)
    I suffered from the same issue but was unable to resolve using the above methodology because the cn=config.ldif file was gone. I thought that this was an issue from the 10.6.5 upgrade, but my backups show that this stretches back to at least the 10.6.4 upgrade. For some reason, nothing came of missing the file until 10.6.5 came and the whole house of cards fell in (i'm also missing /usr/libexec/slurpd, but that's a different story). I solved the issue by recreating the cn=config.ldif file using /usr/bin/slaptest -f /etc/openldap/slapd.conf -F slapd.d in the /etc/openldap directory. With the .ldif in place, I could then get SSL turned back on.
    Mac Pro, Mac OS X (10.6.5)
  • aliveonearth Level 1 Level 1 (0 points)
    Currently Being Moderated
    Feb 10, 2011 11:08 PM (in response to B. Kennedy)
    Rrrr.. This one is a little over my head. Same problem. The update was never applied with the "In Progress" being displayed in server admin 12 hours later it was still there. I did a reboot and was locked out of work group manager and no more ssh. This turned out to be a DNS related issue. as the reverse lookup on my local network was returning the servers external IP rather than the local one causing any authentication to fail. After restoring and fixing DNS I could use screen sharing and got a terminal on the server fro the local host and have server admin up. LDAP service are stopped and my root certificate is not valid. / Created a new one and trusted it in the keychain. reboot. LDAP still not started and I am here...
    MacMini, MacBookAir, AirPortExtreem, Mac OS X (10.6.5), iPodTouch, ipod
  • aliveonearth Level 1 Level 1 (0 points)
    Currently Being Moderated
    Feb 10, 2011 11:38 PM (in response to aliveonearth)
    Any advice on what this actually means.. ??
    It looks to be like I don't have a configuration set up at all ?
    This is out side of the scope of my knowledge.... So if there are any one out there who know suggestions welcome.


    /usr/libexec/slapd -d -1
    @(#) $OpenLDAP: slapd 2.4.11 (Aug 12 2010 17:17:10) $
    daemon_init: <null>
    ODNodeCustomCall node(/Cache) - ERROR (4001)
    daemon: SLAPSOCKINIT: dtblsize=256
    daemon_init: listen on ldap:///
    daemon_init: 1 listeners to open...
    ldapurl_parseext(ldap:///)
    daemon: bind(8) failed errno=13 (Permission denied)
    daemon: bind(8) failed errno=13 (Permission denied)
    slapopenlistener: failed on ldap:///
    slapd stopped.
    connections_destroy: nothing to destroy.
    ODNodeCustomCall node(/Cache) - ERROR (4001)
    MacMini, MacBookAir, AirPortExtreem, Mac OS X (10.6.5), iPodTouch, ipod
  • aliveonearth Level 1 Level 1 (0 points)
    Currently Being Moderated
    Feb 11, 2011 9:18 PM (in response to aliveonearth)
    Success .. Removed the 5 offending lines with reference to my old root certificate and .. LDAP is up and runnig again...
    MacMini, MacBookAir, AirPortExtreem, Mac OS X (10.6.5), iPodTouch, ipod
  • perigean Calculating status...
    Currently Being Moderated
    Feb 18, 2011 7:06 AM (in response to aliveonearth)
    I'm attempting this fix, but received a "Permission Denied" response after entering the "...cn=config.ldif".

    Any suggestions?
    MiniServer, Mac OS X (10.6.6)
  • Dr Mike Level 1 Level 1 (115 points)
    Currently Being Moderated
    Apr 11, 2011 7:39 AM (in response to root 66)
    Absolute gold. I can't thank you enough for posting this!
    17" MBP, Mac OS X (10.6.7)
  • Dr Mike Level 1 Level 1 (115 points)
    Currently Being Moderated
    Apr 11, 2011 7:45 AM (in response to perigean)
    You need root permissions to edit this file. Try using sudo or su to switch to the root account first.
    17" MBP, Mac OS X (10.6.7)
  • Bao-Khang Nguyen Calculating status...
    Currently Being Moderated
    Jan 3, 2012 12:42 PM (in response to root 66)

    Second Day of 2012! Certificate about to expire. Updated the Self-assigned Cert. Boom! Dead in the water. Running Snow Leopard (10.6.8).

     

    Well thanks to root66 Problem solved!

     

    Thanks a million!

     

    -Bao

  • ruluk7 Calculating status...
    Currently Being Moderated
    Jul 30, 2012 12:49 AM (in response to root 66)

    works also for me, thanks root 66!

  • quickthyme@mac.com Calculating status...
    Currently Being Moderated
    Sep 28, 2012 9:39 AM (in response to root 66)

    Root 66, you saved the day with your response!!! Apple phone support told me I was going to have to rebuild my LDAP from scratch. Following your approach saved me countless hours, not to mention my job. THANK YOU!!

  • Sellers Level 1 Level 1 (10 points)
    Currently Being Moderated
    Oct 15, 2012 7:34 PM (in response to RobFerguson)

    Thanks much - this was very helpful even in 10.8.  

  • soerenkroeger Level 1 Level 1 (0 points)
    Currently Being Moderated
    Jun 4, 2013 4:28 PM (in response to Sellers)

    Even after updating to 10.8.4 !! Thanks a lot!

  • Tyson Brown Calculating status...
    Currently Being Moderated
    Jul 8, 2013 11:37 PM (in response to B. Kennedy)

    Thankyou so much everyone, and particularly root66!  This post saved my bacon BIG TIME when my certificate update went terribly wrong....  Note that this worked in OS X server 10.7.4...

     

    Hurray!!! Thanks again!

  • jhdore Level 1 Level 1 (0 points)
    Currently Being Moderated
    Jan 14, 2014 4:02 PM (in response to root 66)

    Get In my son! Having trawled t'internet for nearly six hours, found your posting re the contents of /etc/openldap/slapd.d/cn=config.ldif containing outdated SSL certificate references. They do not match current SSL certificates, which was preventing my Lion Server LDAP and Open Directory from starting.

     

    deleting the outdated references cured the problem. Many thanks, dude!

1 2 Previous Next

Actions

More Like This

  • Retrieving data ...

Bookmarked By (3)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.