So today I’ve tried to get OpenLDAP running on the EC2 servers. However none of the instructions I found were adequate to get it working. I’m sure the OpenLDAP gurus out there will look at my comments and say “Of course that is the way to figure it out”, but I’m posting this in the hopes it will help out other people lacking such knowledge at some point in the future.
First off, the base article that helped me figure this out is the Ubuntu documentation. However every article I read told me that I could just add my FQDN to the /etc/hosts file, and the right values would simply be created for the base dc entries. So I walked through this article and did everything mentioned, and when I tired to query for my admin user, the query didn’t work.
I also tried any number of other people’s walk throughs. When I did those, I wound up failing at the add user step with a credential problem (error 43) and no idea what was wrong. The above article finally gave me a clue. If you look at the file in
/etc/ldap/slapd.d/cn=config/olcDatabase={1}hdb.ldif
you will see the base dc entries and mine would up being dc=compute-1,dc=com
What happened?
Well if you do a –
hostname -f
You will see that the Fully Qualified Domain Name (FQDN) of your server is not the value you expect. If you want to get it to be your expected value, you will need to change your host name. You can do this temporarily with a
sudo hostname = yourmachine.yourdomain.com
But be aware this will not survive an OS reboot. If you want to change it permanently google the answer for your linux distro.
After making this change, and making sure you updated the etc/hosts, you should see that your hostname query returns the expected value. Now if you follow the linked example, you will wind up with a working OpenLDAP install.
