# Openldap - not running - no pidfile, no errors

## petterg

I've been trying to setup Open-xchange using the guide at http://www.mikefetherston.ca/OX/html/index.html

Then it turns out that openldap is not running... or maybe it is...

At boottime starting slapd returns [OK] - no error messages.

If I disable slapd at boottime, and run "/etc/init.d/slapd start" after boot it also returns [OK]

However, there is no pidfile in /var/run/openladp - hence it's unable to stop the server.

(I ran chmod 777 /var/run/openldap in case there was any permission problem - to no help.)

If I try to run "/etc/init.d/slapd start" a second time I get the message that the service is already running.

When I got to the point of adding an open-xchange user it tells me "unable to connect to ldap server".

Can someone please point me in the right direction to debug this?

----------

## Kruegi

Increase the debug level by adding "-d number" to the options in /etc/conf.d/slapd. (where number in an integer).

To reset a service use "/etc/init.d/service zap"

Thomas

----------

## xarses

gento's init script has issues creating the pid file

to /etc/openldap/slapd.conf add

pidfile /var/run/openldap/slapd.pid

also you probably will want to un-comment the OPTS= line in /etc/conf.d/slapd

----------

## petterg

New weekend, giving open-xchange a new try:

By setting OPTS="-d 1" in /etc/conf.d/slapd I get this when trying to start slapd:

```

ox ~ # /etc/init.d/slapd start 

 * Starting ldap-server ...

@(#) $OpenLDAP: slapd 2.2.28 (Oct 22 2005 21:08:43) $

        root@ox:/temps/var/portage/openldap-2.2.28/work/openldap-2.2.28/servers/slapd

daemon_init: listen on ldap:///

daemon_init: 1 listeners to open...

ldap_url_parse_ext(ldap:///)

daemon: initialized ldap:///

daemon_init: 1 listeners opened

slapd init: initiated server.

slap_sasl_init: initialized!

bdb_back_initialize: initialize BDB backend

bdb_back_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December  3, 2003)

>>> dnNormalize: <cn=Subschema>

=> ldap_bv2dn(cn=Subschema,0)

ldap_err2string

<= ldap_bv2dn(cn=Subschema)=0 Success

=> ldap_dn2bv(272)

ldap_err2string

<= ldap_dn2bv(cn=subschema)=0 Success

<<< dnNormalize: <cn=subschema>

bdb_db_init: Initializing BDB database

>>> dnPrettyNormal: <dc=ox,dc=gunnerud,dc=net>

=> ldap_bv2dn(dc=ox,dc=gunnerud,dc=net,0)

ldap_err2string

<= ldap_bv2dn(dc=ox,dc=gunnerud,dc=net)=0 Success

=> ldap_dn2bv(272)

ldap_err2string

<= ldap_dn2bv(dc=ox,dc=gunnerud,dc=net)=0 Success

=> ldap_dn2bv(272)

ldap_err2string

<= ldap_dn2bv(dc=ox,dc=gunnerud,dc=net)=0 Success

<<< dnPrettyNormal: <dc=ox,dc=gunnerud,dc=net>, <dc=ox,dc=gunnerud,dc=net>

>>> dnPrettyNormal: <cn=Manager,dc=ox,dc=gunnerud,dc=net>

=> ldap_bv2dn(cn=Manager,dc=ox,dc=gunnerud,dc=net,0)

ldap_err2string

<= ldap_bv2dn(cn=Manager,dc=ox,dc=gunnerud,dc=net)=0 Success

=> ldap_dn2bv(272)

ldap_err2string

<= ldap_dn2bv(cn=Manager,dc=ox,dc=gunnerud,dc=net)=0 Success

=> ldap_dn2bv(272)

ldap_err2string

<= ldap_dn2bv(cn=manager,dc=ox,dc=gunnerud,dc=net)=0 Success

<<< dnPrettyNormal: <cn=Manager,dc=ox,dc=gunnerud,dc=net>, <cn=manager,dc=ox,dc=gunnerud,dc=net>

matching_rule_use_init

    1.2.840.113556.1.4.804 (integerBitOrMatch): matchingRuleUse: ( 1.2.840.113556.1.4.804 NAME 'integerBitOrMatch' APPLIES ( OXDayviewInterval $ DBServerPort $ webmailServerPort $ groupwareServerPort $ OXGroupID $ smtpPort $ sievePort $ imapPort $ oncRpcNumber $ ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire $ shadowInactive $ shadowWarning $ shadowMax $ shadowMin $ shadowLastChange $ gidNumber $ uidNumber $ mailPreferenceOption $ supportedLDAPVersion ) )

    1.2.840.113556.1.4.803 (integerBitAndMatch): matchingRuleUse: ( 1.2.840.113556.1.4.803 NAME 'integerBitAndMatch' APPLIES ( OXDayviewInterval $ DBServerPort $ webmailServerPort $ groupwareServerPort $ OXGroupID $ smtpPort $ sievePort $ imapPort $ oncRpcNumber $ ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire $ shadowInactive $ shadowWarning $ shadowMax $ shadowMin $ shadowLastChange $ gidNumber $ uidNumber $ mailPreferenceOption $ supportedLDAPVersion ) )

    1.3.6.1.4.1.1466.109.114.2 (caseIgnoreIA5Match): matchingRuleUse: ( 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' APPLIES ( domainName $ vaddress $ OXTaskDays $ OXAppointmentDays $ reject $ colocRouteAddr $ nisMapEntry $ bootFile $ macAddress $ ipNetmaskNumber $ ipNetworkNumber $ ipHostNumber $ memberNisNetgroup $ memberUid $ loginShell $ homeDirectory $ gecos $ rfc822MailMember $ mailRoutingAddress $ mailHost $ mailLocalAddress $ janetMailbox $ cNAMERecord $ sOARecord $ nSRecord $ mXRecord $ mDRecord $ aRecord $ email $ associatedDomain $ dc $ mail $ altServer ) )

    1.3.6.1.4.1.1466.109.114.1 (caseExactIA5Match): matchingRuleUse: ( 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' APPLIES ( domainName $ vaddress $ OXTaskDays $ OXAppointmentDays $ reject $ colocRouteAddr $ nisMapEntry $ bootFile $ macAddress $ ipNetmaskNumber $ ipNetworkNumber $ ipHostNumber $ memberNisNetgroup $ memberUid $ loginShell $ homeDirectory $ gecos $ rfc822MailMember $ mailRoutingAddress $ mailHost $ mailLocalAddress $ janetMailbox $ cNAMERecord $ sOARecord $ nSRecord $ mXRecord $ mDRecord $ aRecord $ email $ associatedDomain $ dc $ mail $ altServer ) )

    2.5.13.35 (certificateMatch): matchingRuleUse: ( 2.5.13.35 NAME 'certificateMatch' APPLIES ( cACertificate $ userCertificate ) )

    2.5.13.34 (certificateExactMatch): matchingRuleUse: ( 2.5.13.34 NAME 'certificateExactMatch' APPLIES ( cACertificate $ userCertificate ) )

    2.5.13.30 (objectIdentifierFirstComponentMatch): matchingRuleUse: ( 2.5.13.30 NAME 'objectIdentifierFirstComponentMatch' APPLIES ( supportedApplicationContext $ ldapSyntaxes $ supportedFeatures $ supportedExtension $ supportedControl ) )

    2.5.13.29 (integerFirstComponentMatch): matchingRuleUse: ( 2.5.13.29 NAME 'integerFirstComponentMatch' APPLIES ( OXDayviewInterval $ DBServerPort $ webmailServerPort $ groupwareServerPort $ OXGroupID $ smtpPort $ sievePort $ imapPort $ oncRpcNumber $ ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire $ shadowInactive $ shadowWarning $ shadowMax $ shadowMin $ shadowLastChange $ gidNumber $ uidNumber $ mailPreferenceOption $ supportedLDAPVersion ) )

    2.5.13.27 (generalizedTimeMatch): matchingRuleUse: ( 2.5.13.27 NAME 'generalizedTimeMatch' APPLIES ( modifyTimestamp $ createTimestamp ) )

    2.5.13.24 (protocolInformationMatch): matchingRuleUse: ( 2.5.13.24 NAME 'protocolInformationMatch' APPLIES protocolInformation )

    2.5.13.23 (uniqueMemberMatch): matchingRuleUse: ( 2.5.13.23 NAME 'uniqueMemberMatch' APPLIES uniqueMember )

    2.5.13.22 (presentationAddressMatch): matchingRuleUse: ( 2.5.13.22 NAME 'presentationAddressMatch' APPLIES presentationAddress )

    2.5.13.20 (telephoneNumberMatch): matchingRuleUse: ( 2.5.13.20 NAME 'telephoneNumberMatch' APPLIES ( pager $ mobile $ homePhone $ telephoneNumber ) )

    2.5.13.17 (octetStringMatch): matchingRuleUse: ( 2.5.13.17 NAME 'octetStringMatch' APPLIES ( queryid $ userPassword ) )

    2.5.13.16 (bitStringMatch): matchingRuleUse: ( 2.5.13.16 NAME 'bitStringMatch' APPLIES x500UniqueIdentifier )

    2.5.13.14 (integerMatch): matchingRuleUse: ( 2.5.13.14 NAME 'integerMatch' APPLIES ( OXDayviewInterval $ DBServerPort $ webmailServerPort $ groupwareServerPort $ OXGroupID $ smtpPort $ sievePort $ imapPort $ oncRpcNumber $ ipProtocolNumber $ ipServicePort $ shadowFlag $ shadowExpire $ shadowInactive $ shadowWarning $ shadowMax $ shadowMin $ shadowLastChange $ gidNumber $ uidNumber $ mailPreferenceOption $ supportedLDAPVersion ) )

    2.5.13.13 (booleanMatch): matchingRuleUse: ( 2.5.13.13 NAME 'booleanMatch' APPLIES ( resourceAvailable $ resourceGroupAvailable $ hasSubordinates ) )

    2.5.13.11 (caseIgnoreListMatch): matchingRuleUse: ( 2.5.13.11 NAME 'caseIgnoreListMatch' APPLIES ( homePostalAddress $ registeredAddress $ postalAddress ) )

    2.5.13.8 (numericStringMatch): matchingRuleUse: ( 2.5.13.8 NAME 'numericStringMatch' APPLIES ( internationaliSDNNumber $ x121Address ) )

    2.5.13.7 (caseExactSubstringsMatch): matchingRuleUse: ( 2.5.13.7 NAME 'caseExactSubstringsMatch' APPLIES ( dnQualifier $ destinationIndicator $ serialNumber ) )

    2.5.13.6 (caseExactOrderingMatch): matchingRuleUse: ( 2.5.13.6 NAME 'caseExactOrderingMatch' APPLIES ( dnQualifier $ destinationIndicator $ serialNumber ) )

    2.5.13.5 (caseExactMatch): matchingRuleUse: ( 2.5.13.5 NAME 'caseExactMatch' APPLIES ( OXDayviewEndTime $ OXDayviewStartTime $ OXUserDistributionList $ OXUserComment $ OXUserAnniversary $ OXUserSpouseName $ OXUserNickName $ OXUserProfession $ OXUserChildren $ OXUserMaritalStatus $ OXUserState $ OXUserPostalCode $ OXUserSuffix $ OXUserUserUndef20 $ OXUserUserUndef19 $ OXUserUserUndef18 $ OXUserUserUndef17 $ OXUserUserUndef16 $ OXUserUserUndef15 $ OXUserUserUndef14 $ OXUserUserUndef13 $ OXUserUserUndef12 $ OXUserUserUndef11 $ OXUserUserUndef10 $ OXUserUserUndef09 $ OXUserUserUndef08 $ OXUserUserUndef07 $ OXUserUserUndef06 $ OXUserUserUndef05 $ OXUserUserUndef04 $ OXUserUserUndef03 $ OXUserUserUndef02 $ OXUserUserUndef01 $ OXUserEmail3 $ OXUserEmail2 $ OXUserInstantmessenger2 $ OXUserInstantMessenger $ OXUserTeleTTY $ OXUserTeleRadio $ OXUserTelePrimary $ OXUserTeleFax2 $ OXUserTeleOther $ OXUserTeleMobile2 $ OXUserTeleHome2 $ OXUserTeleCompany $ OXUserTeleCar $ OXUserTeleCallback $ OXUserTeleBusiness2 $ OXUserTeleAssistant $ OXUserOtherCountry $ OXUserOtherState $ OXUserOtherCity $ OXUserOtherPostalCode $ OXUserOtherStreet $ OXUserCategories $ OXUserBranches $ OXUserComReg $ OXUserTaxID $ OXUserCity $ OXUserSalesVolume $ OXUserPosition $ conferenceInformation $ middleName $ otherfacsimiletelephonenumber $ otherpager $ url $ IPPhone $ smtpDomain $ smtpDomainTransportNexthop $ fn $ deliverToUID $ mailDeliveryProgram $ MTALocaldomain $ mailDomain $ resourceDescription $ resourceName $ resourceGroupDescription $ resourceGroupMember $ resourceGroupName $ DBServerType $ DBServer $ webmailServer $ groupwareServer $ OXTimeZone $ OXWebmailStyle $ OXGroupwareStyle $ lnetMailAccess $ birthDay $ loginDestination $ userCountry $ relClientCert $ smtpServer $ imapServer $ alias $ mailEnabled $ nisMapName $ ipServiceProtocol $ preferredLanguage $ employeeType $ employeeNumber $ displayName $ departmentNumber $ carLicense $ documentPublisher $ buildingName $ organizationalStatus $ uniqueIdentifier $ co $ personalTitle $ documentLocation $ documentVersion $ documentTitle $ documentIdentifier $ host $ userClass $ roomNumber $ drink $ info $ textEncodedORAddress $ uid $ dmdName $ houseIdentifier $ dnQualifier $ generationQualifier $ initials $ givenName $ destinationIndicator $ physicalDeliveryOfficeName $ postOfficeBox $ postalCode $ businessCategory $ description $ title $ ou $ o $ street $ st $ l $ c $ serialNumber $ sn $ knowledgeInformation $ labeledURI $ cn $ name $ ref $ vendorVersion $ vendorName $ supportedSASLMechanisms ) )

    2.5.13.4 (caseIgnoreSubstringsMatch): matchingRuleUse: ( 2.5.13.4 NAME 'caseIgnoreSubstringsMatch' APPLIES ( dnQualifier $ destinationIndicator $ serialNumber ) )

    2.5.13.3 (caseIgnoreOrderingMatch): matchingRuleUse: ( 2.5.13.3 NAME 'caseIgnoreOrderingMatch' APPLIES ( dnQualifier $ destinationIndicator $ serialNumber ) )

    2.5.13.2 (caseIgnoreMatch): matchingRuleUse: ( 2.5.13.2 NAME 'caseIgnoreMatch' APPLIES ( OXDayviewEndTime $ OXDayviewStartTime $ OXUserDistributionList $ OXUserComment $ OXUserAnniversary $ OXUserSpouseName $ OXUserNickName $ OXUserProfession $ OXUserChildren $ OXUserMaritalStatus $ OXUserState $ OXUserPostalCode $ OXUserSuffix $ OXUserUserUndef20 $ OXUserUserUndef19 $ OXUserUserUndef18 $ OXUserUserUndef17 $ OXUserUserUndef16 $ OXUserUserUndef15 $ OXUserUserUndef14 $ OXUserUserUndef13 $ OXUserUserUndef12 $ OXUserUserUndef11 $ OXUserUserUndef10 $ OXUserUserUndef09 $ OXUserUserUndef08 $ OXUserUserUndef07 $ OXUserUserUndef06 $ OXUserUserUndef05 $ OXUserUserUndef04 $ OXUserUserUndef03 $ OXUserUserUndef02 $ OXUserUserUndef01 $ OXUserEmail3 $ OXUserEmail2 $ OXUserInstantmessenger2 $ OXUserInstantMessenger $ OXUserTeleTTY $ OXUserTeleRadio $ OXUserTelePrimary $ OXUserTeleFax2 $ OXUserTeleOther $ OXUserTeleMobile2 $ OXUserTeleHome2 $ OXUserTeleCompany $ OXUserTeleCar $ OXUserTeleCallback $ OXUserTeleBusiness2 $ OXUserTeleAssistant $ OXUserOtherCountry $ OXUserOtherState $ OXUserOtherCity $ OXUserOtherPostalCode $ OXUserOtherStreet $ OXUserCategories $ OXUserBranches $ OXUserComReg $ OXUserTaxID $ OXUserCity $ OXUserSalesVolume $ OXUserPosition $ conferenceInformation $ middleName $ otherfacsimiletelephonenumber $ otherpager $ url $ IPPhone $ smtpDomain $ smtpDomainTransportNexthop $ fn $ deliverToUID $ mailDeliveryProgram $ MTALocaldomain $ mailDomain $ resourceDescription $ resourceName $ resourceGroupDescription $ resourceGroupMember $ resourceGroupName $ DBServerType $ DBServer $ webmailServer $ groupwareServer $ OXTimeZone $ OXWebmailStyle $ OXGroupwareStyle $ lnetMailAccess $ birthDay $ loginDestination $ userCountry $ relClientCert $ smtpServer $ imapServer $ alias $ mailEnabled $ nisMapName $ ipServiceProtocol $ preferredLanguage $ employeeType $ employeeNumber $ displayName $ departmentNumber $ carLicense $ documentPublisher $ buildingName $ organizationalStatus $ uniqueIdentifier $ co $ personalTitle $ documentLocation $ documentVersion $ documentTitle $ documentIdentifier $ host $ userClass $ roomNumber $ drink $ info $ textEncodedORAddress $ uid $ dmdName $ houseIdentifier $ dnQualifier $ generationQualifier $ initials $ givenName $ destinationIndicator $ physicalDeliveryOfficeName $ postOfficeBox $ postalCode $ businessCategory $ description $ title $ ou $ o $ street $ st $ l $ c $ serialNumber $ sn $ knowledgeInformation $ labeledURI $ cn $ name $ ref $ vendorVersion $ vendorName $ supportedSASLMechanisms ) )

    2.5.13.1 (distinguishedNameMatch): matchingRuleUse: ( 2.5.13.1 NAME 'distinguishedNameMatch' APPLIES ( OXUserAssistant $ dITRedirect $ associatedName $ secretary $ documentAuthor $ manager $ seeAlso $ roleOccupant $ owner $ member $ distinguishedName $ aliasedObjectName $ namingContexts $ subschemaSubentry $ modifiersName $ creatorsName ) )

    2.5.13.0 (objectIdentifierMatch): matchingRuleUse: ( 2.5.13.0 NAME 'objectIdentifierMatch' APPLIES ( supportedApplicationContext $ supportedFeatures $ supportedExtension $ supportedControl ) )

slapd startup: initiated.

backend_startup: starting "dc=ox,dc=gunnerud,dc=net"

bdb_db_open: dbenv_open(/var/lib/openldap-data)

bdb_db_open: db_open(/var/lib/openldap-data) failed: Permission denied (13)

backend_startup: bi_db_open failed! (13)

slapd shutdown: initiated

====> bdb_cache_release_all

slapd shutdown: freeing system resources.

bdb(dc=ox,dc=gunnerud,dc=net): gidNumber.bdb: unable to flush: Permission denied

bdb(dc=ox,dc=gunnerud,dc=net): objectClass.bdb: unable to flush: Permission denied

bdb(dc=ox,dc=gunnerud,dc=net): dn2id.bdb: unable to flush: Permission denied

bdb(dc=ox,dc=gunnerud,dc=net): id2entry.bdb: unable to flush: Permission denied

bdb(dc=ox,dc=gunnerud,dc=net): txn_checkpoint: failed to flush the buffer cache Permission denied

bdb_db_destroy: txn_checkpoint failed: Permission denied (13)

bdb(dc=ox,dc=gunnerud,dc=net): Database handles open during environment close

bdb_db_destroy: close failed: Invalid argument (22)

slapd stopped.

connections_destroy: nothing to destroy.                                  [ !! ]

```

What exactly goes wrong here? Seems like it cannot open /var/lib/openldap-data. It's chmod to 777, so it should not be a permission problem.

Weird thing that the init script returns [OK] when starting without OPTS, while it returns [!!] when using OPTS="-d 1"

----------

## xarses

can you post you /etc/openldap/slapd.conf file, minus your rootpw

----------

## petterg

 *xarses wrote:*   

> can you post you /etc/openldap/slapd.conf file, minus your rootpw

 

Acording to the howto it should look like this:

```

include /etc/openldap/schema/cosine.schema 

include /etc/openldap/schema/inetorgperson.schema 

include /etc/openldap/schema/openldap.schema 

include /etc/openldap/schema/misc.schema 

include /etc/openldap/schema/nis.schema 

#include /etc/openldap/schema/openxchange.schema 

allow bind_v2 

backend bdb 

password-hash {CRYPT} 

suffix dc=ox-domain,dc=tld 

rootdn cn=Manager,dc=ox-domain,dc=tld 

rootpw {CRYPT}<encrypted> 

index objectClass pres,eq 

index gidNumber,memberUid eq 

index uid,mailEnabled,cn,sn,givenname,lnetMailAccess, alias,loginDestination eq,sub

```

After I've played around with it over the day it looks like this: (removed lines of comments)

```

include         /etc/openldap/schema/core.schema

include         /etc/openldap/schema/cosine.schema

include         /etc/openldap/schema/inetorgperson.schema

include         /etc/openldap/schema/misc.schema

include         /etc/openldap/schema/nis.schema

include         /etc/openldap/schema/openldap.schema

include         /etc/openldap/schema/openxchange.schema

include         /etc/openldap/slapd.ox.inc

pidfile         /var/run/openldap/slapd.pid

argsfile        /var/run/openldap/slapd.args

database        bdb

checkpoint      32      30 # <kbyte> <min>

suffix          "dc=ox,dc=gunnerud,dc=net"

rootdn          "cn=Manager,dc=ox,dc=gunnerud,dc=net"

rootpw          uncrypted_password

directory       /var/lib/openldap-data

index   objectClass     eq

```

I get the same thing happening when I try to start it up, nomatter which one I use.

I've also tried to follow this guide:

http://gentoo-wiki.com/HOWTO_Open-Xchange

After emerge --config www-apps/open-xchange the output tell me to run

```
slapadd -l /usr/share/open-xchange/init_ldap.ldif
```

it gives me this output:

```

slapadd: dn="dc=ox,dc=gunnerud,dc=net" (line=6): (64) value of naming attribute 'dc' is not present in entry

```

What does that mean? It sure looks to me like dc is present at that line!

----------

## reboot1968

did you ever figure this out??? I am having the same issue with slapd.  No errors, yet it is not started since I can't connect with any tools.  The funny thisn is, it was working fine for a month after I set it up then all of a sudden it just stopped working after I rebooted the machine.  Let me know if you find  solution.

Regards,

George Adjei

----------

## DeadMonkey

I've found a LOT of times that doing:

```

chown ldap:ldap /var/lib/openldap-data/*

```

solves some problems.

I'll post my slapd.conf here as well since mine does work on my home setup.  Some parts cut out for brevity.  I'm using "monkey.local" for my test setup:

```

include         /etc/openldap/schema/core.schema

include         /etc/openldap/schema/cosine.schema

include         /etc/openldap/schema/inetorgperson.schema

include         /etc/openldap/schema/misc.schema

include         /etc/openldap/schema/nis.schema

include         /etc/openldap/schema/java.schema

include         /etc/openldap/schema/openldap.schema

include         /etc/openldap/schema/openxchange.schema

###

access to * attr=UserPassword

        by self write

        by anonymous auth

access to dn="ou=addr,uid=(.*),ou=Users,ou=OxObjects,dc=monkey,dc=local"

 attr=uid,objectClass,entry filter=(objectClass=OXUserObject)

        by self write

        by dn="uid=$1,ou=Users,ou=OxObjects,dc=monkey,dc=local" write

        by * none

access to dn.subtree="o=AddressBook,ou=OxObjects,dc=monkey,dc=local"

        by group="cn=AddressAdmins,o=AddressBook,ou=OxObjects,dc=monkey,dc=local" write

        by users read

        by * none

access to * attr=uid,objectClass,entry filter=(objectClass=OXUserObject)

        by self write

        by * read

access to dn="uid=mailadmin,ou=Users,ou=OxObjects,dc=monkey,dc=local"

 attr=imapServer,mailDomain,smtpServer,sn,givenName,uid

       by self write

        by users read

access to dn="uid=mailadmin,ou=Users,ou=OxObjects,dc=monkey,dc=local"

        by self write

        by * none

access to dn="ou=addr,uid=(.*),ou=Users,ou=OxObjects,dc=monkey,dc=local"

        by dn="uid=$1,ou=Users,ou=OxObjects,dc=monkey,dc=local" write

        by * none

access to dn="ou=Users,ou=OxObjects,dc=monkey,dc=local"

        by self write

        by users read

        by anonymous auth

access to dn="ou=OxObjects,dc=monkey,dc=local"

        by users read

        by anonymous auth

access to dn="dc=monkey,dc=local"

        by dn="uid=*,ou=Users,ou=OxObjects,dc=monkey,dc=local" read

access to *

        by self write

        by anonymous auth

pidfile         /var/run/openldap/slapd.pid

argsfile        /var/run/openldap/slapd.args

allow bind_v2

database        ldbm

suffix          "dc=monkey,dc=local"

rootdn          "uid=mailadmin,dc=monkey,dc=local"

rootpw          <It's a sekrit>

directory       /var/lib/openldap-data

index   objectClass     eq

index   uid,mailEnabled,cn,sn,givenname,lnetMailAccess,alias,loginDestination eq,sub

loglevel 64

```

I changed from using "cn=Manager" to "uid=mailadmin" because every other slapd.conf I've seen on other distros uses this for some reason.  And they also tend to use ldbm for the database if I remember correctly.

Hope this helps.

----------

## faijzing

I had the same problem with slapd when I had compiled it with CFLAGS="-march=pentium3 -O2 -pipe -fomit-frame-pointer". Remove "-fomit-frame-pointer" and re-compile. It worked for me, maybe it does for somone eles?   :Wink: 

/faijzing

----------

