# Help with OpenLDAP on Gentoo 2008.0

## idg

Greetings,

I have emerged OpenLDAP but cannot find the slapd.conf file in /etc/openldap. 

Here are my USE FLAGS :

USE="kde apache2 php mysql ldap bdb samba tcpd cups python pam readline perl ber

kdb gdbm xml2 acl kerberos crypt gnome arts avi gtk qt3 qt4 alsa ssl"

I have also added " net-nds/openldap" to /etc/portage/package.use

I am I missing a USE FLAG or must I create a new slapd.conf from scratch.

----------

## aronparsons

Is there an example in /usr/share/doc/openldap-xxxx?  If not, there is an example in the slapd.conf man page.

----------

## magic919

Mine started as /etc/openldap/slapd.conf.default

----------

## idg

After spending a lot more time on this, I did notice that the configuration options in the openldap ebuild had by default disabled slapd ( and other slapd options ) as well as slurpd. I then edited the ebuild, ran ebuild openldap manifest and performed and emerge of openldap.

By now, openldap emerged with all the options as I wanted it

There are still some issues, like the slapd init script was not placed in the /etc/init.d directory and startup errors regarding permissions. 

My question is, did the other versions of ldap have slapd enabled or disabled. ? 

Sincerely

Indran

----------

## magic919

You shouldn't have needed to do all that.  Mine runs this version

```

[ebuild   R   ] net-nds/openldap-2.3.41  USE="berkdb crypt gdbm perl ssl tcpd -debug -ipv6 -kerberos -minimal -odbc -overlays -samba -                  bkrb5passwd"

```

I didn't have to do any fiddling.  I got slapd and slurpd complete with init scripts.  Output of emerge --info might hold a clue.  I don't run the 2008 profile yet.

----------

## idg

This is so strange, I have tried so many options, performed emerge-sync's and still the openldap ebuld by default has slapd and slurpd disabled. 

Can you comfirm this by checking out your openldap ebuild .

Thanks

Indran

----------

## magic919

I have checked.  It builds them and the ebuild specifically says it will do.

----------

## bunder

i haven't had problems with mine either, but i'm still on 2007.0...  here are the default slapd.conf and ldap.conf files.

cheers

```
#

# See slapd.conf(5) for details on configuration options.

# This file should NOT be world readable.

#

include         /etc/openldap/schema/core.schema

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory

# service AND an understanding of referrals.

#referral       ldap://root.openldap.org

pidfile         /var/run/openldap/slapd.pid

argsfile        /var/run/openldap/slapd.args

# Load dynamic backend modules:

# modulepath    /usr/lib/openldap/openldap

# moduleload    back_shell.so

# moduleload    back_relay.so

# moduleload    back_perl.so

# moduleload    back_passwd.so

# moduleload    back_null.so

# moduleload    back_monitor.so

# moduleload    back_meta.so

# moduleload    back_hdb.so

# moduleload    back_dnssrv.so

# Sample security restrictions

#       Require integrity protection (prevent hijacking)

#       Require 112-bit (3DES or better) encryption for updates

#       Require 63-bit encryption for simple bind

# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:

#       Root DSE: allow anyone to read it

#       Subschema (sub)entry DSE: allow anyone to read it

#       Other DSEs:

#               Allow self write access

#               Allow authenticated users read access

#               Allow anonymous users to authenticate

#       Directives needed to implement policy:

# access to dn.base="" by * read

# access to dn.base="cn=Subschema" by * read

# access to *

#       by self write

#       by users read

#       by anonymous auth

#

# if no access controls are present, the default policy

# allows anyone and everyone to read anything but restricts

# updates to rootdn.  (e.g., "access to * by * read")

#

# rootdn can always read and write EVERYTHING!

#######################################################################

# BDB database definitions

#######################################################################

database        hdb

suffix          "dc=my-domain,dc=com"

checkpoint      32      30 # <kbyte> <min>

rootdn          "cn=Manager,dc=my-domain,dc=com"

# Cleartext passwords, especially for the rootdn, should

# be avoid.  See slappasswd(8) and slapd.conf(5) for details.

# Use of strong authentication encouraged.

rootpw          secret

# The database directory MUST exist prior to running slapd AND

# should only be accessible by the slapd and slap tools.

# Mode 700 recommended.

directory       /var/lib/openldap-data

# Indices to maintain

index   objectClass     eq

```

```
#

# LDAP Defaults

#

# See ldap.conf(5) for details

# This file should be world readable but not world writable.

#BASE   dc=example, dc=com

#URI    ldap://ldap.example.com ldap://ldap-master.example.com:666

#SIZELIMIT      12

#TIMELIMIT      15

#DEREF          never

```

----------

## drescherjm

I just had this. It appears the minimal use flag was enabled which removed slapd building from openldap. After I disabled minimal (added net-nds/openldap overlays -minimal to /etc/portage/package.use) it and reemerged openldap all was well again.

----------

## idg

Thank you so much for your help.

----------

