openLDAP server installation and configuration step by step – RHEL7
openLDAP directory service is based on a client-server model. LDAP transferred “Lightweight directory access protocol” is a directory service protocol that runs on a layer above the TCP/IP stack. It provides a mechanism used to connect to, search, and modify Internet directories. The LDAP directory service is based on a client-server model. OpenLDAP Server installation
openLDAP is used to facilitate centralized user management. It eliminates users creation on each and every server, instead of creating users and there profile in all the servers we can create them in LDAP server and access from all the LDAP client machines.
Few advantages of openLDAP
- Global naming model ensures unique entries
- Allows for multiple independent directories
- Extensible to meet future/local requirements
- Runs directly over TCP/IP and SSL
- Has broad industry support
- Based on existing deployed technologies
- Schema definitions
- Schema publication
- Security features
- Extended operation framework
- Dynamic and pages search extensions
This tutorial will explain how to install and configure openLDAP server and it’s configuration with user home directory auto mount using NFS autofs
Please observe step by step and modify your requirements accordingly
Let’s start the configuration
Requirements – RHEL7/Centos 7 with minimal installation OR GUI installation is enough
Tested Centos7, RHEL7, RHEL7.1 and RHEL7.2 versions
Server Profile :-
- Packages : openldap, migrationtools
- Port Number: 389, 636
Step 1: Installing LDAP packages using yum
[root@ark-ldapserver ~]# yum -y install *openldap* migrationtools
generating LDAP admin password
[root@ark-ldapserver ~]# slappasswd New password: Re-enter new password: {SSHA}KczPx+72Gz5W4Tv58EgT8beoPsuxkekO
as shown in above slappasswd command will generate an password with encryption, please copy above encrypted password and keep it safe this password we are going to use in further configuration
add the generated password to below file and change olcSuffix olcRootDN olcRootPW and add key file location as shown in below (bold ones have to modify)
[root@ark-ldapserver ~]# cd /etc/openldap/slapd.d/cn\=config/ [root@ark-ldapserver cn=config]# vi olcDatabase\=\{2\}hdb.ldif # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. # CRC32 5514a54b dn: olcDatabase={2}hdb objectClass: olcDatabaseConfig objectClass: olcHdbConfig olcDatabase: {2}hdb olcDbDirectory: /var/lib/ldap olcSuffix: dc=arkit,dc=co.in olcRootDN: cn=Manager,dc=arkit,dc=co.in olcDbIndex: objectClass eq,pres olcDbIndex: ou,cn,mail,surname,givenname eq,pres,sub structuralObjectClass: olcHdbConfig entryUUID: 7ffd78be-8216-1035-9daa-e3230d8ea492 creatorsName: cn=config createTimestamp: 20160319120438Z entryCSN: 20160319120438.887404Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20160319120438Z olcRootPW: {SSHA}KczPx+72Gz5W4Tv58EgT8beoPsuxkekO olcTLSCertificateFile: /etc/pki/tls/certs/arkitldap.pem olcTLSCertificateKeyFile: /etc/pki/tls/certs/arkitkey.pem
Now edit the file monitor.ldif and add modify dc=my-domain,dc=com to your domain as shown in below
[root@ark-ldapserver cn=config]# vi olcDatabase\=\{1\}monitor.ldif # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. # CRC32 3eb2863a dn: olcDatabase={1}monitor objectClass: olcDatabaseConfig olcDatabase: {1}monitor olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external ,cn=auth" read by dn.base="cn=Manager,dc=arkit,dc=co.in" read by * none structuralObjectClass: olcDatabaseConfig entryUUID: 7ffd68a6-8216-1035-9da9-e3230d8ea492 creatorsName: cn=config createTimestamp: 20160319120438Z entryCSN: 20160319120438.886990Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20160319120438Z
Test your LDAP configuration using below command, you may see few checksum errors no problem don’t bother
[root@ark-ldapserver cn=config]# slaptest -u
56ed4143 ldif_read_file: checksum error on "/etc/openldap/slapd.d/cn=config/olcDatabase={1}monitor.ldif"
56ed4143 ldif_read_file: checksum error on "/etc/openldap/slapd.d/cn=config/olcDatabase={2}hdb.ldif"
config file testing succeeded
Step 2: Start LDAP server slapd.service
use below command to start and enable the service to start after the server reboot
[root@ark-ldapserver cn=config]# systemctl enable slapd.service ln -s '/usr/lib/systemd/system/slapd.service' '/etc/systemd/system/multi-user.target.wants/slapd.service' [root@ark-ldapserver cn=config]# systemctl start slapd.service [root@ark-ldapserver cn=config]# netstat -lt |grep ldap tcp 0 0 0.0.0.0:ldap 0.0.0.0:* LISTEN tcp6 0 0 [::]:ldap [::]:* LISTEN
Step 3: Generate certificate
generating x509 certificate for 365 days
[root@ark-ldapserver cn=config]# openssl req -new -x509 -nodes -out /etc/pki/tls/certs/arkitldap.pem -keyout /etc/pki/tls/certs/arkitkey.pem -days 365 Generating a 2048 bit RSA private key ..................+++ .................................................................................................................................+++ writing new private key to '/etc/pki/tls/certs/arkitkey.pem' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:IN State or Province Name (full name) []:Telangana Locality Name (eg, city) [Default City]:Hyderabad Organization Name (eg, company) [Default Company Ltd]:arkit Organizational Unit Name (eg, section) []:IT Common Name (eg, your name or your server's hostname) []:ark-ldapserver Email Address []: [root@ark-ldapserver cn=config]#
as mentioned above you can give the details are else just hit enter in all the fields. verify your certificate files by listing directory, key file names should match exactly with Step 1 configuration
[root@ark-ldapserver cn=config]# ll /etc/pki/tls/certs/
total 20
-rw-r--r--. 1 root root 1704 Mar 19 17:42 arkitkey.pem
-rw-r--r--. 1 root root 1330 Mar 19 17:42 arkitldap.pem
Step 4: Change migration config
Go to directory path as mentioned below and edit the file migrate_common.ph file add few entries as shown in below screen
[root@ark-ldapserver cn=config]# cd /usr/share/migrationtools/ [root@ark-ldapserver migrationtools]# vi migrete_common.ph $DEFAULT_MAIL_DOMAIN = "arkit.co.in"; $DEFAULT_BASE = "dc=arkit,dc=co.in"; $EXTENDED_SCHEMA = 1;
Step 5: Creating openLDAP database file
Now we just create an openLDAP database with file extension as .ldif
[root@ark-ldapserver migrationtools]# touch /root/base.ldif [root@ark-ldapserver migrationtools]# cat /root/base.ldif dn: dc=arkit,dc=co.in objectClass: top objectClass: dcObject objectclass: organization o: arkit co.in dc: arkit dn: cn=Manager,dc=arkit,dc=co.in objectClass: organizationalRole cn: Manager description: Directory Manager dn: ou=People,dc=arkit,dc=co.in objectClass: organizationalUnit ou: People dn: ou=Group,dc=arkit,dc=co.in objectClass: organizationalUnit ou: Group
Step 6: Creating users and groups
Create normal Linux users along with there primary groups
[root@ark-ldapserver migrationtools]# useradd ldapuser1 [root@ark-ldapserver migrationtools]# useradd ldapuser2 [root@ark-ldapserver migrationtools]# useradd ldapuser3 [root@ark-ldapserver migrationtools]# passwd ldapuser1 Changing password for user ldapuser1. New password: BAD PASSWORD: The password is shorter than 8 characters Retype new password: passwd: all authentication tokens updated successfully. [root@ark-ldapserver migrationtools]# passwd ldapuser2 Changing password for user ldapuser2. New password: BAD PASSWORD: The password is shorter than 8 characters Retype new password: passwd: all authentication tokens updated successfully. [root@ark-ldapserver migrationtools]# passwd ldapuser3 Changing password for user ldapuser3. New password: BAD PASSWORD: The password is shorter than 8 characters Retype new password: passwd: all authentication tokens updated successfully.
now gather all the users and groups information to separate files
[root@ark-ldapserver migrationtools]# cat /etc/passwd |grep ldapuser > /root/password [root@ark-ldapserver migrationtools]# cat /root/password ldapuser1:x:1001:1001::/home/ldapuser1:/bin/bash ldapuser2:x:1002:1002::/home/ldapuser2:/bin/bash ldapuser3:x:1003:1003::/home/ldapuser3:/bin/bash [root@ark-ldapserver migrationtools]# cat /etc/group |grep ldapuser > /root/groups
after that migrate your local users as openLDAP users
[root@ark-ldapserver migrationtools]# ./migrate_passwd.pl /root/password /root/users.ldif [root@ark-ldapserver migrationtools]# ./migrate_group.pl /root/groups /root/groups.ldif [root@ark-ldapserver migrationtools]# ldapadd -x -W -D "cn=Manager,dc=arkit,dc=co.in" -f /root/base.ldif Enter LDAP Password: adding new entry "dc=arkit,dc=co.in" adding new entry "cn=Manager,dc=arkit,dc=co.in" adding new entry "ou=People,dc=arkit,dc=co.in" adding new entry "ou=Group,dc=arkit,dc=co.in" [root@ark-ldapserver migrationtools]# ldapadd -x -W -D "cn=Manager,dc=arkit,dc=co.in" -f /root/users.ldif Enter LDAP Password: adding new entry "uid=ldapuser1,ou=People,dc=arkit,dc=co.in" adding new entry "uid=ldapuser2,ou=People,dc=arkit,dc=co.in" adding new entry "uid=ldapuser3,ou=People,dc=arkit,dc=co.in" [root@ark-ldapserver migrationtools]# ldapadd -x -W -D "cn=Manager,dc=arkit,dc=co.in" -f /root/groups.ldif Enter LDAP Password: adding new entry "cn=ldapuser1,ou=Group,dc=arkit,dc=co.in" adding new entry "cn=ldapuser2,ou=Group,dc=arkit,dc=co.in" adding new entry "cn=ldapuser3,ou=Group,dc=arkit,dc=co.in"
Verify the users using below command
[root@ark-ldapserver migrationtools]# ldapsearch -x cn=ldapuser3 -b dc=arkit,dc=co.in
Step 7: Allow firewall ports
we have to allow ldap and ldaps port numbers
[root@ark-ldapserver migrationtools]# firewall-cmd --permanent --add-service=ldap success [root@ark-ldapserver migrationtools]# firewall-cmd --permanent --add-service=ldaps success [root@ark-ldapserver migrationtools]# firewall-cmd --reload success
That’s about openLDAP server configuration now we will see how to export LDAP users home directories
Step 8: Install NFS util packages
[root@ark-ldapserver migrationtools]# yum -y install rpcbind nfs-utils
Enable and start the NFS service
[root@ark-ldapserver migrationtools]# systemctl enable nfs-server.service ln -s '/usr/lib/systemd/system/nfs-server.service' '/etc/systemd/system/multi-user.target.wants/nfs-server.service' [root@ark-ldapserver migrationtools]# systemctl start nfs-server.service [root@ark-ldapserver migrationtools]# systemctl enable rpcbind [root@ark-ldapserver migrationtools]# systemctl start rpcbind
configure NFS export
[root@ark-ldapserver migrationtools]# vi /etc/exports /home *(rw,sync) [root@ark-ldapserver migrationtools]# systemctl restart nfs-server.service
Enable NFS and it’s supported Firewall ports
[root@ark-ldapserver migrationtools]# firewall-cmd --permanent --add-service=nfs success [root@ark-ldapserver migrationtools]# firewall-cmd --permanent --add-service=rpc-bind success [root@ark-ldapserver migrationtools]# firewall-cmd --permanent --add-service=mountd success [root@ark-ldapserver migrationtools]# firewall-cmd --reload success [root@ark-ldapserver migrationtools]# showmount -e localhost Export list for localhost: /home *.arkit.co.in [root@ark-ldapserver ~]# chmod 777 /home [root@ark-ldapserver ~]# systemctl restart slapd.service [root@ark-ldapserver ~]# systemctl status slapd.service
That’s it about openLDAP server configuration OpenLDAP Server installation OpenLDAP Server installation OpenLDAP Server installation OpenLDAP Server installation OpenLDAP Server installation OpenLDAP Server installation OpenLDAP Server installation
See Client side configuration
Please write your valuable feedback about this article..
Related Articles
DHCP Server installation and Configuration Guide
Master DNS Server installation and configuration Guide
Describe various protocols Video tutorial
Thanks for your wonderful Support and Encouragement
Hai ankit,
Can you please share ldap server with phpldapadmin(GUI).i am looking for it.
Hi Ravi,
Thanks for sharing this one, I use the exact same configuration as yours except the password. But when I follow your post, I get a error when adding the ldap base.
[root@CentOS7-Server ~]# ldapadd -x -W -D “cn=Manager,dc=arkit,dc=co.in” -f /root/base.ldif
Enter LDAP Password:
ldapadd: attributeDescription “dn”: (possible missing newline after line 9, entry “dc=arkit,dc=co.in”?)
ldapadd: attributeDescription “dn”: (possible missing newline after line 10, entry “dc=arkit,dc=co.in”?)
ldapadd: attributeDescription “dn”: (possible missing newline after line 11, entry “dc=arkit,dc=co.in”?)
adding new entry “dc=arkit,dc=co.in”
ldap_add: Type or value exists (20)
additional info: objectClass: value #4 provided more than once
Hi Xu Zhi, You have missed one of the step while doing it. Please install fresh Linux server OS and try you will definitely get it. Good Luck.
hi thanks for share this one ,
i need to know how to update new ldap user entry
Sure We will update one more article to create/update LDAP users
thankx
i have followed it line by line on RHEl 7.
Its throwing an error –
[root@classroom cn=config]# ldapadd -x -W -D “cn=Manager,dc=example,dc=com” -f /root/users.ldif
Enter LDAP Password:
adding new entry “uid=ldapuser1,ou=People,dc=example,dc=com”
ldap_add: Invalid syntax (21)
additional info: objectClass: value #3 invalid per syntax
have added these schemas as well –
[root@classroom Downloads]# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry “cn=cosine,cn=schema,cn=config”
[root@classroom Downloads]# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry “cn=inetorgperson,cn=schema,cn=config”
users.ldif file –
[root@classroom cn=config]# cat /root/users.ldif
dn: uid=ldapuser1,ou=People,dc=example,dc=com
uid: ldapuser1
cn: ldapuser1
sn: ldapuser1
mail: ldapuser1@example.com
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword: {crypt}$6$zFN1p/46$k3ltZs9w.RZ2nsofnI/JrV2HGrHMDR.aNgztLhYmlXrGuK.a2hBQZ4bFY/c9wthzrO2nm1h.X1LYj4IsOXY8U.
shadowLastChange: 17080
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 1001
gidNumber: 1001
homeDirectory: /home/ldapuser1
Resolved it .. Plz modify your tutorial and mention that we need to add all the 3 schemas –
[root@classroom Downloads]# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif
[root@classroom Downloads]# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif
[root@classroom Downloads]# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif
Thanks!!
Hi Ravi , these steps also works on centos 7
Yes, it works in Centos 7 as well.
on client no output for the command getent passwd ldapuser1, I followed the same steps as mentioned in the document
Installing LDAP Server will not help client to fetch the information. you have to join client to LDAP network.
Thanks for your post. LDAP server configuration done. How to add new users on ldap server to existing server. I have little bit problem in adding. let me know if any step by step procedure
Hi ARK,
Can you please help me to migrate LDAP servers(All LDAP users) from SUSE11 to RHEL7 ?
I am unable to start slapd service at first –
My configurations –
—————————————
[root@ldapserver ~]# lsb_release -a
LSB Version: :core-4.1-amd64:core-4.1-noarch
Distributor ID: CentOS
Description: CentOS Linux release 7.8.2003 (Core)
Release: 7.8.2003
Codename: Core
[root@ldapserver ~]# nslookup example.com
Server: 192.168.1.251
Address: 192.168.1.251#53
Name: example.com
Address: 192.168.1.251
[root@ldapserver ~]# rpm -qa | grep -E “^openldap|migrationtools”
openldap-devel-2.4.44-21.el7_6.x86_64
openldap-2.4.44-21.el7_6.x86_64
openldap-servers-sql-2.4.44-21.el7_6.x86_64
openldap-servers-2.4.44-21.el7_6.x86_64
migrationtools-47-15.el7.noarch
openldap-clients-2.4.44-21.el7_6.x86_64
[root@ldapserver ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@ldapserver ~]#
[root@ldapserver ~]# firewall-cmd –state
not running
[root@ldapserver cn=config]# sestatus
SELinux status: disabled
[root@ldapserver cn=config]# grep -E “olcSuffix|olcRootDN|olcRootPW|olcTLSCertificateFile|olcTLSCertificateKeyFile” olcDatabase={2}hdb.ldif
olcSuffix: dc=example,dc=com
olcRootDN: cn=Manager,dc=example,dc=com
olcRootPW: {SSHA}d0LFWM0k2cwGigcl70whja3D98UTR7WO
olcTLSCertificateFile: /etc/pki/tls/certs/exampleldap.pem
olcTLSCertificateKeyFile: /etc/pki/tls/certs/examplekey.pem
[root@ldapserver cn=config]# grep Manager olcDatabase\=\{1\}monitor.ldif
al,cn=auth” read by dn.base=”cn=Manager,dc=example,dc=com” read by * none
[root@ldapserver cn=config]# slaptest -u
5eadbde1 ldif_read_file: checksum error on “/etc/openldap/slapd.d/cn=config/olcDatabase={1}monitor.ldif”
5eadbde1 ldif_read_file: checksum error on “/etc/openldap/slapd.d/cn=config/olcDatabase={2}hdb.ldif”
config file testing succeeded
[root@ldapserver cn=config]# systemctl start slapd.service
Job for slapd.service failed because the control process exited with error code. See “systemctl status slapd.service” and “journalctl -xe” for details.
[root@ldapserver cn=config]# journalctl -xe
May 03 00:02:58 ldapserver.example.com slapd[2401]: ldif_read_file: checksum error on “/etc/openldap/slapd.d/cn=config/olcDatabase={1}monitor.ldif”
May 03 00:02:58 ldapserver.example.com slapd[2401]: ldif_read_file: checksum error on “/etc/openldap/slapd.d/cn=config/olcDatabase={2}hdb.ldif”
May 03 00:02:58 ldapserver.example.com slapd[2401]: main: TLS init def ctx failed: -1
May 03 00:02:58 ldapserver.example.com slapd[2401]: DIGEST-MD5 common mech free
May 03 00:02:58 ldapserver.example.com slapd[2401]: slapd stopped.
May 03 00:02:58 ldapserver.example.com slapd[2401]: connections_destroy: nothing to destroy.
May 03 00:02:58 ldapserver.example.com polkitd[697]: Unregistered Authentication Agent for unix-process:2379:75813 (system bus name :1.71, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected fro
May 03 00:02:58 ldapserver.example.com systemd[1]: slapd.service: control process exited, code=exited status=1
May 03 00:02:58 ldapserver.example.com systemd[1]: Failed to start OpenLDAP Server Daemon.
— Subject: Unit slapd.service has failed
— Defined-By: systemd
— Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
—
— Unit slapd.service has failed.
—
— The result is failed.
May 03 00:02:58 ldapserver.example.com systemd[1]: Unit slapd.service entered failed state.
May 03 00:02:58 ldapserver.example.com systemd[1]: slapd.service failed.
May 03 00:05:58 ldapserver.example.com systemd[1]: Starting Cleanup of Temporary Directories…
— Subject: Unit systemd-tmpfiles-clean.service has begun start-up
— Defined-By: systemd
— Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
—
— Unit systemd-tmpfiles-clean.service has begun starting up.
May 03 00:05:58 ldapserver.example.com systemd[1]: Started Cleanup of Temporary Directories.
— Subject: Unit systemd-tmpfiles-clean.service has finished start-up
— Defined-By: systemd
— Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
—
— Unit systemd-tmpfiles-clean.service has finished starting up.
—
— The start-up result is done.
May 03 00:07:41 ldapserver.example.com polkitd[697]: Registered Authentication Agent for unix-process:2470:104164 (system bus name :1.72 [/usr/bin/pkttyagent –notify-fd 5 –fallback], object path /org/freedesktop/PolicyKit1/Authenticati
May 03 00:07:41 ldapserver.example.com systemd[1]: Starting OpenLDAP Server Daemon…
— Subject: Unit slapd.service has begun start-up
— Defined-By: systemd
— Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
—
— Unit slapd.service has begun starting up.
May 03 00:07:41 ldapserver.example.com runuser[2481]: pam_unix(runuser:session): session opened for user ldap by (uid=0)
May 03 00:07:41 ldapserver.example.com runuser[2481]: pam_unix(runuser:session): session closed for user ldap
May 03 00:07:41 ldapserver.example.com slapcat[2485]: DIGEST-MD5 common mech free
May 03 00:07:41 ldapserver.example.com slapd[2492]: @(#) $OpenLDAP: slapd 2.4.44 (Jan 29 2019 17:42:45) $
mockbuild@x86-01.bsys.centos.org:/builddir/build/BUILD/openldap-2.4.44/openldap-2.4.44/servers/slapd
May 03 00:07:41 ldapserver.example.com slapd[2492]: ldif_read_file: checksum error on “/etc/openldap/slapd.d/cn=config/olcDatabase={1}monitor.ldif”
May 03 00:07:41 ldapserver.example.com slapd[2492]: ldif_read_file: checksum error on “/etc/openldap/slapd.d/cn=config/olcDatabase={2}hdb.ldif”
May 03 00:07:41 ldapserver.example.com slapd[2492]: main: TLS init def ctx failed: -1
May 03 00:07:41 ldapserver.example.com slapd[2492]: DIGEST-MD5 common mech free
May 03 00:07:41 ldapserver.example.com slapd[2492]: slapd stopped.
May 03 00:07:41 ldapserver.example.com slapd[2492]: connections_destroy: nothing to destroy.
May 03 00:07:41 ldapserver.example.com polkitd[697]: Unregistered Authentication Agent for unix-process:2470:104164 (system bus name :1.72, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected fr
May 03 00:07:41 ldapserver.example.com systemd[1]: slapd.service: control process exited, code=exited status=1
May 03 00:07:41 ldapserver.example.com systemd[1]: Failed to start OpenLDAP Server Daemon.
— Subject: Unit slapd.service has failed
— Defined-By: systemd
— Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
—
— Unit slapd.service has failed.
—
— The result is failed.
May 03 00:07:41 ldapserver.example.com systemd[1]: Unit slapd.service entered failed state.
May 03 00:07:41 ldapserver.example.com systemd[1]: slapd.service failed.
[root@ldapserver cn=config]#
I tried removing below RPMS also but no luck-
openldap-devel-2.4.44-21.el7_6.x86_64
openldap-servers-sql-2.4.44-21.el7_6.x86_64