LDAP problem

From: Luca Falavigna (fala83_at_libero.it)
Date: 01/07/04

  • Next message: Thomas Krieger: "Re: LDAP problem"
    Date: Wed, 07 Jan 2004 12:16:39 +0100
    To: focus-linux@securityfocus.com
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Hello list!
    I installed on my Mandrake 9.1 openldap 2.0.27 (with all the backends,
    clients and servers), nss_ldap.202, pam_ldap 156 but I'm not able to
    authenticate any user. If I give the command ldapsearch -x -D
    'uid=root,ou=People,dc=dktrkranz,dc=net' -W 'uid=root', I can get all
    the information I need, but if I give getent passwd I can only see
    /etc/passwd accounts and I can't login using LDAP. I used chkauth to
    change authentication method but even using authconfig from RedHat I
    still have trouble

    Here are my config files:

    ***/etc/openldap/slapd.conf***
    include /usr/share/openldap/schema/core.schema
    include /usr/share/openldap/schema/cosine.schema
    include /usr/share/openldap/schema/corba.schema
    include /usr/share/openldap/schema/inetorgperson.schema
    include /usr/share/openldap/schema/java.schema
    include /usr/share/openldap/schema/krb5-kdc.schema
    include /usr/share/openldap/schema/kerberosobject.schema
    include /usr/share/openldap/schema/misc.schema
    include /usr/share/openldap/schema/nis.schema
    include /usr/share/openldap/schema/openldap.schema
    include /usr/share/openldap/schema/autofs.schema
    include /usr/share/openldap/schema/samba.schema
    include /etc/openldap/schema/local.schema
    include /etc/openldap/slapd.access.conf
    pidfile /var/run/ldap/slapd.pid
    argsfile /var/run/ldap/slapd.args
    modulepath /usr/lib/openldap
    moduleload back_ldap.la
    moduleload back_passwd.la
    database ldbm
    suffix "dc=dktrkranz,dc=net"
    rootdn "uid=root,ou=People,dc=dktrkranz,dc=net"
    directory /var/lib/ldap
    index objectClass,uid,uidNumber,gidNumber eq
    index cn,mail,surname,givenname eq,subinitial
    loglevel 256
    access to attr=userPassword
    ~ by self write
    ~ by anonymous auth
    ~ by dn="uid=root,ou=People,dc=dktrkranz,dc=net" write
    ~ by * none
    access to *
    ~ by dn="uid=root,ou=People,dc=dktrkranz,dc=net" write
            by dn="uid=*,ou=People,dc=dktrkranz,dc=net" read
            by * read

    ***/etc/nsswitch.conf***
    passwd: files ldap
    shadow: files ldap
    group: files ldap
    hosts: files ldap dns
    bootparams: files
    ethers: files
    netmasks: files
    networks: files
    protocols: files
    rpc: files
    services: files
    netgroup: files
    publickey: files
    automount: files ldap
    aliases: files ldap

    I have chosen not to use SSL until I can successfully run LDAP.

    Thank you!

    Luca
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.1 (GNU/Linux)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

    iQEVAwUBP/vql8ExircinXweAQLYaQf/Vjfem0rn1WJ1QaTvSd0Aqm4AirYH3/td
    H6ZV1vjKtgiIGrpg6aFKTAOlaplNGx5cmCpmoEAmaUYpxw0jr/YnheC+mBh0PBM3
    KFvG7z3rSgNpdYiVl3iRXWNtLBciPb9gNlHBQjH/DP7Pw/C97m/5/J5e2BSRExiA
    tVAmTmkvuEuk0UUYgTxc45QIXvJcW1RhzRVsiW5c30KcE7I/uWBXNACwGsi1Amyx
    asmnIP8LCVhwn+HhWSA9LfNLw4xbr0Pq+XqmOYTy49tcOblzLFnN5NeZURHBtdbF
    jkSnBeBX9oLSVylQu+vNYMEftZiTq6AS4Ma15Ukd2tRUl2dglD+TyQ==
    =Zc4O
    -----END PGP SIGNATURE-----


  • Next message: Thomas Krieger: "Re: LDAP problem"