-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jyotishmaan Ray wrote:
> Hello All Openldap Experts,
>
> This is Jyotishmaan. I have
> successfully migrated the users from the Fedora-Linux System To LDAP
> server on the Linux-fedora again. All these users shows up on the GOOEY
> (GUI) of the Linux Fedora.
> When I tried to logonto the system
> through this GUI, as "ldapusr" and "jmaan" uid's, i could not
log onto
> the system ie., the on LDAP server only.
>
> If i need to configure
> the /etc/ldap.conf file. Please let me know. The transcripts of the
> /var/log/messages are shown as below:-
Hello Stuart Sears,
Please look below for your reply:-
1. which (uncommented) lines are in /etc/ldap.conf at the moment?
egrep -v '^($|#)' /etc/ldap.conf
The ouput of this command is shown as below:
[root@authdns ~]# egrep -v '^($|#)' /etc/ldap.conf
host 127.0.0.1
base dc=nits,dc=ac,dc=in
ldap_version 3
timelimit 120
bind_timelimit 120
bind_policy hard
idle_timelimit 3600
nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon
uri ldap://127.0.0.1/
ssl no
tls_cacertdir /etc/openldap/cacerts
pam_password md5
[root@authdns ~]#
2. When you configured your client box to use your new LDAP server, how
did you do that? Using the GUI?
The client has been configured by running the system-config-authentication
command and then configuring the ip address of the LDAP server machine.
Other than this not a single line has been changed in the client machine.
As of now i am trying to log onto the server machine where i am getting
unsuccessful bind and failed authentication as per the messages in
/var/log/messages file.
If so, make sure you have enabled LDAP on both the "User Information"
and "Authentication" tabs - otherwise you will be using LDAP as an NSS
service like NIS.
Configuration of the server was through-system-config-authentication
command and the GUI as described below:-
/usr/bin/authconfig-tui" as root (without gui), or by calling the
call the gnome menu: system->administration->authentication?
This worked fine in both ways.
3. can you run ldapsearch using that username and password?
Please can you through some lights on this few lines of ldapsearch
command.
I tried usiing the following way:
[root@authdns bin]# ldapsearch -x -W -D
'uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in' Enter LDAP
Password:
ldap_bind: Invalid credentials (49)
after i typed the LDAP password of the Manager i got the error as cited
above. Hwever i also tried logging onto the server using jmaan's LDAP
password, but it didnt work.
Please tell mw how to authenticate successfully.
ldapsearch -xW -D
'uid=jmaan,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in'
- -h 'your.ldap.server' -b 'bn=compcen,dc=nits,dc=ac,dc=in'
hwever i will try to do.
4. also, what exactly is 'stornt=non-teach' ? I don't recognise that
This is to distinguish whether an employee (staff) is an teaching type or
non-teaching type, hence the atribute "stornt".
attribute name. Are you using a custom schema?
Yes, i am using a customised schema.
5. Have you looked in the logs on the LDAP server itself? You may want
to increase the loglevel (and maybe redirect local4.* to a separate
logfile)
Yes, i have seen the logs on the LDAP server itself. The contents of the
/var/log/messages are as shown below:-
Dec 11 11:12:49 authdns gdm[4091]: Couldn't authenticate user
Dec 11 11:12:59 authdns gdm[4091]: pam_ldap: error trying to bind as user
"uid=ldapusr,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in" (Invalid
credentials)
Dec 11 11:13:03 authdns gdm[4091]: Couldn't authenticate user
Dec 11 11:13:11 authdns gdm[4091]: pam_ldap: error trying to bind as user
"uid=ldapusr,stornt=non-teach,bn=compcen,dc=nits,dc=ac,dc=in" (Invalid
credentials)
Dec 11 11:13:14 authdns gdm[4091]: Couldn't authenticate user
Dec 11 11:13:19 authdns gconfd (root-4235): starting (version 2.18.0.1),
pid 4235 user 'root'
Dec 11 11:13:19 authdns gconfd (root-4235): Resolved address
"xml:readonly:/etc/gconf/gconf.xml.mandatory" to a read-only configuration
source at position 0
Dec 11 11:13:19 authdns gconfd (root-4235): Resolved address
"xml:readwrite:/root/.gconf" to a writable configuration source at
position 1
Dec 11 11:13:19 authdns gconfd (root-4235): Resolved address
"xml:readonly:/etc/gconf/gconf.xml.defaults" to a read-only configuration
source at position 2
Dec 11 11:13:19 authdns gconfd (root-4235): Resolved address
"xml:readwrite:/root/.gconf" to a writable configuration source at
position 0
Dec 11 11:13:21 authdns setroubleshoot: [rpc.ERROR] attempt to open server
connection failed: (2, 'No such file or directory
Please let me know what changes i have to make in my server machine.
regards,
Jyotishmaan
91-9435554598
City:Silchar, India
Regards
Stuart
- --
Stuart Sears RHCA etc
"There's a very fine line between stupid and clever."
- Nigel Tufnel / Derek Smalls
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora -
http://enigmail.mozdev.org
iD8DBQFHXAbwamPtx1brPQ4RAjJKAJ400eJbPHZdyy1CgM0HU+cddcr1eACfUtVK
aRjnGzKAvje9PK3Ujcx4t44=
=UBoy
-----END PGP SIGNATURE-----
--
fedora-list mailing list
fedora-list(a)redhat.com
To unsubscribe:
https://www.redhat.com/mailman/listinfo/fedora-list