[Date Prev][Date Next] [Chronological] [Thread] [Top]

problems with OpenLDAP (Debian and FreeBSD)

To: openldap-software@OpenLDAP.org
Subject: problems with OpenLDAP (Debian and FreeBSD)
From: Matthias Fechner <idefix@fechner.net>
Date: Thu, 31 Jul 2003 23:28:57 +0200
Content-disposition: inline
User-agent: Mutt/1.5.4i

Hi,

i have here a FreeBSD-Server(5.1) with OpenLDAP 2.2.0.a_2 running.
What i want to do, is manage my useraccounts with ldap.
For this i have created a directory with ldap and created a user:
---
dn: uid=test, ou=people,dc=fechner, dc=net
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
uid: test
cn: Lester the Nightfly
userPassword: {crypt}test
gecos: Test
loginShell: /bin/csh
uidNumber: 10000
gidNumber: 10000
homeDirectory: /home/idefix
---

The password is test and i am using as hash algo crypt.
This seems to work fine, i can login with debian.
But i cannot login from FreeBSD. Though i tried to chage it to md5.

I changed the password to md5 and if i try to login it will not work.
>From debain->freebsd i get the following logfile:
---
conn=38 fd=22 ACCEPT from IP=192.168.0.151:33436 (IP=0.0.0.0:389)
conn=38 op=0 BIND dn="" method=128
conn=38 op=0 RESULT tag=97 err=0 text=
conn=38 op=1 SRCH base="ou=People,dc=fechner,dc=net" scope=2
filter="(&(objectClass=posixAccount)(uid=test))"
conn=38 op=1 SRCH attr=uid userPassword uidNumber gidNumber cn
homeDirectory loginShell gecos description objectClass
conn=38 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
conn=38 op=2 SRCH base="ou=People,dc=fechner,dc=net" scope=2
filter="(&(objectClass=posixAccount)(uid=test))"
conn=38 op=2 SRCH attr=uid userPassword uidNumber gidNumber cn
homeDirectory loginShell gecos description objectClass
conn=38 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text=
conn=38 op=3 SRCH base="dc=fechner,dc=net" scope=2
filter="(&(objectClass=shadowAccount)(uid=test))"
conn=38 op=3 SRCH attr=uid userPassword shadowLastChange shadowMax
shadowMin shadowWarning shadowInactive shadowExpire
conn=38 op=3 SEARCH RESULT tag=101 err=0 nentries=1 text=
conn=38 fd=22 closed
---

If i tried it from freebsd->freebsd i get the following logile:
---
conn=40 fd=23 ACCEPT from IP=192.168.0.251:52590 (IP=0.0.0.0:389)
conn=40 op=0 BIND dn="" method=128
conn=40 op=0 RESULT tag=97 err=0 text=
conn=40 op=1 SRCH base="ou=People,dc=fechner,dc=net" scope=2
filter="(&(objectClass=posixAccount)(uid=test))"
conn=40 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
conn=40 op=2 BIND dn="uid=test,ou=people,dc=fechner,dc=net" method=128
conn=40 op=2 BIND dn="uid=test,ou=people,dc=fechner,dc=net"
mech=simple ssf=0
conn=40 op=2 RESULT tag=97 err=0 text=
conn=40 op=3 BIND anonymous mech=implicit ssf=0
conn=40 op=3 BIND dn="" method=128
conn=40 op=3 RESULT tag=97 err=0 text=
conn=40 fd=23 closed
---

To use ldap under Freebsd i have installed the pam_ldap-1.6.4 and
pam_ldap-1.6.4.
Than i have added under /etc/pam.d some files like login, su, sshd
in the follwing line as first entry:
auth            sufficient      /usr/local/lib/pam_ldap.so

Than i have configured the file ldap.conf:
host 192.168.0.251
base dc=fechner,dc=net
ldap_version 3
pam_filter objectclass=posixAccount
pam_login_attribute uid
nss_base_passwd ou=People,dc=fechner,dc=net
nss_base_shadow ou=People,dc=fechner,dc=net

But all which i have tried will not work.
What is wrong in my configuration?

Thanks for an answer.

-- 
Best regards
Matthias

Prev by Date: RE: memory leak in libldap when handling referral -- 2.1.8
Next by Date: Markus Jung MAJU/NSU/DE/TDS ist außer Haus
Index(es):
- Chronological
- Thread