[Date Prev][Date Next] [Chronological] [Thread] [Top]

ou's

To: openldap-software@OpenLDAP.org
Subject: ou's
From: CB <todd@mrball.net>
Date: Sat, 19 May 2001 17:36:29 -0700
Content-disposition: inline
User-agent: Mutt/1.2.5i

I'm not necessarily asking for help (though I am a little stuck at the
moment).  I'm fighting the classic battle of getting Netscape Roaming
working.  I've looked in lots of places on the net.  Hugo's
documentation seems to be the most recent and the most complete.  The
only problem is that it doesn't authenticate.  Inspect the following
sequence of steps and look for mixups on my part.

Compiled 2.0.7 from source.
Base domain component is dc=mrball,dc=net
Manager is cn=admin (I'll dispense with the entire tree for brevity)
Grabbed hugo's schema.
   Note: it was VERY different from the schema that I found
   at http://www.itworld.com/AppDev/1411/LWD990901netscape/
   I'm also assuming that the 2 line patch this guy talks
   about _is_ in 2.0.7 by default now.
After experimenting with lots of combos, I nuked (purposely)
   the existing ldbm and restarted from scratch.  At this point
   it's all making sense.
I had been doing all of this in a second ldbm.  I decided to narrow the
   possible sources of problems and nuke both of them, and just define
   one in the normal location.
I actually _had_ it working, but only one profile.  It happened to be
   the same cn as the admin cn at the time, so it may have been a
   fluke.

Now to the meat:
Modified slapd.conf almost exactly like hugo.
   changes were admin instead of manager
Created 2 ldif files
   1 sets up base dn and 2 ou's (People and Roaming)
   1 sets up a user cn in People and a user cn in Roaming
      used cn=todd for this
ldapadd'd them in, no errors.
ldappasswd to add a passwd, no errors.
ldapsearch'd and it finds it and lists crypt'd passwd, no errors.
Remember, it all makes sense.
Setup Netscape and try it.
   Authentication failure, even if I hardcode "todd" for $USERID and
   turn off "remember password" in case there's some weird caching.

Curious--this has to be related to why it doesn't work.  This error
   message appears in /var/log/messages when I start slapd.
May 19 17:18:37 todd modprobe: modprobe: Can't locate module net-pf-10
I've not found anything as to what it's implying yet, but I've not
looked for very long also.

Somewhat related question:  to include inetorgperson schema, is cosine
required?  I got an error with slapcat (not even accessing through the
socket!!) when I included only inetorgperson (complained about audio).
No errors if I don't include either one or if I include both of them.
-- 
Blue skies...		Todd
| Get a bigger hammer!   |  Sometimes you get what you want.      |
| http://www.mrball.net  |  Sometimes you get experience.         |
| http://faq.mrball.net  |                     --unknown origin   |

Attachment: pgpIxAwWRuC7i.pgp
Description: PGP signature

Follow-Ups:
- could not link with POSIX Threads
  - From: "dino bartolome" <dino@pobox.com>
- Re: ou's
  - From: CB <todd@mrball.net>

Prev by Date: sasl_interactive_bind_s error
Next by Date: could not link with POSIX Threads
Index(es):
- Chronological
- Thread