[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Afg! Client won't use LDAP
- To: openldap-software@OpenLDAP.org
- Subject: Afg! Client won't use LDAP
- From: Phil Dibowitz <phil@ipom.com>
- Date: Fri, 07 Feb 2003 17:40:04 -0800
- User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.0) Gecko/20020623 Debian/1.0.0-0.woody.1
I've configured my test OpenLDAP server as a client unto itself so that
I may test the setup. However, it isn't using any information from LDAP.
- I have nss_ldap and pam_ldap installed
- I have changed nsswitch.conf to say:
passwd: files ldap
shadow: files ldap
group: files ldap
hosts: files ldap dns
- I have configured /etc/pam.d/system-auth to use LDAP the same way
EVERY HowTo shows
- I have setup a user called proxyuser in LDAP and tested that he has
access to the correct info
- I have configured /etc/openldap/ldap.conf like:
HOST 127.0.0.1
BASE dc=stxe,dc=com,c=US
binddn cn=proxyuser,dc=stxe,dc=com,c=US
scope one
pam_filter objectClass=posixAccount
pam_login_attribute uid
pam_member_attribute gid
pam_password md5
nss_base_passwd ou=People,dc=stxe,dc=com,c=US?one
nss_base_shadow ou=People,dc=stxe,dc=com,c=US?one
nss_base_group ou=Group,dc=stxe,dc=com,c=US?one
nss_base_hosts ou=Hosts,dc=stxe,dc=com,c=US?one
Note that I also tried "rootbinddn" in there as some howtos show, but
that didn't work and the man page said to use "binddn" so I did.
- I have put proxyuser's password in a 600 mod'd file called ldap.secret
owned my root:root in /etc/openldap (and /etc/).
However, I removed the user 'phil' from /etc/passwd and /etc/shadow and now:
# getent passwd phil
#
Same with hosts entries I have removed from /etc/hosts. Getent will
return stuff from files but not from ldap.
For the life of me I cannot figure out why. Any help would be much
appreciated.
I'm running OpenLDAP included in Redhat 7.3 (with recent updates).
Thanks,
--
Phil Dibowitz phil@ipom.com
Freeware and Technical Pages Insanity Palace of Metallica
http://home.earthlink.net/~jaymzh666/ http://www.ipom.com/
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
- Benjamin Franklin, 1759