[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Ldap and passwd command
Hi list,
as there are very often confusions about ldap.conf
in the list i suggest to use another name when
configuring pam_ldap/nss_ldap.
There's a configure-option in nss_ldap and in pam_ldap
which is very useful :
In nss_ldap i use :
--with-ldap-conf-file=/etc/nss_ldap.conf
In pam_ldap i use :
--with-ldap-conf-file=/etc/pam_ldap.conf
And , voila, ldap.conf now *ONLY" belongs to openldap-tools
pam_ldap/nss_ldap have their own config-file.
I wished that the default in nss_ldap/pam_ldap would
would do something like i did, so Luke Howard,
if you read this what about changing it in future releases of
nss_ldap/pam_ldap ?
greets Harry
Kurt D. Zeilenga schrieb:
At 01:25 AM 1/23/2004, Damon Jebb wrote:
I have now had a look at the presentation and tried for a day to find where I
am going wrong with this. I have also tried several times to access the padl
lists, without success, so please forgive my responding here rather than
there.
Have you tried contacting their postmaster?
I will attempt to respond to the portions of your message
that relate directly to OpenLDAP Software. However, since I
discussing particulars of non-OpenLDAP Software is off topic
here, I won't delve into them. (And since I actually know very
little about the particulars of PAM LDAP, I wouldn't have much
to say anyways.)
I have this in my /etc/openldap/ldap.conf
Given the name, I'd assume here that this would a OpenLDAP
ldap.conf file, however, it appears that you placed (presumably)
PAM/LDAP directives there. I suspect you confused the OpenLDAP
Software file for their configuration file.
I know that the ldap.conf file is being used during the client access to the
ldap server because some changes to it have broken it.
Changing /etc/openldap/ldap.conf (assuming this is the OpenLDAP
ldap.conf) will affect all clients relying on OpenLDAP libraries
to provide defaults, including ldapsearch(1).
I can see from the log file using debug level 128 that the bind is anonymous
not with the dn specified in the file. What am I doing wrong? When I
disallow anonymous bind in the slapd.conf nothing works properly.
PAM/LDAP, I believe, has its own file for defaults/configuration.
It's often called ldap.conf but is usually is found in another
directory.
Kurt