[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
migrating passwd from NIS to LDAP
Hi list,
I've set up an LDAP server on my machine. It's got one database
containing entries that look like this:
dn: uid=xsfeng,ou=People,o=cs.ubc.ca
mail: xsfeng@cs.ubc.ca
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
cn: Xiushan(Shaun) Feng
uid: xsfeng
givenname: Xiushan(Shaun)
sn: Feng
facsimiletelephonenumber: +1 604 822 5485
userpassword: {crypt}[crypted password string]
postaladdress: 2366 Main Mall$Vancouver, B.C.$Canada$V6T 1Z4
roomnumber: 245
homepostaladdress: xxx-xxx Foo St$Vancouver, B.C.$X6X4X6
homephone: 604-xxx-xxxx
telephonenumber: +1 604 604-822-xxxx
labeleduri: http://www.cs.ubc.ca/~xsfeng
description: Grad
I've also set up my server to do TLS. So far, I can look people up
by pointing Mozilla's Addressbook to my LDAP server. I check the SSL
box, type in the userid of someone in my database. Then I get an
authentication window. I type in my password, and the entry for that
person appears. So far so good. Now I would like to use this LDAP
database as my passwd database (currently I use NIS). In my
nsswitch.conf I have this:
passwd: files ldap
In my /etc/ldap.conf I've put some stuff that seems more or less
correct (the documentation on this is not exactly plentiful).
Now, I know this isn't working because when I type ssh I get this:
You don't exist, go away!
meaning that passwd lookups aren't working. In my slapd logfile (-d
256) I get a bunch of stuff that looks like this:
TLS: can't accept.
conn=-1 fd=8 closed
daemon: conn=150 fd=8 connection from IP=127.0.0.1:44458 (IP=0.0.0.0:636) accepted.
TLS: can't accept.
conn=-1 fd=8 closed
daemon: conn=151 fd=8 connection from IP=127.0.0.1:44467 (IP=0.0.0.0:636) accepted.
TLS: can't accept.
conn=-1 fd=8 closed
Well, that's not exactly a helpful error message.
Any advice? Keep in mind that I don't understand a damn thing about
LDAP, either because the documentation is not good, or because I'm
dumb, but more likely some combination of the two.
hugs,
chris