[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
OpenLdap Problems on Redhat ESv3
=
Aside from some stuff a year or so ago = during research into
authenticating linux hosts against active directory (= another job, don?t
ask), this is my first time setting up openldap. = After reading the ldap quickstart,
and skimming over the admin guide, and = picking up the Oriley book, all of which
pointed to a very simple setup, I= figured it would be a cakewalk and after
getting annoyed with progress on= ES3, I was able to do the exact same sequence
on Suse 9.2 in about 15 min= utes and be able to browse tree, and query
successfully.. Since I?m = doing it on redhat es v. 3, however, it, of
course, has to work oddly. J
The final goal for = "" is to be able to use ldap for
authentication.
=
I?ll go over the problem(s) first, and put the
configurat= ion stuff below. Love to hear what you guys (and gals) think.
Basically here?s what I did:
=
(1) <= /span>Setup /etc/openldap/slapd.conf
(2) Authconfig
info & auth both get ldap (loc= alhost dc=shuba,dc=com)
(3) = Migrate_base
> /tmp/base.ldif
(4) <= /span>Slapadd
?f /etc/openldap/slapd.conf ?x –v ?l /tmp/base.ldif
(5) = Authconfig
(turn shadow passwords off)
(6) Cp /etc/passwd
/tmp/shadowpass.txt<= /p>
= (7) = ; Migrate_passwd.pl
/tmp/shadowpass.= txt > /tmp/users.ldif
(8) = Slapadd
?f /etc/openldap/slapd.conf ?x ?v ?f = /tmp/base.ldif
(9) Slapcat= t |
more (looks good)
(10) Service ldap start = (/etc/init.d/ldap
start)
(11) Ldapsearch ?x= (see below for
results)
(12) Open a java ldap br= owser (connects,
ONLY shows ?dc=shuba, dc=com? ? no = children)
(13) Try to connect using the Manager=
user, no dice.
=
(PS) I looked through the archives, and did= n?t see
anything, as well as going through google, and google news g= roups. If by some
miracle, I?ve missed readily available answers the= re or in the FAQ,
please accept my apologies in advance.
TIA,
Nick
=
First ldapadd works oddly. An ldif that I c= an add with slapadd
gives an error using ldap add.
=
slapadd -f /etc/openldap/slapd.conf=
-v -l /tmp/user.ldif
added: "uid=foo,ou=People,dc=shuba,dc= =com"
(00000050)
<< changes foo->bar, and increase the uid/gid by
one, sam= e file >>
[r= oot@test1-int migration]# /etc/init.d/ldap
start
Starting slapd: =
[OK]
=
[root@test1-int migr= ation]# ldapadd
-x -v -f /tmp/user.ldif
ldap_initialize( )
add uid:
bar
add cn:
adding with ldapadd<= /p>
add objectClas= s:
account
=
posixAccount
top
add userPassword:
=
{SSHA}qaf5D6w/DGSY521JJu5gambxmBvadJyr
add loginShell:
=
/bin/bash
add uidNumber:
1029
add gidNumber:
=
1029
add homeDirectory:
/home/bar
adding new entry "uid=bar,ou=People,dc= =shuba,dc=com"
ldap_add: Operations error
=
ldif_record() = 1
for the record, btw, the last entry in the db, according to slapcat
is:
=
dn: uid=foo,= ou=People,dc=shuba,dc=com
uid: foo
cn: adding with ldapadd
objectClass= : account
objectClass: posixAccount
objectClass: top
=
userPassword:: --sni= p --
= loginShell: /bin/bash
uidNumber: 1028
gidNumber: 1028
homeDirector= y: /home/foo
So t= hat?s the first thing. Second, Nothing comes back
when I use ldapsea= rch, even when asking for anything:
= ;
ldapsearch -x -b '' -s base '(objectclass=*)'
=
version: 2
<= font size=2 face=Arial>#
# filter: (objectclass=*)
# requesting: ALL
<= p class=MsoNormal style='margin-left:.5in'><= span
style='font-size:10.0pt;font-family:Arial'>#
=
#
dn:<= /font>
objec= tClass: top
objectClass: OpenLDAProotDSE
# search result
search: 2
re= sult: 0 Success
# numResponses: 2
# numEntries: 1
=
Unfo= rtunately, I got a bounce stating that this message was
to long. I have mo= ved the config files to
http://nicholasbernstein.= com/ldap_stuff/
= It got double spaced s= ome how in the cutting and pasting
from windows -> unix. If it annoys y= ou, please have compassion ? you can?t
imagine how much being = stuck on windows bugs me. ;)
FrontBridge introduces Message Archive and Secure Email. Get l= eading Enterprise Message Security services from FrontBridge.
www.frontbridge.com