[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP lookup problem
I forgot to add a ldapsearch output. Below is the results direct from
slave server. It finds without a problem the user but still not
resolving on terminal. I need this in order to chown a particular
directory which holds the mail settings (Maildir etc).
ldapsearch -x -b "dc=mydomain,dc=edu,dc=com" -D
"cn=admin,dc=mydomain,dc=edu,dc=com" -W uid=user1
# Stavros Lolis, Users, mydomain.edu.com
dn: cn=Stavros Lolis,ou=Users,dc=mydomain,dc=edu,dc=com
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: person
objectClass: organizationalPerson
objectClass: top
uid: user1
userPassword:: e01ENX1nbnpMRHVxS2NHeE1OS0Zva2ZoT2V3PT0=
uidNumber: 1761
gidNumber: 100
homeDirectory: /home/user1
loginShell: /bin/false
mail: user1@mydomain.edu.gr
Also my /etc/ldap.conf has:
host 192.168.1.0 192.168.1.1
base dc=com,dc=edu,dc=com
ldap_version 3
binddn uid=authenticate,ou=System,dc=com,dc=edu,dc=com
bindpw {MD5}jikxdsfdfsdfsdfsO5dIXw==
rootbinddn cn=admin,dc=com,dc=edu,dc=com
nss_initgroups_ignoreusers
amavis,backup,bin,bind,clamav,daemon,dhcp,dovecot,games,gnats,irc,klog,libuuid,list,lp,mail,man,mysql,news,openldap,postfix,proxy,root,smmsp,smmta,smtpguard,sshd,sync,sys,syslog,uucp,www-data
scope sub
nss_base_passwd ou=Users,dc=com,dc=edu,dc=com?sub
Any help is much appreciated.
2008/8/21 Stelios A. <stelios.a@gmail.com>:
> Hello all,
>
> I have a master and a slave Openldap server on an Ubuntu 8.0.4 server
> with 2.4.9 version of Openldap.
> I'm sing syncrepl to sync data between 2 servers. Data are transfered
> from master to the slave without a problem and I'm able to query the
> slave ldap via phpldapadmin without a problem.
> Having said that, as soon as I add a new user to the master ldap that
> is been replicated fine (I can see the user details on the slave
> server) but when I run from bash 'id user1' I'm getting an 'id: user1:
> No such user.
> This is happening no matter if I stop and start nscd or ldap.
>
> The sync part of the slave server is pasted below:
>
> syncrepl rid=001
> provider=ldap://192.168.1.0
> type=refreshOnly
> interval=00:00:01:00
> searchbase="dc=mydomain,dc=edu,dc=com"
> binddn="uid=syncrepl,ou=System,dc=mydomain,dc=edu,dc=com"
> bindmethod=simple
> credentials=mypassword
>
> updateref ldap://192.168.1.0
>
> and the ACL's into slave are:
>
> access to attrs=userPassword,shadowLastChange
> by dn="cn=admin,dc=mydomain,dc=edu,dc=com" write
> by dn="uid=syncrepl,ou=System,dc=mydomain,dc=edu,dc=com" write
> by dn="uid=authenticate,ou=System,dc=mydomain,dc=edu,dc=com" read
> by anonymous auth
> by self write
> by * none
>
> access to dn.base="" by * read
>
> access to *
> by dn="cn=admin,dc=mydomain,dc=edu,dc=com" write
> by dn="uid=syncrepl,ou=System,dc=mydomain,dc=edu,dc=com" write
> by * read
>
> On master slave I can query any user fine. It just doesn't work on slave.
> nsswitch.conf is same as master:
>
> passwd: files ldap
> group: files ldap
> shadow: files ldap
>
> hosts: files dns
> networks: files
>
> protocols: db files
> services: db files
> ethers: db files
> rpc: db files
>
> netgroup: nis ldap
>
>
> I have no clue how to troubleshoot this problem.
> Any help is much appreciated.
>
> Thanks a lot
>
--
Stelios A