[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP lookup problem
A little bit progress.
I discovered that this is happening probably because the following
attributes are not transfered to the slave server while using syncrepl
givenName:
sn:
cn:
Any ideas?
Thanks a lot
2008/8/21 Stelios A. <stelios.a@gmail.com>:
> I forgot to add a ldapsearch output. Below is the results direct from
> slave server. It finds without a problem the user but still not
> resolving on terminal. I need this in order to chown a particular
> directory which holds the mail settings (Maildir etc).
>
> ldapsearch -x -b "dc=mydomain,dc=edu,dc=com" -D
> "cn=admin,dc=mydomain,dc=edu,dc=com" -W uid=user1
>
> # Stavros Lolis, Users, mydomain.edu.com
> dn: cn=Stavros Lolis,ou=Users,dc=mydomain,dc=edu,dc=com
> objectClass: inetOrgPerson
> objectClass: posixAccount
> objectClass: person
> objectClass: organizationalPerson
> objectClass: top
> uid: user1
> userPassword:: e01ENX1nbnpMRHVxS2NHeE1OS0Zva2ZoT2V3PT0=
> uidNumber: 1761
> gidNumber: 100
> homeDirectory: /home/user1
> loginShell: /bin/false
> mail: user1@mydomain.edu.gr
>
> Also my /etc/ldap.conf has:
>
> host 192.168.1.0 192.168.1.1
> base dc=com,dc=edu,dc=com
> ldap_version 3
> binddn uid=authenticate,ou=System,dc=com,dc=edu,dc=com
> bindpw {MD5}jikxdsfdfsdfsdfsO5dIXw==
> rootbinddn cn=admin,dc=com,dc=edu,dc=com
> nss_initgroups_ignoreusers
> amavis,backup,bin,bind,clamav,daemon,dhcp,dovecot,games,gnats,irc,klog,libuuid,list,lp,mail,man,mysql,news,openldap,postfix,proxy,root,smmsp,smmta,smtpguard,sshd,sync,sys,syslog,uucp,www-data
> scope sub
> nss_base_passwd ou=Users,dc=com,dc=edu,dc=com?sub
>
>
> Any help is much appreciated.
>
>
> 2008/8/21 Stelios A. <stelios.a@gmail.com>:
>> Hello all,
>>
>> I have a master and a slave Openldap server on an Ubuntu 8.0.4 server
>> with 2.4.9 version of Openldap.
>> I'm sing syncrepl to sync data between 2 servers. Data are transfered
>> from master to the slave without a problem and I'm able to query the
>> slave ldap via phpldapadmin without a problem.
>> Having said that, as soon as I add a new user to the master ldap that
>> is been replicated fine (I can see the user details on the slave
>> server) but when I run from bash 'id user1' I'm getting an 'id: user1:
>> No such user.
>> This is happening no matter if I stop and start nscd or ldap.
>>
>> The sync part of the slave server is pasted below:
>>
>> syncrepl rid=001
>> provider=ldap://192.168.1.0
>> type=refreshOnly
>> interval=00:00:01:00
>> searchbase="dc=mydomain,dc=edu,dc=com"
>> binddn="uid=syncrepl,ou=System,dc=mydomain,dc=edu,dc=com"
>> bindmethod=simple
>> credentials=mypassword
>>
>> updateref ldap://192.168.1.0
>>
>> and the ACL's into slave are:
>>
>> access to attrs=userPassword,shadowLastChange
>> by dn="cn=admin,dc=mydomain,dc=edu,dc=com" write
>> by dn="uid=syncrepl,ou=System,dc=mydomain,dc=edu,dc=com" write
>> by dn="uid=authenticate,ou=System,dc=mydomain,dc=edu,dc=com" read
>> by anonymous auth
>> by self write
>> by * none
>>
>> access to dn.base="" by * read
>>
>> access to *
>> by dn="cn=admin,dc=mydomain,dc=edu,dc=com" write
>> by dn="uid=syncrepl,ou=System,dc=mydomain,dc=edu,dc=com" write
>> by * read
>>
>> On master slave I can query any user fine. It just doesn't work on slave.
>> nsswitch.conf is same as master:
>>
>> passwd: files ldap
>> group: files ldap
>> shadow: files ldap
>>
>> hosts: files dns
>> networks: files
>>
>> protocols: db files
>> services: db files
>> ethers: db files
>> rpc: db files
>>
>> netgroup: nis ldap
>>
>>
>> I have no clue how to troubleshoot this problem.
>> Any help is much appreciated.
>>
>> Thanks a lot
>>
>
>
>
> --
> Stelios A
>
--
Stelios A