[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Openldap Configuration issues
- To: R H <rubbenke@gmail.com>
- Subject: Re: Openldap Configuration issues
- From: Andrew Findlay <andrew.findlay@skills-1st.co.uk>
- Date: Mon, 7 Aug 2017 11:27:52 +0100
- Cc: openldap-technical@openldap.org
- Content-disposition: inline
- In-reply-to: <CAAuLT9v+0KWd92EMDbXQktRt82qKsqCKFk=O8LX_4Z4q9hcS6w@mail.gmail.com>
- References: <CAAuLT9v+0KWd92EMDbXQktRt82qKsqCKFk=O8LX_4Z4q9hcS6w@mail.gmail.com>
- User-agent: Mutt/1.5.21 (2010-09-15)
On Sun, Aug 06, 2017 at 05:54:56PM +0200, R H wrote:
> which is great, this is exactly the way it should look like, however I've
> noticed, that cn=admin,o=testcompany.com entry doesn't exists, while it did
> using the default config after i've installed openldap.
I assume that you cleared out the database at some point (which you should do,
to get rid of example entries from the distro). Thus, cn=admin,o=testcompany.com
will not exist unless you explicitly create it - and nor will o=testcompany.com
which you need to create first.
> 6. In Redmine, I've configured and tested the ldap authentication. It is
> working correctly (it can both connect to my ldap and If i wish to add a
> new user and choose the before configured ldap authentication for it, i can
> even choose from the entries that are in my ldap, which is also great)
>
> 7. However (this is where my problem is) when i try to log into Redmine with a
> user that i've just created (with ldap authentication) i always get Invalid
> credentials error (while it works like a charm when i login with any other
> account, created with Simple Authentication)
>
> These events led me to believe that the error is in the LDAP configuration.
Maybe, maybe not...
> After a few more hours/days of fooling around with the ACLs and
> dpkg-reconfigure slapd (and even purging-reinstalling slapd and ldap-utils) i
No point in changing stuff without knowing what is going on.
Add this to your config and restart slapd:
loglevel stats,stats2
Find where the log stream goes to - probably /var/log/daemon.log or similar.
Look at the LDAP operations and results when you try to login on your app.
This will tell you what the app is actually doing.
Andrew
--
-----------------------------------------------------------------------
| From Andrew Findlay, Skills 1st Ltd |
| Consultant in large-scale systems, networks, and directory services |
| http://www.skills-1st.co.uk/ +44 1628 782565 |
-----------------------------------------------------------------------