[EMAIL PROTECTED] ("Stefan van der Eijk") writes:Tried it, doesn't work :-(
[EMAIL PROTECTED] (Stefan van der Eijk) writes:Yes, I agree. Leave 211 for after 9.2.
This is a cryptographically signed message in MIME format.yes, I have it too ... so I think the best thing will be to go back to the
--------------ms090903010403020401070506 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit
After updating to nss_ldap-211-1mdk I'm getting errors as such:
$ ls -l total 68060 ls: relocation error: /lib/libnss_ldap.so.2: undefined symbol: dbopen
[EMAIL PROTECTED] stefan]$ ssh kenobi.mandrakesoft.com ssh: relocation error: /lib/libnss_ldap.so.2: undefined symbol: dbopen
Anybody else?
207 version for the moment ...
Can you try the 211-2mdk package at
http://people.mandrakesoft.com/~florin/www/rpms/ldap and tell me if it
works for you ?
If not, what is your /etc/ldap.conf file ?
Here it is:
# @(#)$Id: ldap.conf,v 2.28 2001/08/28 12:17:29 lukeh Exp $ # # This is the configuration file for the LDAP nameservice # switch library and the LDAP PAM module. # # PADL Software # http://www.padl.com #
# Your LDAP server. Must be resolvable without using LDAP. host ldap.eijk.nu
# The distinguished name of the search base. base dc=eijk,dc=nu
# Another way to specify your LDAP server is to provide an
# uri with the server name. This allows to use
# Unix Domain Sockets to connect to a local LDAP Server.
#uri ldap://127.0.0.1/
#uri ldaps://127.0.0.1/ #uri ldapi://%2fvar%2frun%2fldapi_sock/
# Note: %2f encodes the '/' used as directory separator
# The LDAP version to use (defaults to 3 # if supported by client library) ldap_version 3
# The distinguished name to bind to the server with. # Optional: default is to bind anonymously. binddn cn=proxyuser,dc=eijk,dc=nu
# The credentials to bind with. # Optional: default is no credential. bindpw *******
# The distinguished name to bind to the server with # if the effective user ID is root. Password is # stored in /etc/ldap.secret (mode 600) #rootbinddn cn=manager,dc=eijk,dc=nu
# The port. # Optional: default is 389. #port 389
# The search scope. #scope sub scope one #scope base
# Search timelimit #timelimit 30
# Bind timelimit #bind_timelimit 30
# Idle timelimit; client will close connections # (nss_ldap only) if the server has not been contacted # for the number of seconds specified below. #idle_timelimit 3600
# Filter to AND with uid=%s pam_filter objectclass=account
# The user ID attribute (defaults to uid) pam_login_attribute uid
# Search the root DSE for the password policy (works # with Netscape Directory Server) #pam_lookup_policy yes
# Group to enforce membership of #pam_groupdn cn=PAM,ou=Groups,dc=eijk,dc=nu
# Group member attribute #pam_member_attribute gid
# Template login attribute, default template user # (can be overriden by value of former attribute # in user's entry) #pam_login_attribute userPrincipalName #pam_template_login_attribute uid #pam_template_login nobody
# HEADS UP: the pam_crypt, pam_nds_passwd, # and pam_ad_passwd options are no # longer supported.
# Do not hash the password at all; presume # the directory server will do it, if # necessary. This is the default. #pam_password clear
# Hash password locally; required for University of # Michigan LDAP server, and works with Netscape # Directory Server if you're using the UNIX-Crypt # hash mechanism and not using the NT Synchronization # service. #pam_password crypt
# Remove old password first, then update in # cleartext. Necessary for use with Novell # Directory Services (NDS) #pam_password nds
# Update Active Directory password, by # creating Unicode password and updating # unicodePwd attribute. #pam_password ad
# Use the OpenLDAP password change # extended operation to update the password. #pam_password exop
pam_password crypt
# RFC2307bis naming contexts # Syntax: # nss_base_XXX base?scope?filter # where scope is {base,one,sub} # and filter is a filter to be &'d with the # default filter. # You can omit the suffix eg: # nss_base_passwd ou=People, # to append the default base DN but this # may incur a small performance impact. nss_base_passwd ou=People,dc=eijk,dc=nu nss_base_shadow ou=People,dc=eijk,dc=nu nss_base_group ou=Group,dc=eijk,dc=nu #nss_base_hosts ou=Hosts,dc=eijk,dc=nu?one #nss_base_services ou=Services,dc=eijk,dc=nu?one #nss_base_networks ou=Networks,dc=eijk,dc=nu?one #nss_base_protocols ou=Protocols,dc=eijk,dc=nu?one #nss_base_rpc ou=Rpc,dc=eijk,dc=nu?one #nss_base_ethers ou=Ethers,dc=eijk,dc=nu?one #nss_base_netmasks ou=Networks,dc=eijk,dc=nu?ne #nss_base_bootparams ou=Ethers,dc=eijk,dc=nu?one #nss_base_aliases ou=Aliases,dc=eijk,dc=nu?one #nss_base_netgroup ou=Netgroup,dc=eijk,dc=nu?one
# attribute/objectclass mapping # Syntax: #nss_map_attribute rfc2307attribute mapped_attribute #nss_map_objectclass rfc2307objectclass mapped_objectclass
# configure --enable-nds is no longer supported. # For NDS now do: #nss_map_attribute uniqueMember member
# configure --enable-mssfu-schema is no longer supported. # For MSSFU now do: #nss_map_objectclass posixAccount User #nss_map_attribute uid msSFUName #nss_map_attribute uniqueMember posixMember #nss_map_attribute userPassword msSFUPassword #nss_map_attribute homeDirectory msSFUHomeDirectory #nss_map_objectclass posixGroup Group #nss_map_attribute cn msSFUName #pam_login_attribute msSFUName #pam_filter objectclass=User #pam_password ad
# configure --enable-authpassword is no longer supported # For authPassword support, now do: #nss_map_attribute userPassword authPassword #pam_password nds
# For IBM AIX SecureWay support, do: #nss_map_objectclass posixAccount aixAccount #nss_base_passwd ou=aixaccount,?one #nss_map_attribute uid userName #nss_map_attribute gidNumber gid #nss_map_attribute uidNumber uid #nss_map_attribute userPassword passwordChar #nss_map_objectclass posixGroup aixAccessGroup #nss_base_group ou=aixgroup,?one #nss_map_attribute cn groupName #nss_map_attribute uniqueMember member #pam_login_attribute userName #pam_filter objectclass=aixAccount #pam_password clear
# Netscape SDK LDAPS #ssl on
# Netscape SDK SSL options #sslpath /etc/ssl/certs/cert7.db
# OpenLDAP SSL mechanism # start_tls mechanism uses the normal LDAP port, LDAPS typically 636 #ssl start_tls ssl off
# OpenLDAP SSL options # Require and verify server certificate (yes/no) # Default is "no" #tls_checkpeer yes
# CA certificates for server certificate verification # At least one of these are required if tls_checkpeer is "yes" #tls_cacertfile /etc/ssl/openldap/ca.cert #tls_cacertdir /etc/ssl/certs
# SSL cipher suite # See man ciphers for syntax #tls_ciphers TLSv1
# Client sertificate and key # Use these, if your server requires client authentication. #tls_cert #tls_key
smime.p7s
Description: S/MIME Cryptographic Signature