On Sat, 1 Feb 2003, Stefan van der Eijk wrote: > I switched the (non-system) users on my system to ldap only --> removed > them from the local passwd, group and shadow files. A number of things > broke: > > * postfix didn't know the users anymore and started rejecting mail > for them : > > Feb 1 10:49:44 taz postfix/smtpd[26026]: 781749EB3B: reject: RCPT > from mia8.macon.nl[212.83.208.254]: 450 <[EMAIL PROTECTED]>: User > unknown in local recipient table; > from=<[EMAIL PROTECTED]> proto=ESMTP helo=<mia8.macon.nl> > > I fixed it by adding these lines to the /etc/postfix/main.cf > === > ldap_timeout=10 > ldap_search_base=dc=eijk,dc=nu > ldap_server_host=localhost > ldap_server_port=389 > ldap_query_filter=(mailacceptinggeneralid=%s) > ldap_cache=no > ===
Do you have attribute 'mailacceptinggeneralid' on your users? I initiall used openldap-migration, which gave me something like 'mail', so I haven't actually gotten around to switching our mail server (postfix on 8.0) to use ldap directly, it picks them up fine off nss_ldap. > > * local users can't login with X11. I'm only running nss_ldap on the > client, not the pam stuff (yet). > You mean users who are not in LDAP? > > Other issues: > > * mandrake's openldap-servers-2.0.27-4mdk package still borks on my > box. I needed to recompile it on my box to get it to work with the > ldap database I already had. I've asked Florin if he had actually > tested the package --> run an ldap server on it, but didn't get a > reply from him (yet). Has anybody been succesful running an ldap > server on cooker's openldap-servers-2.0.27-4mdk package? I am, but I did 'ldapsearch -x -D "$rootdn" -W -h master|su ldap -c 'slapadd' to get the db entries across from the master ldap server .. > * the ssh stuff. When I turned off "ssl start_tls" and when back to > "ssl off" in /etc/ldap.conf ssh allowed me to login again. I am getting this now on my cooker box, I still need to test if it affects machine not using the local ldap, because mine was working when it was doing referral to the master ldap server, which happened I think due to the above issue .... > * the MySQL problem I will make a patch for Warly, but the fix was posted a few days back ... so it works for me now. Have you taken a look at the ldap wizard? Buchan -- |----------------Registered Linux User #182071-----------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone * Work +27 82 472 2231 * +27 21 8828820x121 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/bgmilne.asc 1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7