hi ich habe mein system nun neu aufgesetzt (basisinstallation).
danach erneut mit apt-get install slapd ldap-util libpam-ldap den ldap server installiert. die config dateien, die debian angelegt hat, stehen weiter unten. /etc/ldap/slapd.conf: # This is the main ldapd configuration file. See slapd.conf(5) for more # info on the configuration options. # Schema and objectClass definitions include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/nis.schema include /etc/ldap/schema/inetorgperson.schema # Schema check allows for forcing entries to # match schemas for their objectClasses's schemacheck on # Where the pid file is put. The init.d script # will not stop the server if you change this. pidfile /var/run/slapd.pid # List of arguments that were passed to the server argsfile /var/run/slapd.args # Where to store the replica logs replogfile /var/lib/ldap/replog # Read slapd.conf(5) for possible values loglevel 0 ######################################################### ############## # ldbm database definitions ######################################################### ############## # The backend type, ldbm, is the default standard database ldbm # The base of your directory suffix "o=Testfirma,c=DE" # Where the database file are physically stored directory "/var/lib/ldap" # Indexing options index objectClass eq # Save the time that the entry gets modified lastmod on # The userPassword by default can be changed # by the entry owning it if they are authenticated. # Others should not be able to see it, except the # admin entry below access to attribute=userPassword by dn="cn=admin,o=Testfirma,c=DE" write by anonymous auth by self write by * none # The admin dn has full write access access to * by dn="cn=admin,o=Testfirma,c=DE" write by * read # For Netscape Roaming support, each user gets a roaming # profile for which they have write access to access to dn=".*,ou=Roaming,o=morsnet" by dn="cn=admin,o=Testfirma,c=DE" write by dnattr=owner write /etc/ldap/ldap.conf: # $OpenLDAP: pkg/ldap/libraries/libldap/ldap.conf,v 1.4.8.6 2000/09/05 17:54:38 kurt Exp $ # # LDAP Defaults # # See ldap.conf(5) for details # This file should be world readable but not world writable. #BASE dc=example, dc=com #URI ldap://ldap.example.com ldap://ldap-master.example.com:666 #SIZELIMIT 12 #TIMELIMIT 15 #DEREF never und ein slapcat bei gestopptem slapd ergibt: dn: o=Testfirma,c=DE objectClass: organization o: Testfirma dn: cn=admin,o=Testfirma,c=DE objectClass: organizationalRole objectClass: simpleSecurityObject cn: admin description: LDAP administrator userPassword:: e0NSWVBUfUNkcTZqTndJWXhKZG8= dn: ou=People,o=Testfirma,c=DE objectClass: organizationalUnit ou: People dn: ou=Roaming,o=Testfirma,c=DE objectClass: organizationalUnit ou: Roaming mit welchem hash wird das userPassword generiert? ich habe versucht mittels slappasswd -h {hash} auf das passwort zu kommen, dass ich während der installation eingegeben habe, aber irgendwie unterscheiden sich die passwörter. gruss stefan -- Haeufig gestellte Fragen und Antworten (FAQ): http://www.de.debian.org/debian-user-german-FAQ/ Zum AUSTRAGEN schicken Sie eine Mail an [EMAIL PROTECTED] mit dem Subject "unsubscribe". Probleme? Mail an [EMAIL PROTECTED] (engl)