Hi Per,
thanks for reply.
> Did you install nslcd by it self or in companion with libnss-ldapd and
> libpam-ldapd?
nslcd has been installed automatically installing libnss-ldapd.
> How does your /etc/nsswitch.conf look like? Here are the relevant
> lines from mine:
This is my /etc/nsswitch.conf:
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: files ldap
group: files ldap
shadow: files ldap
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
> This is unnecessary, nslcd functions fine without a DN.
ok, i removed it
> Looks like LDAP can't find the DN in the repository. Can you log in
> manually as this user?
Trying your command:
root@amahoro:~# ldapsearch -xW -D
"uid=nslcd_proc,ou=System,dc=amahoro,dc=bi" -H ldapi:///
Enter LDAP Password:
ldap_bind: Invalid credentials (49)
I don't know why but trying with this:
root@amahoro:~# ldapsearch -xW -D "cn=Manager,dc=amahoro,dc=bi"
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <dc=amahoro,dc=bi> (default) with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# search result
search: 2
result: 32 No such object
I don't understand where is wrong.
> Do you have a slapd.conf? Have you compiled it from source or
> installed as a Debian package?
I installed it as a Debian package:
root@amahoro:~# apt-cache policy slapd
slapd:
Installed: 2.4.23-7.2
Candidate: 2.4.23-7.2
Version table:
*** 2.4.23-7.2 0
500 http://ftp.us.debian.org/debian/ squeeze/main i386 Packages
100 /var/lib/dpkg/status
What do you think?
On 04/23/2012 02:44 PM, Per Carlson wrote:
Hi Stefano.
installed openldap and configured nslcd.conf and nsswitch.conf on debian
squeeze server.
Did you install nslcd by it self or in companion with libnss-ldapd and
libpam-ldapd?
How does your /etc/nsswitch.conf look like? Here are the relevant
lines from mine:
passwd: files ldap
group: files ldap
shadow: files ldap
You need libnss-ldapd for the "ldap" rule in the lines above.
At the moment getent passwd doesn't show ldap user.
I create a user nslcd_proc for nslcd lookups.
this user belong to the System organizationalUnit.
This is unnecessary, nslcd functions fine without a DN.
nslcd: [8b4567] DEBUG:
ldap_simple_bind_s("uid=nslcd_proc,ou=System,dc=amahoro,dc=bi","***")
(uri="ldap://localhost:389";)
nslcd: [8b4567] ldap_result() failed: No such object
Looks like LDAP can't find the DN in the repository. Can you log in
manually as this user?
server$ ldapsearch -xW -D "uid=nslcd_proc,ou=System,dc=amahoro,dc=bi"
-H ldapi:///
slapd.conf
Do you have a slapd.conf? Have you compiled it from source or
installed as a Debian package?
server$ apt-cache policy slapd
I've got:
slapd:
Installed: 2.4.23-7.2
Candidate: 2.4.23-7.2
Version table:
*** 2.4.23-7.2 0
700 http://ftp.no.debian.org/debian/ squeeze/main amd64 Packages
100 /var/lib/dpkg/status
AFAIK the openldap server (binary package is called slapd in Debian)
packaged no longer use that file. Instead the config is stored in a
LDAP repository (/etc/ldap/slapd.d) and modified by using LDIF-files.
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4f955955.1090...@gmail.com
