Hi, On Tue, May 22, 2012 at 2:52 PM, Shrinivasan T <tshriniva...@gmail.com> wrote: > > use the tool jxplorer to test the server.
Or, use the available ldap tools from command line. You will have to do something like this from your Linux/UNIX clients. $ldapsearch -h host_ip -D "cn=admin,dc=domain,dc=domain" -b "your base dn" "cn=some.user.id" -x -W It will prompt for password. and you can get the LDAP data for the user "some.user.id". Here is a proper example. root@openldap:~# ldapsearch -h openldap.bala.domain -D "cn=admin,dc=bala,dc=domain" -b "dc=bala,dc=domain" "cn=user1" -x -W Enter LDAP Password: # extended LDIF # # LDAPv3 # base <dc=bala,dc=domain> with scope subtree # filter: cn=user1 # requesting: ALL # # user1, people, master, bala.domain dn: cn=user1,ou=people,ou=master,dc=bala,dc=domain uid: user1 objectClass: inetOrgPerson objectClass: posixAccount userPassword:: dXNlcjE= uidNumber: 50000 gidNumber: 1 sn: user1 homeDirectory: /home/user1 mail: user1@bala.domain cn: user1 If you are able to get these kind of responses on doing ldap queries, then your LDAP server is OK and your clients are able to access the data there. Then, you need to change the PAM and NSS. You have to configure nsswitch.conf to use ldap and IIRC login in /etc/pam.d/. When you say you couldn't authenticate clients, what errors do you see ? Did you capture them with wireshark(tshark in case there is no GUI on the server). Please share such results on the list. Thanks -- Thank you Balachandran Sivakumar Arise Awake and stop not till the goal is reached. - Swami Vivekananda Mail: benignb...@gmail.com Blog: http://benignbala.wordpress.com/ _______________________________________________ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc