Hi,
On Tue, May 22, 2012 at 2:52 PM, Shrinivasan T <tshriniva...@gmail.com> wrote:
>
> use the tool jxplorer to test the server.
Or, use the available ldap tools from command line. You will have
to do something like this from your Linux/UNIX clients.
$ldapsearch -h host_ip -D "cn=admin,dc=domain,dc=domain" -b "your base
dn" "cn=some.user.id" -x -W
It will prompt for password. and you can get the LDAP data for the
user "some.user.id". Here is a proper example.
root@openldap:~# ldapsearch -h openldap.bala.domain -D
"cn=admin,dc=bala,dc=domain" -b "dc=bala,dc=domain" "cn=user1" -x -W
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <dc=bala,dc=domain> with scope subtree
# filter: cn=user1
# requesting: ALL
#
# user1, people, master, bala.domain
dn: cn=user1,ou=people,ou=master,dc=bala,dc=domain
uid: user1
objectClass: inetOrgPerson
objectClass: posixAccount
userPassword:: dXNlcjE=
uidNumber: 50000
gidNumber: 1
sn: user1
homeDirectory: /home/user1
mail: user1@bala.domain
cn: user1
If you are able to get these kind of responses on doing ldap queries,
then your LDAP server is OK and your clients are able to access the
data there. Then, you need to change the PAM and NSS. You have to
configure nsswitch.conf to use ldap and IIRC login in /etc/pam.d/.
When you say you couldn't authenticate clients, what errors do you see
? Did you capture them with wireshark(tshark in case there is no GUI
on the server). Please share such results on the list. Thanks
--
Thank you
Balachandran Sivakumar
Arise Awake and stop not till the goal is reached.
- Swami Vivekananda
Mail: benignb...@gmail.com
Blog: http://benignbala.wordpress.com/
_______________________________________________
ILUGC Mailing List:
http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
