I have set up LDAP so ldapsearch works for a specific user, but when that
user tries to login, that user is invalid. I must have missed something
in the configuration but having trouble spotting it. Some extra eyes
would sure help here.
Below are diff listings of my changes to config files and their original
state as of the openLDAP-2.0.27-23 release. Also changes to nsswitch.conf
and chkconfig. System is running RHEL ES 3.9 and is currently the only
server and client.
I have made no changes to /etc/pam.d/* or /etc/pam_smb.conf
What am I missing here?
# diff /etc/ldap.conf /etc/ldap.conf_2.0.27-23
18c18
< base dc=localdomain
---
> base dc=example,dc=com
43c43
< rootbinddn cn=Manager,dc=localdomain
---
> #rootbinddn cn=manager,dc=example,dc=com
# diff /etc/openldap/ldap.conf /etc/openldap/ldap.conf_2.0.27-23
16c16
< BASE dc=localdomain
---
> BASE dc=example,dc=com
# diff /etc/openldap/slapd.conf /etc/openldap/slapd.conf_2.0.27-23
40,42d39
< TLSCipherSuite HIGH:MEDIUM
< TLSCertificateFile /usr/share/ssl/certs/slapd.pem
< TLSCertificateKeyFile /usr/share/ssl/certs/slapd.pem
60,64d56
< access to attrs=userPassword
< by self write
< by * auth
< access to *
< by * read
71c63
< suffix "dc=localdomain"
---
> suffix "dc=my-domain,dc=com"
73c65
< rootdn "cn=Manager,dc=localdomain"
---
> rootdn "cn=Manager,dc=my-domain,dc=com"
78,79c70,71
< #rootpw secret
< rootpw {SSHA}hqjzpACdAWS/WmnnqRu/5P9TaNqaSVg7
---
> # rootpw secret
> # rootpw {crypt}ijFYNcSNctBYg
# diff /etc/nsswitch.conf /etc/nsswitch.conf_ORIG
33,35c33,35
< passwd: ldap files
< shadow: ldap files
< group: ldap files
---
> passwd: files
> shadow: files
> group: files
# chkconfig --list | egrep 'ldap|sasl'
saslauthd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
ldap 0:off 1:off 2:on 3:on 4:on 5:on 6:off
---
You are currently subscribed to [EMAIL PROTECTED] as: [EMAIL PROTECTED]
To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the
SUBJECT of the message.
