LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Enterprise (http://www.linuxquestions.org/questions/linux-enterprise-47/)
-   -   RHLE 6.3 join to LDAP RHDS 9.0 (http://www.linuxquestions.org/questions/linux-enterprise-47/rhle-6-3-join-to-ldap-rhds-9-0-a-4175437805/)

ostapv 11-19-2012 10:43 AM

RHLE 6.3 join to LDAP RHDS 9.0
 
Hello experts!

I need help to join my client (RHEL 6.3) to LDAP Server RHDS 9.0.
I installed and configured RHDS without problem. RHDS configuret without SSl/TSL.

Client.
On the client my steps:

1) yum install nss-pam-ldapd openldap-clients
2) authconfig --enableldap --enableldapauth --enablemkhomedir --ldapserver=gpu.example.com --ldapbasedn="dc=example,dc=com" --update
3) When I run: getent passwd - receiving local passwords
4)Non errors in the /var/log/messages

Question:

1) It is possible RHDS work without TLS ?
2) What i see in RHDS when i successfully join client to LDAP ? (any computers some also?)

Thanks

ostapv 11-19-2012 01:05 PM

I configured CA ans sertificates to work with TLS.
Checking with command ldapsearch on Server and Client:

ldapsearch -D "cn=directory manager" -w password-p 389 -h gpu.example.com -b "dc=example,dc=com " -s sub -x -ZZ "(objectclass=* )"

extended LDIF
#
# LDAPv3
# base <dc=example,dc=com > with scope subtree
# filter: (objectclass=* )
# requesting: ALL
#

# search result
search: 3
result: 0 Success

# numResponses: 1


When i run on client getent passwd, i received
Nov 19 19:47:21 localhost nslcd[1489]: [edbdab] failed to bind to LDAP server ldap://gpu.example.com: Connect error
Nov 19 19:47:21 localhost nslcd[1489]: [edbdab] no available LDAP server found
Nov 19 19:48:39 localhost nslcd[1489]: [838cb2] ldap_start_tls_s() failed: Connect error (uri="ldap://gpu.example.com")
Nov 19 19:48:39 localhost nslcd[1489]: [838cb2] failed to bind to LDAP server ldap://gpu.example.com: Connect error
Nov 19 19:48:39 localhost nslcd[1489]: [838cb2] no available LDAP server found
Nov 19 19:49:30 localhost nslcd[1489]: [53d0cd] ldap_start_tls_s() failed: Connect error (uri="ldap://gpu.example.com")
Nov 19 19:49:30 localhost nslcd[1489]: [53d0cd] failed to bind to LDAP server ldap://gpu.example.com: Connect error
Nov 19 19:49:30 localhost nslcd[1489]: [53d0cd] no available LDAP server found
Nov 19 19:49:30 localhost nslcd[1489]: [53d0cd] no available LDAP server found
Nov 19 19:50:01 localhost nslcd[1489]: [03e0c6] ldap_start_tls_s() failed: Connect error (uri="ldap://gpu.example.com")
Nov 19 19:50:01 localhost nslcd[1489]: [03e0c6] failed to bind to LDAP server ldap://gpu.example.com: Connect error
Nov 19 19:50:01 localhost nslcd[1489]: [03e0c6] no available LDAP server found
Nov 19 19:50:01 localhost nslcd[1489]: [03e0c6] no available LDAP server found

[root@gpu-client ~]# ll /etc/openldap/cacerts
total 0

[root@gpu-client ~]# ll /etc/openldap/ldap.conf
-rw-r--r--. 1 root root 316 Nov 19 19:53 /etc/openldap/ldap.conf
[root@gpu-client ~]# cat /etc/openldap/ldap.conf
#
# LDAP Defaults
#

# See ldap.conf(5) for details
# This file should be world readable but not world writable.

#BASE dc=example,dc=com
#URI ldap://ldap.example.com

#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never

URI ldap://gpu.example.com
BASE dc=example,dc=com

TLS_CACERTDIR /etc/openldap/cacerts
TLS_REQCERT allow
[root@gpu-client ~]#


All times are GMT -5. The time now is 10:00 AM.