LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 12-05-2005, 08:13 AM   #1
mesh2005
Member
 
Registered: Sep 2005
Location: Ägypten
Distribution: Ubuntu 5.10
Posts: 155

Rep: Reputation: 30
nss_ldap, can't contact LDAP server!


i use Fedora 4, OpenLDAP 2.3.11 , i replaced NIS with LDAP but i face the following troubles, when the server starts i got the following error: (log file)
*********************************************************
Dec 5 15:29:57 x-masterserver slapd[4364]: nss_ldap: reconnecting to LDAP server (sleeping 4 seconds)...
Dec 5 15:30:01 x-masterserver slapd[4364]: nss_ldap: reconnecting to LDAP server (sleeping 8 seconds)...
Dec 5 15:30:09 x-masterserver slapd[4364]: nss_ldap: reconnecting to LDAP server (sleeping 16 seconds)...
Dec 5 15:30:25 x-masterserver slapd[4364]: nss_ldap: reconnecting to LDAP server (sleeping 32 seconds)...
Dec 5 15:30:57 x-masterserver slapd[4364]: nss_ldap: reconnecting to LDAP server (sleeping 64 seconds)...
Dec 5 15:32:01 x-masterserver slapd[4364]: nss_ldap: could not search LDAP server - Server is unavailable
Dec 5 15:32:01 x-masterserver slapd[4364]: nss_ldap: reconnecting to LDAP server (sleeping 4 seconds)...
Dec 5 15:32:05 x-masterserver slapd[4364]: nss_ldap: reconnecting to LDAP server (sleeping 8 seconds)...
Dec 5 15:32:13 x-masterserver slapd[4364]: nss_ldap: reconnecting to LDAP server (sleeping 16 seconds)...
Dec 5 15:32:29 x-masterserver slapd[4364]: nss_ldap: reconnecting to LDAP server (sleeping 32 seconds)...
Dec 5 15:33:01 x-masterserver slapd[4364]: nss_ldap: reconnecting to LDAP server (sleeping 64 seconds)...
Dec 5 15:34:05 x-masterserver slapd[4364]: nss_ldap: could not search LDAP server - Server is unavailable
Dec 5 15:34:05 x-masterserver slapd[4403]: slapd starting
*********************************************************

i can use LDAP users from any client but i can't use it on the LDAP server, i got Access Denied!

i installed nss_ldap on the server only (nss_ldap-244)
is this the main problem? if so how can i remove nss_ldap?
by the way i tried to use ldapsearch on the server and it works fine so i think that ldap.conf is correct

thanks alot
Amir Saad

Last edited by mesh2005; 12-05-2005 at 08:14 AM.
 
Old 12-05-2005, 08:35 AM   #2
fouldsy
Senior Member
 
Registered: Jan 2002
Location: St Louis, MO
Distribution: Ubuntu
Posts: 1,284

Rep: Reputation: 47
What do you have in pam.d/system-auth and nsswitch.conf? I've never actually tried authenticating directly on the server itself, only from clients or additional servers such passing it from Samba/mail servers, but don't think there's anything preventing you from doing it.
 
Old 12-05-2005, 09:24 AM   #3
~=gr3p=~
Member
 
Registered: Feb 2005
Location: ~h3av3n~
Distribution: RHEL 4, Fedora Core 3,6,7 Centos 5, Ubuntu 7.04
Posts: 227

Rep: Reputation: 30
refer this:
http://www.idealx.org/prj/samba/smbldap-howto.en.html

and how about this:

http://directory.fedora.redhat.com/wiki/Main_Page
 
Old 12-06-2005, 01:22 AM   #4
mesh2005
Member
 
Registered: Sep 2005
Location: Ägypten
Distribution: Ubuntu 5.10
Posts: 155

Original Poster
Rep: Reputation: 30
Thanks a lot for replies
the problem is not solved yet, here are the conf files:
******************************************************
************************ldap.conf*********************
#
# LDAP Defaults
#
host 127.0.0.1
# See ldap.conf(5) for details
# This file should be world readable but not world writable.

#BASE dc=example, dc=com
BASE dc=demo,dc=mydomain,dc=domain,dc=org
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never

******************************************************
*********************/etc/pam.d/system-auth***********
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth sufficient /lib/security/$ISA/pam_ldap.so use_first_pass
auth required /lib/security/$ISA/pam_deny.so

account required /lib/security/$ISA/pam_unix.so broken_shadow
account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account [default=bad success=ok user_unknown=ignore] /lib/security/$ISA/pam_ldap.so
account required /lib/security/$ISA/pam_permit.so

password requisite /lib/security/$ISA/pam_cracklib.so retry=3
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok nis
password sufficient /lib/security/$ISA/pam_ldap.so use_authtok
password required /lib/security/$ISA/pam_deny.so

session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
session optional /lib/security/$ISA/pam_ldap.so
********************************************************

the ldapsearch works correctly on the server,
the problem is the long delay at the login and i found the following error in the log file:

********************************************************
Dec 6 09:13:51 x-masterserver nscd: nss_ldap: reconnecting to LDAP server (sleeping 4 seconds)...
Dec 6 09:13:55 x-masterserver nscd: nss_ldap: reconnecting to LDAP server (sleeping 8 seconds)...
Dec 6 09:14:03 x-masterserver nscd: nss_ldap: reconnecting to LDAP server (sleeping 16 seconds)...
Dec 6 09:14:19 x-masterserver nscd: nss_ldap: reconnecting to LDAP server (sleeping 32 seconds)...
Dec 6 09:14:51 x-masterserver nscd: nss_ldap: reconnecting to LDAP server (sleeping 64 seconds)...
Dec 6 09:15:55 x-masterserver nscd: nss_ldap: could not search LDAP server - Server is unavailable
*******************************************************

the ldap server is hosted locally , i hope u can help me!
just one more question how can i configure nss
_ldap ?
i don't use TLS,,,
thanks alot
Amir Saad
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LDAP: Can't contact master ldap server rulirahm Linux - Networking 2 07-14-2014 02:02 AM
ldap_bind Can't contact LDAP server mesh2005 Linux - Networking 17 06-19-2014 08:44 AM
LDAP server not starting as user LDAP klnasveschuk Fedora 1 02-15-2007 04:49 AM
OpenLDAP, nss_ldap, pam_ldap and shadow account info pshinpaugh Linux - General 2 08-16-2004 08:13 AM
ldap_sasl_interactive_bind_s: Can't contact LDAP server (81) Jingle Linux - Software 4 01-08-2004 12:41 PM


All times are GMT -5. The time now is 03:22 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration