LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   nss_ldap, can't contact LDAP server! (http://www.linuxquestions.org/questions/linux-networking-3/nss_ldap-cant-contact-ldap-server-389421/)

mesh2005 12-05-2005 08:13 AM

nss_ldap, can't contact LDAP server!
 
i use Fedora 4, OpenLDAP 2.3.11 , i replaced NIS with LDAP but i face the following troubles, when the server starts i got the following error: (log file)
*********************************************************
Dec 5 15:29:57 x-masterserver slapd[4364]: nss_ldap: reconnecting to LDAP server (sleeping 4 seconds)...
Dec 5 15:30:01 x-masterserver slapd[4364]: nss_ldap: reconnecting to LDAP server (sleeping 8 seconds)...
Dec 5 15:30:09 x-masterserver slapd[4364]: nss_ldap: reconnecting to LDAP server (sleeping 16 seconds)...
Dec 5 15:30:25 x-masterserver slapd[4364]: nss_ldap: reconnecting to LDAP server (sleeping 32 seconds)...
Dec 5 15:30:57 x-masterserver slapd[4364]: nss_ldap: reconnecting to LDAP server (sleeping 64 seconds)...
Dec 5 15:32:01 x-masterserver slapd[4364]: nss_ldap: could not search LDAP server - Server is unavailable
Dec 5 15:32:01 x-masterserver slapd[4364]: nss_ldap: reconnecting to LDAP server (sleeping 4 seconds)...
Dec 5 15:32:05 x-masterserver slapd[4364]: nss_ldap: reconnecting to LDAP server (sleeping 8 seconds)...
Dec 5 15:32:13 x-masterserver slapd[4364]: nss_ldap: reconnecting to LDAP server (sleeping 16 seconds)...
Dec 5 15:32:29 x-masterserver slapd[4364]: nss_ldap: reconnecting to LDAP server (sleeping 32 seconds)...
Dec 5 15:33:01 x-masterserver slapd[4364]: nss_ldap: reconnecting to LDAP server (sleeping 64 seconds)...
Dec 5 15:34:05 x-masterserver slapd[4364]: nss_ldap: could not search LDAP server - Server is unavailable
Dec 5 15:34:05 x-masterserver slapd[4403]: slapd starting
*********************************************************

i can use LDAP users from any client but i can't use it on the LDAP server, i got Access Denied!

i installed nss_ldap on the server only (nss_ldap-244)
is this the main problem? if so how can i remove nss_ldap?
by the way i tried to use ldapsearch on the server and it works fine so i think that ldap.conf is correct

thanks alot
Amir Saad

fouldsy 12-05-2005 08:35 AM

What do you have in pam.d/system-auth and nsswitch.conf? I've never actually tried authenticating directly on the server itself, only from clients or additional servers such passing it from Samba/mail servers, but don't think there's anything preventing you from doing it.

~=gr3p=~ 12-05-2005 09:24 AM

refer this:
http://www.idealx.org/prj/samba/smbldap-howto.en.html

and how about this:

http://directory.fedora.redhat.com/wiki/Main_Page

mesh2005 12-06-2005 01:22 AM

Thanks a lot for replies
the problem is not solved yet, here are the conf files:
******************************************************
************************ldap.conf*********************
#
# LDAP Defaults
#
host 127.0.0.1
# See ldap.conf(5) for details
# This file should be world readable but not world writable.

#BASE dc=example, dc=com
BASE dc=demo,dc=mydomain,dc=domain,dc=org
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never

******************************************************
*********************/etc/pam.d/system-auth***********
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth sufficient /lib/security/$ISA/pam_ldap.so use_first_pass
auth required /lib/security/$ISA/pam_deny.so

account required /lib/security/$ISA/pam_unix.so broken_shadow
account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account [default=bad success=ok user_unknown=ignore] /lib/security/$ISA/pam_ldap.so
account required /lib/security/$ISA/pam_permit.so

password requisite /lib/security/$ISA/pam_cracklib.so retry=3
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok nis
password sufficient /lib/security/$ISA/pam_ldap.so use_authtok
password required /lib/security/$ISA/pam_deny.so

session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
session optional /lib/security/$ISA/pam_ldap.so
********************************************************

the ldapsearch works correctly on the server,
the problem is the long delay at the login and i found the following error in the log file:

********************************************************
Dec 6 09:13:51 x-masterserver nscd: nss_ldap: reconnecting to LDAP server (sleeping 4 seconds)...
Dec 6 09:13:55 x-masterserver nscd: nss_ldap: reconnecting to LDAP server (sleeping 8 seconds)...
Dec 6 09:14:03 x-masterserver nscd: nss_ldap: reconnecting to LDAP server (sleeping 16 seconds)...
Dec 6 09:14:19 x-masterserver nscd: nss_ldap: reconnecting to LDAP server (sleeping 32 seconds)...
Dec 6 09:14:51 x-masterserver nscd: nss_ldap: reconnecting to LDAP server (sleeping 64 seconds)...
Dec 6 09:15:55 x-masterserver nscd: nss_ldap: could not search LDAP server - Server is unavailable
*******************************************************

the ldap server is hosted locally , i hope u can help me!
just one more question how can i configure nss
_ldap ?
i don't use TLS,,,
thanks alot
Amir Saad


All times are GMT -5. The time now is 09:10 AM.