LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-22-2011, 07:25 AM   #1
ckc654321hk
LQ Newbie
 
Registered: May 2011
Posts: 7

Rep: Reputation: Disabled
I have some problems of ldap configuration


hi all,i am new for debian.
my school project needs to bulid up a website which needs to use C#.
however,if we use linux system to bulid up this serve, we will have extra mark.
Also we will need to use window ser to be the sql server and use its AD by ldap.

Here is my situation:
I have bulit up the part of Window Server, i hv config. the sitting of it.
I have put my website in window ser ,it is sucessful to connect the sql server, and use the AD as my account user.

Now i need to use debian to be my web server.
i have searched my information about mono +ldap of debian.
also i have installed mono on my debian,i test it by using some asp examle,it is work.
when i use my website,it can show up my page,but when i try to login,it failed.
It seems like the connection problem.

there are a few questions in my mind.
1.)If i use my debian to be my webserver,is it will be the ldap client of my Window Server?
2.)What necessary configuration should be done?

Thanks for your time,hope someone can helpme.Regard.ckc654321hk
 
Old 05-22-2011, 10:03 AM   #2
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 19,002

Rep: Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333
Quote:
Originally Posted by ckc654321hk View Post
hi all,i am new for debian.
my school project needs to bulid up a website which needs to use C#. however,if we use linux system to bulid up this serve, we will have extra mark.
Also we will need to use window ser to be the sql server and use its AD by ldap.

Here is my situation:
I have bulit up the part of Window Server, i hv config. the sitting of it.
I have put my website in window ser ,it is sucessful to connect the sql server, and use the AD as my account user.

Now i need to use debian to be my web server. i have searched my information about mono +ldap of debian. also i have installed mono on my debian,i test it by using some asp examle,it is work. when i use my website,it can show up my page,but when i try to login,it failed. It seems like the connection problem.
Mono is a programming/language framework. It has nothing to do with LDAP, web services, or AD. If you've been searching, you should have found much information about LDAP, AD, and what they are.
Quote:
there are a few questions in my mind.
1.)If i use my debian to be my webserver,is it will be the ldap client of my Window Server?
No, why would it? A web server is not an LDAP client. You CAN write web pages to USE LDAP/AD for authentication, but that's different from what you're asking here..
Quote:
2.)What necessary configuration should be done?
You don't clearly state WHAT you're trying to do, so it's hard to say. Putting in "debian active directory authentication" into Google brings up how-to documents.
http://wiki.debian.org/Authenticatin...tive_Directory

But again, you don't say if you're trying to authenticate the whole system with AD or LDAP, just web pages, or what your real goal is. Can't provide details and answers if you don't ask a clear question
 
Old 05-22-2011, 12:05 PM   #3
ckc654321hk
LQ Newbie
 
Registered: May 2011
Posts: 7

Original Poster
Rep: Reputation: Disabled
Thanks

Thanks for your reply.

i know that my concept is not clear for my subject ,but i will work hard on it.

actullay, i want to use the information of the AD of window server to be the user account of my web server on debian.
Window server AD<---->Linux Webpage Login
Window SQL Server<--->Linux Webpage
there hv a requietment for us is that there should use asp.net on the debian, so i hv installed the mono to bulid up my web server.
i know the mono is not related with ldap.


Window server IP:192.168.1.106
Part of connection code of my webpage :
public class LdapAuthentication
{
private string _path = @"LDAP://192.168.1.106";
private string _filterAttribute;
string domain = ".intra.cim.com";

It is work when i tested it on IIS of window server.
but when i put it on debian ,it show me failed.

My Question is What should i do to use the AD account of Window server to be my webpage of Debian?

Thanks again.
 
Old 05-22-2011, 02:19 PM   #4
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 19,002

Rep: Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333
Quote:
Originally Posted by ckc654321hk View Post
Thanks for your reply.
i know that my concept is not clear for my subject ,but i will work hard on it.

actullay, i want to use the information of the AD of window server to be the user account of my web server on debian.
Window server AD<---->Linux Webpage Login
Window SQL Server<--->Linux Webpage
there hv a requietment for us is that there should use asp.net on the debian, so i hv installed the mono to bulid up my web server. i know the mono is not related with ldap.
Spell your words out. It's "have", not "hv". Again, Mono is a .net framework...it has NOTHING to do with LDAP, Active Directory, web pages, or authentication.
Quote:
Window server IP:192.168.1.106
Part of connection code of my webpage :
public class LdapAuthentication
{
private string _path = @"LDAP://192.168.1.106";
private string _filterAttribute;
string domain = ".intra.cim.com";

It is work when i tested it on IIS of window server.
but when i put it on debian ,it show me failed.

My Question is What should i do to use the AD account of Window server to be my webpage of Debian?
Thanks again.
Did you read the link in my first reply?? It specifically tells you how to authenticate Linux to Active Directory, tells you what packages to install, and how to set it up. And have you actually set up and configured LDAP on the Linux server?? Because if you didn't, it's not running...no LDAP=web page that uses LDAP will fail.
 
Old 05-22-2011, 02:32 PM   #5
btmiller
Senior Member
 
Registered: May 2004
Location: In the DC 'burbs
Distribution: Arch, Scientific Linux, Debian, Ubuntu
Posts: 4,284

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
It seems like you need to use mod_auth_ldap to get your Linux Apache server to authenticate against your Windows AD controller. Handling authentication to a web site is different from system authentication, and Apache has numerous mechanisms for this. You'll want to use LDAP for this, requiring mod_auth_ldap. If you search for mod_auth_ldap and active directory, you'll find any number of pages telling you how to set this up.
 
1 members found this post helpful.
Old 05-22-2011, 02:42 PM   #6
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 19,002

Rep: Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333
Quote:
Originally Posted by btmiller View Post
It seems like you need to use mod_auth_ldap to get your Linux Apache server to authenticate against your Windows AD controller. Handling authentication to a web site is different from system authentication, and Apache has numerous mechanisms for this. You'll want to use LDAP for this, requiring mod_auth_ldap. If you search for mod_auth_ldap and active directory, you'll find any number of pages telling you how to set this up.
Agreed...I assumed that the OP was already doing that, since the page was (supposedly), working under IIS, but not Linux.
 
Old 05-22-2011, 11:31 PM   #7
ckc654321hk
LQ Newbie
 
Registered: May 2011
Posts: 7

Original Poster
Rep: Reputation: Disabled
thanks both of you.
I am trying to follow the step to configure it.
i guess i need to install and config Kerberos,Samba,Winbind before i install mod_auth_ldap,am i right?
 
Old 05-23-2011, 09:12 AM   #8
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 19,002

Rep: Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333
Quote:
Originally Posted by ckc654321hk View Post
thanks both of you.
I am trying to follow the step to configure it.
i guess i need to install and config Kerberos,Samba,Winbind before i install mod_auth_ldap,am i right?
Well, again...did you read the instructions that were provided to you in that link???? If you want to use AD for authentication, then you need those things. If you want to use LDAP (which is NOT Active Directory), then you need to install LDAP, and configure it. Doesn't get much simpler than that...if you want to use it, you have to install it.

Since your posts are confusing, we'll break it down. Want the web page to use A.D for authentication? Then you need to follow the steps in the link provided, that tells you how to do it. Want it to use LDAP? Then install and configure LDAP on Linux.
 
Old 05-23-2011, 11:03 AM   #9
ckc654321hk
LQ Newbie
 
Registered: May 2011
Posts: 7

Original Poster
Rep: Reputation: Disabled
ok thanks a lot,I still try to work hard on it.
One more question,today,i ask my friend,he told me ,i can use linux as ldap clients,and let window server to be ldap server.
Is that concept correct?
 
Old 05-23-2011, 11:40 AM   #10
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 19,002

Rep: Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333
Quote:
Originally Posted by ckc654321hk View Post
ok thanks a lot,I still try to work hard on it.
One more question,today,i ask my friend,he told me ,i can use linux as ldap clients,and let window server to be ldap server.
Is that concept correct?
Yes, and if I may say so, that's quite obvious.

Anytime you deal with client/server things, the only thing that matters is that the software obeys the standards. An LDAP server is built to respond to requests, formatted in a certain manner. That's it...much the same way as an FTP server responds to FTP requests, SSH, etc., etc., etc. The server can be anything...the client can be anything.
 
Old 05-23-2011, 12:27 PM   #11
ckc654321hk
LQ Newbie
 
Registered: May 2011
Posts: 7

Original Poster
Rep: Reputation: Disabled
i see .I have tried to make my linux to be a client ,but it can not get the user account which on Window Server.
If my webpage can run in IIS,is it mean that i have already configured the ldap server of Window Server?
Or Is it prossible to let the ldap protocol to run on Window Server and Window Server is not ldap Server?
I afraid that i have not configured well on Window Server.


However,there is a website for Linux Ldap client.
http://debianclusters.org/index.php/LDAP_Client
I have followed the step,it still cannot sucess.
I installed the ldap-utils for search my Window Server.
it cannot find.

Information of Window Server:
Window Server IP=192.168.1.106 ,domain=intra.cim.com
Fullname of my WindowServer=Win_Server1.intra.cim.com

for configure libnss-ldap & libpam-ldap
ldap://192.168.1.106
DC=intra,DC=cim,DC=com
CN=Administrator,OU=Domain Controllers,DC=intra,DC=cim,DC=com
pa$$w0rd

Am I input the correct data?

PS.I have edited the nsswitch.conf and PAM
 
Old 05-23-2011, 01:05 PM   #12
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 19,002

Rep: Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333
Quote:
Originally Posted by ckc654321hk View Post
i see .I have tried to make my linux to be a client ,but it can not get the user account which on Window Server.
If my webpage can run in IIS,is it mean that i have already configured the ldap server of Window Server?
Or Is it prossible to let the ldap protocol to run on Window Server and Window Server is not ldap Server?
I afraid that i have not configured well on Window Server.
No way of us to know, since you've mentioned both AD and LDAP in this thread. The only way to know is to read the source code for the web page, and see if it's doing AD first, then falling back to LDAP (or vice versa), if one fails. If you don't know what's running on the Windows server, how can we??
Quote:
However,there is a website for Linux Ldap client.
http://debianclusters.org/index.php/LDAP_Client
I have followed the step,it still cannot sucess.
I installed the ldap-utils for search my Window Server.
it cannot find.
Then you've obviously not followed the steps, since if you try to query the Linux LDAP server it fails.
Quote:
Information of Window Server:
Window Server IP=192.168.1.106 ,domain=intra.cim.com
Fullname of my WindowServer=Win_Server1.intra.cim.com

for configure libnss-ldap & libpam-ldap
ldap://192.168.1.106
DC=intra,DC=cim,DC=com
CN=Administrator,OU=Domain Controllers,DC=intra,DC=cim,DC=com
pa$$w0rd

Am I input the correct data?
How would we know this?? This is YOUR server, on YOUR network, with YOUR details. Again, read the man pages and other info about LDAP on Linux, and try to get it to work from the command-line. Once you succeed there, then you can deal with a web page.
Quote:
PS.I have edited the nsswitch.conf and PAM
Great...why did you edit them, and what did you put in them??
 
Old 05-23-2011, 01:28 PM   #13
ckc654321hk
LQ Newbie
 
Registered: May 2011
Posts: 7

Original Poster
Rep: Reputation: Disabled
Actually ,my english is really bad,I cannot tell exactly what i mean,so i can see there have some place have misunderstand between us.
i am sorry for that.
however is it nessary to set up linux to be a ldap server first,before configure the cilent setting?
 
Old 05-23-2011, 01:42 PM   #14
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 19,002

Rep: Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333Reputation: 4333
Quote:
Originally Posted by ckc654321hk View Post
Actually ,my english is really bad,I cannot tell exactly what i mean,so i can see there have some place have misunderstand between us. i am sorry for that.
however is it nessary to set up linux to be a ldap server first,before configure the cilent setting?
Are you serious?

Obviously, before you can USE it, you have to CONFIGURE it. That's like asking, "Do I have to put gas in my car BEFORE I start it?"
 
Old 05-23-2011, 01:49 PM   #15
ckc654321hk
LQ Newbie
 
Registered: May 2011
Posts: 7

Original Poster
Rep: Reputation: Disabled
OMG
I guess if it can be client ,it do not need to configure for server setting.

---------- Post added 05-23-11 at 01:49 PM ----------

thank you very much!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LDAP configuration error, can't connect to LDAP server (-1) rdanielz Linux - Networking 3 06-01-2010 09:15 AM
ldap configuration rajesh.nigam12 Linux - Enterprise 3 10-08-2007 12:25 PM
ldap configuration ssilayaraja Linux - Networking 2 09-25-2006 12:21 AM
LDAP configuration calutateo Linux - Software 0 04-30-2006 06:41 AM
ldap configuration ravi_sambaji Linux - Networking 1 06-27-2003 08:26 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 01:47 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration