LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 10-12-2012, 08:25 AM   #1
sunveer
Member
 
Registered: Jul 2012
Posts: 137

Rep: Reputation: Disabled
Ldap client configuration not working


I have setup Ldap Server on RHEL 6.3.

I have setup Ldap Client on RHEL 6.3 KVM.

When I run the command : #ldapsearch -x -b "dc=example,dc=com" -h 172.24.0.254
I get the desired result.

Code:
# extended LDIF
#
# LDAPv3
# base <dc=example,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# example.com
dn: dc=example,dc=com
dc: example
objectClass: top
objectClass: domain

# People, example.com
dn: ou=People,dc=example,dc=com
ou: People
objectClass: top
objectClass: organizationalUnit

# Group, example.com
dn: ou=Group,dc=example,dc=com
ou: Group
objectClass: top
objectClass: organizationalUnit

# ldapuser1, People, example.com
dn: uid=ldapuser1,ou=People,dc=example,dc=com
uid: ldapuser1
cn: ldapuser1
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQ2JDl1bG80TGhWJHVuYktHWUJwRjRmTHEuNE5JbjhoZTNVMGlNbG8
 zRUkvcDJqak15WWhrWXRreUFDSXdrOUtUMy44Nzd3TnM2N1JsQzVZV2VLZms4VmdQRmVrYkM1a1cv
shadowLastChange: 15625
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 500
gidNumber: 500
homeDirectory: /home/ldapuser1

# ldapuser2, People, example.com
dn: uid=ldapuser2,ou=People,dc=example,dc=com
uid: ldapuser2
cn: ldapuser2
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQ2JE9ubEZkaG1QJGZQR0lqdXJjbXpDMkdlLmdPVjVhS2l2OU9DY1N
 IR2k1Qk1yYnNxTVVtRXd5N3JWdWlIdkM0UExsTEhreEp2NTM0VXFYL0NPalZsYW1Ndi8wWks4WjMw
shadowLastChange: 15625
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 501
gidNumber: 501
homeDirectory: /home/ldapuser2

# ldapuser1, Group, example.com
dn: cn=ldapuser1,ou=Group,dc=example,dc=com
objectClass: posixGroup
objectClass: top
cn: ldapuser1
userPassword:: e2NyeXB0fXg=
gidNumber: 500

# ldapuser2, Group, example.com
dn: cn=ldapuser2,ou=Group,dc=example,dc=com
objectClass: posixGroup
objectClass: top
cn: ldapuser2
userPassword:: e2NyeXB0fXg=
gidNumber: 501

# search result
search: 2
result: 0 Success

# numResponses: 8
# numEntries: 7
However, when I try to run the command : # getent passwd or getent passwd ldapuser1, I don't see the ldap users.

I have added ldap in /etc/nsswitch.conf file and setup nslcd.conf file and restarted the nslcd service.

Also, the logs on client are:

Code:
lOct 12 18:46:08 station1 nslcd[2635]: [e685fb] ldap_start_tls_s() failed: Connect error (uri="ldap://172.24.0.254")
Oct 12 18:46:08 station1 nslcd[2635]: [e685fb] failed to bind to LDAP server ldap://172.24.0.254: Connect error
Oct 12 18:46:08 station1 nslcd[2635]: [e685fb] no available LDAP server found
 
Old 10-12-2012, 08:55 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,414

Rep: Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966
disable tls in the nslcd.conf file, I presume it's insisting on that, whereas yoru search is not. Alternatively, make starttls work properly.
 
Old 10-12-2012, 10:54 AM   #3
sunveer
Member
 
Registered: Jul 2012
Posts: 137

Original Poster
Rep: Reputation: Disabled
I want to use TLS and have setup certificate and downloaded it.

I have searched for this error but could not find any suitable solution as to what is going wrong.
 
Old 10-12-2012, 01:19 PM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,414

Rep: Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966
well if you want tls then make the ldapsearch run with tls (-ZZ) first. Don't skip steps.
 
Old 10-13-2012, 06:21 AM   #5
sunveer
Member
 
Registered: Jul 2012
Posts: 137

Original Poster
Rep: Reputation: Disabled
Solved!

It was certificate problem only and after properly setting up the certificate, I can login the ldapuser.

Thank you for the support.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LDAP Client Configuration sunveer Linux - Newbie 10 11-07-2012 06:04 PM
Ldap client configuration error in RHEL5 sankadeva Linux - Server 1 02-05-2010 10:06 AM
request for ldap server/client configuration soumalya Linux - Server 1 01-29-2008 07:24 AM
ldap client configuration sp149 Linux - Server 7 01-14-2008 04:06 PM
LDAP client configuration help omart Linux - Software 1 11-22-2004 02:06 AM


All times are GMT -5. The time now is 03:23 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration