LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
LinkBack Search this Thread
Old 07-18-2010, 08:33 AM   #1
boqor
LQ Newbie
 
Registered: Jul 2010
Posts: 1

Rep: Reputation: 0
Question Linux AD Integration


Hello folks,


I need only centralized authentication via M$ AD and I try configure nss-ldap in my debian box but syslog always says these messages;

Code:
Jul 18 15:58:01 debox nscd: nss_ldap: failed to bind to LDAP server ldap://192.168.0.5: Invalid credentials
Jul 18 15:58:01 debox nscd: nss_ldap: failed to bind to LDAP server ldap://192.168.0.5/: Invalid credentials
Jul 18 15:58:01 debox nscd: nss_ldap: reconnecting to LDAP server...
Jul 18 15:58:01 debox nscd: nss_ldap: failed to bind to LDAP server ldap://192.168.0.5: Invalid credentials
Jul 18 15:58:01 debox nscd: nss_ldap: failed to bind to LDAP server ldap://192.168.0.5/: Invalid credentials
Jul 18 15:58:01 debox nscd: nss_ldap: reconnecting to LDAP server (sleeping 1 seconds)...
Jul 18 15:58:02 debox nscd: nss_ldap: failed to bind to LDAP server ldap://192.168.0.5: Invalid credentials
Jul 18 15:58:02 debox nscd: nss_ldap: failed to bind to LDAP server ldap://192.168.0.5/: Invalid credentials
Jul 18 15:58:02 debox nscd: nss_ldap: could not search LDAP server - Server is unavailable
Jul 18 15:58:02 debox sshd[16767]: Invalid user boqor from x.x.x.x
But i can get answers for ldapsearch command

Code:
ldapsearch -x -W -D "cn=Administrator,cn=Users,dc=ad,dc=domain,dc=tld"|grep sAMAccountName
Enter LDAP Password:

sAMAccountName: Administrator
sAMAccountName: Guest
sAMAccountName: boqor
.
.
.

My config files;

ldap.conf
Code:
host    192.168.0.5
BASE    dc=ad,dc=domain,dc=tld
URI     ldap://192.168.0.5/
binddn  cn=Administrator,cn=Users,dc=ad,dc=domain,dc=tld
bindpw  pazzword
scope sub
ssl no

libnss-ldap.conf
Code:
host    192.168.0.5
BASE    dc=ad,dc=domain,dc=tld
URI     ldap://192.168.0.5/
binddn  cn=Administrator,cn=Users,dc=ad,dc=domain,dc=tld
bindpw  pazzword
ldap_version 3
rootbinddn cn=Administrator,cn=User,dc=ad,dc=domain,dc=tld
libnss-ldap.secret
Code:
pazzword
nsswitch.conf
Code:
passwd: compat ldap
shadow: compat ldap
group: compat ldap

hosts:          files dns
networks:       files
protocols:      db files
services:       db files
ethers:         db files
rpc:            db files
netgroup:       nis
nss-ldapd.conf
Code:
host    192.168.0.5
BASE    dc=ad,dc=domain,dc=tld
URI     ldap://192.168.0.5/
binddn  cn=Administrator,cn=Users,dc=ad,dc=domain,dc=tld
bindpw  pazzword
scope sub
timelimit 30

Anybody can help me? How can i debug nss-ldap?
M$ logs are not readable or helpful.
 
Old 07-19-2010, 02:28 AM   #2
Blue_Ice
Member
 
Registered: Jul 2006
Location: Belgium
Distribution: Debian, Fedora, CentOS, Windows
Posts: 352

Rep: Reputation: Disabled
I am not sure, but I think you need to configure kerberos on the client side as well. I know that AD uses kerberos.
Can somebody confirm this?
 
Old 07-20-2010, 01:17 PM   #3
ghostis
LQ Newbie
 
Registered: Mar 2007
Location: Boston
Distribution: Kubuntu and Debian Etch
Posts: 10

Rep: Reputation: 0
I've used a combination of winbindd with kerberos support to authenticate against AD.

Check

http://wiki.samba.org/index.php/Samb...tive_Directory

and

http://wiki.samba.org/index.php/Samb...ctory_%26_LDAP

for more info.

-Adam Keck

Quote:
Originally Posted by Blue_Ice View Post
I am not sure, but I think you need to configure kerberos on the client side as well. I know that AD uses kerberos.
Can somebody confirm this?
 
  


Reply

Tags
debian, directory, ldap


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
php and linux integration help. pinga123 Linux - General 6 03-22-2010 10:34 PM
MS AD and linux integration dsids Linux - Software 4 02-04-2008 01:00 AM
MS and LINUX integration headache! nunu Linux - Server 1 11-24-2007 01:56 PM
Linux Server Integration into AD rsmith Linux - Security 1 12-05-2005 12:45 AM
Linux - OS X integration problems: kbrittingham Linux - Networking 2 01-30-2004 07:43 AM


All times are GMT -5. The time now is 01:55 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration