sudo: Can't contact LDAP server with SSL and PAM
The LDAP server is on Centos5.8 and one of client nodes is Centos 6.3. I configured the client node contact LDAP server successfully and the account can be authenticated, but when I type command 'sudo -s' on the client, the system reported : sudo: ldap_sasl_bind_s(): Can't contact LDAP server.
connection between client and server is via ssl through port 636, which I have configured in /etc/nslcd.conf. I created a sudo group in LDAP server and avoid using local sudo configuration. I am able to ssh client node using LDAP user, but sudoers cannot be verified, keep asking for password. |
More precisely I will post debug messages.
I have already modified /etc/sudo-ldap.conf which should be the configuration file for LDAP in CentOS6.3 to fix a bug reported on CentOS6.1. $ sudo -s LDAP Config Summary ============================= uri ldaps://ldap.frontfoot.net.au:636/ ldap_version 3 sudoers_base ou=sudoers,dc=frontfoot,dc=net,dc=au binddn (anonymous) bindpw (anonymous) bind_timelimit 10000 ssl (no) ============================= sudo: ldap_set_option: debug->0 sudo: ldap_initializer(ld, ldaps://ldap.frontfoot.net.au:636/) sudo: ldap_set_option: ldap_version -> 3 sudo: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT, 10) sudo: ldap_sasl_bind_s(): Can't contact LDAP server |
All times are GMT -5. The time now is 10:44 AM. |