LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 01-14-2013, 12:47 AM   #1
sebastienliu
LQ Newbie
 
Registered: Jan 2013
Posts: 2

Rep: Reputation: Disabled
sudo: Can't contact LDAP server with SSL and PAM


The LDAP server is on Centos5.8 and one of client nodes is Centos 6.3. I configured the client node contact LDAP server successfully and the account can be authenticated, but when I type command 'sudo -s' on the client, the system reported : sudo: ldap_sasl_bind_s(): Can't contact LDAP server.

connection between client and server is via ssl through port 636, which I have configured in /etc/nslcd.conf.

I created a sudo group in LDAP server and avoid using local sudo configuration.

I am able to ssh client node using LDAP user, but sudoers cannot be verified, keep asking for password.
 
Old 01-15-2013, 12:02 AM   #2
sebastienliu
LQ Newbie
 
Registered: Jan 2013
Posts: 2

Original Poster
Rep: Reputation: Disabled
More precisely I will post debug messages.

I have already modified /etc/sudo-ldap.conf which should be the configuration file for LDAP in CentOS6.3 to fix a bug reported on CentOS6.1.


$ sudo -s
LDAP Config Summary
=============================
uri ldaps://ldap.frontfoot.net.au:636/
ldap_version 3
sudoers_base ou=sudoers,dc=frontfoot,dc=net,dc=au
binddn (anonymous)
bindpw (anonymous)
bind_timelimit 10000
ssl (no)
=============================
sudo: ldap_set_option: debug->0
sudo: ldap_initializer(ld, ldaps://ldap.frontfoot.net.au:636/)
sudo: ldap_set_option: ldap_version -> 3
sudo: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT, 10)
sudo: ldap_sasl_bind_s(): Can't contact LDAP server
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] LDAP authentication error [Can't contact LDAP server] from apache httpd jonathan_w_brown Linux - Server 6 12-28-2011 05:30 PM
PAM LDAP: Kerberos vs SSL (LDAP SSL) wilslm Red Hat 3 04-22-2011 08:50 AM
[SOLVED] openldap client fails to connect ldap server 'ldap_bind: Can't contact LDAP server' JALITE Linux - Server 12 09-30-2010 08:17 AM
Ubuntu Hardy (php-ldap):Can't contact LDAP server eantoranz Programming 7 12-02-2008 06:40 PM
LDAP: Can't contact master ldap server rulirahm Linux - Networking 1 06-15-2006 09:10 AM


All times are GMT -5. The time now is 03:33 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration