Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I have been trying to get LDAP 2.4 working on ubuntu 8.04. I have checked a couple of sites to find out the best practice for accomplishing this task. I have also followed the direction for setting up nsswitch and pam to use ldap. ( this includes libpam-ldap, libnss-db libnss-ldap nss-updatedb) It appears that I have gotten it working because I checked the log files which says that the server is starting, i check netstat and it appears that the service is listening for request on the expected port. But, there is something that I have a question on. To explain we will first look at my /etc/nsswitc.conf file.
example of my /etc/nsswitch.conf
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: files ldap
group: files ldap
shadow: files ldap
hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 ldap
networks: ldap files
protocols: ldap db files
services: ldap db files
ethers: ldap db files
rpc: ldap db files
Now everything works fine with this set up. from my understanding it is because account information is either looked up on file (/etc/passwd) or on ldap database accessed on the server. but if i remove the file from passwd: entry so that passwd entry look this passwd: ldap instead of passwd: file ldap. I am unable to authenticate.
My question is " Did I set up LDAP (client or server) incorrectly? " or " Is there just something that I am missing out on?"
let me explain my setup a little bit more.
first the ldap client and the server are on the same machine.
The service is listening on ip address 127.0.0.1 port 389 and the client is using localhost (127.0.0.1) as ip address of server.
I checked netstat and it appears that it communication between application and ldap is being established. I also am able to do slapcat -l and get entries on file. I also have a ldapsearch utility that allows me to view entries in database and that works ok also.
Now the question still remains why when I remove the files element in the passwd entry within the nsswitch.conf file can I not find my user account when their is an entry of my user in my ldap database.
but if I remove files from passwd: entry
ex of nsswitch.conf
passwd: ldap <-------- files is missing from passwd entry
group: files ldap
shadow: files ldap
I am now an unknown user.
So then if you have ldap set up correctly. try removing the files entry nsswitch.conf (make sure to NOT CLOSE your editor this can lead to you being locked on of your machine. [which I did twice or more already]) save the nsswitch.conf. open your terminal and type in whoami command tell me if you get an message saying whoami:cannot find name for user ID 1000. or if it acts as normal.
This will help me know if what I am experiencing is normal or if I have failed in my attempt to set up my ldap server/client correctly.