LDAP SERVER: Could someone please post a tar.gz with the working configuration files?
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I could figure out that the security was coming from kerberos. LDAP + NFS is possible, even + SSH, but for higher security, its kerberos. Well, I wont make it this kerberos. Too difficult, already ldap is difficult for me. But now I have my server and client working, well client cannot boot alone.
it works. The problem is only at boot.
Once I boot wiht compat in nsswitch, it works.
If with ldap files into it, it says :
Code:
devd[]: nss_ldap: could not connect to any LDAP server as (null) - Can't contact LDAP server
udevd[]: nss_ldap: failed to bind to LDAP server
but the LDAP works, sure.
If I boot with compat, then logins as root, replace nsswicht (%s/compat/ ldap files/g) , then
Code:
/etc/init.d/nscd restart
then
wait 20sec around
tada ! voila !
My users are under the LDAP Server
login : myuserldap
passwd : *************
works
I am running debian stable.
Is it a bug? or can it be solved somehow for debian stable?
this bug proposed solution did not solved the bug
pff
Quote:
swasi wrote on 2009-12-15: #61
On my Debian Lenny, adding following groups and user solved the problem:
addgroup --system nvram
addgroup --system fuse
addgroup --system rdma
addgroup --system tss
addgroup --system kvm
adduser --system --no-create-home tss
Quote:
Originally Posted by acid_kewpie
a BUG? Of course it's not. You have very clearly not configured LDAP correctly. "ldaps://LDAPSERVER.HERE"??
Oups "ldaps://LDAPSERVER.HERE" was the copy from the bug since I have the client in testing and post from the ldap server. The "ldaps://LDAPSERVER.HERE" is the right ip address: ldap://192.168.10.100 of the server.
Well the bug report was similar to what I experience.
That could be explaining why it was giving so much troubles, but well, let's work on it further.
OK, seems, that I have to work on it ...
Last edited by frenchn00b; 01-15-2010 at 12:52 PM.
You say it doesn't work, but from all you've said it does, but there's a bit of a wait... You should check that your ldap.conf is not using hard binds, only soft ones. That can be a big reason for things to hang.
You say it doesn't work, but from all you've said it does, but there's a bit of a wait... You should check that your ldap.conf is not using hard binds, only soft ones. That can be a big reason for things to hang.
thank you very much. This is so surprising. the nss bug report was reported in 2006 and still in 2009 december, it is still going on. I am wondering. I have choosed debian stable to ubuntu, to avoid extra difficulties, and well it seems that the debian stable has such problem.
But it's true: changing the libnss-ldap and libnss-db. + "bind_policy soft" in libnss-ldap.conf let boot ldap.
Code:
passwd: files db [SUCCESS=return] ldap
group: files db [SUCCESS=return] ldap
shadow: files ldap
is it a bug or not a bug. Well in my opinion a bit, or lot of users are misundertanding the configuration of ldap or the package maintainer hasnt given much attention to the bug. Well I am wondering because LDAP is a rather important package for large network.
So it works!! thank you acid_kewpie. It's amazing you know everything.
Now I have to explain how I made with my configs + tar.gz client and server... I work on it.
(in my opinion it is an unfixed bug since several years)
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.