Hello folks,
I need only centralized authentication via M$ AD and I try configure nss-ldap in my debian box but syslog always says these messages;
Code:
Jul 18 15:58:01 debox nscd: nss_ldap: failed to bind to LDAP server ldap://192.168.0.5: Invalid credentials
Jul 18 15:58:01 debox nscd: nss_ldap: failed to bind to LDAP server ldap://192.168.0.5/: Invalid credentials
Jul 18 15:58:01 debox nscd: nss_ldap: reconnecting to LDAP server...
Jul 18 15:58:01 debox nscd: nss_ldap: failed to bind to LDAP server ldap://192.168.0.5: Invalid credentials
Jul 18 15:58:01 debox nscd: nss_ldap: failed to bind to LDAP server ldap://192.168.0.5/: Invalid credentials
Jul 18 15:58:01 debox nscd: nss_ldap: reconnecting to LDAP server (sleeping 1 seconds)...
Jul 18 15:58:02 debox nscd: nss_ldap: failed to bind to LDAP server ldap://192.168.0.5: Invalid credentials
Jul 18 15:58:02 debox nscd: nss_ldap: failed to bind to LDAP server ldap://192.168.0.5/: Invalid credentials
Jul 18 15:58:02 debox nscd: nss_ldap: could not search LDAP server - Server is unavailable
Jul 18 15:58:02 debox sshd[16767]: Invalid user boqor from x.x.x.x
But i can get answers for ldapsearch command
Code:
ldapsearch -x -W -D "cn=Administrator,cn=Users,dc=ad,dc=domain,dc=tld"|grep sAMAccountName
Enter LDAP Password:
sAMAccountName: Administrator
sAMAccountName: Guest
sAMAccountName: boqor
.
.
.
My config files;
ldap.conf
Code:
host 192.168.0.5
BASE dc=ad,dc=domain,dc=tld
URI ldap://192.168.0.5/
binddn cn=Administrator,cn=Users,dc=ad,dc=domain,dc=tld
bindpw pazzword
scope sub
ssl no
libnss-ldap.conf
Code:
host 192.168.0.5
BASE dc=ad,dc=domain,dc=tld
URI ldap://192.168.0.5/
binddn cn=Administrator,cn=Users,dc=ad,dc=domain,dc=tld
bindpw pazzword
ldap_version 3
rootbinddn cn=Administrator,cn=User,dc=ad,dc=domain,dc=tld
libnss-ldap.secret
nsswitch.conf
Code:
passwd: compat ldap
shadow: compat ldap
group: compat ldap
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
nss-ldapd.conf
Code:
host 192.168.0.5
BASE dc=ad,dc=domain,dc=tld
URI ldap://192.168.0.5/
binddn cn=Administrator,cn=Users,dc=ad,dc=domain,dc=tld
bindpw pazzword
scope sub
timelimit 30
Anybody can help me? How can i debug nss-ldap?
M$ logs are not readable or helpful.