[CentOS] Fedora Directory Authentication on CentOS 5
prelude_2_murder at yahoo.co.uk
Fri Jun 1 11:32:24 UTC 2007
> Could you do an ldap search for that user and show the output,
> Like so:
> # ldapsearch -LLL -x 'uid=lmf
I do ldapsearch -LLL -x 'uid=ttest' and I get nothing
if I do ldapsearch -LLL -x I get a list of things like:
dn: cn=Accounting Managers,ou=groups,dc=internal,dc=domain,dc=com
description: blah, blah
But I can not see the group I added (developers) or the user (ttest).
The user has all the POSIX details filled in.
> Then check if you can bind to ldap using the dn of the user:
> # ldapsearch -LLL -x 'uid=lmf' -D
> uid=lmf,ou=Users,dc=udp,dc=eurotux,dc=com -W uid
> Enter LDAP Password:
> dn: uid=lmf,ou=Users,dc=udp,dc=eurotux,dc=com
> uid: lmf
this doesn't work (as expected).
> > and then, using system-config-authentication, enable LDAP on both
> > tabs.
> /etc/nsswitch.conf should have:
> passwd: files ldap
This is correct. Also group and shadow have "files ldap"
> And /etc/openldap/ldap.conf should have a valid URI, pointing to the
> server and a valid BASE
> If that file has all those values commented out, then they should be
Same content on both files.
> In any case, also check /etc/ldap.conf. If /etc/openldap/ldap.conf
> has a
> valid URI, then comment out any host definition. Check that base is
> correct one, and also check that any nss_base, if defined has the
> basedn as the one you found in the search.
These are correct, BASE is set to internal.domain.com and URI to the
server I am running it on
Any help would be appreciated :)
Yahoo! Answers - Got a question? Someone out there knows the answer. Try it
More information about the CentOS