CentOS 5 :: Ldap For Simple User Authentication?
Jun 22, 2010
I have a centos 5 system with openldap configured. I need openldap for simple user authentication. ie.. to be able to use it for authenticating it from remote applications and systems like mail clients...etc.
I was able to succefully install and configure openldap and ran a slaptest to verify the slapd.conf file for errors and found none. so now all i want to do is to add username and passwords to the ldap database.
iam just not sure what all objectClasses i need to use for Attributes uid and userPassword and what exactly should be the ldif file syntax for the above entries. I tried various sources but i do either get errors while adding or after adding do get errors trying to access it.
above all, iam able to access the ldap server from my phpldapadmin only as a anonymous user and not as a root user that i added as a first entry.
View 2 Replies
ADVERTISEMENT
May 25, 2011
I am using RackMonkey to map out my lab. Unfortunately, due to RM limitations, every user who accesses the site has write access UNLESS they are logged in as a user named "guest". I currently have Apache allowing only the users (sysadmins) in an LDAP group access to RM, but I would like to allow read-only access for other users as well.I found mod_authn_anon, but I am having trouble combining the two authentication methods. I am using Apache 2.2.18 (compiled myself) on SLES 11.1.
This is the common part:
Code:
AuthType Basic
AuthBasicProvider ldap anon
Order allow,deny
Allow from all
This part by itself works for the LDAP authentication:
Code:
AuthName "System Admins"
AuthLDAPURL "ldaps://example.com/ou=ldap,o=example.com?mail" SSL
Require ldap-group cn=SysAdmins,ou=memberlist,ou=groups,o=example.com
This part works by itself for guest access:
Code:
Anonymous guest
Anonymous_VerifyEmail Off
Anonymous_MustGiveEmail Off
Anonymous_LogEmail on
Require valid-user
But if I have both of the previous blocks enabled at once, then guest access does not work. If I throw in a "Satisfy any", then I am not prompted for a username at all. How can I allow access to this LDAP group and to a user named "guest", but not allow all valid LDAP users to log in?
View 1 Replies
View Related
Sep 8, 2009
I installed CentOS 5.2 and then run yum update. I configured this server as LDAP/Samba primary domain controller. LDAP seems to be OK and for testing I am able to create users with:smbldap-tools useradd -am usernameI can ssh into the server as root and also as a Linux user which was locally created in the server. But ssh into the server as LDAP user fails (from a Fedora 11 machine) with "Permission denied, please try again", prompting again for password.Some data:
# rpm -qa | grep ldap
python-ldap-2.2.0-2.1
php-ldap-5.1.6-23.2.el5_3
[code]....
View 1 Replies
View Related
Jun 8, 2011
I've a webpage that has some links to videos. When an user click on that link, I need the user to redirected to the login page which check credentials with ldap server and then grants access to the video. I've searched google for some code but all I found is some samples that authenticates the user. But when the user enters the login credentials how do I implement that code in the backend and redirect to the video if the user can authenticate himself?
View 3 Replies
View Related
Apr 4, 2011
I'm working on a media delivery platform where when a user click on the rstp link of the video,it should sent the request and see if the user is a valid user(using his username and password)
View 3 Replies
View Related
Jan 14, 2010
I'm trying to utilize my company's IT orginazation's LDAP service (running on some sort of windows) for authenticating users on an Ubuntu box.Another group has done something similar for CENTOS; I've used their ldap.conf as a reference as well as ap-server.html (LDAP Authentication section)I can't get it to work. When I try to connect as my corporate user I see this in auth.log:
Code:
Jan 14 14:32:24 Algalon sshd[7062]: nss_ldap: could not connect to any LDAP server as cn=ldapquery2,cn=Users,dc=<companyname>,dc=com - Can't contact LDAP server
[code]...
View 1 Replies
View Related
Sep 2, 2011
I have a openldap server running on one machine (fedora10) and pam_ldap.so and nss_ldap.so running on the other machine.
I have added a new user to the LDAP server database, this user is not created on client machine.
1. Can i login to the client machine using this new user?
2. Now if i try logging with this new user I am getting error messages, the error messages are as follows at client side
Sep 2 10:34:36 localhost sshd[8484]: Invalid user kim from 10.254.194.148
Sep 2 10:34:36 localhost sshd[8485]: input_userauth_request: invalid user kim
Sep 2 10:35:16 localhost sshd[8484]: pam_ldap: error trying to bind as user "cn=min soo,ou=people,dc=samsung,dc=com" (Invalid credentials)
[Code]....
View 4 Replies
View Related
Jan 18, 2010
how to make a new Ubuntu 9.10 box use our LDAP/Samba server for user authentication. Our Red Hat and Windows machines all use it just fine. I've been trying to use the auth-client-config and libnss-ldap packages for this purpose, but I must be missing something. I'm pretty green with LDAP, so this is my first time diving in... Is there a good How-To or step-by-step read on this? All of my searches lead me to setting up Ubuntu as the server, and that isn't what I want. I've also tried the steps listed in [URL] for the LDAP Authentication section.
View 1 Replies
View Related
Jul 13, 2010
I have LDAP server but I'm not admin. When I type: ldapsearch -x -b "ou=2007,o=faculty" "cn=7username"
View 11 Replies
View Related
Mar 10, 2011
I try to get authentication working from remote LDAP server (Novell eDirectory)So far I can get correct info from id user or using ldapsearch (so the connectivity is there)But what do I need to configure to get authentication working for SSH login & vsftp login?
View 4 Replies
View Related
Nov 7, 2010
Its 2 weeks i'm trying to configure freeradius2 on centos5 64bit after installed it from yum.all seems working, but i cant authenticate unix users.after digging in many sites its simply cant find user name and password ( ++[unix] returns notfound )Also how can i paste here all the radiusd -X log lines? i can't find any
radius.log file.
View 10 Replies
View Related
Apr 5, 2010
i have successful secure ldap replication but i could not make ldap client to direct its authentication to slave ldap
here is my config file on ldap client (i am not sure if it is the right place though)
ip : 192.168.1.183 is master ldap
ip : 192.168.1.185 is slave ldap
pico /etc/ldap/ldap.conf
#
# LDAP Defaults
code....
View 11 Replies
View Related
Sep 26, 2010
I want to Configure Linux LDAP Server for user authentication when my users want to connect to the internet.Also i don't want the user to get the home directory on server. i configured ldap server and ldap client without PAM & SASL.and now with perl i can search in ldap for my client's username & password in ldap.
View 1 Replies
View Related
May 13, 2011
I'm trying to setup a custom attribute for user accounts, I'm able to make the attribute (foo) and the Object class (foo_class) . But i'm unable to add foo or foo_class to my test users
View 1 Replies
View Related
Dec 2, 2010
I've setup an Ubuntu 10.10 LDAP Client to authenticate off my LDAP server. I've install the following: sudo apt-get install libpam-ldap libnss-ldap nss-updatedb libnss-db nscd ldap-utils pam_ccreds Here's my /etc/nsswitch.conf: passwd: files ldap [NOTFOUND=return] db group: files ldap [NOTFOUND=return] db
[Code]...
View 9 Replies
View Related
Sep 25, 2009
i want to authenticate user (client) via switch to the radius server(CentOS)Can anyone tell me the authentication/authorization configuration that should be made in the switch (huawei) and the radius server(centos).Esp. the main files under /etc/raddb/ in the Server& the configuration to be made under the radius server template "test"( as of my case)...
View 1 Replies
View Related
Jan 10, 2010
I want to configure SSH key-based authentication and SSH password Authentication in same machine for different user .
View 1 Replies
View Related
Aug 6, 2010
Is it possible to set up slapd to authenticate users using a simple name instead of a dn?
View 1 Replies
View Related
Jan 24, 2011
I have created a CA on my server then created a server certificate under that then exported it as a common server certificate.I have then gone to my LDAP server and enabled TLS and told it to use the common server certificate.Now on my client I have enabled LDAP TLS/SSL and it's asking me to download a certificate ... from where ? Do I export the certificate to a file and put it on a web server.If so what format as the export offers loads.
View 1 Replies
View Related
Jun 23, 2010
I am trying to allow my freshly installed ubuntu 10.04 to authenticate with ldap. I did follow the doc https://help.ubuntu.com/community/LD...Authentication and some other hints with no success.My needs is just to use an ldap existing server (active directory in my site, but i wish to use it via ldap, not via samba/ winbind) to validate users on services using pam modules.After the package installation the command getent passwd retrieve just local users and I don't understand if my ubuntu client is not querying the server or the server reply with some message.
View 2 Replies
View Related
Sep 16, 2010
One I cant figure out is a problem of authentication. I'm using open ldap server and try to authenticate a groupware (simple groupware) against it. As it fails, I tested with a ldap client to understand things better. Using GQ ldap client, I 'm able to browse my ldap tree successfully and to search some args from the base DN i specified. but when entering the exact uid as a search string iI got no answer whereas searching the cn returns the correct entry (and display its related entry including the uid I can't find ..) Here is the only thing I can trace in logs (syslog) when trying to seach firstname.lastname (= uid)
[Code]....
View 1 Replies
View Related
Jun 29, 2010
I'm trying to get LDAP working with 389 Directory Server on Fedora 13. I have the server all ready to go, and I can query it with the 389 console. But when I tried to move on to the next step, user authentication trough LDAP, it just won't work I followed the PAM Howto, but the given authconfig command doesn't work. If I manually add a user with the 389 console, I can't login with it.Since I had X11 forwarding working over SSH, I tried authconfig-gtk. I setup a SSL LDAP connection for this to work, but it still didn't work. I did have this working on my (now crashed ) Fedora 12 VM.
View 11 Replies
View Related
Dec 9, 2010
I installed Nconf software on a Debian server.I am trying to configure Nconf Authentication with LDAP.I edited nconf's authentication.php file accordingly and I installed php5-ldap package.When i enter user-name and password in Nconf's login screen.
View 1 Replies
View Related
Feb 9, 2011
I want to ask how many applications can we use with LDAP authentication
View 1 Replies
View Related
Dec 28, 2009
I've added a new machine (desktop used by many users) to a network that uses LDAP (pam_ldap) for authentication. Can anyone post relevant configs to limit users by a groupOfNames? I've googled extensively and have found some partial comments, but no complete config examples or howto's.
The issue is as follows:
All users have one primary GID in their posixAccount entries, which is used to control access to the existing machines. So it's not really possible to change this. Now, I need to limit access to this new machine to a specific subset of users, all members of a specific groupOfNames. I can't seem to get pam_ldap to use a groupOfNames instead of a posixGroup.
View 1 Replies
View Related
Jan 20, 2010
We have an LDAP server (OpenDirectory on Snow Leopard Server--OpenLDAP essentially) and I am trying to configure our slackware hosts to use that LDAP server as the authentication mechanism instead of NIS/YP as they currently do.How do I change it, and is it just as simple as changing /etc/nsswitch.conf?
View 11 Replies
View Related
May 7, 2011
On this moment i configure a testenvironment with 1 Microsoft active directory server and 1 Opensuse 11 samba filesharing server. But i have a issue. The samba server is add to the domain and the servers can communicate with eachother. I can login to the domain on the samba server and the LDAP settings tab on yast2 samba configuration tool tell me that samba and the MS LDAP server can communicate with eachother. I can see the shares on the samba server but i can't autenticate myself. When i whant to logon than see i always "domain: domainname.local" and "access denied". My question is now how can i give the MS administrator account rights to view the shares and configure the rights for the other users.Samba config file
PHP Code:
[global]
workgroup = WIN-FVJBNQIJE9O@WOENSDRECHT.LOCAL
[code]....
View 1 Replies
View Related
Jun 18, 2010
I've just installed Ubuntu Server for the first time with the goal as setting it up as a proxy server for our Apple computers here since I can get neither ISA of OS X Server's firewall to play properly. So far I have the machine authenticating against our OS X OpenLDAP server and multiple NIC's setup ready to be connected to the outside world. My question is does anyone have a preference on what proxy I should be using? So far my search efforts seem to of turned up Squid Proxy as a favorite among Ubuntu users but I can't seem to work out how to get it authenticating against my OpenLDAP server.
View 5 Replies
View Related
Mar 16, 2011
i am taking another stab at this. The last time i attempted it, it seemed like everyone had a different way to do it, but nobody could give me an answer on how to do it...
I currently have a Domain Controller Running sme server and a domain controller, using ldap as a backend. I have two file servers runing ubuntu 10.04. My overall goal is to have it so when i create a username on the domain controller, it is then automatically copied over to the fileservers. This way everyone will have their own username and password to access the fileservers and ill be able to track what people do on the fileservers.
The next necessity is for me to be able to apply permissions to the folders on the fileserver based on the users that are created on the domain controller.
View 2 Replies
View Related
Aug 26, 2011
LDAP Authentication for Web Access I am trying to build a LDAP server to allow access to the wireless network in conjunction with Meraki wireless access points. I am using Ubuntu 10.10 and trying to install OpenLDAP from their documentation but I keep running into the error "configure: error: MozNSS not found - please specify the location to the NSPR and NSS header files in CPPFLAGS and the location to the NSPR and NSS libraries in LDFLAGS (if not in the system location)" I have OpenSSL installed but I also got these when I ran ./configure
checking openssl/ssl.h usability... no
checking openssl/ssl.h presence... no
checking for openssl/ssl.h... no
checking gnutls/gnutls.h usability... no
[code]....
View 1 Replies
View Related
