Ldap and samba work fine if de ldap server is @localhost.
smbldap-populate however refuses to connect to the ldap server at the address ldaps://ldap.server
ldapsearch -x -H ldaps://ldap.server
I checked ldad.conf and smbldap.conf time and again.
Why oh why?
Just installed openldap server on a VM CentOS called 'ldapsrv', it works fine, ldapsearch returns all ldap information.
Installed openldap client on another VM CentOS called 'ldapclient1', configured it with most basic configuration, no ssl/tls etc. but ldapsearch returns error:
ldapsrv is pingable:
Some outputs:
PHP Code:
PHP Code:
i have configured ldapserver on rhel4 for creating address book
following are configuration files on ldap server
/etc/openldap/slapd.conf
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
i am able to import this ldif file into database.also when i perform the ldapsearch on this server with command"ldapsearch �x �W �D �cn=manager, dc=example, dc =com� �b �dc=example, dc=com�" i get correct output.
but when i am trying to search from another client machine, i am getting "error ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)"
also when i configured address book on mozilla on server., it is working fine.but not working on another machine.is any configuration is missing on client machine.both ldap server and client are configured on rhel4es without any firewall or selinux.
I'm checking with a sniffer and there's activity going on between the client and the LDAP server... as a matter of fact, the sniffer shows that the search is producing one ldap item, however, php says it can't contact the ldap server (after it has bound and everything):
The script is working beautifully on another host with debian.
I have installed openldap on debian lenny as said here [URL]clients" for both ldap server and ldap client on 192.168.1.192. Now I can make normal ldap successfully but I would like to do secure ldap and replication ldap too. "ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)" here is the error I got stuck with when I follow this link for replication and ssl/tls part[URL]Then I google to find solution and then try these commands
debian:/etc/ldap# ldapsearch -H ldap://192.168.1.192 -b dc=webon -x -d-1
ldap_url_parse_ext(ldap://192.168.1.192)
ldap_create
[code]....
Here are the specs of my machine: Linux matrix 2.6.18-92.el5 #1 SMP Tue Apr 29 13:16:12 EDT 2008 i686 i686 i386 GNU/Linux Red Hat Enterprise Linux Server release 5.2 (Tikanga)
When I run an ldapsearch in root, it works fine. tcpdump filtered by dest IP shows packets captured.
When I run an ldapsearch in a perl script as root, it works fine. tcpdump filtered by dest IP shows packets captured.
However, when I run it via a perl script in my cgi-bin directory it fails. tcpdump shows no packets captured. When I added a "2>&1" to my ldap search in my cgi script, I got "ldap_bind: Can't contact LDAP server (-1)".
I ran a "whoami" in my cgi script and it showed up as apache.
Another twist to all this is that I ran the same test on my slackware box, and everything works (esp the cgi script). Here's what the specs are on that machine:
Linux slackvm 2.6.29.6-smp #2 SMP Mon Aug 17 00:52:54 CDT 2009 i686 Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz GenuineIntel GNU/Linux
I checked the permissions on the ldapsearch file and directory, and they're the same (755).
Could there be something blocking the apache user on my Red Hat box from sending packets out?
I have my own LDAP server with my address book on it. Everything work fine, also with Evolution. I can read and edit my contacts. One thing doesn't work: I can not add a new contact to the server through Evolution.Getting an Permission denied error.
View 1 Replies View Relatedwe have a weird problem with our opensuse 11.2 server installation.
We want to set up a LDAP Server using the Yast-LDAP Server configuriation tool.
This indeed already worked weeks ago until....this week.
Maybe some updates??!
I do not know what happend exactly. The server just does not want to start again and throws following error:
Starting ldap-serverstartproc: exit status of parent of /usr/lib/openldap/slapd: 1 failed
This happend after a little check of the configuration, but without a change, with Yast. Google delivered only "reinstall your box"-answers.
So.. i did that. And now the "mystical" part: The SAME ERROR occurs with a fresh vanilla system with a brand new and simple configuration (certificats, database, pw...the first Yast config dialog...). I did not change the way i set it up.
I remember, when i did this the first time with 11.2 on that machine, when no problems occured...everything was running out of the box (except the "use commen server certificate" option...).
i have successful secure ldap replication but i could not make ldap client to direct its authentication to slave ldap
here is my config file on ldap client (i am not sure if it is the right place though)
ip : 192.168.1.183 is master ldap
ip : 192.168.1.185 is slave ldap
pico /etc/ldap/ldap.conf
#
# LDAP Defaults
code....
I am using RackMonkey to map out my lab. Unfortunately, due to RM limitations, every user who accesses the site has write access UNLESS they are logged in as a user named "guest". I currently have Apache allowing only the users (sysadmins) in an LDAP group access to RM, but I would like to allow read-only access for other users as well.I found mod_authn_anon, but I am having trouble combining the two authentication methods. I am using Apache 2.2.18 (compiled myself) on SLES 11.1.
This is the common part:
Code:
AuthType Basic
AuthBasicProvider ldap anon
Order allow,deny
Allow from all
This part by itself works for the LDAP authentication:
Code:
AuthName "System Admins"
AuthLDAPURL "ldaps://example.com/ou=ldap,o=example.com?mail" SSL
Require ldap-group cn=SysAdmins,ou=memberlist,ou=groups,o=example.com
This part works by itself for guest access:
Code:
Anonymous guest
Anonymous_VerifyEmail Off
Anonymous_MustGiveEmail Off
Anonymous_LogEmail on
Require valid-user
But if I have both of the previous blocks enabled at once, then guest access does not work. If I throw in a "Satisfy any", then I am not prompted for a username at all. How can I allow access to this LDAP group and to a user named "guest", but not allow all valid LDAP users to log in?
I'm trying to set up a Linux server and I am new to this. I have gone through most of the configuration using SAMBA 3.0 and when I populate the ldap directory all I get this error before the password request:
Then when I perform an ldapsearch to see if the directory is populated I get this message:
I'm positive all my .conf files are done right.
why i can't login on the ldap-client via ldap, so here is a short description of my machines (i use openvz virtualising)I have on the HN (Debian Lenny) 2 VE's, which are in the same subnet (192.168.1.0/24)The first VE (Hostname: ldap1, IP: 192.168.1.91) is the ldap-server, which is so configured, that i can manage the server via phpldapadmin.The second VE (Hostname: ftp1, IP: 192.168.1.31) is the ldap-client, there should run a sftp-server in the future and the sftp-server(ssh-server) should use ldap-usernames to login. on the ftp1, i get with this command getent passwd the users configured on the ldap-server, but with the command id USERNAME the result is, that the user doesn't exist. (USERNAME is this name, i get returned by getent) and if i try to login via ssh, i get permission denied. and because the machines are openvz-virtual-machines, so i can't login on them like on a normal system, but a su USERNAME doesn't work too, because the user is not known on the system.
my installation:
i don't think, that the ldap-server is the problem, because the phpldapadmin and getent on ftp1 are working perfectly, but if you want, i can post the config here too. the VE ftp1 was configured with the following how-to: [URL] and pam is configured like in the chapter "PAM setup with pam_ldap" on [URL]
In the past I found some great help on this forum, so here goes. Bare with me because it's a long story. I'll try to be as complete as possible. I've installed and configured OpenLdap on a virtual machine with ip 192.168.39.134. I've added 2 users via LAM. In the ou WikiUsers and the domain is wiki.local.
I've then created another host with ip 192.168.39.133 with mediawiki installed on it. Then I added the extension LDAPAuthenthication. In the LdapAuthentication file I added this code (only the last paragraph is mine, I added the others to show it's location in the script):
Quote:
$path = array( $IP, "$IP/includes", "$IP/languages" );
set_include_path( implode( PATH_SEPARATOR, $path ) . PATH_SEPARATOR . get_include_path() );
[code]...
I know I'm close because I can't register any new users or accounts on the mediawiki site. Although I could before I added the LDAP service. This is indeed all just to test and get to know how LDAP works. That's why it's all virtual in VMWare. I did not really configure anything on the LDAP, i just installed it and chose a domain (wiki.local).
Slapd is up and running perfectly well, and I can add and remove entries without a problem. My OS is the Ubuntu based Mint.
So I was hoping for someone to give me a nudge in the right direction for doing this without a slapd.conf file, or directions for how to force slapd to pay attention to a slapd.conf file whose location I specify.
I've tried messing around with /etc/ldap/ldap.conf to no avail, I've tried just putting in a custom slapd.conf file but slapd doesn't pay attention to it.
And to the best of my knowledge I can't find anything written on this specific topic. I can find plenty on slapd.conf's, but that's just taunting me considering I don't even have it on my system.
can anyone tell me what is the difference between these two files of LDAP client /etc/ldap.conf and /etc/ldap/ldap.conf and for what purposes these two files gives services. Is it necessary to have these two files at a time ?
I use these files to install LDAP client to authenticate with our LDAP server by creating a symbolic link of /etc/ldap.conf to /etc/ldap/ldap.conf.
I had a machine that is using ldap, but need to remove it completely.I edited the /etc/nsswitch.conf and removed all references of ldapand renamed /etc/ldap.conf to /etc/ldap.conf.bakI can log in as root, but cannot log in as any user in /etc/passwdIn the /var/log it shows pam_ldap: missing file "/etc/ldap.conf"I am guessing I am missing something else?I never set this machine up for ldap, was here when i got here, so not sure of steps to even put ldap on.
View 2 Replies View RelatedHow do you populate the desktop ? I cant find a way to drag a folder or create a shortcut on it ?
View 2 Replies View RelatedI am behind a funny firewall, so that may have something to do with this, but since the problem materialized upon update to F14, I am assuming that this has something to do with it as well. (Both connections are on the internal network, so should not invoke the firewall/proxy, so the firewall issue is probably a red herring.)Since the update, neither evolution-mapi nor evolution-exchange (over OWA) are able to access my email. Here is the error given when using evolution-mapi:
Code:
Unable to authenticate to Exchange MAPI server: file exchange-mapi-connection.c: line 359 (exchange_mapi_connection_new): assertion `profile != NULL' failed Please enter the MAPI
[code]....
This seems to have just started. I read a .pdf document with evince and I get a whole bunch of messages like the following.GConf Error: Failed to contact configuration server; some possible causes are that you need to enable TCP/IP networking for ORBit, or you have stale NFS locks due to a system crash. See URL... for information. (Details - 1: Server ping error:IDL:omg org/ CORBA/COMM_FAILURE:1.0)What does this mean? why is evince trying to contact a server when I just want to read a document?
View 1 Replies View RelatedI'm getting a strange error on Ubuntu 10.04 when starting firefox, see output:
Code:
Failed to contact configuration server; some possible causes are that you need to enable TCP/IP networking for ORBit, or you have stale NFS locks due to a system crash. See [URL] for information. (Details - 1: Failed to get connection to session: /bin/dbus-launch terminated abnormally with the following error: EOF in dbus-launch reading address from bus daemon
[code]...
My version of Firefox I'm running is:
Code:
Mozilla Firefox 3.6.9, Copyright (c) 1998 - 2010
I'm using FC12 with kde and cannot update the system time using the gui. The error is :Error unable to contact time server. How do i get it to work for the rest of the family who do not want to mess aboutcli mode?This does work from the terminal:ntpdate -u ntp.exnet.com so client software is present and correct leaving me at a loss.
View 4 Replies View Relatedi have just registered to this forum so forgive me if i ask wrong question at wrong place.i have a server with OS: fedora 7 Hardware: SuperMicro X7DVL-L
[root@ ~]# /sbin/lspci
00:00.0 Host bridge: Intel Corporation 5000V Chipset Memory Controller Hub (rev b1)
00:02.0 PCI bridge: Intel Corporation 5000 Series Chipset PCI Express x8 Port 2-3 (rev
[code]...
I have a CentOS 5 Server running for private fun... Just for playing with it and learn a little linux.this server has to Network interface cards. one for connecting from extern and one from connecting from the LAN.when i want to connect from lan (eg via SSH) this allways works!when i want to connect not from LAN this only works sometimes! only if i establish at the same time a connection from LAN it wors mostly.with other devices i have no problem (tested another server with just 1 NIC) and this works too.also the problem is not dyndns because i have the same problem when i try to connect through the direct IP.
View 3 Replies View RelatedIm running VMware fusion on my mac book pro and i want to boot my physical ubuntu partition. After wasting hours trying to add the partitions directly into vmware grub complained that it couldn't find the correct partition.
I abandoned that avenue and created a 50MB vmware partition and installed GRUB2 on it so in the VMware i then attached the 50MB grub partition and the 250G physical drive. This all works fine however i cant seem to get GRUB2 to automatically populate the menu. On the GRUB2 partition i have /boot/grub/* and /etc/grub.d/ * and in the grub.cfg i have set GRUB_DISABLE_OS_PROBER=false
however when i run update-grub i get an error saying something like "mkconfig-grub cannot find / is dev mounted?" i can manually run /etc/grub.d/30_os-prober and it prints out a list of all my partitions which i can paste into grub.cfg however i dont want to have to manually do this for each kernel upgrade.Im doing all this via a 10.04 live CD.
I used Kubuntu with KDE 4.5.1 up to August, when I switched to Debian Squeeze with KDE (currently frozen at 4.4.5). Before migrating, I used rsync (luckbackup) to backup the whole Home directory. Kontact version used on Debian is now 4.4.6. While I could use the import feature successfully to retrieve all my e-mail messages by pointing it to ~/.kde/share/apps/kmail/, I couldn't find a way to do the same with contacts.
I don't have backups of my old ~/.local/share/contacts, the folder simply doesn't exist. However, I have ~/.local/share/akonadi. I never used Akonadi Tray Icon to create a backup. In KAddressBook, I have Personal Contacts, which is empty. While waiting for a solution, I filled Default Address Book with some contacts' e-mail addresses retrieved manually from archived past e-mails.
In ~/.kde/share/apps/kabc I have the following:
1) a folder named lock, containing a text file named _home_lelamal_.kde_share_apps_kabc_std.vcf4g7TNh8g and another called _home_lelamal_.kde_share_apps_kabc_std.vcfXASyTlNE. If opened, they show 1372 kontact, and 1629 korgac respectively.
2) A file named std.vcf of 0B size.
3) 8 files, numbered progressively, named "std.vcf__ std.vcf__7, all of which are also of 0B size.
I tried renaming the old /kabc to /kabc.old (in case it got modified in the process) and used a copy of it as a target for Default Address Book in KDE Resources, whose path was changed to point to it. Nothing changed, when I reopened KaddressBook there were still only the new contacts I manually created.
Akonadi Configuration shows Personal Contacts, and it correctly points to ~/.local/share/contacts/, but if the folder isn't there I'm not sure what it's pointing to. I also have a Default Address Book, and when I click on Modify, instead of showing a path like Personal Contacts did, it shows a blank field. When I click on Open File Dialog, it expects me to point it to a vCard Address Book File.
If I'm back to KAddressBook, and open the Personal Contacts addressbook to import the the only vCard I am aware of (the 0B sized std.vcf file in /kabc) nothing happens, it remains empty.
I developed a java application to organize the articles and notes for what I need for my work reports. The path appear in a jlist component and by clicking on I'd like the file opened. The application works fine in /home side.
In /root side I get this message error:
"GConf Error: Failed to contact configuration server; the most common cause is a missing or misconfigured D-Bus session bus daemon." I work in KDE (OpenSuse 11.4). Why I need a configuration tipically of GNOME?
whenever i do anything as sudo i get GConf Error: Failed to contact configuration server; some possible causes are that you need to enable TCP/IP networking for ORBit, or you have stale NFS locks due to a system crash. See [URL].. for information. (Details - 1: Could not send message to GConf daemon: Connection is closed)
View 2 Replies View RelatedHow to build a list of files under a directory that may have any permissible characters in the name, that is anything except NUL? The only possible (?) bash data structure to contain a list of such names is an array because NUL cannot be used as a list item separator so no X-separated list can safely be used; there is no "X" that might not be part of a file name. OK -- but how to populate such an array? Here's what I've tried.
Code:
#!/bin/bash
# Set up test files
dir=$(mktemp -d "/tmp/${0##*/}.XXXXXX")
touch $dir/foo $dir/bar
[code].....
I am aware that there is a qmail-ldap package to have ldap back end for qmail. But I need only user authentication for qmail through ldap (not the backend; i.e still keeping Mysql as the database). I am pretty new to mail server configuration. I have just configured a (q)mail server (which is currently my sand box) and am able send and receive emails. I am planning to add ldap authentication (just that) to it. Can anyone point me to the right direction?
View 6 Replies View RelatedI'm looking for suggestions for a command line utility than can generate a contact sheet (e.g. jpg etc) from a video? I'm mainly interested in starting from FLV files, but i guess the solution will probably work for other formats with appropriate codecs etc. So, for example, if i have a 30 minute video, every 2 minutes through it i'd like it to generate a thumbnail and then put 15 of these in a 5 x 3 grid in a single jpg. On Windows,Media Player Classic Homecinem will do this through its ave Thumbnails command.
Ideally i'd like to do this from the command line/script in a debian server environment, rather than a desktop GUI. It doesn't have to be a single command, if a chain of steps could do it.