I configured ldap server & client on centos,then i connected centos and suse with network.now want to get group of any user from this server via suse.is it possible with perl scripts? or i need to install other modules on suse or centos?(such as : pam,nss)
View 8 RepliesWe've got crontabs set up in /etc/cron.d to run various things, and we have them running as a specific local user.
Watching the LDAP logs, I can see the servers in question making requests for that username to the LDAP server every time cron runs, even though that user isn't in LDAP and is only local. nsswitch is configured to do "files ldap" as well.
The constant stream of LDAP queries is killing LDAP and making it impossible to log into our boxes.
why cron is querying LDAP for a local user?
Just installed openldap server on a VM CentOS called 'ldapsrv', it works fine, ldapsearch returns all ldap information.
Installed openldap client on another VM CentOS called 'ldapclient1', configured it with most basic configuration, no ssl/tls etc. but ldapsearch returns error:
ldapsrv is pingable:
Some outputs:
PHP Code:
PHP Code:
we have a weird problem with our opensuse 11.2 server installation.
We want to set up a LDAP Server using the Yast-LDAP Server configuriation tool.
This indeed already worked weeks ago until....this week.
Maybe some updates??!
I do not know what happend exactly. The server just does not want to start again and throws following error:
Starting ldap-serverstartproc: exit status of parent of /usr/lib/openldap/slapd: 1 failed
This happend after a little check of the configuration, but without a change, with Yast. Google delivered only "reinstall your box"-answers.
So.. i did that. And now the "mystical" part: The SAME ERROR occurs with a fresh vanilla system with a brand new and simple configuration (certificats, database, pw...the first Yast config dialog...). I did not change the way i set it up.
I remember, when i did this the first time with 11.2 on that machine, when no problems occured...everything was running out of the box (except the "use commen server certificate" option...).
i have a server which was handover me, it has redhat 4 u3.but i cant find the machine model no, it is hp g4 server, so this info from linux where can i see
2nd if i want to know what is the bios version and date how can i see from linux.
3rd if any hardware failing like network card, ram memory, hard disk how we come to know hardware.
I have a ClarkConnect (CentOS based) box running as my home router on a RR connection. I had the DNS servers set up to use Google's DNS server. I want to change them back to the local DNS servers but I can't find an obvious/easy way to get those address short of a) reconfiguring the router's network to DHCP them (would rather not interrupt everyone) or b) calling their tech support (kill me now!). Is there a command line tool/command I can use to query the DHCP server on the external NIC to see what DNS servers it would set me up with w/o munging my existing setup?
View 1 Replies View Relatedi have configured ldapserver on rhel4 for creating address book
following are configuration files on ldap server
/etc/openldap/slapd.conf
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
i am able to import this ldif file into database.also when i perform the ldapsearch on this server with command"ldapsearch �x �W �D �cn=manager, dc=example, dc =com� �b �dc=example, dc=com�" i get correct output.
but when i am trying to search from another client machine, i am getting "error ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)"
also when i configured address book on mozilla on server., it is working fine.but not working on another machine.is any configuration is missing on client machine.both ldap server and client are configured on rhel4es without any firewall or selinux.
i have successful secure ldap replication but i could not make ldap client to direct its authentication to slave ldap
here is my config file on ldap client (i am not sure if it is the right place though)
ip : 192.168.1.183 is master ldap
ip : 192.168.1.185 is slave ldap
pico /etc/ldap/ldap.conf
#
# LDAP Defaults
code....
I am using RackMonkey to map out my lab. Unfortunately, due to RM limitations, every user who accesses the site has write access UNLESS they are logged in as a user named "guest". I currently have Apache allowing only the users (sysadmins) in an LDAP group access to RM, but I would like to allow read-only access for other users as well.I found mod_authn_anon, but I am having trouble combining the two authentication methods. I am using Apache 2.2.18 (compiled myself) on SLES 11.1.
This is the common part:
Code:
AuthType Basic
AuthBasicProvider ldap anon
Order allow,deny
Allow from all
This part by itself works for the LDAP authentication:
Code:
AuthName "System Admins"
AuthLDAPURL "ldaps://example.com/ou=ldap,o=example.com?mail" SSL
Require ldap-group cn=SysAdmins,ou=memberlist,ou=groups,o=example.com
This part works by itself for guest access:
Code:
Anonymous guest
Anonymous_VerifyEmail Off
Anonymous_MustGiveEmail Off
Anonymous_LogEmail on
Require valid-user
But if I have both of the previous blocks enabled at once, then guest access does not work. If I throw in a "Satisfy any", then I am not prompted for a username at all. How can I allow access to this LDAP group and to a user named "guest", but not allow all valid LDAP users to log in?
I'm trying to set up a Linux server and I am new to this. I have gone through most of the configuration using SAMBA 3.0 and when I populate the ldap directory all I get this error before the password request:
Then when I perform an ldapsearch to see if the directory is populated I get this message:
I'm positive all my .conf files are done right.
I'm checking with a sniffer and there's activity going on between the client and the LDAP server... as a matter of fact, the sniffer shows that the search is producing one ldap item, however, php says it can't contact the ldap server (after it has bound and everything):
The script is working beautifully on another host with debian.
In the past I found some great help on this forum, so here goes. Bare with me because it's a long story. I'll try to be as complete as possible. I've installed and configured OpenLdap on a virtual machine with ip 192.168.39.134. I've added 2 users via LAM. In the ou WikiUsers and the domain is wiki.local.
I've then created another host with ip 192.168.39.133 with mediawiki installed on it. Then I added the extension LDAPAuthenthication. In the LdapAuthentication file I added this code (only the last paragraph is mine, I added the others to show it's location in the script):
Quote:
$path = array( $IP, "$IP/includes", "$IP/languages" );
set_include_path( implode( PATH_SEPARATOR, $path ) . PATH_SEPARATOR . get_include_path() );
[code]...
I know I'm close because I can't register any new users or accounts on the mediawiki site. Although I could before I added the LDAP service. This is indeed all just to test and get to know how LDAP works. That's why it's all virtual in VMWare. I did not really configure anything on the LDAP, i just installed it and chose a domain (wiki.local).
can anyone tell me what is the difference between these two files of LDAP client /etc/ldap.conf and /etc/ldap/ldap.conf and for what purposes these two files gives services. Is it necessary to have these two files at a time ?
I use these files to install LDAP client to authenticate with our LDAP server by creating a symbolic link of /etc/ldap.conf to /etc/ldap/ldap.conf.
I had a machine that is using ldap, but need to remove it completely.I edited the /etc/nsswitch.conf and removed all references of ldapand renamed /etc/ldap.conf to /etc/ldap.conf.bakI can log in as root, but cannot log in as any user in /etc/passwdIn the /var/log it shows pam_ldap: missing file "/etc/ldap.conf"I am guessing I am missing something else?I never set this machine up for ldap, was here when i got here, so not sure of steps to even put ldap on.
View 2 Replies View RelatedCan I uninstall LDAP from the server or will this break something ?
View 3 Replies View Relatedwhen i m configuring ldap server on linux 6.0 for my college project with the script below :- problem is that DB_config.example is not available under /usr/share/doc/openldap-servers-2.4.23/
[ for query without SSL ]
# ldapme
# vim /etc/auto.master
[code]....
I've compiled openssh-5.4p1 on RHEL 4.8 with Openssl 0.9.8m + pam It works perfect without pam (pam-0.77-66), both with password and public key auth. Whith pam enabled and LDAP (openldap-2.4.21, from scratch) something strange happens: system users: I can do ssh with both password and public key LDAP users: public key works for remote users, still I cannot do ssh with just password. I'm trying a custom PAM configuration, because the default one (even with authconfig + LDAP ) blocks ssh even with system users.
My pam SSHD configuration is:
#%PAM-1.0
auth required pam_env.so
auth sufficient pam_unix.so likeauth nullok
auth sufficient pam_ldap.so use_first_pass
[code]....
My LDAP users are ok: i can do "su - " remote LDAP (so that nss_ldap is OK), also getent passwd and getent group is ok.
How to configure LDAP server in redhat5.1 but i want to know how to configure it.
View 5 Replies View RelatedI have configured ldap on Debian5 and samba on another machine, all servers are running ok, but when i try to add users, it gives me an errror that "unknown user"
View 4 Replies View RelatedThe issue is that my CentOS workstation is in a vlan from where the Intranet's DNS servers are unreachable. For browsing the web there is an ISA proxy server, which I presume resolves DNS for my firefox. However, wget, host, ping and aria2c fail to get any sort of DNS resolution since they're being run from command line.I have exported HTTP_PROXY value, which provides me internet access on console, but,only when I connect using IP address. It fails on name resolution.
My question is:May I redirect the DNS queries to my home PC which would be running a DNS server on a non standard port?I was thinking of putting nameserver 127.0.0.1 in /etc/resolv.conf and then put iptables rule to redirect 127.0.0.1:53 UDP to a.public.ip.address:3535 UDP..I don't know if I am shooting blanks or what, I am not very much aware of this kind of setup.My main need is to provide DNS resolution to console apps.I want to utilize my company's idle bandwidth for bulk downloads, so, using proxy, SSH tunneling through my Home PC is out of question.
I have a server and a few clients set up with LDAP and NFS. All user files and logins are on the server, and I can login as a normal user on any client and get to my files. However, if I log in as root on a client, I can't write in root-owned directories on the NFS. I suppose that client-root and server-root are different.
Question: is there some way to convince the LDAP or that client-root and server-root are the same?
How do I go about to troubleshoot the failure of ldap server start on openSUSE 11.2? I added a custom configuration (through GUI) and now the server does not whant to start with that configuration.
View 1 Replies View RelatedI have installed phpldapadmin 1.2.0.5 Using commands in shell I have added two users and some groups into a base (ldif-file) and I see them in phpldapadmin. But when I try to add users or groups by using graphical interface (phpldapadmin) I can't do this correctly because I can't to select a type of new entry and I see a tip "classes of objects from XML does not support LDAP-server". So I can't to create a new entry by using graphical interface. Here is my slapd.conf
[code]...
I have Fedora Directory Server with SSL running on my Linux Machine. I can see th output:
Code...
This shows that 636 port is open.But When I am attempting to this Linux Server from one of Windows Desktop it says "LDAP is Down".
I selected LDAPv3 and LDAPv3, hostname and SSL/TLS tried fetching base DN but it dint work.
I am aware that there is a qmail-ldap package to have ldap back end for qmail. But I need only user authentication for qmail through ldap (not the backend; i.e still keeping Mysql as the database). I am pretty new to mail server configuration. I have just configured a (q)mail server (which is currently my sand box) and am able send and receive emails. I am planning to add ldap authentication (just that) to it. Can anyone point me to the right direction?
View 6 Replies View RelatedBeen hunting around and trying this for a few days now, without any success.I have configured a CentOS 5.5 box to start up named on boot. I have a Windows 7 machine currently going straight to the router for its DNS, that I want to point to this box instead.While I have done all the tests on the Linux box, and everything says it's working, my Windows 7 box just can't seem to contact the named service.While I am certain that my firewalls are configured correctly ( as I was able to connect through with Cyberkit on the other ports that are open ), I have even switched off the firewalls on both machines entirely to rule them out. And they still can't connect.
View 3 Replies View RelatedI am using centos 5.5 x85_64 2.6.18-194.3.1.el5 The server is hanging at start up due to the follwoing error
udevd[746] nss_ldap reconnecting to LDAP server (sleeping 4 seconds)
udevd[746] failed to bind to LDAP ser er ldap://192.168.0.100 cant contact ldap
It fails and then tries again, and again, each time increasing the sleep time. This is happening before network sercvices are started so ther is no way it can connect to ldap. anyone know a way to fix this problem?
How can I make the user in remote LDAP server to be used to authenticate Local Linux server ?
View 5 Replies View RelatedI am working one project and i want to know that is it possible to find out the DNS (BIND) QPS (query per second). I mean how many QPS BIND can handle.
View 2 Replies View RelatedI'm trying to setup a linux box to act as just a DNS server. Its something I'd like to use just for WAN type requests and leave other domain related things to the Server running WIndows.At this point on my Linux box, I can run queries and nslookups from it. I can not however, from a Windows box, run a NSLOOKUP command from the Linux box which is telling me to check the permissions from Linux to enable that for the clients. It's enabled.From a C: I type in nslookup - *ip of Linux box* and it tells me -- Can't find server name for address.
View 4 Replies View Related