Networking :: LDAP Authorization Fails - IHS7 (Apache2)
Jul 29, 2010
We have SLES10 + IBM_HTTP_Server/7.0.0.7 + PHP5. We're trying to authorize users via ldap, but it fails with strange messages:
httpd.conf:
.....
<LIMIT GET>
Order Deny,Allow
allow from all
Satisfy all
AuthName "DEVELOPMENT (use your Intranet Password)"
AuthType basicLDAPVerify
AuthType basic AuthBasicProvider ldap
AuthLDAPURL ldap://bluepages.site.com/ou=bluepages,o=site.com?mail?sub? NONE
AuthzLDAPAuthoritative off
Require valid-user
</Limit> .....
error_log .....
View 4 Replies
ADVERTISEMENT
Mar 31, 2010
I've compiled openssh-5.4p1 on RHEL 4.8 with Openssl 0.9.8m + pam It works perfect without pam (pam-0.77-66), both with password and public key auth. Whith pam enabled and LDAP (openldap-2.4.21, from scratch) something strange happens: system users: I can do ssh with both password and public key LDAP users: public key works for remote users, still I cannot do ssh with just password. I'm trying a custom PAM configuration, because the default one (even with authconfig + LDAP ) blocks ssh even with system users.
My pam SSHD configuration is:
#%PAM-1.0
auth required pam_env.so
auth sufficient pam_unix.so likeauth nullok
auth sufficient pam_ldap.so use_first_pass
[code]....
My LDAP users are ok: i can do "su - " remote LDAP (so that nss_ldap is OK), also getent passwd and getent group is ok.
View 2 Replies
View Related
Nov 4, 2010
I have read the man of ldif .In my attempt to build my current directory, I have taken a dump of my last successful implementation (which was created on FreeBSD 8.1) and substituted values for the dc=company and dc=com values with the correct ones for the current directory (attempting to implement under CentOS 5.4) and even tho the correct schemas are in place it is choking on entry.
View 9 Replies
View Related
Sep 28, 2010
Just installed openldap server on a VM CentOS called 'ldapsrv', it works fine, ldapsearch returns all ldap information.
Installed openldap client on another VM CentOS called 'ldapclient1', configured it with most basic configuration, no ssl/tls etc. but ldapsearch returns error:
ldapsrv is pingable:
Some outputs:
PHP Code:
PHP Code:
View 20 Replies
View Related
Sep 8, 2009
I installed CentOS 5.2 and then run yum update. I configured this server as LDAP/Samba primary domain controller. LDAP seems to be OK and for testing I am able to create users with:smbldap-tools useradd -am usernameI can ssh into the server as root and also as a Linux user which was locally created in the server. But ssh into the server as LDAP user fails (from a Fedora 11 machine) with "Permission denied, please try again", prompting again for password.Some data:
# rpm -qa | grep ldap
python-ldap-2.2.0-2.1
php-ldap-5.1.6-23.2.el5_3
[code]....
View 1 Replies
View Related
May 31, 2010
I'm trying to set up a Linux server and I am new to this. I have gone through most of the configuration using SAMBA 3.0 and when I populate the ldap directory all I get this error before the password request:
Then when I perform an ldapsearch to see if the directory is populated I get this message:
I'm positive all my .conf files are done right.
View 3 Replies
View Related
Jan 17, 2010
How to resolve this apache2 problem I keep getting, I have installed a debian LAMP server with ispconfig3 and everytime I reboot apache fails to start, I don't know and I have done some research but nothing seems to work, which leads me to reinstall everything from scratch again, I think I have reinstalled at least 10x or more.
When ever I reboot I get the following error
Code:
View 9 Replies
View Related
Sep 16, 2010
One I cant figure out is a problem of authentication. I'm using open ldap server and try to authenticate a groupware (simple groupware) against it. As it fails, I tested with a ldap client to understand things better. Using GQ ldap client, I 'm able to browse my ldap tree successfully and to search some args from the base DN i specified. but when entering the exact uid as a search string iI got no answer whereas searching the cn returns the correct entry (and display its related entry including the uid I can't find ..) Here is the only thing I can trace in logs (syslog) when trying to seach firstname.lastname (= uid)
[Code]....
View 1 Replies
View Related
Aug 8, 2011
Running RHEL 5.4 on a HP server. Ran into a issue today where ldap was working fine then was informed it was failing. During the troubleshooting process, I found out that the ldap service failed to start up. See error below:
/sbin/runuser: /usr/sbin/slaptest: Permission denied
I checked the permissions of the ldap.conf and slapd.conf files and they appeared to be correct. Any ideas why ldap will not start up?
View 1 Replies
View Related
Dec 12, 2010
Using SSH all the time on my home network. I use ssh-keygen and ssh-copy-id to generate and then copy the key file. On one of my computers I've changed the default ssh port and see no way to copy the key without reverting the configuration to port 22 temporarily. This is not a big deal and would probably take less time than it has taken me to type this message.
View 3 Replies
View Related
Nov 19, 2010
I have suse10 64 bit installed. I am setting up a svn server on it. After installation and adding the modules ,while reloading the apache2 it's throwing the error as: HTML Code: httpd2-prefork: Syntax error on line 113 of /etc/apache2/httpd.conf: Syntax error on line 31 of /etc/apache2/sysconfig.d/loadmodule.conf: Cannot load /usr/lib64/apache2/mod_dav_svn.so into server: /usr/lib64/libsvn_subr-1.so.0: undefined symbol: apr_memcache_add_server
View 9 Replies
View Related
Dec 9, 2009
I am getting this error
Starting web server: apache2[Wed Dec 09 15:36:40 2009] [warn] NameVirtualHost XX.XX.XX.XXX:80 has no VirtualHosts(99)Cannot assign requested address: make_sock: could not bind to address 68.178.232.100:80
no listening sockets available, shutting down Unable to open logs failed!
also what is 68.178.232.100
View 1 Replies
View Related
Mar 13, 2010
i have configured ldapserver on rhel4 for creating address book
following are configuration files on ldap server
/etc/openldap/slapd.conf
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
i am able to import this ldif file into database.also when i perform the ldapsearch on this server with command"ldapsearch �x �W �D �cn=manager, dc=example, dc =com� �b �dc=example, dc=com�" i get correct output.
but when i am trying to search from another client machine, i am getting "error ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)"
also when i configured address book on mozilla on server., it is working fine.but not working on another machine.is any configuration is missing on client machine.both ldap server and client are configured on rhel4es without any firewall or selinux.
View 3 Replies
View Related
Jul 2, 2010
I took to yast to install ldap. I creating the CA cert, server key and server cert and specified them during the yast ldap server dialogs.
The firewall is open for ldap.
I also went through yast's ldap client ... though I didn't exactly see to anything (presuably it wrote up a configuration file somewhere).
However when trying use the basic ldap tools, like ldapwhoami. Well it doesn't connect and gives me the above error. Of coure the ldap db is unpopulated as yet, so it probably is not able to say who am at all. But ldapadd doesn't work either.
It seems to point to my SSL usage not being correct .. so I'm trying to double check that now.
View 2 Replies
View Related
Apr 5, 2010
i have successful secure ldap replication but i could not make ldap client to direct its authentication to slave ldap
here is my config file on ldap client (i am not sure if it is the right place though)
ip : 192.168.1.183 is master ldap
ip : 192.168.1.185 is slave ldap
pico /etc/ldap/ldap.conf
#
# LDAP Defaults
code....
View 11 Replies
View Related
May 25, 2011
I am using RackMonkey to map out my lab. Unfortunately, due to RM limitations, every user who accesses the site has write access UNLESS they are logged in as a user named "guest". I currently have Apache allowing only the users (sysadmins) in an LDAP group access to RM, but I would like to allow read-only access for other users as well.I found mod_authn_anon, but I am having trouble combining the two authentication methods. I am using Apache 2.2.18 (compiled myself) on SLES 11.1.
This is the common part:
Code:
AuthType Basic
AuthBasicProvider ldap anon
Order allow,deny
Allow from all
This part by itself works for the LDAP authentication:
Code:
AuthName "System Admins"
AuthLDAPURL "ldaps://example.com/ou=ldap,o=example.com?mail" SSL
Require ldap-group cn=SysAdmins,ou=memberlist,ou=groups,o=example.com
This part works by itself for guest access:
Code:
Anonymous guest
Anonymous_VerifyEmail Off
Anonymous_MustGiveEmail Off
Anonymous_LogEmail on
Require valid-user
But if I have both of the previous blocks enabled at once, then guest access does not work. If I throw in a "Satisfy any", then I am not prompted for a username at all. How can I allow access to this LDAP group and to a user named "guest", but not allow all valid LDAP users to log in?
View 1 Replies
View Related
Nov 28, 2008
I'm checking with a sniffer and there's activity going on between the client and the LDAP server... as a matter of fact, the sniffer shows that the search is producing one ldap item, however, php says it can't contact the ldap server (after it has bound and everything):
The script is working beautifully on another host with debian.
View 7 Replies
View Related
Aug 9, 2010
why i can't login on the ldap-client via ldap, so here is a short description of my machines (i use openvz virtualising)I have on the HN (Debian Lenny) 2 VE's, which are in the same subnet (192.168.1.0/24)The first VE (Hostname: ldap1, IP: 192.168.1.91) is the ldap-server, which is so configured, that i can manage the server via phpldapadmin.The second VE (Hostname: ftp1, IP: 192.168.1.31) is the ldap-client, there should run a sftp-server in the future and the sftp-server(ssh-server) should use ldap-usernames to login. on the ftp1, i get with this command getent passwd the users configured on the ldap-server, but with the command id USERNAME the result is, that the user doesn't exist. (USERNAME is this name, i get returned by getent) and if i try to login via ssh, i get permission denied. and because the machines are openvz-virtual-machines, so i can't login on them like on a normal system, but a su USERNAME doesn't work too, because the user is not known on the system.
my installation:
i don't think, that the ldap-server is the problem, because the phpldapadmin and getent on ftp1 are working perfectly, but if you want, i can post the config here too. the VE ftp1 was configured with the following how-to: [URL] and pam is configured like in the chapter "PAM setup with pam_ldap" on [URL]
View 3 Replies
View Related
Dec 2, 2010
I've setup an Ubuntu 10.10 LDAP Client to authenticate off my LDAP server. I've install the following: sudo apt-get install libpam-ldap libnss-ldap nss-updatedb libnss-db nscd ldap-utils pam_ccreds Here's my /etc/nsswitch.conf: passwd: files ldap [NOTFOUND=return] db group: files ldap [NOTFOUND=return] db
[Code]...
View 9 Replies
View Related
Oct 21, 2010
I have LDAP authentication working via SSSD using authconfig-tui and a few minor modifications to sssd.conf (ie: max_id etc). The problem I am having is it would appear /etc/ldap.conf is being ignored and/or setups that work perfectly on RHEL5, F11 and F12 no longer work on F13. Specifically Im referring to "pam_check_host_attr" and "nss_map_attribute". It refuses to honor either of these options and I can only assume a number of the other options in our ldap.conf. For instance, "nss_map_attribute" is defaulting to the standard "homeDirectory" rather than "homeDirectoryLinux". This is related to a bunch of OSX clients we have and its not optional to use another setup. The host restriction is also a major issue.
Relevant sssd.conf:
[domain/default]
auth_provider = ldap
cache_credentials = True
View 11 Replies
View Related
Jul 13, 2010
can anyone tell me what is the difference between these two files of LDAP client /etc/ldap.conf and /etc/ldap/ldap.conf and for what purposes these two files gives services. Is it necessary to have these two files at a time ?
I use these files to install LDAP client to authenticate with our LDAP server by creating a symbolic link of /etc/ldap.conf to /etc/ldap/ldap.conf.
View 8 Replies
View Related
Nov 19, 2010
I have suse10 64bit and I was setting up SVN server on it. After all required setup while reloading apache2,its giving the error:
Code:
httpd2-prefork: Syntax error on line 113 of /etc/apache2/httpd.conf: Syntax error on line 31 of /etc/apache2/sysconfig.d/loadmodule.conf: Cannot load /usr/lib64/apache2/mod_dav_svn.so into server: /usr/lib64/libsvn_subr-1.so.0: undefined symbol: apr_memcache_add_server
View 6 Replies
View Related
Jan 20, 2010
I have the following message with apache:
Quote:
Forbidden
You don't have permission to access /site/home.html on this server.Apache/2.2.12 (Ubuntu) Server at localhost Port 80
home.html isn't in /var/www but in my /home/myname/site/ How can visualize my site in my local directory?
View 1 Replies
View Related
Jul 8, 2010
I have Ubuntu 10.4. My computer is connected to AT&T U-verse on a 2Wire brand Residential Gateway. The RG has the actual IP address. It's assigned my computer the address 192.168.1.66. I want to run the apache server to share files between my two computers across town. My other one is directly connected to the internet with a DSL modem so it's IP is static and was easy to set up and get going. What I want to know is what do I type to access my apache server on my RG? Galactic newbie here.
View 3 Replies
View Related
Jun 14, 2010
I have recently downloaded and installed apache2 http server from tarball source (i'm running ubuntu but i think its more fun to use tarballs i don't know why but its how i am) anyway i just installed apache2 and when i go into the servers section of webmin and click on apache web server i get this message:
The Apache server executable /usr/local/apache2/conf/ does not exist. If you have Apache installed, adjust the module configuration to use the correct path. and when i go to the configuration menu i don't understand a word of it.
View 9 Replies
View Related
Jan 10, 2010
With hardy, I was able to have multiple SSL sites on the one machine. But I can't seem to get it to work for ubuntu 9.10, I've read that you need to put each SSL site on a different IP. But I was able to do it with hardy without different IP's.
View 4 Replies
View Related
Jan 26, 2010
Is there any way to integrate LDAP with DNS? What I mean is if there is any way to ask an LDAP server with the standard LDAP API and the LDAP server reverts to a DNS server if the requested information is not present in the database.
View 2 Replies
View Related
May 23, 2011
I had a machine that is using ldap, but need to remove it completely.I edited the /etc/nsswitch.conf and removed all references of ldapand renamed /etc/ldap.conf to /etc/ldap.conf.bakI can log in as root, but cannot log in as any user in /etc/passwdIn the /var/log it shows pam_ldap: missing file "/etc/ldap.conf"I am guessing I am missing something else?I never set this machine up for ldap, was here when i got here, so not sure of steps to even put ldap on.
View 2 Replies
View Related
Nov 18, 2010
One of my ubuntu 10.04 boxes starts apache2 server automatically at boot. I know from the output of the command:
Code:
sudo /etc/init.d/apache2 status
I can't remember even setting that up, and I don't think it does so by default, since my other box in fact does not even have apache2 server installed. I can stop the server once I login, but is there a way to stop it from automatically starting the server, or even better, completely uninstall the daemon. I tried
Code:
sudo apt-get remove apache2
but that does not work. I guess the daemon is part of some bigger package.
View 2 Replies
View Related
Jul 20, 2010
I am trying to set up LDAP on 10.04 and cannot figure out what my FQDN is. Where do I find it or how do I configure it?
View 1 Replies
View Related
