Server :: Debian: Custom LDAP Schemas Without Utilizing Slapd.conf?
Mar 1, 2010
Slapd is up and running perfectly well, and I can add and remove entries without a problem. My OS is the Ubuntu based Mint.
So I was hoping for someone to give me a nudge in the right direction for doing this without a slapd.conf file, or directions for how to force slapd to pay attention to a slapd.conf file whose location I specify.
I've tried messing around with /etc/ldap/ldap.conf to no avail, I've tried just putting in a custom slapd.conf file but slapd doesn't pay attention to it.
And to the best of my knowledge I can't find anything written on this specific topic. I can find plenty on slapd.conf's, but that's just taunting me considering I don't even have it on my system.
View 1 Replies
ADVERTISEMENT
Aug 20, 2010
I am setting up LDAP server, i set slapd.conf(dc=proldap,dc=com) and start ldap it is OK but when i check using ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts result is : namingContexts: dc=my-domain,dc=com
it seems that it did not use my slapd.conf so i tried removing my slapd.conf from /etc/openldap and start slapd again and it did start with no errors. and when i do ldapsearch again still uses dc=my-domain,dc=com
I tried searching about this in google and found no answers,
my reference in setting up ldap is the link below. but it seemed that it always uses another configuration not the one i modified
I'm using Fedora12, ldap version 2.4.19. i installed ldap by yum install url
url
View 12 Replies
View Related
Mar 1, 2011
I try to setup OpenLDAP on Debian Squeeze.But it seems the documentation I found is differed than the installation.
Normally I would expect /etc/ldap/slapd.conf as also mentioned at url.However this file does not exists and I got the feeling Debian changes a lot with the default (bit poor if you asked me).Seems they created a LDAP database and put the config in there, correct me if I am wrong?A folder /etc/ldap/slapd.d is created with some config inside. And also a /etc/ldap/ldap.conf does exist.
Is there any documentation on this, and what if I would like to have a flat config in /etc/ldap/slapd.conf?
View 4 Replies
View Related
Feb 20, 2010
If I do something to the effect of this:ldapsearch -b "dc=example,dc=com" -x -z 3000
I'll get this back at the end of the result set:
# search result
search: 2
result: 4 Size limit exceeded
The thing is is that I have way more (thousands) than what's being displayed here. And I've tried to mess around with /etc/ldap.conf, changing the SIZELIMIT directive to something else, 10000, let's say, and restarting the server, but the same goddamn thing happens.
I've been messing around with this for quite some time now, hopefully someone will be able to shed some light on this so that I can learn my way out of this mess that is LDAP. Also in a related matter, I'm running Mint (based off of Ubuntu), and all the documentation that I've seen (probably read a good 100+ pages in a few days now on this) keeps telling me to make changes to my slapd.conf file. What slapd.conf file? It doesn't exist, I can't find it at least. find / -name slapd.conf turns up nothing.
View 10 Replies
View Related
Jul 13, 2010
can anyone tell me what is the difference between these two files of LDAP client /etc/ldap.conf and /etc/ldap/ldap.conf and for what purposes these two files gives services. Is it necessary to have these two files at a time ?
I use these files to install LDAP client to authenticate with our LDAP server by creating a symbolic link of /etc/ldap.conf to /etc/ldap/ldap.conf.
View 8 Replies
View Related
Oct 21, 2010
I have LDAP authentication working via SSSD using authconfig-tui and a few minor modifications to sssd.conf (ie: max_id etc). The problem I am having is it would appear /etc/ldap.conf is being ignored and/or setups that work perfectly on RHEL5, F11 and F12 no longer work on F13. Specifically Im referring to "pam_check_host_attr" and "nss_map_attribute". It refuses to honor either of these options and I can only assume a number of the other options in our ldap.conf. For instance, "nss_map_attribute" is defaulting to the standard "homeDirectory" rather than "homeDirectoryLinux". This is related to a bunch of OSX clients we have and its not optional to use another setup. The host restriction is also a major issue.
Relevant sssd.conf:
[domain/default]
auth_provider = ldap
cache_credentials = True
View 11 Replies
View Related
May 23, 2011
I had a machine that is using ldap, but need to remove it completely.I edited the /etc/nsswitch.conf and removed all references of ldapand renamed /etc/ldap.conf to /etc/ldap.conf.bakI can log in as root, but cannot log in as any user in /etc/passwdIn the /var/log it shows pam_ldap: missing file "/etc/ldap.conf"I am guessing I am missing something else?I never set this machine up for ldap, was here when i got here, so not sure of steps to even put ldap on.
View 2 Replies
View Related
Feb 26, 2010
I want to index my openLDAP database without shutting down or stopping by slapd. Is there a way to do that.
I also have master - slave architecture setuped for the replication.
View 4 Replies
View Related
Sep 28, 2010
Just installed openldap server on a VM CentOS called 'ldapsrv', it works fine, ldapsearch returns all ldap information.
Installed openldap client on another VM CentOS called 'ldapclient1', configured it with most basic configuration, no ssl/tls etc. but ldapsearch returns error:
ldapsrv is pingable:
Some outputs:
PHP Code:
PHP Code:
View 20 Replies
View Related
May 31, 2010
we have a weird problem with our opensuse 11.2 server installation.
We want to set up a LDAP Server using the Yast-LDAP Server configuriation tool.
This indeed already worked weeks ago until....this week.
Maybe some updates??!
I do not know what happend exactly. The server just does not want to start again and throws following error:
Starting ldap-serverstartproc: exit status of parent of /usr/lib/openldap/slapd: 1 failed
This happend after a little check of the configuration, but without a change, with Yast. Google delivered only "reinstall your box"-answers.
So.. i did that. And now the "mystical" part: The SAME ERROR occurs with a fresh vanilla system with a brand new and simple configuration (certificats, database, pw...the first Yast config dialog...). I did not change the way i set it up.
I remember, when i did this the first time with 11.2 on that machine, when no problems occured...everything was running out of the box (except the "use commen server certificate" option...).
View 4 Replies
View Related
May 13, 2011
I'm trying to setup a custom attribute for user accounts, I'm able to make the attribute (foo) and the Object class (foo_class) . But i'm unable to add foo or foo_class to my test users
View 1 Replies
View Related
May 28, 2010
I am unable to find any ldap.conf parameter or pam.d/system-auth setting from where i can restrict the LDAP users having uidNumber less than a particular number, say 500 to login into the system.I am using OpenLDAP server and tried pam_max_uid 500 in ldap.conf but it didn't work.
View 2 Replies
View Related
May 3, 2010
I have just installed the new version 10.04 of xubuntu but I cannot enable xdmcp.
1) the gdm.conf (usualy in /etc/gdm/) is missing (where is now this file?);
2) the custom.conf apparently don't work;
3) the remote tab in login windows are missing
View 9 Replies
View Related
May 6, 2010
I just installed Edubuntu 10.04 and Its crashed on me twice already (by comparison, I lost 8.10 only four or five times during the entire year and a half I was using it). The monitor goes blank, then produces odd color schemes and then loses the signal altogether, eventually rebooting. It seems to be somehow connected to a non-existent /etc/gdm/custom.conf file. Here's the output from syslog:
May 5 21:16:44 rishon kernel: [ 9036.624038] [drm:i915_hangcheck_elapsed] *ERROR* Hangcheck timer elapsed... GPU hung
May 5 21:16:44 rishon kernel: [ 9036.624057] render error detected, EIR: 0x00000000
[Code]....
View 1 Replies
View Related
Mar 13, 2010
i have configured ldapserver on rhel4 for creating address book
following are configuration files on ldap server
/etc/openldap/slapd.conf
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
i am able to import this ldif file into database.also when i perform the ldapsearch on this server with command"ldapsearch �x �W �D �cn=manager, dc=example, dc =com� �b �dc=example, dc=com�" i get correct output.
but when i am trying to search from another client machine, i am getting "error ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)"
also when i configured address book on mozilla on server., it is working fine.but not working on another machine.is any configuration is missing on client machine.both ldap server and client are configured on rhel4es without any firewall or selinux.
View 3 Replies
View Related
Apr 5, 2010
i have successful secure ldap replication but i could not make ldap client to direct its authentication to slave ldap
here is my config file on ldap client (i am not sure if it is the right place though)
ip : 192.168.1.183 is master ldap
ip : 192.168.1.185 is slave ldap
pico /etc/ldap/ldap.conf
#
# LDAP Defaults
code....
View 11 Replies
View Related
May 25, 2011
I am using RackMonkey to map out my lab. Unfortunately, due to RM limitations, every user who accesses the site has write access UNLESS they are logged in as a user named "guest". I currently have Apache allowing only the users (sysadmins) in an LDAP group access to RM, but I would like to allow read-only access for other users as well.I found mod_authn_anon, but I am having trouble combining the two authentication methods. I am using Apache 2.2.18 (compiled myself) on SLES 11.1.
This is the common part:
Code:
AuthType Basic
AuthBasicProvider ldap anon
Order allow,deny
Allow from all
This part by itself works for the LDAP authentication:
Code:
AuthName "System Admins"
AuthLDAPURL "ldaps://example.com/ou=ldap,o=example.com?mail" SSL
Require ldap-group cn=SysAdmins,ou=memberlist,ou=groups,o=example.com
This part works by itself for guest access:
Code:
Anonymous guest
Anonymous_VerifyEmail Off
Anonymous_MustGiveEmail Off
Anonymous_LogEmail on
Require valid-user
But if I have both of the previous blocks enabled at once, then guest access does not work. If I throw in a "Satisfy any", then I am not prompted for a username at all. How can I allow access to this LDAP group and to a user named "guest", but not allow all valid LDAP users to log in?
View 1 Replies
View Related
May 31, 2010
I'm trying to set up a Linux server and I am new to this. I have gone through most of the configuration using SAMBA 3.0 and when I populate the ldap directory all I get this error before the password request:
Then when I perform an ldapsearch to see if the directory is populated I get this message:
I'm positive all my .conf files are done right.
View 3 Replies
View Related
Nov 28, 2008
I'm checking with a sniffer and there's activity going on between the client and the LDAP server... as a matter of fact, the sniffer shows that the search is producing one ldap item, however, php says it can't contact the ldap server (after it has bound and everything):
The script is working beautifully on another host with debian.
View 7 Replies
View Related
Jun 4, 2011
If it is possible, what are parts that should be included in it?
View 1 Replies
View Related
Feb 22, 2010
I want to create custom errordocument file, and in php when every type of error occurs i want to redirect to my custom document instead of system error files.
I am using fedora 6.
I am unable to find httpd.conf file, where it is located.
View 3 Replies
View Related
Oct 20, 2010
I am trying to setup LDAP server on Ubuntu 10.04 and am sticking to the old /etc/ldap/slapd.conf file configuration.
I had to comment ldapi:/// from /etc/default/slapd since it was giving 'Address already in use error'. Also had to juggle with pid directory and file issues
After that I was able to start the slapd daemon (service slapd start) but now I am running into multiple issues:
1. Can't stop the service with service slapd stop
Code:
## Service stop returns 0, maybe because start-stop-daemon is not giving error
#service slapd stop
Stopping OpenLDAP: slapd.
# echo $?
0
Will switching to BDB database resolve this ?Also can't I slapcat at non-root user ??
View 2 Replies
View Related
Aug 9, 2010
why i can't login on the ldap-client via ldap, so here is a short description of my machines (i use openvz virtualising)I have on the HN (Debian Lenny) 2 VE's, which are in the same subnet (192.168.1.0/24)The first VE (Hostname: ldap1, IP: 192.168.1.91) is the ldap-server, which is so configured, that i can manage the server via phpldapadmin.The second VE (Hostname: ftp1, IP: 192.168.1.31) is the ldap-client, there should run a sftp-server in the future and the sftp-server(ssh-server) should use ldap-usernames to login. on the ftp1, i get with this command getent passwd the users configured on the ldap-server, but with the command id USERNAME the result is, that the user doesn't exist. (USERNAME is this name, i get returned by getent) and if i try to login via ssh, i get permission denied. and because the machines are openvz-virtual-machines, so i can't login on them like on a normal system, but a su USERNAME doesn't work too, because the user is not known on the system.
my installation:
i don't think, that the ldap-server is the problem, because the phpldapadmin and getent on ftp1 are working perfectly, but if you want, i can post the config here too. the VE ftp1 was configured with the following how-to: [URL] and pam is configured like in the chapter "PAM setup with pam_ldap" on [URL]
View 3 Replies
View Related
Jun 22, 2010
I want to modify a file like /etc/gdm/custom.conf from the shell or a script.
# GDM configuration storage
[xdmcp]
[debug]
[daemon]
AutomaticLoginEnable=true;
AutomaticLogin=username;
But the idea is that I can add a line to a section and it check if the section is defined, (add the definition if not), the property is defined, let it undefine (erase the line), (and delete the section header if there is no property defined), etc...
I didn't find anything except gconftool-2 but it do not explain how to modify other files. (there is a shema file there).
there isn't a program/script to achieve this, but can easyly be made for every config file, If someone do something like that, with a little database of which markup use each file, it could become really popular.
View 3 Replies
View Related
Mar 27, 2010
Ldap and samba work fine if de ldap server is @localhost.
smbldap-populate however refuses to connect to the ldap server at the address ldaps://ldap.server
ldapsearch -x -H ldaps://ldap.server
I checked ldad.conf and smbldap.conf time and again.
Why oh why?
View 3 Replies
View Related
Jun 5, 2011
In the past I found some great help on this forum, so here goes. Bare with me because it's a long story. I'll try to be as complete as possible. I've installed and configured OpenLdap on a virtual machine with ip 192.168.39.134. I've added 2 users via LAM. In the ou WikiUsers and the domain is wiki.local.
I've then created another host with ip 192.168.39.133 with mediawiki installed on it. Then I added the extension LDAPAuthenthication. In the LdapAuthentication file I added this code (only the last paragraph is mine, I added the others to show it's location in the script):
Quote:
$path = array( $IP, "$IP/includes", "$IP/languages" );
set_include_path( implode( PATH_SEPARATOR, $path ) . PATH_SEPARATOR . get_include_path() );
[code]...
I know I'm close because I can't register any new users or accounts on the mediawiki site. Although I could before I added the LDAP service. This is indeed all just to test and get to know how LDAP works. That's why it's all virtual in VMWare. I did not really configure anything on the LDAP, i just installed it and chose a domain (wiki.local).
View 5 Replies
View Related
Jun 1, 2009
I've been scanning the apache2 docs for the past few days and have not come up with an answer my following issue:
In my httpd.conf file, at the very end, I have the line
Include conf/vhosts/vhost_*.conf
However, when I run apache checkconfig or try to start apache, it gives me the error:
httpd: Syntax error on line 993 of /etc/httpd/conf/httpd.conf: Could not open configuration file /etc/httpd/conf/vhosts/vhost_1.conf: Permission denied
It appears as if the Include line is correct - in terms of it grabbing the first virtual host conf file. However, I'm confused on the permissions. the /etc/httpd folder is owned by root:root, as are the subfolders. As a test, I chown'd the conf/vhost folder combination and all the vhost files to apache:apache to see if that made a difference, and it appeared to make no difference at all. The log files don't contain anything (assumed because apache isn't starting). If I place the contents of the vhosts in a singular vhosts.conf it works - with the permissions set to root:root. I'd like to avoid having to use one vhosts conf for the configuration I'm trying to achieve - as it would make my life a lot easier.
View 3 Replies
View Related
Jul 25, 2010
phpmyadmin files are in usr/share/phpmyadmin but i cant find anything in my apache2.conf or httpd.conf files that point to that directory.How do I find the route taken from the Server root "ServerRoot "/etc/apache2"" to the phpmy admin files.
View 5 Replies
View Related
Feb 19, 2010
Installed Apache2 on a Debian Lenny system. copied my old /var/www/htnl over to the new system.
Now when I open my browser to my PC I get the index.html under /var/www not /var/www/html.
I have this in my httpd.conf:
Code:
From what I have read, the DocumentRoot should have pointed to /var/www/html overriding /var/www?
If I use "10.1.1.13/html" it works the way it should.
View 3 Replies
View Related
Apr 14, 2011
checking what language compliance flags to pass to the C compiler...
checking for pkg-config... /usr/bin/pkg-config
checking pkg-config is at least version 0.16... yes
configure: error: glib-compile-schemas not found. < ---
1. How to determine what package glib-compile-schemas belongs to ?
2. Where to get the package ?
I'm basically trying to install Anjuta 3.0 and getting this error when I run ./configure
View 2 Replies
View Related
