Server :: LDAP / Message Do Not Enable Referrals Until After A Working Directory?
May 9, 2011
My slapd.conf file
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
# Allow LDAPv2 client connections. This is NOT the default.
allow bind_v2
# Do not enable referrals until AFTER you have a working directory
code....
View 19 Replies
ADVERTISEMENT
Aug 17, 2010
Currently I have successfully setup a server as remote freenx-server terminal and I may login to this system using local users.
As I want a central ldap based user management, I have setup a working ldaps configuration. I am able to login as a ldap user via ssh.
Now the strange issue I am facing is that the freenx-server won't let me login to my server anymore when I enable the following setting in /etc/ssh/sshd_config:
Code:
UsePAM yes
Naturally if I disable UsePAM, ldap based logins will fail because they are passed through PAM.
uname -a:
Code:
Linux srv01 2.6.26-2-openvz-amd64 #1 SMP Thu Feb 11 01:40:09 UTC 2010 i686 i686 i386 GNU/Linux
my sshd_config:
[Code].....
View 1 Replies
View Related
Nov 7, 2010
So, I have mail server ( posfix ) and ldap server, they works fine. I can add/delete users from posfix, and they can send / receive mails to/from any address. At same time my ldap server works fine, I have also users in it, my "simple" question would be...if I have user "test1" in ldap, what I have to do to connect--enable that user to send mails ?
View 1 Replies
View Related
Nov 12, 2010
I have Centos ( and Postfix+ldap+dovecot ) TLS works with Postfix and LDAP. When I open evolution mail client I can browse ldap tree and search for users, send-receive mails ...all fine
View 3 Replies
View Related
Mar 16, 2009
I did useradd -g users ldaptest and tried logging in remotely but the client always says no such user. what do I have to do to update the users that LDAP sees?
View 2 Replies
View Related
Mar 24, 2010
I've installed Directory Server (LDAP). The setup has been done according to the tutorials online. Able to access the interface as well. So far so good. The issue I have is with permissions. I can assign file permissions to a user created in the Directory Server ( user not created on the local server). But the same can't be done for a group - alteast the way I currently see it. How could i assign file system rights to a group created in the directory server.
View 5 Replies
View Related
Feb 5, 2010
I've been busy with configuring Samba with the 389-Directory Server (former Fedora Directory Server) for the past weeks and I almost have everything working. The last thing (I hope) that I haven working are the smbldap-tools which I'd like to use for adding computers and users to the domain. The part where I'm stuck is with the security certificates. I don know how to get the client certificates out of my installation.
My smbldap.conf file contains this:
Code:
# $Source: $
# $Id: smbldap.conf,v 1.18 2005/05/27 14:28:47 jtournier Exp $
#
# smbldap-tools.conf : Q & D configuration file for smbldap-tools
# Purpose :
# . be the configuration file for all smbldap-tools scripts .....
I used the setupssl2.sh script to setup ssl for my 389-ds, which seemed to have worked fine. I however simply have no clou how to get client certificates out of this.
View 1 Replies
View Related
Nov 19, 2010
(This was posted at the end of another thread, where it probably didn't belong, so reposting here)I have Active Directory set up on one machine (and I can't really adjust the settings very much) and Ubuntu Server 10.04, which I would like to use as a client.I followed the directions at https://help.ubuntu.com/community/LD...Authentication, but when I get to
Code:
getent passwd
I don't see anything from the LDAP, and ssh'ing into the box from an LDAP/AD username certainly doesn't work.
In addition, I've attempted to use Webmin's LDAP Configuration module to configure it. I can connect to the server and can browse it with the LDAP browser with my settings, but the Webmin package doesn't recognize the users (which are organized in one of four Organizational Units (OUs) within the OU that I have as my Search Base) as users,
View 1 Replies
View Related
Sep 28, 2010
Just installed openldap server on a VM CentOS called 'ldapsrv', it works fine, ldapsearch returns all ldap information.
Installed openldap client on another VM CentOS called 'ldapclient1', configured it with most basic configuration, no ssl/tls etc. but ldapsearch returns error:
ldapsrv is pingable:
Some outputs:
PHP Code:
PHP Code:
View 20 Replies
View Related
Jan 14, 2010
LDAP is endlessly not working, due to difficulties to simply configure it. I even cannot make the first steps of the installations ... It seems so difficult ... After many howto, wiki, reading, re-reading the errors are still there, always different, and not working.Is there an admin, coming from hell, that made running a LDAP server for sharing the basic configuratin files /var.. /etc... of a working LDAP Server in a tar.gz?
View 18 Replies
View Related
May 31, 2010
we have a weird problem with our opensuse 11.2 server installation.
We want to set up a LDAP Server using the Yast-LDAP Server configuriation tool.
This indeed already worked weeks ago until....this week.
Maybe some updates??!
I do not know what happend exactly. The server just does not want to start again and throws following error:
Starting ldap-serverstartproc: exit status of parent of /usr/lib/openldap/slapd: 1 failed
This happend after a little check of the configuration, but without a change, with Yast. Google delivered only "reinstall your box"-answers.
So.. i did that. And now the "mystical" part: The SAME ERROR occurs with a fresh vanilla system with a brand new and simple configuration (certificats, database, pw...the first Yast config dialog...). I did not change the way i set it up.
I remember, when i did this the first time with 11.2 on that machine, when no problems occured...everything was running out of the box (except the "use commen server certificate" option...).
View 4 Replies
View Related
May 23, 2011
I have been stuck with this for quite some time now. I have installed ldap and configured it as per instructions fromI am able to query the ldap server without forcing the TLS operation to be successful.But with ldapsearch -d -1 -x -h servername -ZZ -b dc=example,dc=eduI get the error
TLS: peer cert untrusted or revoked (0x42)
TLS: can't connect: (unknown error code).
ldap_err2string
[code]....
View 1 Replies
View Related
Jun 11, 2011
I configured openLdap in RHEL5 on virtual achines,everything is working fine, I created a user called ldapuser,in LDAP server and i created a home directory for ldapuser in my LDAP client, now i can able to login to the both Server and client with ldapuser account....
Now here what am expecting is i want to export my server's home directory to the client, i dont want to create home directories manually in the client machine, i googled about that, and it can be done through autofs.....
what need to be done on the client and server side.
View 6 Replies
View Related
Mar 13, 2010
i have configured ldapserver on rhel4 for creating address book
following are configuration files on ldap server
/etc/openldap/slapd.conf
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
i am able to import this ldif file into database.also when i perform the ldapsearch on this server with command"ldapsearch �x �W �D �cn=manager, dc=example, dc =com� �b �dc=example, dc=com�" i get correct output.
but when i am trying to search from another client machine, i am getting "error ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)"
also when i configured address book on mozilla on server., it is working fine.but not working on another machine.is any configuration is missing on client machine.both ldap server and client are configured on rhel4es without any firewall or selinux.
View 3 Replies
View Related
Apr 5, 2010
i have successful secure ldap replication but i could not make ldap client to direct its authentication to slave ldap
here is my config file on ldap client (i am not sure if it is the right place though)
ip : 192.168.1.183 is master ldap
ip : 192.168.1.185 is slave ldap
pico /etc/ldap/ldap.conf
#
# LDAP Defaults
code....
View 11 Replies
View Related
May 25, 2011
I am using RackMonkey to map out my lab. Unfortunately, due to RM limitations, every user who accesses the site has write access UNLESS they are logged in as a user named "guest". I currently have Apache allowing only the users (sysadmins) in an LDAP group access to RM, but I would like to allow read-only access for other users as well.I found mod_authn_anon, but I am having trouble combining the two authentication methods. I am using Apache 2.2.18 (compiled myself) on SLES 11.1.
This is the common part:
Code:
AuthType Basic
AuthBasicProvider ldap anon
Order allow,deny
Allow from all
This part by itself works for the LDAP authentication:
Code:
AuthName "System Admins"
AuthLDAPURL "ldaps://example.com/ou=ldap,o=example.com?mail" SSL
Require ldap-group cn=SysAdmins,ou=memberlist,ou=groups,o=example.com
This part works by itself for guest access:
Code:
Anonymous guest
Anonymous_VerifyEmail Off
Anonymous_MustGiveEmail Off
Anonymous_LogEmail on
Require valid-user
But if I have both of the previous blocks enabled at once, then guest access does not work. If I throw in a "Satisfy any", then I am not prompted for a username at all. How can I allow access to this LDAP group and to a user named "guest", but not allow all valid LDAP users to log in?
View 1 Replies
View Related
May 31, 2010
I'm trying to set up a Linux server and I am new to this. I have gone through most of the configuration using SAMBA 3.0 and when I populate the ldap directory all I get this error before the password request:
Then when I perform an ldapsearch to see if the directory is populated I get this message:
I'm positive all my .conf files are done right.
View 3 Replies
View Related
Nov 28, 2008
I'm checking with a sniffer and there's activity going on between the client and the LDAP server... as a matter of fact, the sniffer shows that the search is producing one ldap item, however, php says it can't contact the ldap server (after it has bound and everything):
The script is working beautifully on another host with debian.
View 7 Replies
View Related
Jan 5, 2011
I transfer my dedicated to another i put same version on it php 5.2.9 and ldap module installed but couldnt activate it on new server is there something i missing ?
View 11 Replies
View Related
Jun 25, 2009
We use Centos 5.3 which we deploy to dozens of boxes in different buildings throughout our shop. I set up KDE to be the default windows manager for these boxes, although the individual users can choose for themselves. We use LDAP authentication, and typically logging in through the LDAP into KDE goes without a hitch. However, a couple users are having problems logging in to their accounts through KDE, my boss and my boss's boss to be specific. We have NFS shares which serve up each users home directory regardless of where they connect in our system. When my boss, or his boss, try to log in, they put in their credentials, and LDAP accepts them, but KDE never starts. The splash screen which displays that it's "initializing system services" or "loading desktop" doesn't even come up, it just has a picture of the desktop with a cursor, and hangs there. I've tried deleting the .kde directories in their home folders, but that doesn't work. Those two are the only accounts out of our entire system that have problems logging in to KDE, and I have no idea why!
I've looked in the .xsession-errors file, here's a copy code...
I know it isn't the xset or "no profile" errors because all the users I've checked get those too, but they can log in just fine. Both xsession files on both users are almost identical to this one, it just seems that KDE will never start.
View 1 Replies
View Related
Jun 5, 2011
In the past I found some great help on this forum, so here goes. Bare with me because it's a long story. I'll try to be as complete as possible. I've installed and configured OpenLdap on a virtual machine with ip 192.168.39.134. I've added 2 users via LAM. In the ou WikiUsers and the domain is wiki.local.
I've then created another host with ip 192.168.39.133 with mediawiki installed on it. Then I added the extension LDAPAuthenthication. In the LdapAuthentication file I added this code (only the last paragraph is mine, I added the others to show it's location in the script):
Quote:
$path = array( $IP, "$IP/includes", "$IP/languages" );
set_include_path( implode( PATH_SEPARATOR, $path ) . PATH_SEPARATOR . get_include_path() );
[code]...
I know I'm close because I can't register any new users or accounts on the mediawiki site. Although I could before I added the LDAP service. This is indeed all just to test and get to know how LDAP works. That's why it's all virtual in VMWare. I did not really configure anything on the LDAP, i just installed it and chose a domain (wiki.local).
View 5 Replies
View Related
Aug 8, 2011
Running RHEL 5.4 on a HP server. Ran into a issue today where ldap was working fine then was informed it was failing. During the troubleshooting process, I found out that the ldap service failed to start up. See error below:
/sbin/runuser: /usr/sbin/slaptest: Permission denied
I checked the permissions of the ldap.conf and slapd.conf files and they appeared to be correct. Any ideas why ldap will not start up?
View 1 Replies
View Related
Aug 31, 2009
OS: CentOS 5.3
vsftpd ver: vsftpd-2.0.5-12.el5_3.1
I installed vsftpd server in one of my servers using "yum install vsftpd" command. NFS server is running in the other server and mounted as "/data" in this FTP server. root in FTP server has also root authority in NFS server. All the files and sub-folders under "/data" in FTP server have 755 or 766 mode. Even I modified vsftpd setting to allow root login.
When I login as root to FTP server with FileZilla client, I can see all the file list in root home directory and move to /data directory. I can download any file in a local HDD but I can not download any file in /data directory.
View 1 Replies
View Related
Jul 13, 2010
can anyone tell me what is the difference between these two files of LDAP client /etc/ldap.conf and /etc/ldap/ldap.conf and for what purposes these two files gives services. Is it necessary to have these two files at a time ?
I use these files to install LDAP client to authenticate with our LDAP server by creating a symbolic link of /etc/ldap.conf to /etc/ldap/ldap.conf.
View 8 Replies
View Related
May 23, 2011
I had a machine that is using ldap, but need to remove it completely.I edited the /etc/nsswitch.conf and removed all references of ldapand renamed /etc/ldap.conf to /etc/ldap.conf.bakI can log in as root, but cannot log in as any user in /etc/passwdIn the /var/log it shows pam_ldap: missing file "/etc/ldap.conf"I am guessing I am missing something else?I never set this machine up for ldap, was here when i got here, so not sure of steps to even put ldap on.
View 2 Replies
View Related
Oct 12, 2010
How would the command for recursive search in LDAP look like when I'm searching for "cn" or "ou"?
View 3 Replies
View Related
Mar 4, 2010
I have installed openldap version 2.4.21 and configured with the help of the site [URL] and the LDAP address book is working fine. But I need to create an LDAP directory such that it will contain the user name and passwords for the users and when user is logging to any application he is authenticated from LDAP directory
e.g Users who need to browse the internet need to authenticate with username and password for access from the firewall (Juniper Netscreen) and similarly other applications like oracle ERP such that they will have only 1 username and password stored in LDAP directory and all other applications will search for the user name and password for authentication.
View 5 Replies
View Related
Apr 29, 2011
I manage to get RHEL Authenticate to Active Directory using LDAP and Kerberos. When a user authenticate to the Unix, the Unix system will check (using Kerberos) to the AD. However I just found out that when the RHEL (LDAP) did the authentication to the AD (to ensure that the RHEL has the right permission to query the LDAP database), it uses simple bind which send the username/password unencrypted over the network.
1) Can We use Kerberos as well? for the initial authentication described above?
2) If Not possible, is there a way to encrypt the username/password in the storage (ldap.conf -because it's world readble)? I know that for tranmission I can use SSL.
View 5 Replies
View Related
Dec 29, 2009
I am compiling gstreamer for my ARM board. When i compile that i am not getting "debug" messages. so i want "debug messages" while make my gstreamer. i added "./configure --enable-debug" but still i not getting debug message while i "make".
View 1 Replies
View Related
Jun 19, 2009
I just configured my first Directory Server. I was looking to use PHPLDAPADMIN to start administrating it. Any good how to's or Tut's?
View 4 Replies
View Related
