Server :: LDAP User To NIS User Migration
Aug 3, 2010get the steps for LDAP user to NIS user migration?
View 1 Replies
ADVERTISEMENT
Server :: Apache Authentication: Allow LDAP Group OR User Named Guest But Not All LDAP Users?
May 25, 2011I am using RackMonkey to map out my lab. Unfortunately, due to RM limitations, every user who accesses the site has write access UNLESS they are logged in as a user named "guest". I currently have Apache allowing only the users (sysadmins) in an LDAP group access to RM, but I would like to allow read-only access for other users as well.I found mod_authn_anon, but I am having trouble combining the two authentication methods. I am using Apache 2.2.18 (compiled myself) on SLES 11.1.
This is the common part:
Code:
AuthType Basic
AuthBasicProvider ldap anon
Order allow,deny
Allow from all
This part by itself works for the LDAP authentication:
Code:
AuthName "System Admins"
AuthLDAPURL "ldaps://example.com/ou=ldap,o=example.com?mail" SSL
Require ldap-group cn=SysAdmins,ou=memberlist,ou=groups,o=example.com
This part works by itself for guest access:
Code:
Anonymous guest
Anonymous_VerifyEmail Off
Anonymous_MustGiveEmail Off
Anonymous_LogEmail on
Require valid-user
But if I have both of the previous blocks enabled at once, then guest access does not work. If I throw in a "Satisfy any", then I am not prompted for a username at all. How can I allow access to this LDAP group and to a user named "guest", but not allow all valid LDAP users to log in?
Server :: Postfix Mailbox User Migration?
Jan 22, 2010I'm looking into migrating postfix mailboxes and users from an old machine running Fedora5 to a new machine running cenOS. I was wondering, what would be the procedure to migrating over existing postfix mail to the new machine? Is it as simple as copying over /home directories and /etc/passwd etc?
View 5 Replies View RelatedRed Hat :: Add LDAP User In Server?
Mar 2, 2010Is it possible to add LDAP user from client to server, in Linux.
I am using RHEL5.0 LDAP server, also i have 10 clients (RHEL 5.0) machine also. I want to know "Is it possible to add LDAP user from client (export) to server".
Server :: How To Delete User Account From LDAP
Feb 4, 2010I configured LDAP. But added a user mistakenly, how can I delete that user account from LDAP. How to create home directory for LDAP users.......
View 1 Replies View RelatedServer :: Adding New User In LDAP Client
May 2, 2010I am facing problem in adding new users in ldap server and client for a long time. I configure ldap server and client successfully and I can login the client machine by a user. User is created on server during configuring the server but after same time when I create a new user on server and create a home dir for the same user on client machine and assign 700 permission on home dir of same user and copy the /etc/skel/.* /home/user-dir and when run the command "#chown -R user:users /home/user" it shows invalid user error.
View 1 Replies View RelatedServer :: Cron Does LDAP Query For Local User?
May 19, 2010We've got crontabs set up in /etc/cron.d to run various things, and we have them running as a specific local user.
Watching the LDAP logs, I can see the servers in question making requests for that username to the LDAP server every time cron runs, even though that user isn't in LDAP and is only local. nsswitch is configured to do "files ldap" as well.
The constant stream of LDAP queries is killing LDAP and making it impossible to log into our boxes.
why cron is querying LDAP for a local user?
Server :: Getting Error When LDAP User Added Through Webmin
Apr 1, 2010I have installed webmin. I am configuring ldap server using webmin gui. when i try to add user by ldap user and group I get following error. Failed to save user; Failed to add user to ldap database; modification required authentication. I am new in ldap configuration and hope for best reply.
View 1 Replies View RelatedServer :: LDAP - User Has No Rights To Change Password
Aug 12, 2010I have configured Ldap Server in CentOS 5.4 & it's working fine, the problem is when I create a ldapuser from server the user can login in client machine but the user has no rights to change the password. How to rectify this by using commands.
View 2 Replies View RelatedServer :: How To Force User To Login To System Using LDAP
Sep 18, 2010I am new to ldap. I've installed openldap server in a centos but yet to test it. My question is how to force user to login to the system using ldap instead of non-ldap login? For example, I created some users in the ldap server, these users are exist in /etc/passwd, when ssh login to server as user, it normally authenticates through /etc/passwd file without being forced to use ldap.
View 3 Replies View RelatedServer :: Command Line Tool To Add User Records To LDAP?
Jun 11, 2010I'm looking for a script or a tool I can use from the command line, non-interactively, to add users to our LDAP server.
I could write a wrapper for ldapsearch, ldapadd and ldapmodify, or write something from scratch in perl, but I imagine someone has done this already.
Server :: How Do A User Can Change Its LDAP Password On Client Machine
Jun 5, 2009I have configured LDAP Server on RHEL 5.2 successfully and client can login to the server. But I do no how a client can change its LDAP password on his client machine.
View 5 Replies View RelatedCentOS 5 Networking :: LDAP User Can't Login Remotely By SSH On LDAP/Samba PDC?
Sep 8, 2009I installed CentOS 5.2 and then run yum update. I configured this server as LDAP/Samba primary domain controller. LDAP seems to be OK and for testing I am able to create users with:smbldap-tools useradd -am usernameI can ssh into the server as root and also as a Linux user which was locally created in the server. But ssh into the server as LDAP user fails (from a Fedora 11 machine) with "Permission denied, please try again", prompting again for password.Some data:
# rpm -qa | grep ldap
python-ldap-2.2.0-2.1
php-ldap-5.1.6-23.2.el5_3
[code]....
Server :: Configure LDAP Server For User Authentication?
Sep 26, 2010I want to Configure Linux LDAP Server for user authentication when my users want to connect to the internet.Also i don't want the user to get the home directory on server. i configured ldap server and ldap client without PAM & SASL.and now with perl i can search in ldap for my client's username & password in ldap.
View 1 Replies View RelatedServer :: Ldap Password Sync With Samba And Unix User Account?
Apr 21, 2010I setup openldap and samba on 9.10. The ubuntu desktop client gets authenticated successfully with the server.
But when I do a passwd on the client, only the ldap passwd is getting changed but not in the samba and the unix user account.
My smb.conf
Code:
passdb backend = ldapsam:ldap://192.168.3.100
ldap suffix = dc=example,dc=local
ldap user suffix = ou=People
ldap group suffix = ou=Groups
[Code]....
Ubuntu :: Configuring 9.10 As Client To Use Samba/LDAP Server For User Authentication?
Jan 18, 2010how to make a new Ubuntu 9.10 box use our LDAP/Samba server for user authentication. Our Red Hat and Windows machines all use it just fine. I've been trying to use the auth-client-config and libnss-ldap packages for this purpose, but I must be missing something. I'm pretty green with LDAP, so this is my first time diving in... Is there a good How-To or step-by-step read on this? All of my searches lead me to setting up Ubuntu as the server, and that isn't what I want. I've also tried the steps listed in [URL] for the LDAP Authentication section.
View 1 Replies View RelatedUbuntu Installation :: Cannot ID LDAP User On LDAP Client
Dec 2, 2010I've setup an Ubuntu 10.10 LDAP Client to authenticate off my LDAP server. I've install the following: sudo apt-get install libpam-ldap libnss-ldap nss-updatedb libnss-db nscd ldap-utils pam_ccreds Here's my /etc/nsswitch.conf: passwd: files ldap [NOTFOUND=return] db group: files ldap [NOTFOUND=return] db
[Code]...
General :: Make User In Remote LDAP Server To Be Used To Authenticate Local System?
May 13, 2010How can I make the user in remote LDAP server to be used to authenticate Local Linux server ?
View 5 Replies View RelatedSoftware :: Import Windows Users / Passwords Into Openldap Server - Ldap Migrate Migration?
Nov 18, 2009I am looking for ideas for getting windows users into an ldap server. I am currently running a Linux server for my department and need to create an LDAP server which mirrors the username/password information for all of us as they are stored in the windows server here. I have the openldap server up and running on Ubuntu 8.04 and it works great; I now need to find some way to import user info into this from windows. I've seen discussions of using ldifde.exe to export the AD users into an ldif file. Is this the simplest way to go about it?
Our Linux server is currently providing us with much needed services using apache, and apache is authenticating using LDAP to our windows server (Using our windows username / password is required functionality). This windows server has some problem which causes it to delay for inordinate amounts of time between authentication requests and responses. The situation is such that this problem will not be addressed by IT staff. However, I have control over the Linux server so I am looking to just mirror the windows server on an LDAP server of my own. I could get away with updating the passwords in the Linux server.
Networking :: When Called From Cgi Script/apache User: "ldap_bind: Can't Contact LDAP Server (-1)"
Apr 28, 2010Here are the specs of my machine: Linux matrix 2.6.18-92.el5 #1 SMP Tue Apr 29 13:16:12 EDT 2008 i686 i686 i386 GNU/Linux Red Hat Enterprise Linux Server release 5.2 (Tikanga)
When I run an ldapsearch in root, it works fine. tcpdump filtered by dest IP shows packets captured.
When I run an ldapsearch in a perl script as root, it works fine. tcpdump filtered by dest IP shows packets captured.
However, when I run it via a perl script in my cgi-bin directory it fails. tcpdump shows no packets captured. When I added a "2>&1" to my ldap search in my cgi script, I got "ldap_bind: Can't contact LDAP server (-1)".
I ran a "whoami" in my cgi script and it showed up as apache.
Another twist to all this is that I ran the same test on my slackware box, and everything works (esp the cgi script). Here's what the specs are on that machine:
Linux slackvm 2.6.29.6-smp #2 SMP Mon Aug 17 00:52:54 CDT 2009 i686 Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz GenuineIntel GNU/Linux
I checked the permissions on the ldapsearch file and directory, and they're the same (755).
Could there be something blocking the apache user on my Red Hat box from sending packets out?
Server :: Add Existing Unix User To Existing LDAP?
Jun 23, 2010I have an existing unix user that some how didnt make it into the copy over to our LDAP server. How do I add an existing unix user to an existing LDAP directory? Will ldapadd work? I was under the impression ldapadd required an ldif file to work properly.
View 7 Replies View RelatedServer :: Make A Normal User Execute Commands Of The Super User's?
Jul 3, 2010I have a question that i want to make a normal user to execute the commands which the root user is able to execute, say if i have a user named siru and when i logged in using siru i cannot run commands like tracert,nmap@loccalhost and all but i can run when i have logged into root account so my question is how to make siru to run the command tracert,nmap@localhost.I have even edited the .bash_profile of siru's home directory from
# .bash_profile
# Get the aliases and functions
if [ -f ~/.bashrc ]; then
[code]...
Server :: Rsync Using Www As User Gives Ssh Error - User Www Not Allowed Because Account Locked
Feb 11, 2011Apache is run as www as is all the files/folders. People are uploading via FTP, scp, so the problem is if I chmod so everyone can read, then rsync as a user it works until new files are added which then my ; if rsync fails with a permission denied. Now I can add a chmod in the script so everyone can read, but since www can already read, I figured I would just change my script to use www. I added the ssh key to his authorized_keys file, but when I try to just ssh in I see this in the secure file;
server sshd[29539]: User www not allowed because account is locked
sshd[29539]: Failed none for invalid user www from ip port 54983 ssh2
Now I read a few places already saying I need to add a password to the account, etc. but before I jump and try all I read, 1st major one, will this now break apache? Will this affect any startup things, etc. and .... will that unlock that user for ssh in or is there another preferred method?
Server :: PRNG Not Seeded - Works With 1 User But Not A /chroot User
Jun 28, 2010I installed SSH-keygen dependancies for a /chroot user.
I can now execute ssh-keygen from the /chroot user BUT I receive a message PRNG is not seeded.
When I do it from any of the users that are not /chroot users, it works fine.
Software :: Protecting A Multi-user Server - Per-user Limits
Feb 8, 2010I'm looking for a way to limit:
-memory usage (mb/user)
-cpu usage
-processes (amount and no same process multiply)
-connections (amount of connections (to specific host))
-bandwidth (kbps/user and even owerall for regular users)
-disk usage
-available commands
For every other users than me/root.
OpenSUSE Network :: Add User From LDAP?
Jan 1, 2011how to add user to my opensuse 11.3 box from a ldap server ? I used useradd but can't log in with the ldap credentials .
View 1 Replies View RelatedOpenSUSE :: Create An User With Yast Using Ldap?
Mar 28, 2011If I create a user with Yast using ldap than at some later point delete that users ( also using Yast ) I cannot recreate a user of the same name until I have rebooted the machine, which seems a bit excessive ! Closing and reopening Yast doesn't work, it still thinks the users exists. Even though it doesn't appear in the Yast and if you look in the ldap browser it is gone. Is there something else that need restarting ( other than the whole box )
View 1 Replies View RelatedGeneral :: Login As User Into LDAP Client?
Jan 26, 2010I have 389-DS ( Fedora DS) setup on CentOS 5.3 and working fine. I configured LDAP Client and want to login as user created under fedora DS Client. From Client Machine, I can easily see:
Code:
[root@fedoraDS-Client ~]# id ajrain
uid=569(ajrain) gid=569 groups=569 context=root:
system_r:unconfined_t:SystemLow-SystemHigh
This is User from LDAP Server (fedora DS Server) which is showing in Client Machine. So It means its retreiving value from Server. Correct? Now When I am trying to login , it says "Server unexpectedly closed network Connection". When I supplied user password:
Code:
login as: ajrain
ajrain@fedoraDS-Client's password:
The File /var/log/secure says:
Code:
Jan 27 02:39:27 localhost sshd[3996]: pam_unix(sshd:auth):
authentication failure; logname= uid=0 euid=0
tty=ssh ruser= rhost=10.210.53.104 user=ajrain
Jan 27 02:39:27 localhost sshd[3996]: Failed password for ajrain from 10.210.53.
104 port 1241 ssh2
Jan 27 02:39:27 localhost sshd[3997]: fatal: Access denied for user ajrain by PAM account configuration
CentOS 5 :: Ldap For Simple User Authentication?
Jun 22, 2010I have a centos 5 system with openldap configured. I need openldap for simple user authentication. ie.. to be able to use it for authenticating it from remote applications and systems like mail clients...etc.
I was able to succefully install and configure openldap and ran a slaptest to verify the slapd.conf file for errors and found none. so now all i want to do is to add username and passwords to the ldap database.
iam just not sure what all objectClasses i need to use for Attributes uid and userPassword and what exactly should be the ldif file syntax for the above entries. I tried various sources but i do either get errors while adding or after adding do get errors trying to access it.
above all, iam able to access the ldap server from my phpldapadmin only as a anonymous user and not as a root user that i added as a first entry.
Fedora Security :: Change Password Ldap User?
Apr 13, 2011I have a problem with my fedora workstation.I am trying to change my ldap user password through passwd command.When I first create the user on ldap server, I use md5 and create the user password.This is the entry:
Code:
dn: uid=boo,ou=People,dc=linux,dc=gettolandia,dc=org
uid: boo
[code]....