I've configured OPENLDAP server on the CentOs 5.3. Well everything is working fine .All the uses have been added to the database.database is bdb in ldap configuration.Now client machine is on windows xp. how to integrate Windows Xp with the LDAP server for authentication.
View 5 RepliesJust installed openldap server on a VM CentOS called 'ldapsrv', it works fine, ldapsearch returns all ldap information.
Installed openldap client on another VM CentOS called 'ldapclient1', configured it with most basic configuration, no ssl/tls etc. but ldapsearch returns error:
ldapsrv is pingable:
Some outputs:
PHP Code:
PHP Code:
I can't get the client server to authenticate to the openldap server. I can authenticate on the server itself though. I can su to, login and shh into the openldap server and become a ldap user. I just can't become an ldap user on the client.I didn't setup TLS/SSL. I can do that after I have it working. I'm using hashed passwords though. I don't have replication setup. I'm am tying to setup the most basic openldap environment then build from there. I have read the openldap section in the admin guide.
My setup at home.
Openldap server � light.deathnote.net -- 10.0.1.21
client server � vm-centos01.deathnote.net � 10.0.1.7 -- VM on virtualbox
Virtualbox host � L (OS MAC) � 10.0.1.2
router (apple airport extreme) / default gatway � 10.0.1.1
All computer can reach the internet and ping each other. When I installed centos I disabled SELinux.I used these guids to setup my openldap.
[URL]
Below I have included some output from the files I'm using with openldap.
[root@vm-centos01 ~]# tail /var/log/messages
Jul 2 09:25:33 vm-centos01 xfs: nss_ldap: reconnecting to LDAP server (sleeping 16 seconds)...
Jul 2 09:25:49 vm-centos01 xfs: nss_ldap: failed to bind to LDAP server ldap://light.deathnote.net: Can't contact LDAP server
Jul 2 09:25:49 vm-centos01 xfs: nss_ldap: failed to bind to LDAP server ldap://10.0.1.21/: Can't contact LDAP server
[code]....
I finished setup Samba PDC with Openldap backend. I can joint Winxp client to domain but can not change pass by press Ctrl + Alt + Delete and choose Change password button
This is my conf.
I used
samba3x-3.3.8
openldap 2.3.43
slapd.access.conf
Code:
access to attrs=userPassword,shadowLastChange,sambaNTPassword,sambaLMPassword
by dn="cn=Manager,dc=microhdesk,dc=net" write
by anonymous auth
by self write
by * none
[Code]....
I am trying to integrate Openldap with Tivoli Identity Manager. I am using the LDAP adaptor for that. I have imported LdapProfile.jar file in Tivoli Identity Manager.When I try to create a Ldap service on Tivoli Identity Manager console I get the errors attached.
Credentials of OpenLDAP:
rootdn= cn=root,o=ibm,dc=com
password= secret
I configured openLdap in RHEL5 on virtual achines,everything is working fine, I created a user called ldapuser,in LDAP server and i created a home directory for ldapuser in my LDAP client, now i can able to login to the both Server and client with ldapuser account....
Now here what am expecting is i want to export my server's home directory to the client, i dont want to create home directories manually in the client machine, i googled about that, and it can be done through autofs.....
what need to be done on the client and server side.
i have sendmail & NIS working properly but i donot have centeralized authentication i.e. server user is not able to login from client Desktop and i donot get Global address book of users in mail client when accessing mail.
View 2 Replies View Relatedpresent we have a folder shared between branches (Approx 10G of data) and we're using Windows 2003 with DFS but this has had a number of issues and thus is scheduled to be replaced with a Linux solution for various reasons.I would need a scalable system that will allow me to start off with 5 servers each having a samba?hare to Windows pc's. The 5 servers though must replicate any changes made to the folder. So if server 1 received a new file, it should replicate the change to servers 2-5 etc... Ideally I would also like the shares to allow for AD based permissions.Can anyone recommend a way forward with this? I am currently looking into GlusterFS and lsyncd as two options for the replication
View 1 Replies View RelatedI Installed Bugzilla 3.2 on Centos 5.3.I have other window 2003 server (Domain Controller).But it is Windows Small Business Server 2003.i have many OU on that.I want to integrate Bugzilla 3.2 with LDAP.
View 2 Replies View RelatedI want to know if I can you communigate Pro with procmail integration?
I have read and seen that, CommuniGate Pro has some nice features so I want to use it.
Or is there a way I can do email filtering in CommuniGate with out procmail?
I have read a lot of threads about this topic and tried everything as best of my knowledge but I still can not make it to work.Need specific directions on whats wrong, missing or how to debug the problem.Here is the DHCP error:
14:49:05 Unable to add forward map from service2.example.com. to 192.168.1.150: timed out
14:49:05 DHCPREQUEST for 192.168.1.150 from 00:04:75:d3:9f:27 (service2) via ETH02
14:49:05 DHCPACK on 192.168.1.150 to 00:04:75:d3:9f:27 (service2) via ETH02
[code]....
I am trying out few stuff with Linux and Windows. I have a 'Postfix' mail server on CentOS 5.5 with 'dovecot' and 'squirrel' (webmail) working fine. I am just wondering, how can I create bulk mailboxes on CentOS 5.5 (for postscript) so that the the users can access their mail from the browser (squirrel mail)?
How can I integrate with Active Directory? I am also looking for techniques to automatically create bulk users (for example 100 users) on Active Directory with a default passwords (or random passwords if possible) that integrate with Postfix.
I was working to integrate Centos 5 and AD 2003 R2, this is my set up Windows side:
1. Install Identity Management for Unix, (Windows R2 already includes the Unix attribute not entirely necessary to install IMU, but it makes easier to configure the attributes from ADUC, when IMU is installed the Unix attributes TAB is shown in the user properties)
2. Configure the Unix attributes for every user account that will be authenticating from centos.
3. Create an user account to be used as a proxy for ldap, a regular user would be enough. Password never expires.
4. Create a computer account for every centos host; assign this computer account as pre-windows 2000 account.
5. Assign a value of 4128 to the user account control property for the computer account.
[Code]...
I've installed CentOS 5.x (64 bit) on a Hyper-V Server R2. When I trying to install integration serices I get an error:
[root@localhost ~]# cd /opt/linux_ic_v21_rtm/
[root@localhost linux_ic_v21_rtm]# make
Building all modules...
make -C /lib/modules/2.6.18-164.el5/build SUBDIRS=/opt/linux_ic_v21_rtm/src modules
make: *** /lib/modules/2.6.18-164.el5/build: No such file or directory. Stop.
make: *** [all] Error 2
I am using:
Linux localhost.localdomain 2.6.18-164.el5 #1 SMP Thu Sep 3 03:28:30 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
I did everything as it shows on [URL].
I configured my openldap but now I want to implement SSL-TLS
This is my basic slapd.conf configuration
Code:
And I created this script (simple I know) to create this TLS/SSL Config but it won't work users cannot login
path when I am moving certs /etc/openldap/cacerts
Code:
As you see I create the key and certificate, assign permissions, add stuff to slapd.conf and finally copy thecer to a client PC
On client side I use authconfig-tui
My enviroment is Centos 5.5
what is wrong on my config?
Openldap 2.4.11 uses cn=config as the main configuration instead of slapd.conf .
How to add a new schema to openldap 2.4.11 that uses cn=config.
I was thinking of merging my openldap and samba bdc servers. Is it ok for a server to authenticate against itself? (ie ldap.conf points to localhost)
View 1 Replies View RelatedI have a RHEL 5.4 server installed in a server farm. The server is administered under a central AD, which means that administrators are registered in the AD.
However, I have to deploy an application on the linux server, that will use it's own OpenLDAP server. This means that this application will be the client to the LDAP server installed on the same RHEL server.
I tried installing OpenLDAP using yum and it resulted in a very fatal issue. Somehow the configuration files used for finding the Linux server from the AD was overwritten and the Linux server was not reachable anymore.
After some investigations, and possibly, rebuild, the server has been handed over to me.
The problem is how should I install OpenLDAP so that the existing connection to AD is not lost.
On the Linux server I see a /etc/openldap directory but only contains ldap.conf and cacerts directory.
I am having some trouble with Cyrus SASL and OpenLDAP. I tried to configure OpenLDAP using SASL for all conection but I cannot map the SASL-DN to OpenLDAP's DN. Below is my configuration file, slapd.conf
[code]...
After I finished the configuration, I try to use ldapsearch tool to verify, but I cannot:
[code]...
I have a Nis server on Suse 11 which is configured using Yast and nis clients on Suse and CentOs .All clients which is on the Suse Os is working fine. But on CentOs , users couldn't login using nis username.I have mounted home directory using nfs in fstab . I can switch to nis users homedirectory only when i am root. But nis users could'nt login on reboot.' ypcat passwd username ' is showing the output . No selinux is enabled in the client .Is there is any problem with Suse server to Centos Client in nis ??
View 2 Replies View RelatedMy all production PC r running under ADC windows2008 server. Recently I implement a file server in CentOS 5. Now I want to integrate Samba (File sharing) using Active Directory so that all access permission to file server comes from AD's permission.
View 2 Replies View RelatedI have inherited ownership of a Debian server process that logs its error message to stdout/stderr. Currently its initscript has lines like:
start-stop-daemon [options] --exec $DAEMON -- $DAEMON_ARGS < /dev/null 2>&1 | logger $LOG_OPTIONS 2> /dev/null &
I have tried to abstract as much of that away as possible. The options specify a pid file, to make a pid file. A subsequent line tries to establish whether the process is up, though I think several conditions are not checked for. This script seems pretty ropey to me. I am trying to start again with the lsb-base one in /etc/init.d/skeleton though that is going to require a lot of modification. get the code change to use the syslog API however that is out of the question at least for now.
1.) Create a named pipe
2.) Start up a logger daemon that reads from the named pipe
3.) start up the server process that writes to the named pipe
It would be ideal for this if start-stop-daemon offered options to specify where the IO of the daemon process should be redirected to. However I am not about to offer to adopt that package (with ~400 bugs) so I doubt that will happen. Trying to specify the redirection on the command line does not work. In the case of the logger daemon start-stop-daemon seems to hang on the system call. In the case of the server process the pipe gets closed when start-stop-daemon exits, so the logger daemon exits. None of that seems surprising.So what I am doing now is to write simple wrapper scripts for the server and logger processes. Both wrapper scripts have this structure:
1.) sanity check the arguments
2.) exec program [suitable redirection of IO]
Then the start-stop-daemon can call the wrapper scripts as daemons. From my experiments so far this seems to work. However I feel a bit uncomfortable with this. It introduces several new wrapper scripts.I cannot think of any obvious security holes but I suppose race conditions are inevitable.
I want to configure Netgroup in openldap. I am using Redhat Linux 5.5.
View 1 Replies View RelatedI currently have an OpenLDAP server where everytime I add a new user their DN looks like this:
DN: cn=username,ou=people,dc=domainname,dc=com
Is their anyway I can change there dn to be in the following format?
username@domainname.com
I'm having much problems trying to configure openldap on Ubuntu 10.0.4 LTS
I have tried many tutorials, many configuration but still without results, I made the following script (for not repeating the same work, again & again)
Code:
#!/bin/sh
passwd=xxxxxx
dc1=host
dc2=com
[Code]....
I want to build a domain like abc.com in my LAN environment. Kindly tell me step by step procedure of installing OpenLDAP on CentOS 5.3.
View 2 Replies View RelatedI configured OpenLdap and now I want to configure it using TLS-SSL
But I cannot get it working with the Linux clients. Environment: Centos 5.5
Openldap Server configuration:
I am planning to deploy an OpenLDAP server in my LAN for basic authentication, but I have no idea how to do it. I would like to know how to configure an OpenLDAP Server, and I would also like to know about knowledge resources, if any.
View 3 Replies View RelatedI am systems administator of the university CS lab. I have a Mac here and I'm trying to extend the directory to our OpenLDAP server. We use NFS as well. I know nothing of Macs in this respect except for the fact that they already have LDAP on them, which seems to be convenient.
View 3 Replies View RelatedI have no ACLs in place yet but want to use a user called ldap-auth-user to bind to the ldap servers directory from the client servers. However I keep on getting ldap_bind: Invalid credentials (49). Error. I know the UserPassword is correct because I can log into a server using that id and password through the LDAP directory. I am guessing it has something to do with the way I created the account.
This Works:
ldapsearch -D 'cn=Manager,dc=test,dc=com' -x 'uid=testuser' -W
This Doesn't:
ldapsearch -D 'cn=ldap-auth-user,dc=test,dc=com' -x 'uid=testuser' -W
Here is the ldap-auth-users entry in the directory
[root@ldap-build-01 ~]# ldapsearch -D 'cn=Manager,dc=test,dc=com' -x 'uid=ldap-auth-user' -W
Enter LDAP Password:
# extended LDIF
[code]....