Software :: Openldap (slapd) - Authentication Using Simple Name?
Aug 6, 2010Is it possible to set up slapd to authenticate users using a simple name instead of a dn?
View 1 Replies
ADVERTISEMENT
Server :: Ldap Cannot Carry Slapd.conf Changes Or Did Not Use /etc/openldap/slapd.conf?
Aug 20, 2010I am setting up LDAP server, i set slapd.conf(dc=proldap,dc=com) and start ldap it is OK but when i check using ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts result is : namingContexts: dc=my-domain,dc=com
it seems that it did not use my slapd.conf so i tried removing my slapd.conf from /etc/openldap and start slapd again and it did start with no errors. and when i do ldapsearch again still uses dc=my-domain,dc=com
I tried searching about this in google and found no answers,
my reference in setting up ldap is the link below. but it seemed that it always uses another configuration not the one i modified
I'm using Fedora12, ldap version 2.4.19. i installed ldap by yum install url
url
Ubuntu Installation :: OpenLDAP Slapd / Can't Stop The Service With Service Slapd Stop?
Oct 20, 2010I am trying to setup LDAP server on Ubuntu 10.04 and am sticking to the old /etc/ldap/slapd.conf file configuration.
I had to comment ldapi:/// from /etc/default/slapd since it was giving 'Address already in use error'. Also had to juggle with pid directory and file issues
After that I was able to start the slapd daemon (service slapd start) but now I am running into multiple issues:
1. Can't stop the service with service slapd stop
Code:
## Service stop returns 0, maybe because start-stop-daemon is not giving error
#service slapd stop
Stopping OpenLDAP: slapd.
# echo $?
0
Will switching to BDB database resolve this ?Also can't I slapcat at non-root user ??
Software :: Openldap Does Not Start / Slapd Does Nothing?
Dec 21, 2010I was trying to run openldap in /usr/local/libexec on ./slapd command.
As usual, it doesn't respond anything which is normal (side qns: can anyone tell me why ./slapd doesn't even return me a status message?)
Then I went on to check ps -ef | grep slapd, but found that the ./slapd was not in process at all (means its not running). If it ran successfully, it should be in my process.
Fedora :: Openldap(slapd) Starts With The Wrong NamingContext?
Jan 29, 2010I am using Fedora12. I installed the following packages:
openldap-servers-2.4.19-1.fc12.x86_64
openldap-clients-2.4.19-1.fc12.x86_64
openldap-2.4.19-1.fc12.x86_64
db4-4.7.25-13.fc12.x86_64
Where should I dig, what I'm doing wrong ?
Ubuntu Servers :: Slapd(openLDAP) Refuses Connections?
May 24, 2010I have slapd-server running but it seems to refuse connections in a very odd way. Wireshark shows that everytime JavaEE-client tries to connect, only 2 packages are sent. As I understand, in tcp/ip protocol, the first is just "hello, who's there". The last is just a message consisting of ACK and RST. I think RST means "we're done". At this point I don't think any credentials are checked so I don't know what could be wrong
View 1 Replies View RelatedServer :: Openldap And Self Authentication?
Aug 24, 2010I was thinking of merging my openldap and samba bdc servers. Is it ok for a server to authenticate against itself? (ie ldap.conf points to localhost)
View 1 Replies View RelatedNetworking :: WiFi Connection And Authentication Through OpenLDAP?
May 24, 2010Is it possible to monitor WiFi connections and identify who are connected through OpenLDAP? If so, how will authentication be possible? By the way, I'm open if OpenLDAP is inappropriate for such authentication purposes and scenario.
View 2 Replies View RelatedServer :: OpenLDAP Authentication - Unable To Login?
Dec 22, 2010I have configured a ldap server and trying to login to same ldap server using a ldap user. However, I am not able to login and getting the following in /var/log/secure:
Dec 22 20:06:29 redhat5 sshd[7241]: Invalid user ldapu1 from 192.168.85.1
Dec 22 20:06:31 redhat5 sshd[7242]: input_userauth_request: invalid user ldapu1
Dec 22 20:06:37 redhat5 sshd[7241]: pam_unix(sshd:auth): check pass; user unknown
Dec 22 20:06:37 redhat5 sshd[7241]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.85.1
Dec 22 20:06:37 redhat5 sshd[7241]: pam_succeed_if(sshd:auth): error retrieving information about user ldapu1
Dec 22 20:06:39 redhat5 sshd[7241]: Failed password for invalid user ldapu1 from 192.168.85.1 port 4461 ssh2
I can see that if I use the ldapsearch with same filter, I am not able to locate the user "ldapu1". However, if I change the filter to (|(objectClass=posixAccount)(uid=ldapu1))", it shows me the ldap user:
[root@redhat5 ~]# ldapsearch -x -b "ou=Users,dc=homeldap,dc=com" -D "cn=Manager,dc=homeldap,dc=com" -W -H "ldap://127.0.0.1/" "(|(objectClass=posixAccount)(uid=ldapu1))"
Enter LDAP Password:
# extended LDIF
# LDAPv3
# base <ou=Users,dc=homeldap,dc=com> with scope subtree
# filter: (|(objectClass=posixAccount)(uid=ldapu1))
# requesting: ALL
# ldapu1, Users, homeldap.com
dn: cn=ldapu1,ou=Users,dc=homeldap,dc=com
objectClass: inetOrgPerson
cn: ldapu1
sn: ldapu1
uid: ldapu1
userPassword:: bGRhcHV1MQ==
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
Where I have made a mistake?
- Is it necessary to create an account on Linux box and then migrate it to ldap?
- I was just wondering if I can somehow change the default filter from AND to OR at the time of login. I used "pam_filter |objectClass=inetOrgPerson" in ldap.conf.
However, it didn't change the filter.
Fedora Servers :: Samba And OpenLDAP Centralized Authentication
Aug 27, 2011A time ago I've been trying to implement a PDC linux server with Samba and Openldap for centralized authentication for windows and linux clients, but I can NOT get it. So I read somewhere that there is another option called Directory Server and maybe that is possible to do. According to your experience do you recommend any 'how to' or 'tutorial' that will permit implement a PDC server for authenticating and sharing files and printers for windows and linux clients?
View 2 Replies View RelatedCentOS 5 :: Ldap For Simple User Authentication?
Jun 22, 2010I have a centos 5 system with openldap configured. I need openldap for simple user authentication. ie.. to be able to use it for authenticating it from remote applications and systems like mail clients...etc.
I was able to succefully install and configure openldap and ran a slaptest to verify the slapd.conf file for errors and found none. so now all i want to do is to add username and passwords to the ldap database.
iam just not sure what all objectClasses i need to use for Attributes uid and userPassword and what exactly should be the ldif file syntax for the above entries. I tried various sources but i do either get errors while adding or after adding do get errors trying to access it.
above all, iam able to access the ldap server from my phpldapadmin only as a anonymous user and not as a root user that i added as a first entry.
CentOS 5 Server :: FreeRadius Simple Shadow / Passwd UNIX System Authentication
Nov 7, 2010Its 2 weeks i'm trying to configure freeradius2 on centos5 64bit after installed it from yum.all seems working, but i cant authenticate unix users.after digging in many sites its simply cant find user name and password ( ++[unix] returns notfound )Also how can i paste here all the radiusd -X log lines? i can't find any
radius.log file.
Fedora :: Error: Package Openldap-2.4.21-6.fc13.x86_64 (which Is Newer Than Openldap-2.4.21-4.fc13.i686
Jun 8, 2010Code:
$ su -c 'yum install wine'
this forum won't let me put all the text in Transaction Check Error: package openldap-2.4.21-6.fc13.x86_64 (which is newer than openldap-2.4.21-4.fc13.i686) is already installed package nss-softokn-freebl-3.12.4-19.fc13.x86_64 (which is newer than nss-softokn-freebl-3.12.4-17.fc13.i686) is already installed
Programming :: How To Compile / Simple Tutorial For Making Simple Program
Oct 7, 2010i'm a college student studying pc programing, and i was given today a special work and i have to program using miranda... which i've never used it >.< can anyone give me a hand to where to download, how to compile, and a simple tutorial for making a simple program or something?
View 3 Replies View RelatedUbuntu Servers :: 10.04 Can't Install SLAPD
Jan 16, 2011I use Ubuntu server 10.04 I try to install slapd, but i get the following error
Code:
libldap-2.4-2 (= 2.4.21-0buntu5.2) but 2.4.21-0ubuntu5.3 is to be installed
E: Broken packages
And also, when I try to install some other packages such as nagios, squid, .. I get the some list of errors. One of the error say something like
Code:
Failed to fetch http://id.archive.ubuntu.com/ubuntu/pool/main/n/nagios-plugins/nagios-plugins-standard_1.14.14-1ubuntu1_i386.deb Temporary failure resolving 'id.archive.ubuntu.com'
What to do? Should I edit /etc/apt/source.list to point to other repo site?
Software :: Can't Install Slapd - Broken Package
Oct 7, 2010Can't install slapd (OpenLDAP) server on my laptop running Ubuntu 10.04 (lucid) Gives broken package error
Code:
sudo apt-get install slapd
Reading package lists... Done
Building dependency tree
Reading state information... Done
[Code].....
Debian :: LDAP On Squeeze (6.0) Missing Slapd.conf?
Mar 1, 2011I try to setup OpenLDAP on Debian Squeeze.But it seems the documentation I found is differed than the installation.
Normally I would expect /etc/ldap/slapd.conf as also mentioned at url.However this file does not exists and I got the feeling Debian changes a lot with the default (bit poor if you asked me).Seems they created a LDAP database and put the config in there, correct me if I am wrong?A folder /etc/ldap/slapd.d is created with some config inside. And also a /etc/ldap/ldap.conf does exist.
Is there any documentation on this, and what if I would like to have a flat config in /etc/ldap/slapd.conf?
Networking :: Ubuntu (lucid) - Clearing/flushing/purging Slapd?
Aug 4, 2010I'd like to clear the slapd DB so that I could reinstall it from scratch, however, when I remove the package and reinstall it, I still get some items in there.How can I purge/flush/remove everything from slapd?Instructions I follow to do the set up?https://help.ubuntu.com/10.04/server...ap-server.html
View 3 Replies View RelatedGeneral :: Index An Ldap Database Without Shutting Down Or Stoping The Slapd?
Feb 26, 2010I want to index my openLDAP database without shutting down or stopping by slapd. Is there a way to do that.
I also have master - slave architecture setuped for the replication.
General :: LDAP: Ldapsearch Can't Return More Than 500 Results; Also, Can't Find Slapd.conf?
Feb 20, 2010If I do something to the effect of this:ldapsearch -b "dc=example,dc=com" -x -z 3000
I'll get this back at the end of the result set:
# search result
search: 2
result: 4 Size limit exceeded
The thing is is that I have way more (thousands) than what's being displayed here. And I've tried to mess around with /etc/ldap.conf, changing the SIZELIMIT directive to something else, 10000, let's say, and restarting the server, but the same goddamn thing happens.
I've been messing around with this for quite some time now, hopefully someone will be able to shed some light on this so that I can learn my way out of this mess that is LDAP. Also in a related matter, I'm running Mint (based off of Ubuntu), and all the documentation that I've seen (probably read a good 100+ pages in a few days now on this) keeps telling me to make changes to my slapd.conf file. What slapd.conf file? It doesn't exist, I can't find it at least. find / -name slapd.conf turns up nothing.
Server :: Debian: Custom LDAP Schemas Without Utilizing Slapd.conf?
Mar 1, 2010Slapd is up and running perfectly well, and I can add and remove entries without a problem. My OS is the Ubuntu based Mint.
So I was hoping for someone to give me a nudge in the right direction for doing this without a slapd.conf file, or directions for how to force slapd to pay attention to a slapd.conf file whose location I specify.
I've tried messing around with /etc/ldap/ldap.conf to no avail, I've tried just putting in a custom slapd.conf file but slapd doesn't pay attention to it.
And to the best of my knowledge I can't find anything written on this specific topic. I can find plenty on slapd.conf's, but that's just taunting me considering I don't even have it on my system.
Ubuntu Security :: Configure SSH Key-based Authentication And SSH Password Authentication In Same Machine For Different User?
Jan 10, 2010I want to configure SSH key-based authentication and SSH password Authentication in same machine for different user .
View 1 Replies View RelatedUbuntu Servers :: Postfix Smarthost + Authentication: Get 535 Incorrect Authentication Data Error
Mar 14, 2011On Ubuntu server 10.10, with a relay smtp server with authentication via postfix; I keep getting 535: Incorrect authentication data. I'm sure my username and password is correct. Heres how I set up postfix: I created a file called smarthosts.conf in my /etc/postfix/ directory that contains the following:
[Code].....
my server uses plain text authentication on port 25. I would like to use security like SSL, but this particular server is unsecured.
Debian :: Way To Make Su Repeat Authentication Rather Then Just Returning Authentication Failed
Apr 1, 2016If I am running a script, let's say a install script. Is there a way to make Su repeat authentication rather then just returning "Authentication failed" and continuing the script?
View 3 Replies View RelatedSecurity :: Make A Choice On What Authentication Protocol To Use For Authentication And Authorization?
Jan 17, 2011I need to make a choice on what authentication protocol I want to use for Authentication and Authorization. I was looking at Radius and then literature suggested that Diameter was a better protocol. Keep in mind I need this on a hetrogeneous setup ( linux & windows together). Diameter seemed like a good fit until I discovered that the open source code no longer seems to be maintained ( C/C++).
I was also looking at Kerberos as an option though there is alot overhead with the server. SSL/TLS or EAP? I am looking for simple but secure and am new at the security protocols.
Server :: Su: Authentication Service Cannot Retrieve Authentication Info?
Mar 12, 2010I have a problem with ldap client authentication in ubuntu. I am using rhel5 as openldap server and I configured ubuntu as client, when I am trying to login the following message is coming."su: Authentication service cannot retrieve authentication info. Sorry"
But when I do search through "ldapsearch" command output is coming without any errors, Can anybody explain what would be problem.
Server :: Squid Proxy Authentication And Without Authentication
May 27, 2011I have a network and am using squid proxy with authentication I want to create another subnet without authentication.
View 1 Replies View RelatedServer :: OpenLDAP And TLS-SSL ?
Jan 25, 2011I configured my openldap but now I want to implement SSL-TLS
This is my basic slapd.conf configuration
Code:
And I created this script (simple I know) to create this TLS/SSL Config but it won't work users cannot login
path when I am moving certs /etc/openldap/cacerts
Code:
As you see I create the key and certificate, assign permissions, add stuff to slapd.conf and finally copy thecer to a client PC
On client side I use authconfig-tui
My enviroment is Centos 5.5
what is wrong on my config?
Software :: Using The TLS With Openldap?
Apr 22, 2011I'm tried to config TLS with Openldap follow this site [URL]. when attempted to sign the cert request by my CA. I have a fault:
root@ldap:/usr/local/openssl/bin# ./CA.sh -sign
Using configuration from /usr/lib/ssl/openssl.cnf
Error opening CA private key ./demoCA/private/cakey.pem
[code]....
OpenSUSE :: 11.2 - How To Enable TLS / SSL On OpenLDAP
Jul 6, 2010Every time I try to setup TLS in openldap using the yast applet. The database blows up and dies. I cannot restart the ldap service unless I create a new database. Basically I get LDAP up and working perfectly. Then I use yast to go and enable TLS and SSL support. I put in the paths of the certs. Then hit okay and that is when it blows up. I cannot restart the service. I follow the directions exactly in the link below.
OpenLDAP Faq-O-Matic: How do I use TLS/SSL?
Where is says "using certificates".
Here is what it says in the /var/log/messages
Code:
Jul 6 16:45:31 leia slapd[23996]: @(#) $OpenLDAP: slapd 2.4.17 (Oct 24 2009 04:51:18) $#012#011abuild@build32:/usr/src/packages/BUILD/openldap-2.4.17/servers/slapd
Jul 6 16:45:31 leia slapd[23996]: config error processing cn=schema,cn=config:
Jul 6 16:45:31 leia slapd[23996]: slapd stopped.
Jul 6 16:45:31 leia slapd[23996]: connections_destroy: nothing to destroy.
Jul 6 16:45:31 leia startproc: startproc: exit status of parent of /usr/lib/openldap/slapd: 1
How can I enable TLS/SSL on openldap in opensuse 11.2 without the database dying?