Ubuntu Servers :: OpenLDAP Install 10.04 And Client?
Nov 15, 2010
There are several parts of problems in my question.
1. Install openLDAP and authenticate clients
2. Simple way to authenticate Ubuntu clients (just like Windows simple domain model, but Linux)
Part 1 What I have done: I have been working on openLDAP for the past 4 weeks. There is a lot of information on LDAP and I have read a lot of it There are several guides out there for openLDAP installation on Ubuntu, and I have tried many of them, and reinstalled the server between tests.
[Code]...
Part 2 Simple way to authenticate Ubuntu clients (just like Windows simple domain model, but Linux)
I have tried to find something similar to Windows client login, but haven't found anything that works. I just need to be pointed to somewhere to read about the authentication model in Linux. I can work out my from there. It must be something very simple I am missing, because when I read som echapters in The Ubunutu Bible, I can't find anything on it.
View 9 Replies
ADVERTISEMENT
Jul 2, 2011
I can't get the client server to authenticate to the openldap server. I can authenticate on the server itself though. I can su to, login and shh into the openldap server and become a ldap user. I just can't become an ldap user on the client.I didn't setup TLS/SSL. I can do that after I have it working. I'm using hashed passwords though. I don't have replication setup. I'm am tying to setup the most basic openldap environment then build from there. I have read the openldap section in the admin guide.
My setup at home.
Openldap server � light.deathnote.net -- 10.0.1.21
client server � vm-centos01.deathnote.net � 10.0.1.7 -- VM on virtualbox
Virtualbox host � L (OS MAC) � 10.0.1.2
router (apple airport extreme) / default gatway � 10.0.1.1
All computer can reach the internet and ping each other. When I installed centos I disabled SELinux.I used these guids to setup my openldap.
[URL]
Below I have included some output from the files I'm using with openldap.
[root@vm-centos01 ~]# tail /var/log/messages
Jul 2 09:25:33 vm-centos01 xfs: nss_ldap: reconnecting to LDAP server (sleeping 16 seconds)...
Jul 2 09:25:49 vm-centos01 xfs: nss_ldap: failed to bind to LDAP server ldap://light.deathnote.net: Can't contact LDAP server
Jul 2 09:25:49 vm-centos01 xfs: nss_ldap: failed to bind to LDAP server ldap://10.0.1.21/: Can't contact LDAP server
[code]....
View 5 Replies
View Related
Feb 3, 2016
I'm testing to log in using openldap authentication on jessie by following article from [URL] ..... and when I try to log in from ldap client (another debian 8 VM), it failed with
Code: Select allFeb 3 09:25:33 clt nscd: nss_ldap: could not connect to any LDAP server as cn=admin,dc=test,dc=lab - Can't contact LDAP server
Feb 3 09:25:33 clt nscd: nss_ldap: failed to bind to LDAP server ldap:///192.168.191.120: Can't contact LDAP server
Feb 3 09:25:33 clt nscd: nss_ldap: reconnecting to LDAP server...
Feb 3 09:25:33 clt nscd: nss_ldap: could not connect to any LDAP server as cn=admin,dc=test,dc=lab - Can't contact LDAP server
[Code] ....
test result from client with ldapsearch
Code: Select all# ldapsearch -h 192.168.191.120 -D cn=admin,dc=test,dc=lab -W -x -b 'dc=test,dc=lab' 'userName=*'
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <dc=test,dc=lab> with scope subtree
# filter: userName=*
[Code] .....
View 1 Replies
View Related
Jul 24, 2010
I finished setup Samba PDC with Openldap backend. I can joint Winxp client to domain but can not change pass by press Ctrl + Alt + Delete and choose Change password button
This is my conf.
I used
samba3x-3.3.8
openldap 2.3.43
slapd.access.conf
Code:
access to attrs=userPassword,shadowLastChange,sambaNTPassword,sambaLMPassword
by dn="cn=Manager,dc=microhdesk,dc=net" write
by anonymous auth
by self write
by * none
[Code]....
View 1 Replies
View Related
May 24, 2010
I want to create a new LDAP database.
Part of the new configuration is
Code:
dn: olcDatabase={1}hdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
[Code].....
View 2 Replies
View Related
Jun 8, 2010
I have this group "cn=admins,ou=groups,dc=home,dc=com" And I've configured slapd in the new way so I'm not using slapd.conf (I think). First I thought about just modifying the files at /etc/ldap/cn=config/....... but that didn't work. How do I make that group into an admin-group with all the rights ?
View 3 Replies
View Related
Apr 5, 2011
I'm using openldap(slapd) to store user account..But how can i ensure that each UserID can be only login on one machine at any one time?
I'm using ubuntu for both client and server..
View 1 Replies
View Related
May 18, 2010
I'm trying to set up an OpenLDAP server on a clean install of 10.04 server (AMD64). Following the server guide [URL] I get down to the "Setting up ACL" step:
$ ldapsearch -xLLL -b cn=config -D cn=admin,cn=config -W oldDatabase=hdb oldAccess
This command fails with "ldap_bind: Invalid credentials (49)"
When I replace the dn with what it seems like it should be:
$ ldapsearch -xLLL -b cn=config -D cn=admin,dc=example,dc=com -W oldDatabase=hdb oldAccess
I get "No such object (32)"
I have a feeling this is because 10.04 no longer asks you for the admin username and password during the initial debconf (nor does dpkg-reconfigure).
I can continue through the guide using this form of the commands (which were used earlier in the Guide):
$ sudo ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config olcDatabase=hdb olcAccess
But I'm a little concerned that I'm not able to properly use the admin user to make LDAP changes to the configuration. It also seems like the Server Guide ought to use the 'sudo ... -Y EXTERNAL' form of the commands throughout if cn=admin,cn=config isn't going to work.
View 5 Replies
View Related
May 24, 2010
I have slapd-server running but it seems to refuse connections in a very odd way. Wireshark shows that everytime JavaEE-client tries to connect, only 2 packages are sent. As I understand, in tcp/ip protocol, the first is just "hello, who's there". The last is just a message consisting of ACK and RST. I think RST means "we're done". At this point I don't think any credentials are checked so I don't know what could be wrong
View 1 Replies
View Related
Jun 30, 2010
I'm trying to follow the OpenLDAP docs that are part of the Ubuntu 10.04 Server Guide, listed here:
I get about halfway through, to this command:
sudo ldapadd -x -D cn=admin,dc=example,dc=com -W -f frontend.example.com.ldif
When it asks me to "Enter LDAP Password:" and nothing I have tried works. I thought it might have been "olcRootPW: secret" set in the backend file in the step before, but that isn't working.
View 3 Replies
View Related
Apr 12, 2011
I recently followed a tutorial on how to get OpenLDAP running with Samba on Lucid. It worked pretty well.Here's my very frustrating problem with it. For the first 5 - 10 minutes after rebooting, password handling (possibly PAM?) is hosed, including for users in LDAP authenticating via Samba.In fact, I think the only reason I can SSH into the machine during that window is because I happen to have certificate authentication enabled and my client uses that.When I try to do a sudo command after logging in, though, and have to enter the password, it hangs. I've searched logs and haven't come up with much.I *think* it's related to this bug, but I'm not sure.And here's what's killing me ... it's not easy for me to figure out how to ensure that slapd starts before smbd and rsyslog (I read somewhere else that it needs to start before that for some reason) b/c most of the jobs are upstart jobs, but slapd is not.By default it runs at S19 in rc2.d, and I've tried manually lowering that as far as S05 or S07, but I'm still having trouble.
View 1 Replies
View Related
Apr 17, 2011
I work for a college with many departments. I'd like to just deploy one LDAP/krb5 server (plus slave replicas) to authenticate all users in all departmentsIs it possible to do this?The proposed DNs for the departments matches what is done for NIS now.If anyone has any pointers or URLs that describe how to properly do this.
View 1 Replies
View Related
Apr 28, 2011
I have set up an OpenLDAP server to use as an common address book for my users.
I have all the addresses in a spreadsheet.
Is there a easy way to get this data into LDAP?
View 2 Replies
View Related
May 26, 2011
I have configured server ubuntu 11.04. Everything works fine, but there is a need for some clients to connect local hard drive. What should I do? How and what modules are added to the ltsp-image? How to register in the fstab on the client? Maybe I'm going the wrong way?
View 1 Replies
View Related
Jul 16, 2010
Small office... 20-30 computers all windows based. xp/vista/windows 7. 3 Servers running ubuntu 10.04... 1 domain controller, and two file servers with samba. We want to be able to login once in the morning, and then not have to worry about users/passwords at all throughout the day. So I was thinking that I could setup a PDC and then make the two filservers both BDC's and use ldap to authenticate everything. Would this even work out? and is there a better way to do it?
View 9 Replies
View Related
Jun 8, 2009
I am planning to deploy an OpenLDAP server in my LAN for basic authentication, but I have no idea how to do it. I would like to know how to configure an OpenLDAP Server, and I would also like to know about knowledge resources, if any.
View 3 Replies
View Related
Nov 30, 2009
After installing F11, I installed OpenLdap with the command "yum -y install openldap*" And added the password obtained through the command "slappasswd -s password -h {MD5}" into /etc/openldap/slapd.conf. Also, I specified the domain information within the file on "suffix" and "rootdn". I also modified the domain name in both /etc/openldap/ldap.conf and /etc/ldap.conf. I copied the Copied the /usr/share/doc/openldap-servers-2.4.15/DB_CONFIG.example to /var/lib/ldap/DB_CONFIG. Then started the server with the command /etc/rc.d/init.d/ldap start I then was able to create and delete OU's and CN's with the help of ldapadd and ldapdelete. I also created PERSON records using the base.ldif file with the content ;
dn: cn=user1, ou=domain, dc=example, dc=com
objectClass: person
cn: user1
sn: user1
Everything is OK until I try to add a person with an email address in the "mail" attribute. The error message is ;
***************************
adding new entry "cn=user1, ou=domain, dc=example, dc=com
ldap_add: Object class violation (65)
additional info: attribute 'mail' not allowed
***************************
This error message is appearing also with "uid" attribute. I have searched some forums and found some suggestions to include the line
"include /etc/openldap/schema/inetorgperson.scheme" in the file /etcopenldap/slapd.conf, which is already in.
View 1 Replies
View Related
Jan 9, 2010
I have access to a unmanaged dedicated server on the net. I am considering loading Ubuntu Server to this for web/mail/ftp serving. If I install Ubuntu Desktop to my local machine is it possible for me to administer the server using Ubuntu Desktop (using the GUI)? I connect to the net over ADSL. Any guides/advice for setting up Ubuntu as a web/mail/ftp with a key focus on keeping to secure? I know how to install LAMP but as I have root I need to learn a little more than I did when I was on a shared host.
View 1 Replies
View Related
Aug 27, 2011
A time ago I've been trying to implement a PDC linux server with Samba and Openldap for centralized authentication for windows and linux clients, but I can NOT get it. So I read somewhere that there is another option called Directory Server and maybe that is possible to do. According to your experience do you recommend any 'how to' or 'tutorial' that will permit implement a PDC server for authenticating and sharing files and printers for windows and linux clients?
View 2 Replies
View Related
Jul 22, 2011
I am trying to install and configure LTSP on a server for a HP thin client to boot off. The version of Ubuntu that I am using is 11.04 x86 and it is a fresh install on a dual core system with 2GB RAM. I followed a guide which comprised of these commands.
sudo apt-get install ltsp-server-standalone openssh-server sudo ltsp-build-client or if your on a 64-bit system with 32-bit machines do sudo ltsp-build-client arch i386 for editing the servers IP values use /etc/ltsp/dhcpd.conf after that you need to restart DHCP server sudo /etc/init.d/dhcp3-server restart
and update sshkeys -sudo ltsp-update-sshkeys and if you updated dhcpd.conf then you need to update you image also by typing in terminal ltsp-update-image
Everything seemed to install as it should but when I try to boot from the thin client it just times out and says no DHCP or proxy invites received. I turned DHCP off on the router and even tried another router, but I still get nothing. I am at a bit of a loose end and I hope someone on here can point me in the right direction of where I am going wrong.
View 1 Replies
View Related
Aug 27, 2010
I've configured OPENLDAP server on the CentOs 5.3. Well everything is working fine .All the uses have been added to the database.database is bdb in ldap configuration.Now client machine is on windows xp. how to integrate Windows Xp with the LDAP server for authentication.
View 5 Replies
View Related
May 21, 2010
I've setup an openldap server, and am trying to add .ldif files to the database.
I am constantly getting the following error, no matter what I do:
View 18 Replies
View Related
Jun 8, 2010
Code:
$ su -c 'yum install wine'
this forum won't let me put all the text in Transaction Check Error: package openldap-2.4.21-6.fc13.x86_64 (which is newer than openldap-2.4.21-4.fc13.i686) is already installed package nss-softokn-freebl-3.12.4-19.fc13.x86_64 (which is newer than nss-softokn-freebl-3.12.4-17.fc13.i686) is already installed
View 4 Replies
View Related
May 10, 2010
i found this video, and i really want to do the same. *newbie needs to learn [URL]...my question is, what need to be installed and how?
is there any specific configuration to make it works?
and will it work if i want to connect from Ubuntu to Fedora ?
View 1 Replies
View Related
Nov 23, 2009
I want to build a domain like abc.com in my LAN environment. Kindly tell me step by step procedure of installing OpenLDAP on CentOS 5.3.
View 2 Replies
View Related
Sep 28, 2010
Just installed openldap server on a VM CentOS called 'ldapsrv', it works fine, ldapsearch returns all ldap information.
Installed openldap client on another VM CentOS called 'ldapclient1', configured it with most basic configuration, no ssl/tls etc. but ldapsearch returns error:
ldapsrv is pingable:
Some outputs:
PHP Code:
PHP Code:
View 20 Replies
View Related
Mar 10, 2010
I am trying to install openldap 2.4.21 in redhat enterprise 5 version and I am having some issues. When I ran the configure command, I had the following error.
checking for Berkeley DB major version in db.h... 4
checking for Berkeley DB minor version in db.h... 3
checking if Berkeley DB version supported by BDB/HDB backends... no
configure: error: BerkeleyDB version incompatible with BDB/HDB backends
So I downloaded and installed Berkeley DB 4.8.26 version. But my problem is how do I make openldap to point to this.
View 3 Replies
View Related
Aug 1, 2010
I am setting up a LDAP server in Fedora 13 system. I did the installation of the packages of openldap-server, openldap-client and openldap-server-sql (beause I may use sql as backend, install first). However, when I did the setup check by command: dapadd -f stooges.ldif -xv -D "cn=StoogeAmin,o=stooges" -h 127.0.0.1 -w secret1
and always says: ldap_bind: Invalid credentials (49) I am using slapd.conf for test as below. I did check the password are same.
[Code]...
View 7 Replies
View Related
Feb 5, 2010
I am trying to print from our new Mac laptop to our ubuntu server. The ubuntu server works fine as a print server for our XP, Vista and Ubuntu clients.
I tried this procedure... [URL]
The best I can do is make the Mac print pages squished down to 1/4 size. On my ubuntu client I had to change the print resolution from "auto" to 600x600 to make it work. I don't see the same option on the Mac.
Mac OSX 10.6.2
Ubuntu Server 9.10
Printer: Canon S900
Cups driver: Canon S800 Gutenprint v5.2.3
Cups version 1.4.2 on the mac
Cups version 1.3.9 on Ubuntu Server
How do I print from my mac to the ubuntu server?
View 1 Replies
View Related
May 16, 2010
I am running Ubuntu Server Lucid 64bit on an AMD-based system and Ubuntu Server Lucid x86 on a dual P4 HP Netserver. I have a Trust PW-4120M UPS plugged into the AMD box via a serial cable.I have installed nut on both systems from the repositories (with "apt-get instal nut") and configured the AMD system as follows:
#ups.conf
[trustups]
driver = megatec
[code]....
I've tried every adjustment to the config files I can think of but without success. I'm guessing this is a permissions issue but I've been unable to find any info on this after extensive searching of Google. As far as I can tell (ie. I've not installed one!) there's no firewall operating on either machine.
View 2 Replies
View Related
