Hi, Can anyone point me to some good documentation that shows how to get Ubuntu 11.04 (GNU/Linux 2.6.38-8-server x86_64) working as a client with 389 Directory Server?
I have tried following https://help.ubuntu.com/community/FedoraDirectoryServerClientHowto but it seems to be old. /etc/pam_ldap.conf being replaced by /etc/ldap.conf. >From my experience setting up CentOS clients I expected there to also be a config file similar to /etc/openldap/ldap.conf. It appears this is /etc/ldap/ldap.conf. I have also looked at https://help.ubuntu.com/community/LDAPClientAuthentication I then came across https://help.ubuntu.com/11.04/serverguide/C/openldap-server.html#openldap-auth-config And did sudo dpkg-reconfigure ldap-auth-config sudo auth-client-config -t nss -p lac_ldap sudo pam-auth-update Currently a getent passwd or getent group is not returning any results from ldap. We can see the client making connections but it doesn't seem to be asking for any information. ldapsearch -vv -x -b 'ou=Active,ou=People,dc=cms, dc=waikato,dc=ac,dc=nz' '(objectclass=*)' appears to work correctly. Below are the two main config files cat /etc/ldap.conf | grep -v '^#' | grep -v '^$' base ou=Active,ou=People,dc=cms,dc=waikato,dc=ac,dc=nz ldap_version 3 pam_member_attribute uniquemember pam_password clear uri ldap://inf2.cms.waikato.ac.nz/ tls_cacertdir /etc/ssl/certs pam_password_prohibit_message Please visit https://secure.scms.waikato.ac.nz/password/ to change your password. ssl start_tls nss_base_passwd ou=Active,ou=People,dc=cms,dc=waikato,dc=ac,dc=nz?sub nss_base_shadow ou=Active,ou=People,dc=cms,dc=waikato,dc=ac,dc=nz?sub nss_base_group ou=Active,ou=People,dc=cms,dc=waikato,dc=ac,dc=nz?sub nss_base_netgroup ou=Active,ou=People,dc=cms,dc=waikato,dc=ac,dc=nz?sub nss_map_attribute uniqueMember memberUid nss_initgroups_ignoreusers avahi,backup,bin,daemon,games,gnats,irc,landscape,libuuid,list,lp,mail,man,messagebus,nagios,news,ntp,postfix,proxy,root,sshd,sync,sys,syslog,uucp,www-data nss_reconnect_tries 5 # no. of times to double the sleep time nss_reconnect_sleeptime 4 # initial sleep value nss_reconnect_maxsleeptime 64 # max sleep value to cap at nss_reconnect_maxconntries 2 cat /etc/ldap/ldap.conf | grep -v '^#' | grep -v '^$' URI ldap://inf2.cms.waikato.ac.nz/ BASE ou=Active,ou=People,dc=cms,dc=waikato,dc=ac,dc=nz TLS_CACERTDIR /etc/ssl/certs >From /var/log/auth we see Jun 22 13:52:28 wdm2 getent: nss_ldap: reconnecting to LDAP server... Jun 22 13:52:28 wdm2 getent: nss_ldap: reconnecting to LDAP server (sleeping 4 seconds)... Jun 22 13:52:32 wdm2 getent: nss_ldap: reconnecting to LDAP server (sleeping 8 seconds)... Jun 22 13:56:50 wdm2 getent: nss_ldap: reconnecting to LDAP server... Jun 22 13:56:50 wdm2 getent: nss_ldap: reconnecting to LDAP server (sleeping 4 seconds)... Jun 22 13:56:54 wdm2 getent: nss_ldap: reconnecting to LDAP server (sleeping 8 seconds)... Jun 22 13:57:02 wdm2 getent: nss_ldap: reconnecting to LDAP server (sleeping 16 seconds)... To see all config files go to http://www.scms.waikato.ac.nz/~clintd/ubuntu-ldap/etc/ Thank you for any insight you can offer relating to this issue.
-- 389 users mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/389-users
