Re: getent passwd doesn't show ldap user
Hi Stefano.
> installed openldap and configured nslcd.conf and nsswitch.conf on debian
> squeeze server.
Did you install nslcd by it self or in companion with libnss-ldapd and
libpam-ldapd?
How does your /etc/nsswitch.conf look like? Here are the relevant
lines from mine:
passwd: files ldap
group: files ldap
shadow: files ldap
You need libnss-ldapd for the "ldap" rule in the lines above.
> At the moment getent passwd doesn't show ldap user.
> I create a user nslcd_proc for nslcd lookups.
> this user belong to the System organizationalUnit.
This is unnecessary, nslcd functions fine without a DN.
> nslcd: [8b4567] DEBUG:
> ldap_simple_bind_s("uid=nslcd_proc,ou=System,dc=amahoro,dc=bi","***")
> (uri="ldap://localhost:389")
> nslcd: [8b4567] ldap_result() failed: No such object
Looks like LDAP can't find the DN in the repository. Can you log in
manually as this user?
server$ ldapsearch -xW -D "uid=nslcd_proc,ou=System,dc=amahoro,dc=bi"
-H ldapi:///
> slapd.conf
Do you have a slapd.conf? Have you compiled it from source or
installed as a Debian package?
server$ apt-cache policy slapd
I've got:
slapd:
Installed: 2.4.23-7.2
Candidate: 2.4.23-7.2
Version table:
*** 2.4.23-7.2 0
700 http://ftp.no.debian.org/debian/ squeeze/main amd64 Packages
100 /var/lib/dpkg/status
AFAIK the openldap server (binary package is called slapd in Debian)
packaged no longer use that file. Instead the config is stored in a
LDAP repository (/etc/ldap/slapd.d) and modified by using LDIF-files.
--
Pelle
"D’ä e å, vett ja”, skrek ja, för ja ble rasen,
”å i åa ä e ö, hörer han lite, d’ä e å, å i åa ä e ö"
- Gustav Fröding, 1895
Reply to: