On 29/03/12 13:25, Alessandro Fama wrote:
> Mar 29 14:17:01 localhost nslcd[1385]: [ed7263] no available
> LDAP server found
> Mar 29 14:20:01 localhost nslcd[1385]: [68079a]
> ldap_start_tls_s() failed: Connect error: No such file or
> directory (uri="ldap://ldap.intern")
The LDAP service is down? So it cannot check your password.
Firstly I would check you can resolve the name "host ldap.intern" and
ping it.
> Mar 29 14:20:30 tjener slapd[1583]: <= bdb_equality_candidates:
> (krbPwdPolicyReference) not indexed
Not sure what that is. Maybe it's harmless, or maybe it's the reason
LDAP isn't working.
I have no knowledge of configuring LDAP, but here is what I found:
http://www.rjsystems.nl/en/2100-d6-kerberos-openldap-provider.php#cncf
Item 2.3 of the cn=config section mentions that error message is due to
a lack of 'eq' index, and 2.12 mentions adding this for that specific
database field.
So the fix may be to create an LDIF file containing:
> dn: cn=config
> changetype: modify
> replace: olcLogLevel
> olcLogLevel: stats
>
> add: olcDbIndex
> olcDbIndex: krbPwdPolicyReference eq
Then apply on the LDAP server with:
# ldapmodify -QY EXTERNAL -H ldapi:/// -f filename.ldif
Completely untested and no idea if this is a proper thing to do :)
Regards,
--
Steven Chamberlain
steven@pyro.eu.org