debugging LDAP
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I now have managed to set up an ldap database and use it to look up my account
when I login. Unfortunately I could only do that by changing the access
rights so that all users are able to read the database. The access line with
the dn= set to the same thing as in my pam_ldap.conf file or my
libnss-ldap.conf file didn't work.
Also, using gq to access the database, even when I am sure I am binding with
the correct administrator dn does not allow me to change the passwords -
saying I have insufficient permission.
What I suspect is that somehow my passwords in the ldap database are not
correct (why I don't know), but I can't be sure until I can be 100% certain
what I am doing is correct.
I tried running logfile set to 128 which is supposed to dump the acl tests on
the database, but the data is volumous, and I haven't found it indicating
what dn I am bound with when I do the query.
Attempts to use ldapsearch just fail with an incomprehensible error message
alan@kanger:~$ ldapsearch -h 10.0.10.100 -D \
"cn=admin,dc=chandlerfamily.org.uk" -W
Enter LDAP Password:
ldap_sasl_interactive_bind_s: No such attribute (16)
alan@kanger:~$
Can anyone explain what the error message means, and if there is any way to
get slapd to print in syslog (or elsewhere) the bind dn that its conducting
the search with.
- --
Alan Chandler
alan@chandlerfamily.org.uk
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+pckTuFHxcV2FFoIRAkuvAJ4uLSGZrzQ/Jmj2rZ9jozGAxSNv5QCfRWST
KaITK7SRQ36dSjIqVzVfqvU=
=W9nw
-----END PGP SIGNATURE-----
Reply to: