Re: Setup of pam_ldap/nss_ldap
On Mon, 2003-12-08 at 14:41, Craig Jackson wrote:
> Friends,
>
> On Sid I am trying to setup pam_ldap and nss_ldap on server A to
> authenticate to an openldap server B. Here's what's installed:
> ii ldap-utils 2.1.23-1 OpenLDAP utilities
> ii libldap2 2.1.23-1 OpenLDAP libraries
> ii libnss-ldap 211-4 NSS module for using LDAP as a naming
> servic
> ii libpam-ldap 164-2 Pluggable Authentication Module
> allowing LDA
>
> The error is dn="" from log on server B during bind operation using the
> command:
> # ldapsearch -x uid=tuser
>
> However, this command from server A works fine so the problem is not
> with openldap:
> ldapsearch -v -LLL -H ldap://domain.com:389 -ZZ -D
> "cn=tuser,ou=domain.com,dc=domain,dc=com" -x -W -b
> 'cn=tuser,ou=domain.com,dc=domain,dc=com'
>
> In the pam_ldap.conf and libnss-ldap.conf on server A find this exerpt:
> binddn cn=admin,dc=domain,dc=com
> bindpw PASS
> rootbinddn cn=admin,dc=domain,dc=com
> # PASS in /etc/ldap.secret (600)
>
> /etc/ldap/ldap.conf....
> BASE dc=domain,dc=com
> URI ldap://domain.com
> TLS_REQCERT never
>
> Apparently, the DN is not being sent to the LDAP server.
>
Nevermind. The hardest part about winning is admitting you've won. :)
Problem solved.
Reply to: