Re: request for troubleshooting assistance - ldap authentication

To: Josh Miller <joshua@itsecureadmin.com>
Cc: debian-user@lists.debian.org
Subject: Re: request for troubleshooting assistance - ldap authentication
From: Richard A Nelson <cowboy@debian.org>
Date: Wed, 9 Jul 2008 21:12:56 -0700 (PDT)
Message-id: <[🔎] alpine.DEB.1.10.0807092105320.12009@hygvzn-guhyr.pnirva.bet>
In-reply-to: <[🔎] 4875877D.9020706@itsecureadmin.com>
References: <[🔎] 4875877D.9020706@itsecureadmin.com>


Check the URI/host spec in /etc/libnss-ldap.conf to make sure it is
valid... there was a revision or few that mucked up in converting from
host to uri.

the syntax should be:
uri ldapi:///    (if you enabled that)
uri ldap:///     or ldap://fqdn/
uri ldaps://localhost:636/

The next problem comes in if ssl is in use, there are issues with the
code in determining to use ldaps:/// vs ldap:/// :(
So if you need ssl, either use TLS, or force the port to :636

a few checks:
	getent passwd <uid>
	ldapsearch -Hldap:/// uid=<uid>

--
Rick Nelson
I'd crawl over an acre of 'Visual This++' and 'Integrated Development
That' to get to gcc, Emacs, and gdb.  Thank you.
		-- Vance Petree, Virginia Power

Reply to:

Follow-Ups:
- Re: request for troubleshooting assistance - ldap authentication
  - From: "Josh Miller" <joshua@itsecureadmin.com>

References:
- request for troubleshooting assistance - ldap authentication
  - From: Josh Miller <joshua@itsecureadmin.com>

Prev by Date: request for troubleshooting assistance - ldap authentication
Next by Date: Re: Blurry fonts in printed invoices
Previous by thread: request for troubleshooting assistance - ldap authentication
Next by thread: Re: request for troubleshooting assistance - ldap authentication
Index(es):
- Date
- Thread