Ok, I have recompiled the old 207 version ... same location ... I'll need to have a closer look then ...
> Tried it, doesn't work :-( > > >If not, what is your /etc/ldap.conf file ? > > > > Here it is: > > > # @(#)$Id: ldap.conf,v 2.28 2001/08/28 12:17:29 lukeh Exp $ > # > # This is the configuration file for the LDAP nameservice > # switch library and the LDAP PAM module. > # > # PADL Software > # http://www.padl.com > # > > # Your LDAP server. Must be resolvable without using LDAP. > host ldap.eijk.nu > > # The distinguished name of the search base. > base dc=eijk,dc=nu > > # Another way to specify your LDAP server is to provide an > # uri with the server name. This allows to use > # Unix Domain Sockets to connect to a local LDAP Server. > #uri ldap://127.0.0.1/ > #uri ldaps://127.0.0.1/ > #uri ldapi://0.000000var0.000000run0.000000ldapi_sock/ > # Note: 0.000000 encodes the '/' used as directory separator > > # The LDAP version to use (defaults to 3 > # if supported by client library) > ldap_version 3 > > # The distinguished name to bind to the server with. > # Optional: default is to bind anonymously. > binddn cn=proxyuser,dc=eijk,dc=nu > > # The credentials to bind with. > # Optional: default is no credential. > bindpw ******* > > # The distinguished name to bind to the server with > # if the effective user ID is root. Password is > # stored in /etc/ldap.secret (mode 600) > #rootbinddn cn=manager,dc=eijk,dc=nu > > # The port. > # Optional: default is 389. > #port 389 > > # The search scope. > #scope sub > scope one > #scope base > > # Search timelimit > #timelimit 30 > > # Bind timelimit > #bind_timelimit 30 > > # Idle timelimit; client will close connections > # (nss_ldap only) if the server has not been contacted > # for the number of seconds specified below. > #idle_timelimit 3600 > > # Filter to AND with uid= > pam_filter objectclass=account > > # The user ID attribute (defaults to uid) > pam_login_attribute uid > > # Search the root DSE for the password policy (works > # with Netscape Directory Server) > #pam_lookup_policy yes > > # Group to enforce membership of > #pam_groupdn cn=PAM,ou=Groups,dc=eijk,dc=nu > > # Group member attribute > #pam_member_attribute gid > > # Template login attribute, default template user > # (can be overriden by value of former attribute > # in user's entry) > #pam_login_attribute userPrincipalName > #pam_template_login_attribute uid > #pam_template_login nobody > > # HEADS UP: the pam_crypt, pam_nds_passwd, > # and pam_ad_passwd options are no > # longer supported. > > # Do not hash the password at all; presume > # the directory server will do it, if > # necessary. This is the default. > #pam_password clear > > # Hash password locally; required for University of > # Michigan LDAP server, and works with Netscape > # Directory Server if you're using the UNIX-Crypt > # hash mechanism and not using the NT Synchronization > # service. > #pam_password crypt > > # Remove old password first, then update in > # cleartext. Necessary for use with Novell > # Directory Services (NDS) > #pam_password nds > > # Update Active Directory password, by > # creating Unicode password and updating > # unicodePwd attribute. > #pam_password ad > > # Use the OpenLDAP password change > # extended operation to update the password. > #pam_password exop > > pam_password crypt > > # RFC2307bis naming contexts > # Syntax: > # nss_base_XXX base?scope?filter > # where scope is {base,one,sub} > # and filter is a filter to be &'d with the > # default filter. > # You can omit the suffix eg: > # nss_base_passwd ou=People, > # to append the default base DN but this > # may incur a small performance impact. > nss_base_passwd ou=People,dc=eijk,dc=nu > nss_base_shadow ou=People,dc=eijk,dc=nu > nss_base_group ou=Group,dc=eijk,dc=nu > #nss_base_hosts ou=Hosts,dc=eijk,dc=nu?one > #nss_base_services ou=Services,dc=eijk,dc=nu?one > #nss_base_networks ou=Networks,dc=eijk,dc=nu?one > #nss_base_protocols ou=Protocols,dc=eijk,dc=nu?one > #nss_base_rpc ou=Rpc,dc=eijk,dc=nu?one > #nss_base_ethers ou=Ethers,dc=eijk,dc=nu?one > #nss_base_netmasks ou=Networks,dc=eijk,dc=nu?ne > #nss_base_bootparams ou=Ethers,dc=eijk,dc=nu?one > #nss_base_aliases ou=Aliases,dc=eijk,dc=nu?one > #nss_base_netgroup ou=Netgroup,dc=eijk,dc=nu?one > > # attribute/objectclass mapping > # Syntax: > #nss_map_attribute rfc2307attribute mapped_attribute > #nss_map_objectclass rfc2307objectclass mapped_objectclass > > # configure --enable-nds is no longer supported. > # For NDS now do: > #nss_map_attribute uniqueMember member > > # configure --enable-mssfu-schema is no longer supported. > # For MSSFU now do: > #nss_map_objectclass posixAccount User > #nss_map_attribute uid msSFUName > #nss_map_attribute uniqueMember posixMember > #nss_map_attribute userPassword msSFUPassword > #nss_map_attribute homeDirectory msSFUHomeDirectory > #nss_map_objectclass posixGroup Group > #nss_map_attribute cn msSFUName > #pam_login_attribute msSFUName > #pam_filter objectclass=User > #pam_password ad > > # configure --enable-authpassword is no longer supported > # For authPassword support, now do: > #nss_map_attribute userPassword authPassword > #pam_password nds > > # For IBM AIX SecureWay support, do: > #nss_map_objectclass posixAccount aixAccount > #nss_base_passwd ou=aixaccount,?one > #nss_map_attribute uid userName > #nss_map_attribute gidNumber gid > #nss_map_attribute uidNumber uid > #nss_map_attribute userPassword passwordChar > #nss_map_objectclass posixGroup aixAccessGroup > #nss_base_group ou=aixgroup,?one > #nss_map_attribute cn groupName > #nss_map_attribute uniqueMember member > #pam_login_attribute userName > #pam_filter objectclass=aixAccount > #pam_password clear > > # Netscape SDK LDAPS > #ssl on > > # Netscape SDK SSL options > #sslpath /etc/ssl/certs/cert7.db > > # OpenLDAP SSL mechanism > # start_tls mechanism uses the normal LDAP port, LDAPS typically 636 > #ssl start_tls > ssl off > > # OpenLDAP SSL options > # Require and verify server certificate (yes/no) > # Default is "no" > #tls_checkpeer yes > > # CA certificates for server certificate verification > # At least one of these are required if tls_checkpeer is "yes" > #tls_cacertfile /etc/ssl/openldap/ca.cert > #tls_cacertdir /etc/ssl/certs > > # SSL cipher suite > # See man ciphers for syntax > #tls_ciphers TLSv1 > > # Client sertificate and key > # Use these, if your server requires client authentication. > #tls_cert > #tls_key > > --------------ms040307020106070405000807 > Content-Type: application/x-pkcs7-signature; name="smime.p7s" > Content-Transfer-Encoding: base64 > Content-Disposition: attachment; filename="smime.p7s" > Content-Description: S/MIME Cryptographic Signature > > MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEH > AQAAoIIJODCCAvowggJjoAMCAQICAwp3KjANBgkqhkiG9w0BAQQFADCBkjEL > MAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ > Q2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRpZmlj > YXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0Eg > MjAwMC44LjMwMB4XDTAzMDgwMjA3NDYyOFoXDTA0MDgwMTA3NDYyOFowQDEf > MB0GA1UEAxMWVGhhd3RlIEZyZWVtYWlsIE1lbWJlcjEdMBsGCSqGSIb3DQEJ > ARYOc3RlZmFuQGVpamsubnUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK > AoIBAQDM24sJxi1DuOCz6MIa3Sdvb0VDHKVmUA+U2nAaKxZINAFAanawKYmQ > wgVYbfeMSoo1JVc1/kx6ul20S5fWE2bavjOk9LqLEfwfKwjn/qCf7qSaHXr9 > izzp8lCbJF1iC8lNwiInNqrvfSoFgatE+pQtVBuYxQR2wATkByvZ94Ehh/dm > ttzXTtMdkdDERr82gOnY/CC2JevKMxKU+FwSQLP7/mVNxsmS3ruddQc89+at > YNblIiBYnggoQoAMCqtvlNjyHSe2SDMc6EXthcfySJapVoS7/tbGaZE1+ZZK > OWEO7utTW6vghh8ZXUXrDq9toe6uhCaKHPEeHM8S42G4DMghAgMBAAGjKzAp > MBkGA1UdEQQSMBCBDnN0ZWZhbkBlaWprLm51MAwGA1UdEwEB/wQCMAAwDQYJ > KoZIhvcNAQEEBQADgYEAyeOHUJR03+LRw7lsrMqb1d1PtTfDdfvbskf86JbF > gP+JoemFqaGgGzTcVN8aqK6rpGuAoHVJwlhMIxRtmpVpPGkzEZIc9T03GfuC > kxWA4KOiSwW6j1JLgti2jhrl8+k8vBxzSm3jqk8uXSKobfjfOR3xKCo4ZLpo > L958/boUN70wggL6MIICY6ADAgECAgMKdyowDQYJKoZIhvcNAQEEBQAwgZIx > CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcT > CUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZp > Y2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNB > IDIwMDAuOC4zMDAeFw0wMzA4MDIwNzQ2MjhaFw0wNDA4MDEwNzQ2MjhaMEAx > HzAdBgNVBAMTFlRoYXd0ZSBGcmVlbWFpbCBNZW1iZXIxHTAbBgkqhkiG9w0B > CQEWDnN0ZWZhbkBlaWprLm51MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB > CgKCAQEAzNuLCcYtQ7jgs+jCGt0nb29FQxylZlAPlNpwGisWSDQBQGp2sCmJ > kMIFWG33jEqKNSVXNf5MerpdtEuX1hNm2r4zpPS6ixH8HysI5/6gn+6kmh16 > /Ys86fJQmyRdYgvJTcIiJzaq730qBYGrRPqULVQbmMUEdsAE5Acr2feBIYf3 > Zrbc107THZHQxEa/NoDp2PwgtiXryjMSlPhcEkCz+/5lTcbJkt67nXUHPPfm > rWDW5SIgWJ4IKEKADAqrb5TY8h0ntkgzHOhF7YXH8kiWqVaEu/7WxmmRNfmW > SjlhDu7rU1ur4IYfGV1F6w6vbaHuroQmihzxHhzPEuNhuAzIIQIDAQABoysw > KTAZBgNVHREEEjAQgQ5zdGVmYW5AZWlqay5udTAMBgNVHRMBAf8EAjAAMA0G > CSqGSIb3DQEBBAUAA4GBAMnjh1CUdN/i0cO5bKzKm9XdT7U3w3X727JH/OiW > xYD/iaHphamhoBs03FTfGqiuq6RrgKB1ScJYTCMUbZqVaTxpMxGSHPU9Nxn7 > gpMVgOCjoksFuo9SS4LYto4a5fPpPLwcc0pt46pPLl0iqG343zkd8SgqOGS6 > aC/efP26FDe9MIIDODCCAqGgAwIBAgIQZkVyt8x09c9jdkWE0C6RATANBgkq > hkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4g > Q2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUgQ29u > c3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZp > c2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSsw > KQYJKoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUuY29tMB4X > DTAwMDgzMDAwMDAwMFoXDTA0MDgyNzIzNTk1OVowgZIxCzAJBgNVBAYTAlpB > MRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEP > MA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNl > czEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMDCB > nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3jMypmPHCSVFPtJueCdngcXa > iBmClw7jRCmKYzUqbXA8+tyu9+50bzC8M5B/+TRxoKNtmPHDT6Jl2w36S/HW > 3WGl+YXNVZo1Gp2Sdagnrthy+boC9tewkd4c6avgGAOofENCUFGHgzzwObSb > VIoTh/+zm51JZgAtCYnslGvpoWkCAwEAAaNOMEwwKQYDVR0RBCIwIKQeMBwx > GjAYBgNVBAMTEVByaXZhdGVMYWJlbDEtMjk3MBIGA1UdEwEB/wQIMAYBAf8C > AQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBAUAA4GBADGxS0dd+QFx5fVT > bF151j2YwCYTYoEipxL4IpXoG0m3J3sEObr85vIk65H6vewNKjj3UFWobPcN > rUwbvAP0teuiR59sogxYjTFCCRFssBpp0SsSskBdavl50OouJd2K5PzbDR+d > AvNa28o89kTqJmmHf0iezqWf54TYyWJirQXGMYID1TCCA9ECAQEwgZowgZIx > CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcT > CUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZp > Y2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNB > IDIwMDAuOC4zMAIDCncqMAkGBSsOAwIaBQCgggIPMBgGCSqGSIb3DQEJAzEL > BgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTAzMDkxODE2NTUxOVowIwYJ > KoZIhvcNAQkEMRYEFJViktcdWF6wAyOuFG/zVHpdyHVzMFIGCSqGSIb3DQEJ > DzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMC > AgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIGrBgkrBgEEAYI3EAQxgZ0w > gZowgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQ > BgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRD > ZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1h > aWwgUlNBIDIwMDAuOC4zMAIDCncqMIGtBgsqhkiG9w0BCRACCzGBnaCBmjCB > kjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UE > BxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRp > ZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBS > U0EgMjAwMC44LjMwAgMKdyowDQYJKoZIhvcNAQEBBQAEggEAw5Rm0ppbjb30 > zGw2MR3AjGWLyHoIpdXjTqVO5MhfZLugVvkgc/iY2f/UCfkQy7lRBUcyDarw > ukIGHOsDfK0AnFZK2CbbHZVgQfDCBIoC2HMErYQgjCM7sHkV0SqEfW4uJFW4 > o1ATlAWgEOaASoDYOSuiIVN5PaeV1zg4Heyopgf7KtA3zsJNOJ5uXNE6ynMm > pQii1wDmVJNHeNyyJfYi1ls7Uf3la3/OF4gcRAtG3WcfYMg5l7BUZw9fdHS9 > ziuJdZxDJlTodjqb4I+O8KB36/lFWGKflsXf8pZqpBiPAFtQ07LMuAlvpoBD > bPP961/S+/Txh6G+jdnpJ44z6I8FwgAAAAAAAA== > > --------------ms040307020106070405000807-- > > > -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
