Hello Gustaf and all,
So far, I’ve installed and configured all code required to run LDAP together
with Naviserver. Plus, I’ve added and amended all necessary parameters in order
to enable LDAP authentication.
However, I still haven’t figured out what is blocking the connection to the
server. However parametrization seems fine, I believe the error is because I've
assigned wrong formats to the parameter within config.tcl.
LDAP and NS instances are running in the same server. I have tried localhost,
w/ and w/o declaring ports explicitly.
ns_section ns/ldap/pool/ldap
ns_param user “cn=web,dc=ldap,dc=litli,dc=net"
ns_param password “*****"
ns_param host "ldap://ldap.litli.net";
ns_param connections 1
ns_param verbose On
Bellow you can see the logs of a successful boot up of NS.
[14/May/2018:10:44:25][22834.7f4be4abf700][-main-] Notice: modload: loading
module nsldap from file /usr/local/ns/bin/nsldap.so
[14/May/2018:10:44:25][22834.7f4be4abf700][-main-] Debug: nsldap: allowing * ->
pool ldap
[14/May/2018:10:44:25][22834.7f4be4abf700][-main-] Debug: nsldap: adding pool
ldap to the list of allowed pools
[14/May/2018:10:44:25][22834.7f4be4abf700][-main-] Debug: nsldap: Registering
LDAPCheckPools (600)
[14/May/2018:10:44:25][22834.7f4be4abf700][-main-] Notice: nsldap: version 0.9
loaded
...
[14/May/2018:10:44:36][22834.7f4be4abf700][-main-] Notice: Loading
packages/auth-ldap/tcl/auth-ldap-procs.tcl...
[14/May/2018:10:44:36][22834.7f4be4abf700][-main-] Notice: Loaded
packages/auth-ldap/tcl/auth-ldap-procs.tcl.
...
Plus, LDAP instance is running just fine at http://ldap.litli.net
<http://ldap.litli.net/>. Login is successful trough http and directly through
command line:
1)
ldapsearch -n -x -H ldap://ldap.litli.net -D “cn=web,dc=ldap,dc=litli,dc=net"
"uid=iuri" -w ****
# extended LDIF
#
# LDAPv3
# base <dc=ldap,dc=litli,dc=net> (default) with scope subtree
# filter: uid=iuri
# requesting: ALL
#
2)
ldapsearch -x -W -D ‘cn=web,dc=ldap,dc=litli,dc=net' -b "" -s base
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <> with scope baseObject
# filter: (objectclass=*)
# requesting: ALL
#
#
dn:
objectClass: top
objectClass: OpenLDAProotDSE
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
##############
However, the connection failed in attempt to allocate handle from ldap pool,
when I run the following TCL command:
set lh [ns_ldap gethandle "ldap"]
See logs:
###
# NS ERROR logs: /log/error.log
###
...
[14/May/2018:10:50:04][22834.7f4bd89ce700][-conn:caltek:0:1-] Error: could not
allocate 1 handle from pool "ldap"
while executing
"ns_ldap gethandle "ldap""
("uplevel" body line 2)
invoked from within
"uplevel {
set lh [ns_ldap gethandle "ldap"]
doc_return 200 text/html "[ns_ldap host $lh]"
}"
…
[14/May/2018:11:37:17][23479.7f1653d03700][-conn:caltek:1:0-] Debug: nsldap:
getting a handle for thread 0x7f1653d03700
[14/May/2018:11:37:17][23479.7f1653d03700][-conn:caltek:1:0-] Debug: nsldap:
connecting handle from pool ldap
[14/May/2018:11:37:17][23479.7f1653d03700][-conn:caltek:1:0-] Error: nsldap:
could not open connection to server ldap://ldap.litli.net on port 389: No such
file or directory
> On May 13, 2018, at 16:42, Gustaf Neumann <neum...@wu.ac.at> wrote:
>
> On 13.05.18 18:36, Iuri Sampaio wrote:
>> Btw,
>> Is there any reason to .o and .so be missing on bitbucket repository (i.e.
>> https://bitbucket.org/naviserver/nsldap/src/default/ ) ?
>> If not, do upload them there, please!
>
> the extension .o stands for an "object" file, .so stands for "shared object".
> The .o files are dependent on the machine architecture and are generated by
> a compiler such as "gcc", "clang" or others. The repository on bitbucket is a
> *source code* repository, this is no place for *binaries*.
>
> Get some tutorials concerning C and make, such as e.g. [1] which i found
> after 1min of googling around.
>
> -gn
>
> [1] https://www.thegeekstuff.com/2010/08/make-utility/
>
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> naviserver-devel mailing list
> naviserver-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/naviserver-devel
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
naviserver-devel mailing list
naviserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/naviserver-devel
