any ideas? -------- Original Message -------- Subject: Re: getent passwd doesn't show ldap user Date: Mon, 23 Apr 2012 12:20:03 +0200 From: stefano malini <[email protected]> To: [email protected]
hi, installed openldap and configured nslcd.conf and nsswitch.conf. At the moment getent passwd doesn't show ldap user. I create a user nslcd_proc for nslcd lookups. this user belong to the System organizationalUnit. You can see some checks. FIRST SHELL nslcd -d nslcd: DEBUG: add_uri(ldap://localhost:389) nslcd: version 0.7.15 starting nslcd: DEBUG: unlink() of /var/run/nslcd/socket failed (ignored): No such file or directory nslcd: DEBUG: setgroups(0,NULL) done nslcd: DEBUG: setgid(107) done nslcd: DEBUG: setuid(105) done nslcd: accepting connections SECOND SHELL: getent passwd-->shows only local users FIRST SHELL shows: nslcd: [8b4567] DEBUG: connection from pid=2055 uid=0 gid=0 nslcd: [8b4567] DEBUG: nslcd_passwd_all() nslcd: [8b4567] DEBUG: myldap_search(base="dc=amahoro,dc=bi", filter="(objectClass=posixAccount)") nslcd: [8b4567] DEBUG: ldap_initialize(ldap://localhost:389) nslcd: [8b4567] DEBUG: ldap_set_rebind_proc() nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3) nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_DEREF,0) nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_TIMELIMIT,0) nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_TIMEOUT,0) nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,0) nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON) nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON) nslcd: [8b4567] DEBUG: ldap_simple_bind_s("uid=nslcd_proc,ou=System,dc=amahoro,dc=bi","***") (uri="ldap://localhost:389";) nslcd: [8b4567] ldap_result() failed: No such object These are the permissions of nslcd files and folder ls -ld /etc/nslcd.conf /var/run/nslcd/ /var/run/nslcd/* -rw-r----- 1 root nslcd 635 Apr 21 11:54 /etc/nslcd.conf drwxr-xr-x 2 nslcd nslcd 4096 Apr 21 11:55 /var/run/nslcd/ -rw-r--r-- 1 root root 5 Apr 21 11:55 /var/run/nslcd/nslcd.pid srw-rw-rw- 1 root root 0 Apr 21 11:55 /var/run/nslcd/socket Opening /var/run/nslcd/socket it shows: Error reading /var/run/nslcd/socket: No such device or address Follow nslcd.conf and slapd.conf. __________________________________________________________________ # /etc/nslcd.conf # nslcd configuration file. See nslcd.conf(5) # for details. # The user and group nslcd should run as. uid nslcd gid nslcd # The location at which the LDAP server(s) should be reachable. uri ldap://localhost:389 # The search base that will be used for all queries. base dc=amahoro,dc=bi # The LDAP protocol version to use. #ldap_version 3 # The DN to bind with for normal lookups. binddn uid=nslcd_proc,ou=System,dc=amahoro,dc=bi bindpw ***** # The DN used for password modifications by root. #rootpwmoddn cn=admin,dc=example,dc=com # SSL options #ssl off #tls_reqcert never # The search scope. #scope sub ___________________________________________________________________ slapd.conf slapd.conf #Basics include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/inetorgperson.schema include /etc/ldap/schema/nis.schema pidfile /var/run/slapd/slapd.pid argsfile /var/run/slapd/slapd.args loglevel trace modulepath /usr/lib/ldap moduleload back_hdb #Database Configuration backend hdb database hdb suffix "dc=amahoro,dc=bi" rootdn "cn=Manager,dc=amahoro,dc=bi" rootpw {SSHA}zH2A+jeSlbl2/UcAXm596KPV4IB/R6x9 directory /var/lib/ldap index objectClass,cn eq #ACLs access to attrs=userPassword by anonymous auth by self write by * none access to * by dn.base="uid=nslcd_proc,ou=System,dc=amahoro,dc=bi" read by self write by * none Please, do you have some ideas? thanks
