More updates. I think I nailed it, but need help moving on.
On Thu, 6 Sep 2001 at 00:52, Federico Sevilla III wrote:
> That error not being able to bind was true.
My /etc/shadow uses MD5. I "hacked" (more like edited) the perl migration
scrits so that instead of prepending "{crypt}" to the encrypted passwords
in /etc/shadow, it prepends "{MD5}". Unfortunately things didn't work.
I wrote a small C program to use crypt(), and encrypted my password,
modified my userPassword field (while bound as root) to {crypt}<output
here> and guess what: EVERYTHING WORKS! By everything I mean I can log in,
even as a user that is not in the local password database. But then of
course because I loaded everyone with their MD5 passwords, I can't log in
as everyone. Only two users whose passwords I manually changed using my
crypt program.
I've already tried the following to get the MD5 passwords working:
o in /etc/ldap/slapd.conf: "password-hash {MD5}"
o in /etc/pam_ldap.conf: "pam_password crypt" and "crypt md5"
To no avail.
BTW, I've already gotten nscd to speed things up (significantly, only slow
on first ls where the chunk of uids are encountered, after that it whizzes
away). However the gids are not resolved to the group cns. Here's an
example entry for my ou=Group,dc=leathercollection,dc=ph:
dn: cn=robert,ou=Group,dc=leathercollection,dc=ph
objectClass: posixGroup
objectClass: top
cn: robert
gidNumber: 1014
Is this sufficient data? This is what the migrate_group.pl created. I'm
not yet quite familiar with the schema for this.
Thanks everyone (especially Orly and William) for your help! :)
--> Jijo
--
Federico Sevilla III :: [EMAIL PROTECTED]
Network Administrator :: The Leather Collection, Inc.
GnuPG Key: <http://jijo.leathercollection.ph/jijo.gpg>
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
