subject:"\[Bug 222003\] Re\: Can't contact LDAP server"

[Bug 222003] Re: Can't contact LDAP server

2009-09-25 Thread Dimitrios Symeonidis

if I understood correctly, this was a configuration error, right? closing as 
invalid
please change back if I'm wrong...

** Changed in: libpam-ldap (Ubuntu)
   Status: Incomplete = Invalid

-- 
Can't contact LDAP server
https://bugs.launchpad.net/bugs/222003
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libpam-ldap in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 222003] Re: Can't contact LDAP server

2009-09-25 Thread Dimitrios Symeonidis

if I understood correctly, this was a configuration error, right? closing as 
invalid
please change back if I'm wrong...

** Changed in: libpam-ldap (Ubuntu)
   Status: Incomplete = Invalid

-- 
Can't contact LDAP server
https://bugs.launchpad.net/bugs/222003
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 222003] Re: Can't contact LDAP server

2008-10-27 Thread Mathias Gug

Are you using a self-signed certificate?

Please note that starting from hardy (8.04) openldap is using gnutls
instead of openssl, which is much more strict about certificates. Make
sure that you're *not* using self certificates and that *all* the CA
certificates are available on the client system.

** Changed in: libpam-ldap (Ubuntu)
   Status: New = Incomplete

-- 
Can't contact LDAP server
https://bugs.launchpad.net/bugs/222003
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libpam-ldap in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 222003] Re: Can't contact LDAP server

2008-10-27 Thread Odin Hørthe Omdal

Well, no of course. I think it a bit far fetched to not be able to use a
self-signedd cert as *I'M* the one setting up the clients, and I should
be perfectly aware which certificate is mine. I don't think that it is a
good user friendly (or admin friendly) way to require to fork out
useless money for something we don't need :-)

I'm rather surprised that you REQUIRE CA signed certificates.

Anyway, as I said, the config worked when I used ldap_example on the
clients. And everything is working perfectly fine here now, a mixed
Windows/Ubuntu environment with Debian server using self-signed
certificates and all.

Ah, but I actually think I don't have any TLS enabled at all, seemed
overkill and I didn't want to set it up. :-)

-- 
Can't contact LDAP server
https://bugs.launchpad.net/bugs/222003
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libpam-ldap in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 222003] Re: Can't contact LDAP server

2008-10-27 Thread Mathias Gug

Are you using a self-signed certificate?

Please note that starting from hardy (8.04) openldap is using gnutls
instead of openssl, which is much more strict about certificates. Make
sure that you're *not* using self certificates and that *all* the CA
certificates are available on the client system.

** Changed in: libpam-ldap (Ubuntu)
   Status: New = Incomplete

-- 
Can't contact LDAP server
https://bugs.launchpad.net/bugs/222003
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 222003] Re: Can't contact LDAP server

2008-10-27 Thread Odin Hørthe Omdal

Well, no of course. I think it a bit far fetched to not be able to use a
self-signedd cert as *I'M* the one setting up the clients, and I should
be perfectly aware which certificate is mine. I don't think that it is a
good user friendly (or admin friendly) way to require to fork out
useless money for something we don't need :-)

I'm rather surprised that you REQUIRE CA signed certificates.

Anyway, as I said, the config worked when I used ldap_example on the
clients. And everything is working perfectly fine here now, a mixed
Windows/Ubuntu environment with Debian server using self-signed
certificates and all.

Ah, but I actually think I don't have any TLS enabled at all, seemed
overkill and I didn't want to set it up. :-)

-- 
Can't contact LDAP server
https://bugs.launchpad.net/bugs/222003
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 222003] Re: Can't contact LDAP server

2008-10-26 Thread Steve Langasek

** Changed in: libpam-ldap (Ubuntu)
Sourcepackagename: pam = libpam-ldap

-- 
Can't contact LDAP server
https://bugs.launchpad.net/bugs/222003
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libpam-ldap in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 222003] Re: Can't contact LDAP server

2008-10-26 Thread Steve Langasek

** Changed in: libpam-ldap (Ubuntu)
Sourcepackagename: pam = libpam-ldap

-- 
Can't contact LDAP server
https://bugs.launchpad.net/bugs/222003
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 222003] Re: Can't contact LDAP server

2008-10-23 Thread IanW

** Changed in: pam (Ubuntu)
Sourcepackagename: None = pam

-- 
Can't contact LDAP server
https://bugs.launchpad.net/bugs/222003
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 222003] Re: Can't contact LDAP server

2008-10-23 Thread Odin Hørthe Omdal

Actually I fixed it by using

 auth-client-config -a -p ldap_example

and thus using Ubuntu's provided ldap pam-configuration and *not* the
one used in that big often-followed tutorial[1]. Sorry for the noise.
Although I don't know the difference, why the provided ldap_example
works and the one in the tutorial doesn't.

1. http://ubuntuforums.org/showthread.php?t=640760

-- 
Can't contact LDAP server
https://bugs.launchpad.net/bugs/222003
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 222003] Re: Can't contact LDAP server

2008-10-15 Thread Odin Hørthe Omdal

I've followed the same guide (but only for clients, my server is running
Debian with openldap). The Ubuntu client that I'm using is Intrepid
(although it seems this is a rather common error no matter
distribution).

I've tried every combination of settings on the client, and it seems to
work as

finger ldapuser

returns nice information. ldapsearch -x  also returns the user
database... So it's only PAM that can't connect:

Oct 15 14:06:52 stavanger login[4135]: pam_ldap: ldap_simple_bind Can't contact 
LDAP server
Oct 15 14:06:52 stavanger login[4135]: pam_ldap: reconnecting to LDAP server...
Oct 15 14:06:52 stavanger login[4135]: pam_ldap: ldap_simple_bind Can't contact 
LDAP server
Oct 15 14:06:54 stavanger login[4135]: FAILED LOGIN (2) on 'tty4' FOR 
`ldapuser', Authentication failure

-- 
Can't contact LDAP server
https://bugs.launchpad.net/bugs/222003
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 222003] Re: Can't contact LDAP server

2008-05-25 Thread FMartins

I have the same problem. In my case, I upgraded from 7.10 to 8.04 and
then I've been following the howto (*) and got stuck at authentication
of ldap user.

Let me know if I can provide further info.

(*) http://www.rrcomputerconsulting.com/view.php?article_id=3

-- 
Can't contact LDAP server
https://bugs.launchpad.net/bugs/222003
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 222003] Re: Can't contact LDAP server

2008-05-22 Thread byte71

i have the same problem with ldap authentication on kubuntu 8.04 desktop adm64 
i had the same ldap.conf configuration made on kubuntu 7.10 working good.
My ldap authentication works with ssl/tls below my ldap.conf

# @(#)$Id: ldap.conf,v 2.37 2004/09/09 06:31:07 lukeh Exp $
#
# This is the configuration file for the LDAP nameservice
# switch library and the LDAP PAM module.
#
# PADL Software
# http://www.padl.com
#

# Your LDAP server. Must be resolvable without using LDAP.
# Multiple hosts may be specified, each separated by a 
# space. How long nss_ldap takes to failover depends on
# whether your LDAP client library supports configurable
# network or connect timeouts (see bind_timelimit).
# These are old settings, use uri
#host  myldapserver
#host 127.0.0.1
#host 192.168.1.224

# The distinguished name of the search base.
base dc=mydomain,dc=com

# Another way to specify your LDAP server is to provide an
# uri with the server name. This allows to use
# Unix Domain Sockets to connect to a local LDAP Server.
#uri ldap://127.0.0.1/
#uri ldaps://127.0.0.1/   
#uri ldapi://%2fvar%2frun%2fldapi_sock/
# Note: %2f encodes the '/' used as directory separator
uri  ldaps://myldapserver  
#uri ldaps://192.168.1.224

# The LDAP version to use (defaults to 3
# if supported by client library)
ldap_version 3

# The distinguished name to bind to the server with.
# Optional: default is to bind anonymously.
#binddn cn=,dc=mydomain,dc=com

# The credentials to bind with. 
# Optional: default is no credential.
#bindpw your_password

# The distinguished name to bind to the server with
# if the effective user ID is root. Password is
# stored in /etc/ldap.secret (mode 600)
#rootbinddn cn=,dc=mydomain,dc=com

# The port.
# Optional: default is 389.
#port 389

# The search scope.
#scope sub
#scope one
#scope base

# Search timelimit
timelimit 2

# Bind/connect timelimit
bind_timelimit 2

# Reconnect policy: hard (default) will retry connecting to
# the software with exponential backoff, soft will fail
# immediately.
#bind_policy hard
bind_policy soft
# Idle timelimit; client will close connections
# (nss_ldap only) if the server has not been contacted
# for the number of seconds specified below.
#idle_timelimit 3600

# Filter to AND with uid=%s
#pam_filter objectclass=posixAccount

# The user ID attribute (defaults to uid)
#pam_login_attribute uid

# Search the root DSE for the password policy (works
# with Netscape Directory Server)
#pam_lookup_policy yes

# Check the 'host' attribute for access control
# Default is no; if set to yes, and user has no
# value for the host attribute, and pam_ldap is
# configured for account management (authorization)
# then the user will not be allowed to login.
#pam_check_host_attr yes

# Check the 'authorizedService' attribute for access
# control
# Default is no; if set to yes, and the user has no
# value for the authorizedService attribute, and
# pam_ldap is configured for account management
# (authorization) then the user will not be allowed
# to login.
#pam_check_service_attr yes

# Group to enforce membership of
#pam_groupdn cn=PAM,ou=Groups,dc=padl,dc=com

# Group member attribute
#pam_member_attribute uniquemember

# Specify a minium or maximum UID number allowed
#pam_min_uid 0
#pam_max_uid 0

# Template login attribute, default template user
# (can be overriden by value of former attribute
# in user's entry)
#pam_login_attribute userPrincipalName
#pam_template_login_attribute uid
#pam_template_login nobody

# HEADS UP: the pam_crypt, pam_nds_passwd,
# and pam_ad_passwd options are no
# longer supported.
#
# If you are using XAD, you can set pam_password
# to racf, ad, or exop. Make sure that you have
# SSL enabled.

# Do not hash the password at all; presume
# the directory server will do it, if
# necessary. This is the default.
#pam_password clear

# Hash password locally; required for University of
# Michigan LDAP server, and works with Netscape
# Directory Server if you're using the UNIX-Crypt
# hash mechanism and not using the NT Synchronization
# service. 
pam_password md5

# Remove old password first, then update in
# cleartext. Necessary for use with Novell
# Directory Services (NDS)
#pam_password nds

# RACF is an alias for the above. For use with
# IBM RACF
#pam_password racf

# Update Active Directory password, by
# creating Unicode password and updating
# unicodePwd attribute.
#pam_password ad

# Use the OpenLDAP password change
# extended operation to update the password.
#pam_password exop

# Redirect users to a URL or somesuch on password
# changes.
#pam_password_prohibit_message Please visit http://internal to change your 
password.

# RFC2307bis naming contexts
# Syntax:
# nss_base_XXX  base?scope?filter
# where scope is {base,one,sub}
# and filter is a filter to be 'd with the
# default filter.
# You can omit the suffix eg:
# nss_base_passwd   ou=People,
# to append the default base DN but this
# may incur a small performance impact.
nss_base_passwd

[Bug 222003] Re: Can't contact LDAP server

2008-05-22 Thread byte71

i have the same problem with ldap authentication on kubuntu 8.04 desktop adm64 
i had the same ldap.conf configuration made on kubuntu 7.10 working good.
My ldap authentication works with ssl/tls below my ldap.conf

# @(#)$Id: ldap.conf,v 2.37 2004/09/09 06:31:07 lukeh Exp $
#
# This is the configuration file for the LDAP nameservice
# switch library and the LDAP PAM module.
#
# PADL Software
# http://www.padl.com
#

# Your LDAP server. Must be resolvable without using LDAP.
# Multiple hosts may be specified, each separated by a 
# space. How long nss_ldap takes to failover depends on
# whether your LDAP client library supports configurable
# network or connect timeouts (see bind_timelimit).
# These are old settings, use uri
#host  myldapserver
#host 127.0.0.1
#host 192.168.1.224

# The distinguished name of the search base.
base dc=mydomain,dc=com

# Another way to specify your LDAP server is to provide an
# uri with the server name. This allows to use
# Unix Domain Sockets to connect to a local LDAP Server.
#uri ldap://127.0.0.1/
#uri ldaps://127.0.0.1/   
#uri ldapi://%2fvar%2frun%2fldapi_sock/
# Note: %2f encodes the '/' used as directory separator
uri  ldaps://myldapserver  
#uri ldaps://192.168.1.224

# The LDAP version to use (defaults to 3
# if supported by client library)
ldap_version 3

# The distinguished name to bind to the server with.
# Optional: default is to bind anonymously.
#binddn cn=,dc=mydomain,dc=com

# The credentials to bind with. 
# Optional: default is no credential.
#bindpw your_password

# The distinguished name to bind to the server with
# if the effective user ID is root. Password is
# stored in /etc/ldap.secret (mode 600)
#rootbinddn cn=,dc=mydomain,dc=com

# The port.
# Optional: default is 389.
#port 389

# The search scope.
#scope sub
#scope one
#scope base

# Search timelimit
timelimit 2

# Bind/connect timelimit
bind_timelimit 2

# Reconnect policy: hard (default) will retry connecting to
# the software with exponential backoff, soft will fail
# immediately.
#bind_policy hard
bind_policy soft
# Idle timelimit; client will close connections
# (nss_ldap only) if the server has not been contacted
# for the number of seconds specified below.
#idle_timelimit 3600

# Filter to AND with uid=%s
#pam_filter objectclass=posixAccount

# The user ID attribute (defaults to uid)
#pam_login_attribute uid

# Search the root DSE for the password policy (works
# with Netscape Directory Server)
#pam_lookup_policy yes

# Check the 'host' attribute for access control
# Default is no; if set to yes, and user has no
# value for the host attribute, and pam_ldap is
# configured for account management (authorization)
# then the user will not be allowed to login.
#pam_check_host_attr yes

# Check the 'authorizedService' attribute for access
# control
# Default is no; if set to yes, and the user has no
# value for the authorizedService attribute, and
# pam_ldap is configured for account management
# (authorization) then the user will not be allowed
# to login.
#pam_check_service_attr yes

# Group to enforce membership of
#pam_groupdn cn=PAM,ou=Groups,dc=padl,dc=com

# Group member attribute
#pam_member_attribute uniquemember

# Specify a minium or maximum UID number allowed
#pam_min_uid 0
#pam_max_uid 0

# Template login attribute, default template user
# (can be overriden by value of former attribute
# in user's entry)
#pam_login_attribute userPrincipalName
#pam_template_login_attribute uid
#pam_template_login nobody

# HEADS UP: the pam_crypt, pam_nds_passwd,
# and pam_ad_passwd options are no
# longer supported.
#
# If you are using XAD, you can set pam_password
# to racf, ad, or exop. Make sure that you have
# SSL enabled.

# Do not hash the password at all; presume
# the directory server will do it, if
# necessary. This is the default.
#pam_password clear

# Hash password locally; required for University of
# Michigan LDAP server, and works with Netscape
# Directory Server if you're using the UNIX-Crypt
# hash mechanism and not using the NT Synchronization
# service. 
pam_password md5

# Remove old password first, then update in
# cleartext. Necessary for use with Novell
# Directory Services (NDS)
#pam_password nds

# RACF is an alias for the above. For use with
# IBM RACF
#pam_password racf

# Update Active Directory password, by
# creating Unicode password and updating
# unicodePwd attribute.
#pam_password ad

# Use the OpenLDAP password change
# extended operation to update the password.
#pam_password exop

# Redirect users to a URL or somesuch on password
# changes.
#pam_password_prohibit_message Please visit http://internal to change your 
password.

# RFC2307bis naming contexts
# Syntax:
# nss_base_XXX  base?scope?filter
# where scope is {base,one,sub}
# and filter is a filter to be 'd with the
# default filter.
# You can omit the suffix eg:
# nss_base_passwd   ou=People,
# to append the default base DN but this
# may incur a small performance impact.
nss_base_passwd

[Bug 222003] Re: Can't contact LDAP server

2008-04-27 Thread JimmY2K

I was having the same problem, and I found out that 
/lib/security/pam_smbpass.so wasn't on my system. 
apt-get install libpam-smbpass
will fix the trouble.

-- 
Can't contact LDAP server
https://bugs.launchpad.net/bugs/222003
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Re: [Bug 222003] Re: Can't contact LDAP server

2008-04-27 Thread drjato

Just to clarify. I don't think the pam_smbpass.so messages have anything to
do with the LDAP connection. Did you have the LDAP problem too and did this
solve it?

For those interested, just ask me for the details you need about my LDAP set
up or about any test I should do.


** Attachment added: unnamed
   http://launchpadlibrarian.net/13969962/unnamed

-- 
Can't contact LDAP server
https://bugs.launchpad.net/bugs/222003
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 222003] Re: Can't contact LDAP server

2008-04-26 Thread Rkimber

Just to say that I'm getting the same errors after upgrading.  They all
seem to be triggered by cron jobs.

-- 
Can't contact LDAP server
https://bugs.launchpad.net/bugs/222003
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 222003] Re: Can't contact LDAP server

2008-04-25 Thread drjato

** Description changed:

  I'm trying to set up ldap authentication in a fresh 8.04 installation.
  I've done exactly as we have in working 7.10 machines but it doesn't
  work.
  
  This is what I get in auth.log:
  
- Apr 25 18:02:23 labs01pc login[9311]: PAM unable to 
dlopen(/lib/security/pam_smbpass.so)
- Apr 25 18:02:23 labs01pc login[9311]: PAM [error: 
/lib/security/pam_smbpass.so: cannot open shared object file: No such file or 
directory]
- Apr 25 18:02:23 labs01pc login[9311]: PAM adding faulty module: 
/lib/security/pam_smbpass.so
- Apr 25 18:02:27 labs01pc login[9311]: pam_ldap: ldap_simple_bind Can't 
contact LDAP server
- Apr 25 18:02:27 labs01pc login[9311]: pam_ldap: reconnecting to LDAP server...
- Apr 25 18:02:27 labs01pc login[9311]: pam_ldap: ldap_simple_bind Can't 
contact LDAP server
- Apr 25 18:02:27 labs01pc login[9311]: pam_unix(login:auth): check pass; user 
unknown
- Apr 25 18:02:27 labs01pc login[9311]: pam_unix(login:auth): authentication 
failure; logname=LOGIN uid=0 euid=0 tty=tty4 ruser= rhost= 
- Apr 25 18:02:30 labs01pc login[9311]: FAILED LOGIN (1) on 'tty4' FOR 
`UNKNOWN', User not known to the underlying authentication module
+ Apr 25 18:02:23 labclient login[9311]: PAM unable to 
dlopen(/lib/security/pam_smbpass.so)
+ Apr 25 18:02:23 labclient login[9311]: PAM [error: 
/lib/security/pam_smbpass.so: cannot open shared object file: No such file or 
directory]
+ Apr 25 18:02:23 labclient login[9311]: PAM adding faulty module: 
/lib/security/pam_smbpass.so
+ Apr 25 18:02:27 labclient login[9311]: pam_ldap: ldap_simple_bind Can't 
contact LDAP server
+ Apr 25 18:02:27 labclient login[9311]: pam_ldap: reconnecting to LDAP 
server...
+ Apr 25 18:02:27 labclient login[9311]: pam_ldap: ldap_simple_bind Can't 
contact LDAP server
+ Apr 25 18:02:27 labclient login[9311]: pam_unix(login:auth): check pass; user 
unknown
+ Apr 25 18:02:27 labclient login[9311]: pam_unix(login:auth): authentication 
failure; logname=LOGIN uid=0 euid=0 tty=tty4 ruser= rhost= 
+ Apr 25 18:02:30 labclient login[9311]: FAILED LOGIN (1) on 'tty4' FOR 
`UNKNOWN', User not known to the underlying authentication module
  
  And this is from ldapsearch -d 1:
  
  ldap_create
  ldap_pvt_sasl_getmech
  ldap_search
  put_filter: (objectclass=*)
  put_filter: simple
  put_simple_filter: objectclass=*
  ldap_send_initial_request
  ldap_new_connection 1 1 0
  ldap_int_open_connection
- ldap_connect_to_host: TCP 172.19.30.3:636
+ ldap_connect_to_host: TCP 172.19.66.6:636
  ldap_new_socket: 4
  ldap_prepare_socket: 4
- ldap_connect_to_host: Trying 172.19.30.3:636
+ ldap_connect_to_host: Trying 172.19.66.6:636
  ldap_pvt_connect: fd: 4 tm: -1 async: 0
- TLS: hostname (172.19.30.3) does not match common name in certificate 
(172.19.30.3).
+ TLS: hostname (172.19.66.6) does not match common name in certificate 
(172.19.66.6).
  ldap_err2string
  ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
  
- I guess it has something to do with the TLS: hostname (172.19.30.3)
- does not match common name in certificate (172.19.30.3). line. Weird.
+ I guess it has something to do with the TLS: hostname (172.19.66.6)
+ does not match common name in certificate (172.19.66.6). line. Weird.

-- 
Can't contact LDAP server
https://bugs.launchpad.net/bugs/222003
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 222003] Re: Can't contact LDAP server

2008-04-25 Thread trollord

Broken certificate.. I don't think it even should contact that server,
ever.

-- 
Can't contact LDAP server
https://bugs.launchpad.net/bugs/222003
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Re: [Bug 222003] Re: Can't contact LDAP server

2008-04-25 Thread drjato

The certificate is not broken. It's the same we are using in every other
single machine, from desktop computers with Ubuntu 7.04 and 7.10 to all the
servers with Debian, Fedora...

I know it looks like a broken certificate problem, but I think it's not. At
first I thought it couldn't be found by the LDAP client but from the
ldapsearch messages I understand it does.

On Fri, Apr 25, 2008 at 9:37 PM, trollord [EMAIL PROTECTED] wrote:

 Broken certificate.. I don't think it even should contact that server,
 ever.

 --
 Can't contact LDAP server
 https://bugs.launchpad.net/bugs/222003
 You received this bug notification because you are a direct subscriber
 of the bug.

 Status in Ubuntu: New

 Bug description:
 I'm trying to set up ldap authentication in a fresh 8.04 installation. I've
 done exactly as we have in working 7.10 machines but it doesn't work.

 This is what I get in auth.log:

 Apr 25 18:02:23 labclient login[9311]: PAM unable to
 dlopen(/lib/security/pam_smbpass.so)
 Apr 25 18:02:23 labclient login[9311]: PAM [error:
 /lib/security/pam_smbpass.so: cannot open shared object file: No such file
 or directory]
 Apr 25 18:02:23 labclient login[9311]: PAM adding faulty module:
 /lib/security/pam_smbpass.so
 Apr 25 18:02:27 labclient login[9311]: pam_ldap: ldap_simple_bind Can't
 contact LDAP server
 Apr 25 18:02:27 labclient login[9311]: pam_ldap: reconnecting to LDAP
 server...
 Apr 25 18:02:27 labclient login[9311]: pam_ldap: ldap_simple_bind Can't
 contact LDAP server
 Apr 25 18:02:27 labclient login[9311]: pam_unix(login:auth): check pass;
 user unknown
 Apr 25 18:02:27 labclient login[9311]: pam_unix(login:auth): authentication
 failure; logname=LOGIN uid=0 euid=0 tty=tty4 ruser= rhost=
 Apr 25 18:02:30 labclient login[9311]: FAILED LOGIN (1) on 'tty4' FOR
 `UNKNOWN', User not known to the underlying authentication module

 And this is from ldapsearch -d 1:

 ldap_create
 ldap_pvt_sasl_getmech
 ldap_search
 put_filter: (objectclass=*)
 put_filter: simple
 put_simple_filter: objectclass=*
 ldap_send_initial_request
 ldap_new_connection 1 1 0
 ldap_int_open_connection
 ldap_connect_to_host: TCP 172.19.66.6:636
 ldap_new_socket: 4
 ldap_prepare_socket: 4
 ldap_connect_to_host: Trying 172.19.66.6:636
 ldap_pvt_connect: fd: 4 tm: -1 async: 0
 TLS: hostname (172.19.66.6) does not match common name in certificate (
 172.19.66.6).
 ldap_err2string
 ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)

 I guess it has something to do with the TLS: hostname (172.19.66.6) does
 not match common name in certificate (172.19.66.6). line. Weird.



** Attachment added: unnamed
   http://launchpadlibrarian.net/13913034/unnamed

-- 
Can't contact LDAP server
https://bugs.launchpad.net/bugs/222003
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 222003] Re: Can't contact LDAP server

[Bug 222003] Re: Can't contact LDAP server

[Bug 222003] Re: Can't contact LDAP server

[Bug 222003] Re: Can't contact LDAP server

[Bug 222003] Re: Can't contact LDAP server

[Bug 222003] Re: Can't contact LDAP server

[Bug 222003] Re: Can't contact LDAP server

[Bug 222003] Re: Can't contact LDAP server

[Bug 222003] Re: Can't contact LDAP server

[Bug 222003] Re: Can't contact LDAP server

[Bug 222003] Re: Can't contact LDAP server

[Bug 222003] Re: Can't contact LDAP server

[Bug 222003] Re: Can't contact LDAP server

[Bug 222003] Re: Can't contact LDAP server

[Bug 222003] Re: Can't contact LDAP server

Re: [Bug 222003] Re: Can't contact LDAP server

[Bug 222003] Re: Can't contact LDAP server

[Bug 222003] Re: Can't contact LDAP server

[Bug 222003] Re: Can't contact LDAP server

Re: [Bug 222003] Re: Can't contact LDAP server

20 matches

Site Navigation

Mail list logo

Footer information