#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2004
    Posts
    3
    Rep Power
    0

    Question Ldap client on linux, with LDAP server on solaris


    hi,

    I am working on LDAP. I installed the Sun One Directory Server 5.2 on sparc solaris9 machine.
    I am trying to set a LDAP client on a linux machine with redhat9 installed on it by selecting the LDAP option in user authentication menu.It is not able to setup as an ldap client. The usernames set on LDAP server are not working on this machine.I used the baseDN as "dc=ldaptest, dc=com". My
    server's address is 192.168.123.10. Authentication is none. The servers configuration are given below.

    I configured the server with following command
    /usr/lib/ldap/idsconfig is config ldap client
    I set the folliwing attribute values.
    1 Domain to serve : ldaptest.com
    2 Base DN to setup : dc=ldaptest,dc=com
    3 Profile name to create : default
    4 Default Server List : 192.168.123.10
    5 Preferred Server List :
    6 Default Search Scope : one
    7 Credential Level : anonymous
    8 Authentication Method :
    9 Enable Follow Referrals : FALSE
    10 iDS Time Limit :
    11 iDS Size Limit :
    12 Enable crypt password storage : FALSE
    13 Service Auth Method pam_ldap :
    14 Service Auth Method keyserv :
    15 Service Auth Method passwd-cmd:
    16 Search Time Limit : 30
    17 Profile Time to Live : 43200
    18 Bind Limit : 10
    19 Service Search Descriptors Menu

    Now when i configure another sparc solaris machine as an LDAP client with following command, it works.
    #ldapclient manual \
    > -a credentialLevel=anonymous \
    > -a authenticationMethod=none \
    > -a defaultSearchBase=dc=laptest,dc=com \
    > -a domainName=ldaptest.com \
    > -a followReferrals=false \
    > -a defaultServerList=192.168.123.10

    If you can help me, it will be great. Thnx in anticipation.


    nitin
    apstc
  2. #2
  3. Chris Larivee
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2003
    Location
    Littleton, CO
    Posts
    72
    Rep Power
    11
    I would try:

    1. Adding the ldap entry for the RH system in to LDAP.
    2. Editing the /etc/ldap.conf file with your specifications
    3. Edit the /etc/nsswitch.conf file.
    4. Restart or SIGHUP th nscd (thought the SIGHUP can foul users in session).
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2004
    Posts
    3
    Rep Power
    0
    hi

    >1. Adding the ldap entry for the RH system in to LDAP.
    Can you explain this point in more details

    >2. Editing the /etc/ldap.conf file with your specifications
    I edited the /etc/ldap.conf file, with following specifications
    host 192.168.123.10
    base dc=ldaptest, dc=com
    binddn cn=proxyagent,ou=profile,dc=ldaptest,dc=com
    rootbinddn cn=Directory manager,dc=ldaptest,dc=com
    port 389
    scope one
    timelimit 30
    bind_timelimit 10
    pam_password clear
    ssl no

    >3. Edit the /etc/nsswitch.conf file.
    /etc/nsswitch.conf was already edited, when I selected LDAP with /etc/sysconfig/authconfig

    >4. Restart or SIGHUP th nscd (thought the SIGHUP can foul users in session).
    Rebooted the computer

    I have changed the server settings to include proxy. Server settings are
    1 Domain to serve : ldaptest.com
    2 Base DN to setup : dc=ldaptest,dc=com
    3 Profile name to create : default
    4 Default Server List : 192.168.123.10
    5 Preferred Server List :
    6 Default Search Scope : one
    7 Credential Level : proxy
    8 Authentication Method : simple
    9 Enable Follow Referrals : FALSE
    10 iDS Time Limit :
    11 iDS Size Limit :
    12 Enable crypt password storage : FALSE
    13 Service Auth Method pam_ldap : pam_ldap:simple
    14 Service Auth Method keyserv : keyserv:simple
    15 Service Auth Method passwd-cmd: passwd-cmd:simple
    16 Search Time Limit : 30
    17 Profile Time to Live : 43200
    18 Bind Limit : 10
    19 Service Search Descriptors Menu

    My problem remains as such. I still cannot login with an account on ldap server on to the linux client
  6. #4
  7. Chris Larivee
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2003
    Location
    Littleton, CO
    Posts
    72
    Rep Power
    11
    To add the ldap entry I would just modify an existing ldap entry from another system - even a solaris system - to contain the linux machine's information.

    One thing about your configuration you may want to change is the scope to sub - as you probably have the default DIT for LDAP authentication - meaning that your users are in the ou=People branch of dc=ldaptest,dc=com. A scope of one at a search base of dc=ldaptest,dc=com will not look deep enough in the tree to process authentication.
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2004
    Posts
    3
    Rep Power
    0
    Hey

    I changed the scope to sub, but it did not help

    nitin
    apstc
  10. #6
  11. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2004
    Posts
    1
    Rep Power
    0

    Follow up question on ldap


    I have a similar question, i was hoping you can point me to a how-to or some direction to get me started, I am trying to get Linux bind to OpenLdap.
    Linux bind to Sun One 5.2

    if you know of a How-to or have an hints, I only need the client setup side.
    The reason I am researching this option is to get rid of ypbind and use ldap client to bind.


    Appreciate it,

    Ihab
    Originally Posted by nitinjindal83
    hi,

    I am working on LDAP. I installed the Sun One Directory Server 5.2 on sparc solaris9 machine.
    I am trying to set a LDAP client on a linux machine with redhat9 installed on it by selecting the LDAP option in user authentication menu.It is not able to setup as an ldap client. The usernames set on LDAP server are not working on this machine.I used the baseDN as "dc=ldaptest, dc=com". My
    server's address is 192.168.123.10. Authentication is none. The servers configuration are given below.

    I configured the server with following command
    /usr/lib/ldap/idsconfig is config ldap client
    I set the folliwing attribute values.
    1 Domain to serve : ldaptest.com
    2 Base DN to setup : dc=ldaptest,dc=com
    3 Profile name to create : default
    4 Default Server List : 192.168.123.10
    5 Preferred Server List :
    6 Default Search Scope : one
    7 Credential Level : anonymous
    8 Authentication Method :
    9 Enable Follow Referrals : FALSE
    10 iDS Time Limit :
    11 iDS Size Limit :
    12 Enable crypt password storage : FALSE
    13 Service Auth Method pam_ldap :
    14 Service Auth Method keyserv :
    15 Service Auth Method passwd-cmd:
    16 Search Time Limit : 30
    17 Profile Time to Live : 43200
    18 Bind Limit : 10
    19 Service Search Descriptors Menu

    Now when i configure another sparc solaris machine as an LDAP client with following command, it works.
    #ldapclient manual \
    > -a credentialLevel=anonymous \
    > -a authenticationMethod=none \
    > -a defaultSearchBase=dc=laptest,dc=com \
    > -a domainName=ldaptest.com \
    > -a followReferrals=false \
    > -a defaultServerList=192.168.123.10

    If you can help me, it will be great. Thnx in anticipation.


    nitin
    apstc

IMN logo majestic logo threadwatch logo seochat tools logo