thanks for your help
now without modification( Two hours after ), getent passwd is good Oo ?!
but stop/start of ldap server : tail -f /var/log/messages :
Nov 13 14:51:07 srvtest3 slapd[4184]: nss_ldap: could not search LDAP server - Server is unavailable Nov 13 14:54:17 srvtest3 runuser: nss_ldap: could not search LDAP server - Server is unavailable Nov 13 14:54:17 srvtest3 last message repeated 7 times Nov 13 14:54:17 srvtest3 slapd[4285]: nss_ldap: could not search LDAP server - Server is unavailable
my slapd.conf :
include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema
# logs
loglevel 256
# needed for login_ldap allow bind_v2 pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.args database bdb suffix "dc=midian,dc=org" rootdn "cn=god,dc=midian,dc=org" rootpw {SSHA}EkM4ViGxzWnZQ2n5hKBBcvFMTcCO+0E4 directory /var/lib/ldap
# Droit creation fichier mode 0600
# Les attributs index
index objectClass eq index cn,sn,uid pres,sub,eq index uidNumber,gidNumber eq index memberUid pres,eq index host pres,eq
# ACL
#access to attrs=userPassword # by dn="cn=god,dc=midian,dc=org" write # by dn="cn=proxyuser,dc=midian,dc=org" read # by self write # by anonymous auth # by * none
#access to attrs=uidNumber,gidNumber # by dn="cn=god,dc=midian,dc=org" write # by dn="cn=proxyuser,dc=midian,dc=org" read
#access to * # by dn="cn=proxyuser,dc=midian,dc=org" read # by dn="cn=god,dc=midian,dc=org" write # by self write # by * read
access to attrs=userPassword by dn="cn=god,dc=midian,dc=org" write by dn="cn=proxyuser,dc=midian,dc=org" read by self write by anonymous auth by * none
access to attrs=uidNumber,gidNumber by dn="cn=god,dc=midian,dc=org" write by dn="cn=proxyuser,dc=midian,dc=org" read by * read
access to * by dn="cn=god,dc=midian,dc=org" write by self write by * read
# CA signed certificate and server cert entries:
# TLS & SSL
#TLSCipherSuite HIGH:MEDIUM:+SSLv2 TLSCertificateFile /ssl-ldap/certs/ldap.crt TLSCertificateKeyFile /ssl-ldap/private/ldap.key TLSCACertificateFile /ssl-ldap/ca.crt
# Use the following if client authentication is required #TLSVerifyClient demand # ... or not desired at all TLSVerifyClient never
nothing wrong ?
On Thu, 13 Nov 2008 15:36:59 +0200, p_pavlos@freemail.gr (Pavlos Parissis) wrote:
hello all,
My problem, when I start my server ldap in my log
Nov 13 12:34:10 srvtest3 slapd[3738]: daemon: shutdown requested and initiated. Nov 13 12:34:10 srvtest3 slapd[3738]: slapd shutdown: waiting for 0
threads
to terminate Nov 13 12:34:10 srvtest3 slapd[3738]: slapd stopped. Nov 13 12:34:12 srvtest3 slapd[3800]: @(#) $OpenLDAP: slapd 2.3.27 (Jul
2
2008 04:29:17) $ brewbuilder@hs20-bc2-2.build.redhat.com:/builddir/build/BUIL D/openldap-2.3.27/openldap-2.3.27/build-servers/servers/slapd
Nov 13 12:34:12 srvtest3 slapd[3800]: nss_ldap: could not search LDAP server - Server is unavailable Nov 13 12:34:12 srvtest3 slapd[3800]: nss_ldap: could not search LDAP server - Server is unavailable
Nov 13 12:34:12 srvtest3 slapd[3800]: /etc/openldap/slapd.conf: line 55: rootdn is always granted unlimited privileges. Nov 13 12:34:12 srvtest3 slapd[3800]: /etc/openldap/slapd.conf: line 60: rootdn is always granted unlimited privileges. Nov 13 12:34:12 srvtest3 slapd[3800]: /etc/openldap/slapd.conf: line 65: rootdn is always granted unlimited privileges. Nov 13 12:34:12 srvtest3 slapd[3801]: slapd starting
I do not understand where is the problem, in my /etc/ldap.conf ?
You need to send us the configuration in order to find out why slapd is complaining.
this command :
getent passwd
no user displays ldap
This error may not have any connections with your configuration issue on slapd. Several other things have to be configured correctly to get LDAP authentication on the system without issues.
For now, just try to see why slapd is complaining. When this is fixed you need to check several docs on net for configuring LDAP authentication on your system.
someone would have an idea? thanks
--
- GanGan -