Re: Getting ldappasswd and PAM in the same page under CentOS 7

20 Sep 2017


      Am Wed, 20 Sep 2017 12:32:37 -0400 (EDT)
schrieb Robert Heller heller@deepsoft.com:
...
OK, I fixed the ACLs (I think), but it is still not working.  I
turned on verbose debugging for sssd[pam] and moderate debugging for
slapd.
Here are my ACLs
in /etc/openldap/slapd.d/cn=config/olcDatabase={2}hdb.ldif:
olcAccess: {0}to attrs=userPassword
  by self write
  by anonymous auth
  by dn=uid=heller,ou=People,dc=deepsoft,dc=com write
  by * none
olcAccess: {1}to *
  by dn=uid=heller,ou=People,dc=deepsoft,dc=com write
  by * read
There are also these olcAccess entries:
in /etc/openldap/slapd.d/cn=config/olcDatabase={0}config.ldif:
olcAccess: {0}to * by
dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=extern al,cn=auth"
manage by * none
and in /etc/openldap/slapd.d/cn=config/olcDatabase={1}monitor.ldif:
olcAccess: {0}to * by
dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=extern al,cn=auth"
read by dn.base="cn=Manager,dc=deepsoft,dc=com" read by * none
[...]
You may run slapd in debugging mode 128.
-Dieter
-- 
Dieter Klünter | Systemberatung
http://sys4.de
GPG Key ID: E9ED159B
53°37'09,95"N
10°08'02,42"E

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Re: Getting ldappasswd and PAM in the same page under CentOS 7