so, there is a little problem.
i was checking with ldapsearch and the answer was "ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)"
i didn't understand the cause. i checked about pid of openldap and there wasn't it. in slapd.conf it has to be in /var/run/slapd/slapd.pid but this file wasn't there. so i went in /var/lib/ldap/ to check DB_CONFIG and it's the follow:
set_cachesize 0 2097152 0 set_lk_max_objects 1500 set_lk_max_locks 1500 set_lk_max_lockers 1500
why?
this morning i deleted old databases with this command:
rm __db.* *.bdb log.*
but i didn't touch DB_CONFIG.
now am trying to restore it but, could you explain the causes of this?
On 02/29/2012 11:55 AM, Adam wrote:
Hi, have you tried using ldapsearch to see if its an issue with nss/pam or an issue with ldap?
I would suggest that your openldap environment is probably working fine (as you seem to have been able to perform the necessary ldapadds) and its probably nss/pam that need fixing.
Try reading here:
http://wiki.debian.org/LDAP/NSS http://wiki.debian.org/LDAP/PAM
Adam.
On 29/02/12 20:50, stefano wrote:
hi,
i started to work with posixAccount objectClass.
i installed libnss-ldap on debian squeeze server. i configured it during install time and i modified nsswitch.conf as follow:
passwd files ldap group files ldap shadow files ldap
and i didn't modify the remains lines.
i succesfully added a structure.ldif file as follow
#the root of the directory dn: dc=amahoro,dc=bi dc: amahoro o: amahoro.bi objectClass: top objectClass: dcObject objectClass: organization
#subtree for the administrators dn: cn=Administrators,dc=amahoro,dc=bi cn: Administrators gidNumber: 100 objectClass: posixGroup
i succesfully added a administrators.ldif file as follow:
#Stefano Malini dn: uid=name,cn=Administrators,dc=amahoro,dc=bi cn: Administrators uid: name uidNumber: 100 gidNumber:100 homeDirectory: /home/name/ #Name info cn: Name Surname sn: Surname givenName: Name displayName: Name Surname #Work info title: System Administrator mail: address@mail #Misc userPassword: {SSHA}vB/RyxNdsVkwc9dDxEuS/sIGESBAkzTw objectClass: posixAccount objectClass: inetOrgPerson
Now, with getent command-line there is not this user. Why?