On 08/27/10 09:56 PM, Stuart Cherrington wrote:
Date: Fri, 27 Aug 2010 21:33:42 +1200
# default, profile, ldn.sw.com dn: cn=default,ou=profile,dc=ldn,dc=sw,dc=com *defaultSearchBase: dc=ldn,dc=sw,dc=com* authenticationMethod: simple followReferrals: TRUE profileTTL: 43200 searchTimeLimit: 30 objectClass: DUAConfigProfile defaultServerList: 10.2.250.15 credentialLevel: proxy cn: default defaultSearchScope: one
You should add
serviceSearchDescriptor: passwd:<people base> serviceSearchDescriptor: group:<group base>
I initially had these (and one for shadow) but they didn't make any difference the error, but I expect I'll need them when its in operation.
What are the searches being run (from your slapd.log)?
Do the work?
The first search '(&(objectClass=nisDomainObject)(nisDomain=your domain')) should return your nisDomain, the next the profile.