Hi ML!
I have set up an OpenLDAP server with TLS/SSL support from the repositories. The platform is Debian 10. I followed this guide: https://kifarunix.com/setup-openldap-server-with-ssl-tls-on-debian-10/
Now I want to use the LDAP users on a CentOS 8 client, so I followed this guide in order to set up the LDAP authentication mechanisms: https://kifarunix.com/configure-sssd-for-openldap-authentication-on-centos-8...
The current state is that I get the following message returned when I try to check an LDAP user's ID on the client system:
[root@myldapclient ~]# id testuser id: `testuser´: no such user
Obviously sth. is malconfigured. At least enumerating all LDAP objects works on the client. The command
ldapsearch -h myldapserver.mycompany.mytld -x -D "cn=readonlybind,dc=mycompany,dc=mytld" -W -LLL -b "dc=mycompany,dc=mytld"
returns all of the LDAP's objects.
I'd appreciate hints how to track the issue down. First: What is the default LDAP log on Debian 10 or how can I determine an alternative log, if this is recommended?
Thank you!
__________ Information from mm-lab IT security __________The message was checked by ESET Mail Security.
On 06.12.20 19:45, armin.vehr@mmlab.de wrote:
I'd appreciate hints how to track the issue down. First: What is the default LDAP log on Debian 10 or how can I determine an alternative log, if this is recommended?
Depends on your syslog configuration. Usually /var/log/syslog and /var/log/debug.
But it may to easier to run 'journalctl -fu slapd'
Best regard Ulf
openldap-technical@openldap.org
-
armin.vehr@mmlab.de -
Ulf Volmer