hi, installed openldap and configured nslcd.conf and nsswitch.conf. At the moment getent passwd doesn't show ldap user. I create a user nslcd_proc for nslcd lookups. this user belong to the System organizationalUnit.
You can see some checks.
FIRST SHELL nslcd -d nslcd: DEBUG: add_uri(ldap://localhost:389) nslcd: version 0.7.15 starting nslcd: DEBUG: unlink() of /var/run/nslcd/socket failed (ignored): No such file or directory nslcd: DEBUG: setgroups(0,NULL) done nslcd: DEBUG: setgid(107) done nslcd: DEBUG: setuid(105) done nslcd: accepting connections
SECOND SHELL: getent passwd-->shows only local users
FIRST SHELL shows:
nslcd: [8b4567] DEBUG: connection from pid=2055 uid=0 gid=0 nslcd: [8b4567] DEBUG: nslcd_passwd_all() nslcd: [8b4567] DEBUG: myldap_search(base="dc=amahoro,dc=bi", filter="(objectClass=posixAccount)") nslcd: [8b4567] DEBUG: ldap_initialize(ldap://localhost:389) nslcd: [8b4567] DEBUG: ldap_set_rebind_proc() nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3) nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_DEREF,0) nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_TIMELIMIT,0) nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_TIMEOUT,0) nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,0) nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON) nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON) nslcd: [8b4567] DEBUG: ldap_simple_bind_s("uid=nslcd_proc,ou=System,dc=amahoro,dc=bi","***") (uri="ldap://localhost:389") nslcd: [8b4567] ldap_result() failed: No such object
These are the permissions of nslcd files and folder
ls -ld /etc/nslcd.conf /var/run/nslcd/ /var/run/nslcd/* -rw-r----- 1 root nslcd 635 Apr 21 11:54 /etc/nslcd.conf drwxr-xr-x 2 nslcd nslcd 4096 Apr 21 11:55 /var/run/nslcd/ -rw-r--r-- 1 root root 5 Apr 21 11:55 /var/run/nslcd/nslcd.pid srw-rw-rw- 1 root root 0 Apr 21 11:55 /var/run/nslcd/socket
Opening /var/run/nslcd/socket it shows: Error reading /var/run/nslcd/socket: No such device or address
Follow nslcd.conf and slapd.conf.
__________________________________________________________________ # /etc/nslcd.conf # nslcd configuration file. See nslcd.conf(5) # for details.
# The user and group nslcd should run as. uid nslcd gid nslcd
# The location at which the LDAP server(s) should be reachable. uri ldap://localhost:389
# The search base that will be used for all queries. base dc=amahoro,dc=bi
# The LDAP protocol version to use. #ldap_version 3
# The DN to bind with for normal lookups. binddn uid=nslcd_proc,ou=System,dc=amahoro,dc=bi bindpw *****
# The DN used for password modifications by root. #rootpwmoddn cn=admin,dc=example,dc=com
# SSL options #ssl off #tls_reqcert never
# The search scope. #scope sub ___________________________________________________________________ slapd.conf
slapd.conf #Basics include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/inetorgperson.schema include /etc/ldap/schema/nis.schema
pidfile /var/run/slapd/slapd.pid argsfile /var/run/slapd/slapd.args loglevel trace modulepath /usr/lib/ldap moduleload back_hdb
#Database Configuration backend hdb database hdb suffix "dc=amahoro,dc=bi" rootdn "cn=Manager,dc=amahoro,dc=bi" rootpw {SSHA}zH2A+jeSlbl2/UcAXm596KPV4IB/R6x9 directory /var/lib/ldap index objectClass,cn eq
#ACLs access to attrs=userPassword by anonymous auth by self write by * none
access to * by dn.base="uid=nslcd_proc,ou=System,dc=amahoro,dc=bi" read by self write by * none
Please, do you have some ideas?
thanks
openldap-technical@openldap.org