Hello, I could please use your help regarding issues I am seeing with user
access authenticating to my new LDAP server.
I am new to LDAP, and am building my first server.
I have created a new user (lou) and client (ldapServer) and am trying to
authenticate the user through the client.
I have configured the LDAP server to also be the LDAP test client.
I am seeing the following errors in the /var/log/sssd/sssd_default.log when
I run:
getent passwd lou
or
su - lou
(Fri Sep 25 16:43:15 2015) [sssd[be[default]]] [fo_resolve_service_send]
(0x0100): Trying to resolve service 'LDAP'
(Fri Sep 25 16:43:15 2015) [sssd[be[default]]] [sdap_get_rootdse_done]
(0x0040): RootDSE could not be retrieved. Please check that anonymous access
to RootDSE is allowed
(Fri Sep 25 16:43:15 2015) [sssd[be[default]]] [sdap_cli_auth_step]
(0x0100): expire timeout is 900
(Fri Sep 25 16:43:15 2015) [sssd[be[default]]] [fo_set_port_status]
(0x0100): Marking port 389 of server 'IP_Address' as 'working'
(Fri Sep 25 16:43:15 2015) [sssd[be[default]]] [set_server_common_status]
(0x0100): Marking server 'IP_Address' as 'working'
(Fri Sep 25 16:43:15 2015) [sssd[be[default]]]
[sdap_get_generic_op_finished] (0x0040): Unexpected result from ldap:
Insufficient access(50), no errmsg set
(Fri Sep 25 16:43:15 2015) [sssd[be[default]]] [generic_ext_search_handler]
(0x0040): sdap_get_generic_ext_recv failed [5]: Input/output error
(Fri Sep 25 16:43:15 2015) [sssd[be[default]]] [sdap_get_users_done]
(0x0040): Failed to retrieve users
According to the doc for common-errors doc.
http://www.openldap.org/doc/admin24/appendix-common-errors.html
I believe I am having an issue with the Default ACLs.
I have been doing much reading and am coming up short. My questions are:
First: how to delete the current default ACLs using a command line entry, or
using a ldapmodify on a .ldif file
Second: how to add a new ACL allowing all users access using a command
line entry or .ldif file. Once I get the user lou (and other test users) to
connect, I will change the ACL
access rules for restriction. I need to get it working first.
Also, is there a step by step beginners guide for the ACL process?
Any help is greatly appreciated. Thank you - Lou