OpenLDAP 2.3/pam_ldap/nss_ldap: not working in FreeBSD 7.0-PRE!
O. Hartmann
ohartman at mail.zedat.fu-berlin.de
Sat Oct 27 07:01:25 PDT 2007
Alexandre Biancalana wrote:
> On 10/26/07, O. Hartmann <ohartman at zedat.fu-berlin.de> wrote:
>
>> playing with ldapsearch gets results as expected. Doing ldapsearch witch
>> -D and dn of the admin results in the whole DIT as expected, accessing
>> the DIT with uid=user,ou=users,dc=... the same. Accessing LDAP server
>> from client via LUMA (tool) is also ok.
>>
>
> Try to change the nss_base_passwd line from:
>
> nss_base_passwd ou=users,dc=office,dc=de?one
>
> to
>
> nss_base_passwd ou=users,dc=office,dc=de?sub
>
Well,
on a test machine, I setup a testenvironment equal or nearly equal to
that which is not working on a potentially production box. First of all,
I think there is a misunderstanding in how to setup /etc/nsswitch.conf,
because most trouble seems to be sourced there. When setting
#
# nsswitch.conf(5) - name service switch configuration file
# $FreeBSD: src/etc/nsswitch.conf,v 1.1 2006/05/03 15:14:47 ume Exp $
#
group: files ldap
group_compat: nis
hosts: files dns
networks: files
passwd: files ldap
passwd_compat: nis
shells: files
services: compat
services_compat: nis
protocols: files
rpc: files
restarting OpenLDAP results in this, but after two minutes or so it
starts up (the time is inacceptable and it does not change anything
reverting the order from 'files ldap' to 'ldap files' for passwd and
group). The great question is: Do I need to have these entries? Neither
in the nsswitch.conf manpage nor in nss_ldap manpage it's mentioned to
set 'ldap' as an option, I took this from one of the many tutorials out
there.
Oct 27 15:55:27 <20.6> thor slapd[81911]: nss_ldap: failed to bind to
LDAP server ldapi://%2fvar%2frun%2fldapi_sock/: Can't contact LDAP server
Oct 27 15:55:27 <20.6> thor slapd[81911]: nss_ldap: failed to bind to
LDAP server ldap:///: Can't contact LDAP server
Oct 27 15:55:27 <20.6> thor slapd[81911]: nss_ldap: failed to bind to
LDAP server ldaps:///: Can't contact LDAP server
Oct 27 15:55:27 <20.6> thor slapd[81911]: nss_ldap: failed to bind to
LDAP server ldapi://%2fvar%2frun%2fldapi_sock/: Can't contact LDAP server
Oct 27 15:55:27 <20.6> thor slapd[81911]: nss_ldap: failed to bind to
LDAP server ldap:///: Can't contact LDAP server
Oct 27 15:55:27 <20.6> thor slapd[81911]: nss_ldap: failed to bind to
LDAP server ldaps:///: Can't contact LDAP server
Oct 27 15:55:27 <20.6> thor slapd[81911]: nss_ldap: reconnecting to LDAP
server (sleeping 4 seconds)...
Oct 27 15:55:31 <20.6> thor slapd[81911]: nss_ldap: failed to bind to
LDAP server ldapi://%2fvar%2frun%2fldapi_sock/: Can't contact LDAP server
Oct 27 15:55:31 <20.6> thor slapd[81911]: nss_ldap: failed to bind to
LDAP server ldap:///: Can't contact LDAP server
Oct 27 15:55:31 <20.6> thor slapd[81911]: nss_ldap: failed to bind to
LDAP server ldaps:///: Can't contact LDAP server
Oct 27 15:55:31 <20.6> thor slapd[81911]: nss_ldap: reconnecting to LDAP
server (sleeping 8 seconds)...
Oct 27 15:55:39 <20.6> thor slapd[81911]: nss_ldap: failed to bind to
LDAP server ldapi://%2fvar%2frun%2fldapi_sock/: Can't contact LDAP server
Oct 27 15:55:39 <20.6> thor slapd[81911]: nss_ldap: failed to bind to
LDAP server ldap:///: Can't contact LDAP server
Oct 27 15:55:39 <20.6> thor slapd[81911]: nss_ldap: failed to bind to
LDAP server ldaps:///: Can't contact LDAP server
Oct 27 15:55:39 <20.6> thor slapd[81911]: nss_ldap: reconnecting to LDAP
server (sleeping 16 seconds)...
Oct 27 15:55:55 <20.6> thor slapd[81911]: nss_ldap: failed to bind to
LDAP server ldapi://%2fvar%2frun%2fldapi_sock/: Can't contact LDAP server
Oct 27 15:55:55 <20.6> thor slapd[81911]: nss_ldap: failed to bind to
LDAP server ldap:///: Can't contact LDAP server
Oct 27 15:55:55 <20.6> thor slapd[81911]: nss_ldap: failed to bind to
LDAP server ldaps:///: Can't contact LDAP server
Oct 27 15:55:55 <20.6> thor slapd[81911]: nss_ldap: reconnecting to LDAP
server (sleeping 32 seconds)...
Oct 27 15:56:27 <20.6> thor slapd[81911]: nss_ldap: failed to bind to
LDAP server ldapi://%2fvar%2frun%2fldapi_sock/: Can't contact LDAP server
Oct 27 15:56:27 <20.6> thor slapd[81911]: nss_ldap: failed to bind to
LDAP server ldap:///: Can't contact LDAP server
Oct 27 15:56:27 <20.6> thor slapd[81911]: nss_ldap: failed to bind to
LDAP server ldaps:///: Can't contact LDAP server
Oct 27 15:56:27 <20.6> thor slapd[81911]: nss_ldap: reconnecting to LDAP
server (sleeping 64 seconds)...
More information about the freebsd-questions
mailing list