lists.arthurdejong.org
RSS feed

Re: Server issue

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: Server issue

15.09.2011 9:53, Moisés Barba Pérez пишет:
Hi,

   The problem is that I don't use openldap, I use 389DS (based on Red Hat DS). The use of 0.7.13 is because is the latest stable version indicated in the web page of nss-pam-ldapd, I can't use a non stable version.

My nslcd.conf file is:

# /etc/nslcd.conf
# nslcd configuration file. See nslcd.conf(5)
# for details.
 
# nslcd user
uid     nslcd
gid     nslcd
 
# LDAP server
uri     ldaps://ldapa.sacyl.es/

# referrals
referrals no
 
# base search
base    dc=domain,dc=es
#base    host    ou=Computers,o=org1,dc=domain,dc=es
base    group   ou=Groups,o=org1,dc=domain,dc=es
base    passwd  dc=domain,dc=es
base    shadow  dc=domain,dc=es
 
# Filters
#filter  host    (&(objectClass=posixAccount)(|(ou:dn:=People)(ou:dn:=Computers)))
filter  group   (objectClass=posixgroup)
filter  passwd  (&(objectClass=posixAccount)(|(ou:dn:=People)(ou:dn:=Computers)))
filter  shadow  (&(objectClass=posixAccount)(|(ou:dn:=People)(ou:dn:=Computers)))
 
# search type
scope   sub
#scope   host    one
scope   group   one
scope   passwd  sub
scope   shadow  sub
 
# LDAP version
ldap_version    3
 
# User to bind
binddn  cn=Application Manager,cn=config
bindpw  XXXXXXXXXXXXX
 
tls_reqcert     allow
   My nsswitch.conf is fine and my system-auth too. So I don't understand the problem. Thak you for your answer anyway.

Regards,
Moses.
Your SSL-certificates are working? Try connect to your ldap-server with "openssl s_client" tool:
$ openssl s_client -connect localhost:636

If you can't connect to server - then check the availability of certificates.
-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/