lists.arthurdejong.org
RSS feed

Re: debian 6 nslcd and ldap auth to AD

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: debian 6 nslcd and ldap auth to AD



27/10/2011 15:41, Page, Jeremy wrote:
You may need to have a following / on your URI


Thanks,
but cannot be this because my nslcd connect successfully to the server, and "something other doesn't work".

# Mappings for Active Directory

pagesize 1000
referrals off
filter passwd
(&(objectClass=user)(!(objectClass=computer))(uidNumber>=2000)(unixHomeDirectory=*))
map passwd uid sAMAccountName
map passwd homeDirectory unixHomeDirectory
map passwd gecos displayName

filter shadow
(&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*))
map shadow uid sAMAccountName
map shadow shadowLastChange pwdLastSet

filter group (&(objectClass=group)(gidNumber=*))
map group uniqueMember member

Seeing your filters, are similar to mine and, replacing your inside my file, I receive the same:

nslcd: [8b4567] DEBUG: ldap_simple_bind_s("CORP\ldapquery","***") (uri="ldap://dc.corp.company.net/";) nslcd: [8b4567] passwd entry CN=user,OU=company,DC=corp,DC=inasset,DC=net does not contain uidNumber value

Thanks,
Michele

# Ignore local users (not supported in v7.2

nss_initgroups_ignoreusers ALLLOCAL

-----Original Message-----
From:
nss-pam-ldapd-users-bounces+pagej=gilbarco.com@lists.arthurdejong.org
[nss-pam-ldapd-users-bounces+pagej=gilbarco.com [at] lists.arthurdejong.org]
On Behalf Of Michele Petrazzo
Sent: Thursday, October 27, 2011 6:35 AM
To: nss-pam-ldapd-users@lists.arthurdejong.org
Subject: debian 6 nslcd and ldap auth to AD

Hi list,

I'm trying to bind my debian box to an AD server through nslcd but I'm
receiving a strange error that I haven't resolved googling.

First configuration:

uri ldap://dcgc01.corp.company.net

base dc=corp,dc=company,dc=net

binddn CORP\ldapquery

bindpw mypasswd

Debug message:

nslcd: [8b4567] DEBUG: myldap_search(base="dc=corp,dc=company,dc=net",

filter="(&(objectClass=posixAccount)(uid=user))")

and no login. With the same filter also ldapsearch give me no results.

Adding:

filter passwd (objectClass=user)

map passwd uid sAMAccountName

filter shadow (objectClass=user)

map shadow uid sAMAccountName

debug say me:

nslcd: [8b4567] DEBUG: myldap_search(base="dc=corp,dc=company,dc=net",

filter="(&(objectClass=user)(sAMAccountName=user))")

...

passwd entry CN=My Name,OU=MyOU,DC=corp,DC=company,DC=net does not
contain uidNumber value

but ldapsearch with (&(objectClass=user)(samaccountname=user)) give me a
complete results and the right samaccountname

Also a debug with -dd show me not so much for understand, so... what's
the next?

Thanks,

Michele

--

To unsubscribe send an email to

nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org
<nss-pam-ldapd-users-unsubscribe [at] lists.arthurdejong.org> or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/


Please be advised that this email may contain confidential information.
If you are not the intended recipient, please notify us by email by
replying to the sender and delete this message. The sender disclaims
that the content of this email constitutes an offer to enter into, or
the acceptance of, any agreement; provided that the foregoing does not
invalidate the binding effect of any digital or other electronic
reproduction of a manual signature that is included in any attachment.

--
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/