lists.arthurdejong.org
RSS feed

Re: [pamldap] RE: [nssldap] pam_ldap and nss_ldap can't connect to LDAP server(s)

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: [pamldap] RE: [nssldap] pam_ldap and nss_ldap can't connect to LDAP server(s)



Karl O. Pinc wrote:

On 06/25/2009 07:19:45 PM, Aaron Hicks wrote:
Hmm, getent passwd ldapuser and id ldapuser now produce these debug
messages, and not find the LDAP user (even though it is exactly the
same user it's binding with)

FWIW when that happens with an OpenLDAP server it's because you've
rights to bind (or maybe lookup by direct dn match, I forget)
but not search.  Or at least that's one way to exhibit those symptoms,
there could be others.

For situations like this I prefer to use debug 7 to see the actual network data. It looks like an entry was actually received, from the previous output.

--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/