[nflug] ldap ubuntu errors

Jon Skulski jskulski at gmail.com
Thu Nov 29 14:24:14 EST 2007 

Well I upgraded to ubuntu 7.10 and discovered there is a pretty critical bug
that causes boot to hang waiting for ldap. So i put it aside for now, but
obviously I'd like to get this working in the near future.

ldap.conf contains:
# The distinguished name of the search base.
base dc=humboldt,dc=edu

# Another way to specify your LDAP server is to provide an
uri ldapi://lb1.humboldt.edu/
# Unix Domain Sockets to connect to a local LDAP Server.
#uri ldap://127.0.0.1/
#uri ldaps://127.0.0.1/
#uri ldapi://%2fvar%2frun%2fldapi_sock/
# Note: %2f encodes the '/' used as directory separator

# The LDAP version to use (defaults to 3
# if supported by client library)
ldap_version 3

On Nov 28, 2007 12:45 PM, Darin Perusich <Darin.Perusich at cognigencorp.com>
wrote:

> Can you send a copy of /etc/ldap.conf and /etc/openldap/ldap.conf?
>
> Jon Skulski wrote:
> > Hello,
> >
> > I'm trying to (eventually) authorize my linux box against an
> > ldap/kerberos setup. I am having some trouble. I can talk to the ldap
> > server fine with ldaptools. The problem is where nss comes in. getent
> > passwd will only list local entries in passwd. Yes I have nssswitch.conf
> > configured correctly. I have it configured so correctly that if I listen
> > to the network traffic I can actually see the ldap request and response,
> > but for some reason NSS ignores it.
> >
> > Interesting behaviors:
> >
> > - only local users and groups are listed by getent
> > - NSS is ignoring the ldap response
> > - the ldap response is very very large, so i thought that might be it. i
>
> > tried using a smaller base search (only me) and it still ignored the
> result.
> > - strace of getent does not show anything unusual
> > - now whenever I log in or sudo or anything, i have to enter my password
>
> > twice. the first time is thrown out, whether right or wrong. this may
> > have more to do with an incomplete setup of pam.
> >
> > oh yeah this is all on ubuntu 7.04 fresh install. and i'm about to
> > upgrade to 7.10 because well, i'm out of ideas.
> >
> > Anyway, I would really like to get this working because if i don't
> > they'll make me use windows to develop a php application :O SAVE ME LUG!
>
> >
> >
> >
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > nflug mailing list
> > nflug at nflug.org
> > http://www.nflug.org/mailman/listinfo/nflug
>
> --
> Darin Perusich
> Unix Systems Administrator
> Cognigen Corporation
> 395 Youngs Rd.
> Williamsville, NY 14221
> Phone: 716-633-3463
> Email: darinper at cognigencorp.com
> _______________________________________________
> nflug mailing list
> nflug at nflug.org
> http://www.nflug.org/mailman/listinfo/nflug
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.nflug.org/pipermail/nflug/attachments/20071129/26e1f53c/attachment.html

More information about the nflug mailing list