On Sat, Jul 28, 2012 at 8:31 PM, yersinia <
yersinia.spiros@gmail.com> wrote:
> Sorry for the top posting.
>
> But your test is not sufficient. can you do a ldap simple bind with
> the user , not with the directory admin, you want to authenticate ?
> This is the first question to answer . so you can be sure no ldap acl
> problem, no password mismatch and the like.
>
> Regards
>
> 2012/7/28, Fosiul Alam <
fosiul@gmail.com>:
>> Hi
>> I have setup ldap server and from client its returning example :
>>
>> [root@home ~]# ldapsearch -x -ZZ -D "cn=Directory manager" -w xxx -h
>> ldap-2.fosiul.lan -b "dc=fosiul,dc=lan" "(cn=Fosiul Alam)"
>> # extended LDIF
>> #
>> # LDAPv3
>> # base <dc=fosiul,dc=lan> with scope subtree
>> # filter: (cn=Fosiul Alam)
>> # requesting: ALL
>> #
>>
>> # falam, users, uk, fosiul.lan
>> dn: uid=falam,ou=users,l=uk,dc=fosiul,dc=lan
>> givenName: Fosiul
>> sn: Alam
>> loginShell: /bin/bash/bash
>> uidNumber: 1000
>> gidNumber: 3000
>> objectClass: top
>> objectClass: person
>> objectClass: organizationalPerson
>> objectClass: inetorgperson
>> objectClass: posixAccount
>> uid: falam
>> cn: Fosiul Alam
>> homeDirectory: /home/falam
>> userPassword:: e1NTSEF9UGtqNjhvSU1pSR0RrSWNYYkVvYVU2V2c9PQ=
>> =
>>
>> # search result
>> search: 3
>> result: 0 Success
>>
>> # numResponses: 2
>> # numEntries: 1
>>
>> and in the access log :
>>
>> 28/Jul/2012:15:42:57 +0100] conn=229 fd=70 slot=70 connection from
>> 192.0.0.4 to 192.0.0.9
>> [28/Jul/2012:15:42:57 +0100] conn=229 op=0 EXT
>> oid="1.3.6.1.4.1.1466.20037" name="startTLS"
>> [28/Jul/2012:15:42:57 +0100] conn=229 op=0 RESULT err=0 tag=120
>> nentries=0 etime=0
>> [28/Jul/2012:15:42:57 +0100] conn=229 SSL 256-bit AES
>> [28/Jul/2012:15:42:57 +0100] conn=229 op=1 BIND dn="cn=Directory
>> manager" method=128 version=3
>> [28/Jul/2012:15:42:57 +0100] conn=229 op=1 RESULT err=0 tag=97
>> nentries=0 etime=0 dn="cn=directory manager"
>> [28/Jul/2012:15:42:57 +0100] conn=229 op=2 SRCH
>> base="dc=fosiul,dc=lan" scope=2 filter="(cn=Fosiul Alam)" attrs=ALL
>> [28/Jul/2012:15:42:57 +0100] conn=229 op=2 RESULT err=0 tag=101
>> nentries=1 etime=0
>> [28/Jul/2012:15:42:57 +0100] conn=229 op=3 UNBIND
>> [28/Jul/2012:15:42:57 +0100] conn=229 op=3 fd=70 closed - U1
>>
>>
>> But From command line , when i do
>> [root@home ~]# id falam
>> id: falam: No such user
>>
>>
>>
>> [28/Jul/2012:15:44:26 +0100] conn=230 fd=70 slot=70 connection from
>> 192.0.0.4 to 192.0.0.9
>> [28/Jul/2012:15:44:26 +0100] conn=230 op=0 EXT
>> oid="1.3.6.1.4.1.1466.20037" name="startTLS"
>> [28/Jul/2012:15:44:26 +0100] conn=230 op=0 RESULT err=0 tag=120
>> nentries=0 etime=0
>> [28/Jul/2012:15:44:26 +0100] conn=230 SSL 256-bit AES
>> [28/Jul/2012:15:44:26 +0100] conn=230 op=1 BIND dn="" method=128 version=3
>> [28/Jul/2012:15:44:26 +0100] conn=230 op=1 RESULT err=0 tag=97
>> nentries=0 etime=0 dn=""
>> [28/Jul/2012:15:44:26 +0100] conn=230 op=2 SRCH
>> base="dc=fosiul,dc=lan" scope=2
>> filter="(&(objectClass=posixAccount)(uid=falam))" attrs="uid
>> userPassword uidNumber gidNumber cn homeDirectory loginShell gecos
>> description objectClass"
>> [28/Jul/2012:15:44:26 +0100] conn=230 op=2 RESULT err=0 tag=101
>> nentries=0 etime=0
>> [28/Jul/2012:15:44:26 +0100] conn=230 op=-1 fd=70 closed - B1
>>
>>
>> So basically, ldapsearch is working but authentication is not working ..
>>
>> Can any one please help me with this .
>> and i am using Centos 5.8
>>
>> Fosiul.
>> --
>> 389 users mailing list
>>
389-users@lists.fedoraproject.org
>>
https://admin.fedoraproject.org/mailman/listinfo/389-users
>
> --
> Inviato dal mio dispositivo mobile
> --
> 389 users mailing list
>
389-users@lists.fedoraproject.org
>
https://admin.fedoraproject.org/mailman/listinfo/389-users