hi yes.. i am not using ip . i am using fully host name
this is my nsswitch
cat /etc/nsswitch.conf
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
# nisplus or nis+ Use NIS+ (NIS version 3)
# nis or yp Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# db Use the local database (.db) files
# compat Use NIS on compat mode
# hesiod Use Hesiod for user lookups
# [NOTFOUND=return] Stop searching if not found so far
#
# To use db, put the "db" in front of "files" for entries you want to
be
# looked up first in the databases
#
# Example:
#passwd: db files nisplus nis
#shadow: db files nisplus nis
#group: db files nisplus nis
passwd: files ldap
shadow: files ldap
group: files ldap
#hosts: db files nisplus nis dns
hosts: files dns
# Example - obey only what nisplus tells us...
#services: nisplus [NOTFOUND=return] files
#networks: nisplus [NOTFOUND=return] files
#protocols: nisplus [NOTFOUND=return] files
#rpc: nisplus [NOTFOUND=return] files
#ethers: nisplus [NOTFOUND=return] files
#netmasks: nisplus [NOTFOUND=return] files
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files
netgroup: files ldap
publickey: nisplus
automount: files ldap
aliases: files nisplus
sudoers: files ldap
and /etc/ldap
[root@home cacerts]# grep -v "^#" /etc/ldap.conf | sed -e '/^$/d'
base dc=fosiul,dc=lan
timelimit 120
bind_timelimit 120
idle_timelimit 3600
#nss_base_passwd ou=users,l=uk,dc=fosiul,dc=lan,?one
nss_initgroups_ignoreusers
root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman,nscd,gdm
uri ldap://ldap-2.fosiul.lan/
ssl start_tls
tls_cacertfile /etc/openldap/cacerts/ds-ca.crt
pam_password clear
On Sat, Jul 28, 2012 at 5:23 PM, Grzegorz Dwornicki <gd1100(a)gmail.com> wrote:
I assume you are using TLS. You need to use fqdn not ip of centos
directory
server, configure firewall for 389 or 636 port.
Please send content of /etc/nsswitch.conf and /etc/ldap.conf
28-07-2012 18:13, "Fosiul Alam" <fosiul(a)gmail.com> napisał(a):
> Hi
> I configured another pc
> with authconfig-tui
> but there is not any luck
> its same thing ..
>
> Fosiul
>
> On Sat, Jul 28, 2012 at 4:04 PM, Grzegorz Dwornicki <gd1100(a)gmail.com>
> wrote:
> > In other mail I've told you: use authconfig or authconfig-tui or
> > system-config-authentication to setup system for ldap authentication.
> > For
> > example authconfig-tui has simple text-based interface, authconfig is
> > CLI
> > based and require arguments. Finally system-config-authentication has
> > gui.
> >
> > 28-07-2012 16:50, "Fosiul Alam" <fosiul(a)gmail.com> napisał(a):
> >>
> >> Hi
> >> I have setup ldap server and from client its returning example :
> >>
> >> [root@home ~]# ldapsearch -x -ZZ -D "cn=Directory manager" -w xxx
-h
> >> ldap-2.fosiul.lan -b "dc=fosiul,dc=lan" "(cn=Fosiul
Alam)"
> >> # extended LDIF
> >> #
> >> # LDAPv3
> >> # base <dc=fosiul,dc=lan> with scope subtree
> >> # filter: (cn=Fosiul Alam)
> >> # requesting: ALL
> >> #
> >>
> >> # falam, users, uk, fosiul.lan
> >> dn: uid=falam,ou=users,l=uk,dc=fosiul,dc=lan
> >> givenName: Fosiul
> >> sn: Alam
> >> loginShell: /bin/bash/bash
> >> uidNumber: 1000
> >> gidNumber: 3000
> >> objectClass: top
> >> objectClass: person
> >> objectClass: organizationalPerson
> >> objectClass: inetorgperson
> >> objectClass: posixAccount
> >> uid: falam
> >> cn: Fosiul Alam
> >> homeDirectory: /home/falam
> >> userPassword:: e1NTSEF9UGtqNjhvSU1pSR0RrSWNYYkVvYVU2V2c9PQ=
> >> =
> >>
> >> # search result
> >> search: 3
> >> result: 0 Success
> >>
> >> # numResponses: 2
> >> # numEntries: 1
> >>
> >> and in the access log :
> >>
> >> 28/Jul/2012:15:42:57 +0100] conn=229 fd=70 slot=70 connection from
> >> 192.0.0.4 to 192.0.0.9
> >> [28/Jul/2012:15:42:57 +0100] conn=229 op=0 EXT
> >> oid="1.3.6.1.4.1.1466.20037" name="startTLS"
> >> [28/Jul/2012:15:42:57 +0100] conn=229 op=0 RESULT err=0 tag=120
> >> nentries=0 etime=0
> >> [28/Jul/2012:15:42:57 +0100] conn=229 SSL 256-bit AES
> >> [28/Jul/2012:15:42:57 +0100] conn=229 op=1 BIND dn="cn=Directory
> >> manager" method=128 version=3
> >> [28/Jul/2012:15:42:57 +0100] conn=229 op=1 RESULT err=0 tag=97
> >> nentries=0 etime=0 dn="cn=directory manager"
> >> [28/Jul/2012:15:42:57 +0100] conn=229 op=2 SRCH
> >> base="dc=fosiul,dc=lan" scope=2 filter="(cn=Fosiul
Alam)" attrs=ALL
> >> [28/Jul/2012:15:42:57 +0100] conn=229 op=2 RESULT err=0 tag=101
> >> nentries=1 etime=0
> >> [28/Jul/2012:15:42:57 +0100] conn=229 op=3 UNBIND
> >> [28/Jul/2012:15:42:57 +0100] conn=229 op=3 fd=70 closed - U1
> >>
> >>
> >> But From command line , when i do
> >> [root@home ~]# id falam
> >> id: falam: No such user
> >>
> >>
> >>
> >> [28/Jul/2012:15:44:26 +0100] conn=230 fd=70 slot=70 connection from
> >> 192.0.0.4 to 192.0.0.9
> >> [28/Jul/2012:15:44:26 +0100] conn=230 op=0 EXT
> >> oid="1.3.6.1.4.1.1466.20037" name="startTLS"
> >> [28/Jul/2012:15:44:26 +0100] conn=230 op=0 RESULT err=0 tag=120
> >> nentries=0 etime=0
> >> [28/Jul/2012:15:44:26 +0100] conn=230 SSL 256-bit AES
> >> [28/Jul/2012:15:44:26 +0100] conn=230 op=1 BIND dn="" method=128
> >> version=3
> >> [28/Jul/2012:15:44:26 +0100] conn=230 op=1 RESULT err=0 tag=97
> >> nentries=0 etime=0 dn=""
> >> [28/Jul/2012:15:44:26 +0100] conn=230 op=2 SRCH
> >> base="dc=fosiul,dc=lan" scope=2
> >> filter="(&(objectClass=posixAccount)(uid=falam))"
attrs="uid
> >> userPassword uidNumber gidNumber cn homeDirectory loginShell gecos
> >> description objectClass"
> >> [28/Jul/2012:15:44:26 +0100] conn=230 op=2 RESULT err=0 tag=101
> >> nentries=0 etime=0
> >> [28/Jul/2012:15:44:26 +0100] conn=230 op=-1 fd=70 closed - B1
> >>
> >>
> >> So basically, ldapsearch is working but authentication is not working
> >> ..
> >>
> >> Can any one please help me with this .
> >> and i am using Centos 5.8
> >>
> >> Fosiul.
> >> --
> >> 389 users mailing list
> >> 389-users(a)lists.fedoraproject.org
> >>
https://admin.fedoraproject.org/mailman/listinfo/389-users
> >
> >
> > --
> > 389 users mailing list
> > 389-users(a)lists.fedoraproject.org
> >
https://admin.fedoraproject.org/mailman/listinfo/389-users
>
>
>
> --
> Regards
> Fosiul Alam
> 07877100621
>
http://www.fosiul.co.uk
> --
> 389 users mailing list
> 389-users(a)lists.fedoraproject.org
>
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
Regards
Fosiul Alam
07877100621
http://www.fosiul.co.uk