[389-users] Stucked with Client Setup?

Ajeet S Raina ajeetraina at gmail.com
Thu Jan 14 04:47:27 UTC 2010 

 have been stucked with the following points:

1. Authenticating Linux Client with ldaps://
2. Auto create home directory ( I will look into what you sent)
3. Auto-Increment UserID

Lets start with the first one.
I have 389-DS configured with SSL.
If I try to configure the Client with authconfig-tui command and deselecting
TLS and ldaps:// it works fine.

Lets talk about CLient binding to ldaps://.
On Server Side, I found a crt file through find command as below:

[root at 389-ds schema]# find / -name *.crt
/etc/pki/tls/certs/ca-bundle.
crt

Is that the certificate we need to send to /etc/openldap/cacerts/
As I can see links sent by fedora DS Mailing list experts is old one which
talks about Fedora DS.
But the new 389-DS seems to have different location for the certificates.

Now I just copied this ca-bundle.crt to the client machine
Tried running:

authconfig-tui

TLS[*]
ldaps://<ip>/
dc=im,dc=sap,dc=com

I did created a user through Management Console.


[root at 389-ds schema]# ldapsearch -x -b "dc=im,dc=sap,dc=com" -L
'(objectclass=*)'

# rajeshwar, Env, im, Bangalore, isst.sapient.com
dn: uid=rajeshwar,cn=Env,ou=im,ou=Bangalore,dc=im,dc=sap,dc=com
uid: rajeshwar
givenName: Rajeshwar
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetorgperson
objectClass: posixAccount
objectClass: posixgroup
sn: k
cn: Rajeshwar k
uidNumber: 670
gidNumber: 670
homeDirectory: /home/rajeshwar
loginShell: /bin/bash

# search result

# numResponses: 28
# numEntries: 27

Now if I try to login through the username it doesnt display anything:

Jan 14 14:53:34 localhost sshd[3757]: nss_ldap: reconnecting to LDAP server
(sleeping 4 seconds)...
Jan 14 14:53:38 localhost sshd[3757]: nss_ldap: reconnecting to LDAP server
(sleeping 8 seconds)...
Jan 14 14:53:46 localhost sshd[3757]: nss_ldap: reconnecting to LDAP server
(sleeping 16 seconds)...

any idea what may be going wrong?


-- 


”It is not possible to rescue everyone who is caught in the Windows
quicksand
          --Make sure you are on solid Linux ground before trying.”
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20100114/b50c4a02/attachment.html>

More information about the 389-users mailing list