[389-users] Users added in group via add member not able to authenticate

ashish nair nair.ashish13 at gmail.com
Mon Jul 19 10:16:41 UTC 2010 

Hi Daniel,

When I try authenticating the users in the group IT, it is searching for
that user in that OU itself. But the users that are added as members in the
group are not able to because these are not present physically in that OU.

auth_ldap authenticate: user user1 authentication failed; URI /secure [User
not found][No such object]
Thanks


On Mon, Jul 19, 2010 at 2:49 PM, ashish nair <nair.ashish13 at gmail.com>wrote:

> Hi Daniel,
>
> Thanks for responding.
>
> DC=ldapser,dc=com
> |
> OU=People
>    |--------user1...usern
>    |
>    |--------OU=shared
>               |
>               |--------------uid=ituser1
>               |--------------cn=IT
>
> This is the structure of the the ldap server.I have added users
> user1...usern in the IT group via add member.
> Now when I give the OU of shared as path for authentication, its only
> accepting the logins
> of the ituser1 but not of the group IT.
> I need this setup as these users are common to a few OU's.
>
> The ldap connecting string that is there in apache
> "
> ldap://10.209.22.65:389/ou=shared,ou=People,dc=ldapser,dc=com?uid?sub?(objectClass
> =*)"
>
> I tried both with uid and uniquemember. Both are not working .
>
> Thanks again.
>
>
>
> On Mon, Jul 19, 2010 at 1:22 PM, Daniel Maher <dma+389users at witbe.net<dma%2B389users at witbe.net>
> > wrote:
>
>>  On 07/19/2010 06:45 AM, ashish nair wrote:
>> > Hi,
>> >
>> > I am trying to setup 389 ldap server which went fine without any
>> > problems. But I am stuck with the group authentication.I wanted to
>> > have common groups in a few  OU's.
>> > For ex: I have a pool of users in the directory server. I created a
>> > group under one OU and added those users(which are not in this tree) via
>> > add member option.But when I provide DN of this OU for authentication
>> > the users of this group are not able to do so. But when I create users
>> > under this tree directly it works. I tried many options but its not
>> working.
>> > Please help.
>>
>> Please provide more details, for example, the OUs and DNs (sanitised if
>> necessary), the search string (or equivalent) that you're using to
>> authenticate, and any other relavant information (environment, etc..).
>>
>>
>> --
>> Daniel Maher <dma + 389users AT witbe DOT net>
>> --
>> 389 users mailing list
>> 389-users at lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/389-users
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20100719/383bc3b3/attachment.html>

More information about the 389-users mailing list