[389-users] 389 as authentication server on Fedora 13 #389 @Skolan #ldap
Lars Gunther
gunther at keryx.se
Tue Sep 14 09:39:47 UTC 2010
2010-09-13 17:57, Rich Megginson skrev:
> Not sure what you mean by "Fedora 13 does not allow unencrypted
> passwords" - do you mean "unencrypted BIND operations"?
When setting up authentication using the graphic tools
(system-config-authentication) I must either specify ldaps or TLS (or
use Kerberos which I think is overkill for my setup). ldaps seem to be
the easiest option.
>> 2. I can not import old posixGroups, nor can I create new ones. Trying
>> to import using LDIF, I get errors. Trying to create manually, I do not
>> see the option appear in the admin tool.
>>
> It would be helpful if you provided the errors, and more information
> about "the option appear in the admin tool".
This LDIF could noyt be imported. It was generated as an export from
OpenLDAP.
dn: cn=test,ou=Group,dc=labbnet,dc=ne,dc=keryx,dc=se
objectClass: posixGroup
objectClass: top
cn: gunther
userPassword:: e2NyeXB0fXg=
gidNumber: 600
Error Message:
cn=test,ou=Group,dc=labbnet,dc=ne,dc=keryx,dc=se:
Error adding object 'dn: cn=test,ou=Group,dc=labbnet,dc=ne,dc=keryx,dc=se'.
The error sent by the server was 'No such object'.
The object is: LDAPEntry:
cn=test,ou=Group,dc=labbnet,dc=ne,dc=keryx,dc=se; LDAPAttributeSet:
LDAPAttribute {type='gidnumber', values='600'}
LDAPAttribute {type='userpassword', values='{crypt}x'}
LDAPAttribute {type='objectclass', values='posixGroup,top'
LDAPAttribute {type='cn', values='gunther'}.
This LDIF import succeded:
dn: uid=test,ou=People,dc=labbnet,dc=ne,dc=keryx,dc=se
userPassword:: xxx
loginShell: /bin/bash
gidNumber: 600
uidNumber: 600
shadowMax: 99999
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
uid: gunther
gecos: Testare
shadowLastChange: 13313
>> BTW, please CC my Evernote account when you reply to this thread.
This works great. Please continue to do that :-)
--
Lars Gunther
http://keryx.se/
http://twitter.com/itpastorn/
http://itpastorn.blogspot.com/
More information about the 389-users
mailing list