[389-users] 389 as authentication server on Fedora 13 #389 @Skolan #ldap
Lars Gunther
gunther at keryx.se
Tue Sep 14 21:54:06 UTC 2010
2010-09-14 17:26, Rich Megginson skrev:
> I still don't know what you mean by "add posixGroups using the admin
> tool". If by "admin tool" you mean the 389 GUI console, then right,
> there is no explicit posix group tab in the Group editor window, but you
> can use the Advanced... editor to add the posixGroup objectclass to the
> list of objectclasses.
Yep. That's what I meant. (389-console)
When I click Advanced I see posixGroup stuff not when I click "Show All
Allowed Attributes", nor do I sse it as an option when I click the "Add
Attribute" button.
What do you mean when you say "Advanced editor"?
Having searched for a while, I've found a way to add posixGroups:
Right click -> New -> Other -> posixGroup
They will however be identified in the tree by the gidnimber, not by
their cn...
>> And I still can't log in as the user I've added.
>>
> What error do you get? It's always helpful when you have a problem to
> specify
> * the platform and 389-ds-base version
Fedora 13
389 1.2.0
Error message "User does not exist"
> * the exact command you used - if by "log in" you mean system login,
I've tried "su" both locally and from a client machine.
> also please specify your /etc/ldap.conf settings
[root at lb ~]# cat /etc/ldap.conf|grep -v "#"|sed '/^$/d'
base dc=labbnet,dc=ne,dc=keryx,dc=se
timelimit 120
bind_timelimit 120
idle_timelimit 3600
nss_initgroups_ignoreusers
root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman,nscd,gdm,polkituser,rtkit,pulse
uri ldaps://127.0.0.1:1636/
ssl no
tls_cacertdir /etc/openldap/cacerts
pam_password md5
I've changed the port to 1636 since *nix requires the server to run as
root for ldaps on a port below 1024...
> * the error message and error code you get from the command, if any
> * check the directory server access log from around the time of your log
> in attempt to see what the directory server logged
/var/log/dirsrv/slapd-lb/errors is silent
/var/log/dirsrv/slapd-lb/access (I've removed the timestamp)
conn=29 op=47 UNBIND
conn=29 op=47 fd=85 closed - U1
conn=26 op=77 MOD
dn="cn=ResourcePage,ou=1.1,ou=Console,ou=cn\5c=directory
manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot"
conn=26 op=77 RESULT err=0 tag=103 nentries=0 etime=1
conn=26 op=78 MOD
dn="cn=ResourcePage,ou=1.1,ou=Console,ou=cn\5c=directory
manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot"
conn=26 op=78 RESULT err=0 tag=103 nentries=0 etime=0
conn=26 op=79 MOD dn="cn=General,ou=1.1,ou=Console,ou=cn\5c=directory
manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot"
conn=26 op=79 RESULT err=0 tag=103 nentries=0 etime=0
conn=26 op=80 MOD dn="cn=General,ou=1.1,ou=Console,ou=cn\5c=directory
manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot"
conn=26 op=80 RESULT err=0 tag=103 nentries=0 etime=0
conn=26 op=82 MOD dn="cn=General,ou=1.1,ou=Console,ou=cn\5c=directory
manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot"
conn=26 op=82 RESULT err=0 tag=103 nentries=0 etime=0
conn=26 op=83 MOD dn="cn=General,ou=1.1,ou=Console,ou=cn\5c=directory
manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot"
conn=26 op=83 RESULT err=0 tag=103 nentries=0 etime=0
conn=28 op=-1 fd=84 closed - B1
conn=26 op=-1 fd=82 closed - B1
conn=27 op=-1 fd=83 closed - B1
--
Lars Gunther
http://keryx.se/
http://twitter.com/itpastorn/
http://itpastorn.blogspot.com/
More information about the 389-users
mailing list