[389-users] ldapsearch is fine but from authentication purpose its not doing anything

Ryan Palamara Ryan.Palamara at zaisgroup.com
Tue Jul 31 13:11:15 UTC 2012 

Did you configure the nsswitch.conf file to define ldap as a source of authentication, or you could select use LDAP authentication in "setup".

Thank you,

Ryan Palamara
ZAIS Group, LLC
2 Bridge Avenue, Suite 322
Red Bank, New Jersey 07701
Phone: (732) 450-7444
Ryan.palamara at zaisgroup.com


-----Original Message-----
From: 389-users-bounces at lists.fedoraproject.org [mailto:389-users-bounces at lists.fedoraproject.org] On Behalf Of Fosiul Alam
Sent: Saturday, July 28, 2012 10:50 AM
To: 389-users at lists.fedoraproject.org
Subject: [389-users] ldapsearch is fine but from authentication purpose its not doing anything

Hi
I have setup ldap server and from client its returning example :

[root at home ~]# ldapsearch -x -ZZ -D "cn=Directory manager" -w xxx  -h ldap-2.fosiul.lan -b "dc=fosiul,dc=lan" "(cn=Fosiul Alam)"
# extended LDIF
#
# LDAPv3
# base <dc=fosiul,dc=lan> with scope subtree # filter: (cn=Fosiul Alam) # requesting: ALL #

# falam, users, uk, fosiul.lan
dn: uid=falam,ou=users,l=uk,dc=fosiul,dc=lan
givenName: Fosiul
sn: Alam
loginShell: /bin/bash/bash
uidNumber: 1000
gidNumber: 3000
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetorgperson
objectClass: posixAccount
uid: falam
cn: Fosiul Alam
homeDirectory: /home/falam
userPassword:: e1NTSEF9UGtqNjhvSU1pSR0RrSWNYYkVvYVU2V2c9PQ=
 =

# search result
search: 3
result: 0 Success

# numResponses: 2
# numEntries: 1

and in the access log :

28/Jul/2012:15:42:57 +0100] conn=229 fd=70 slot=70 connection from
192.0.0.4 to 192.0.0.9
[28/Jul/2012:15:42:57 +0100] conn=229 op=0 EXT oid="1.3.6.1.4.1.1466.20037" name="startTLS"
[28/Jul/2012:15:42:57 +0100] conn=229 op=0 RESULT err=0 tag=120
nentries=0 etime=0
[28/Jul/2012:15:42:57 +0100] conn=229 SSL 256-bit AES
[28/Jul/2012:15:42:57 +0100] conn=229 op=1 BIND dn="cn=Directory manager" method=128 version=3
[28/Jul/2012:15:42:57 +0100] conn=229 op=1 RESULT err=0 tag=97
nentries=0 etime=0 dn="cn=directory manager"
[28/Jul/2012:15:42:57 +0100] conn=229 op=2 SRCH base="dc=fosiul,dc=lan" scope=2 filter="(cn=Fosiul Alam)" attrs=ALL
[28/Jul/2012:15:42:57 +0100] conn=229 op=2 RESULT err=0 tag=101
nentries=1 etime=0
[28/Jul/2012:15:42:57 +0100] conn=229 op=3 UNBIND
[28/Jul/2012:15:42:57 +0100] conn=229 op=3 fd=70 closed - U1


But From command line , when i do
[root at home ~]# id falam
id: falam: No such user



[28/Jul/2012:15:44:26 +0100] conn=230 fd=70 slot=70 connection from
192.0.0.4 to 192.0.0.9
[28/Jul/2012:15:44:26 +0100] conn=230 op=0 EXT oid="1.3.6.1.4.1.1466.20037" name="startTLS"
[28/Jul/2012:15:44:26 +0100] conn=230 op=0 RESULT err=0 tag=120
nentries=0 etime=0
[28/Jul/2012:15:44:26 +0100] conn=230 SSL 256-bit AES
[28/Jul/2012:15:44:26 +0100] conn=230 op=1 BIND dn="" method=128 version=3
[28/Jul/2012:15:44:26 +0100] conn=230 op=1 RESULT err=0 tag=97
nentries=0 etime=0 dn=""
[28/Jul/2012:15:44:26 +0100] conn=230 op=2 SRCH base="dc=fosiul,dc=lan" scope=2 filter="(&(objectClass=posixAccount)(uid=falam))" attrs="uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass"
[28/Jul/2012:15:44:26 +0100] conn=230 op=2 RESULT err=0 tag=101
nentries=0 etime=0
[28/Jul/2012:15:44:26 +0100] conn=230 op=-1 fd=70 closed - B1


So basically, ldapsearch is working but authentication is not working  ..

Can any one please help me with this .
and i am using Centos 5.8

Fosiul.
--
389 users mailing list
389-users at lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
________________________________


This e-mail message is intended only for the named recipient(s) above. It may contain confidential information. If you are not the intended recipient you are hereby notified that any dissemination, distribution or copying of this e-mail and any attachment(s) is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender by replying to this e-mail and delete the message and any attachment(s) from your system. Thank you.

This is not an offer (or solicitation of an offer) to buy/sell the securities/instruments mentioned or an official confirmation. This is not research and is not from ZAIS Group but it may refer to a research analyst/research report. Unless indicated, these views are the author's and may differ from those of ZAIS Group research or others in the Firm. We do not represent this is accurate or complete and we may not update this. Past performance is not indicative of future returns.

IRS CIRCULAR 230 NOTICE:.

To comply with requirements imposed by the IRS, we inform you that any U.S. federal tax advice contained herein (including any attachments), unless specifically stated otherwise, is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding penalties under the Internal Revenue Code or (ii) promoting, marketing or recommending any transaction or matter addressed herein to another party. Each taxpayer should seek advice based on the taxpayer's particular circumstances from an independent tax advisor.

"ZAIS", "ZAIS Group" and "ZAIS Solutions" are trademarks of ZAIS Group, LLC.

More information about the 389-users mailing list