rawhide and LDAP
Braden McDaniel
braden at endoframe.com
Thu Feb 10 18:08:29 UTC 2011
On Thu, 2011-02-10 at 08:18 -0500, Stephen Gallagher wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 02/09/2011 12:31 PM, Braden McDaniel wrote:
> > On Wed, 2011-02-09 at 14:36 +0100, Jan Vcelak wrote:
> >> On Wednesday 09 February 2011 06:10:25, Braden McDaniel wrote:
> >>> Something in a recent round of updates seems to have hosed use of
> >>> LDAP-based user accounts for my rawhide installation. (My LDAP server
> >>> is on a different machine; the rawhide one just doesn't seem to be able
> >>> to use it.)
> >>
> >> Hi Braden,
> >>
> >> please, can you be more specific? Which versions of openldap-servers,
> >> openldap-clients, pam_ldap, nss_ldap, etc. do you have installed?
> >
> > openldap-servers, pam_ldap, and nss_ldap are not installed on the
> > rawhide machine. openldap-clients is version 2.4.23-8.fc15.
> >
> > The server is running Fedora 14. It has:
> >
> > openldap-servers: 2.4.23-4.fc14
> > openldap-clients: 2.4.23-4.fc14
> > pam_ldap: 185-5.fc14
> > nss_ldap: 265-6.fc14
> >
> >> Are you using SSL/TLS?
> >
> > No.
> >
> >> Is ldapsearch on your rawhide machine working?
> >
> > It is. What's not working is logging in as a user other than root. I
> > can't even su to a user other than root.
> >
> > I am using Kerberos for user authentication; however, "kinit <user>"
> > works fine from the rawhide machine.
> >
>
>
> I suspect you are using SSSD to handle LDAP logins.
Correct.
> This was broken in
> rawhide yesterday because I pushed a new version of libldb that
> apparently broke ABI without an SO bump. I have subsequently reverted
> this change. Please downgrade to libldb-0.9.10-25.fc15 and SSSD will
> work again.
That did it. Thanks!
--
Braden McDaniel <braden at endoframe.com>
More information about the devel
mailing list