Stucked with Client Setup?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

 have been stucked with the following points:

1. Authenticating Linux Client with ldaps://
2. Auto create home directory ( I will look into what you sent)
3. Auto-Increment UserID

Lets start with the first one.
I have 389-DS configured with SSL.
If I try to configure the Client with authconfig-tui command and deselecting
TLS and ldaps:// it works fine.

Lets talk about CLient binding to ldaps://.
On Server Side, I found a crt file through find command as below:

[root at 389-ds schema]# find / -name *.crt
/etc/pki/tls/certs/ca-bundle.
crt

Is that the certificate we need to send to /etc/openldap/cacerts/
As I can see links sent by fedora DS Mailing list experts is old one which
talks about Fedora DS.
But the new 389-DS seems to have different location for the certificates.

Now I just copied this ca-bundle.crt to the client machine
Tried running:

authconfig-tui

TLS[*]
ldaps://<ip>/
dc=im,dc=sap,dc=com

I did created a user through Management Console.


[root at 389-ds schema]# ldapsearch -x -b "dc=im,dc=sap,dc=com" -L
'(objectclass=*)'

# rajeshwar, Env, im, Bangalore, isst.sapient.com
dn: uid=rajeshwar,cn=Env,ou=im,ou=Bangalore,dc=im,dc=sap,dc=com
uid: rajeshwar
givenName: Rajeshwar
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetorgperson
objectClass: posixAccount
objectClass: posixgroup
sn: k
cn: Rajeshwar k
uidNumber: 670
gidNumber: 670
homeDirectory: /home/rajeshwar
loginShell: /bin/bash

# search result

# numResponses: 28
# numEntries: 27

Now if I try to login through the username it doesnt display anything:

Jan 14 14:53:34 localhost sshd[3757]: nss_ldap: reconnecting to LDAP server
(sleeping 4 seconds)...
Jan 14 14:53:38 localhost sshd[3757]: nss_ldap: reconnecting to LDAP server
(sleeping 8 seconds)...
Jan 14 14:53:46 localhost sshd[3757]: nss_ldap: reconnecting to LDAP server
(sleeping 16 seconds)...

any idea what may be going wrong?


-- 


?It is not possible to rescue everyone who is caught in the Windows
quicksand
          --Make sure you are on solid Linux ground before trying.?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20100114/b50c4a02/attachment.html
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux