Sorry for the top posting. But your test is not sufficient. can you do a ldap simple bind with the user , not with the directory admin, you want to authenticate ? This is the first question to answer . so you can be sure no ldap acl problem, no password mismatch and the like. Regards 2012/7/28, Fosiul Alam <fosiul@xxxxxxxxx>: > Hi > I have setup ldap server and from client its returning example : > > [root@home ~]# ldapsearch -x -ZZ -D "cn=Directory manager" -w xxx -h > ldap-2.fosiul.lan -b "dc=fosiul,dc=lan" "(cn=Fosiul Alam)" > # extended LDIF > # > # LDAPv3 > # base <dc=fosiul,dc=lan> with scope subtree > # filter: (cn=Fosiul Alam) > # requesting: ALL > # > > # falam, users, uk, fosiul.lan > dn: uid=falam,ou=users,l=uk,dc=fosiul,dc=lan > givenName: Fosiul > sn: Alam > loginShell: /bin/bash/bash > uidNumber: 1000 > gidNumber: 3000 > objectClass: top > objectClass: person > objectClass: organizationalPerson > objectClass: inetorgperson > objectClass: posixAccount > uid: falam > cn: Fosiul Alam > homeDirectory: /home/falam > userPassword:: e1NTSEF9UGtqNjhvSU1pSR0RrSWNYYkVvYVU2V2c9PQ= > = > > # search result > search: 3 > result: 0 Success > > # numResponses: 2 > # numEntries: 1 > > and in the access log : > > 28/Jul/2012:15:42:57 +0100] conn=229 fd=70 slot=70 connection from > 192.0.0.4 to 192.0.0.9 > [28/Jul/2012:15:42:57 +0100] conn=229 op=0 EXT > oid="1.3.6.1.4.1.1466.20037" name="startTLS" > [28/Jul/2012:15:42:57 +0100] conn=229 op=0 RESULT err=0 tag=120 > nentries=0 etime=0 > [28/Jul/2012:15:42:57 +0100] conn=229 SSL 256-bit AES > [28/Jul/2012:15:42:57 +0100] conn=229 op=1 BIND dn="cn=Directory > manager" method=128 version=3 > [28/Jul/2012:15:42:57 +0100] conn=229 op=1 RESULT err=0 tag=97 > nentries=0 etime=0 dn="cn=directory manager" > [28/Jul/2012:15:42:57 +0100] conn=229 op=2 SRCH > base="dc=fosiul,dc=lan" scope=2 filter="(cn=Fosiul Alam)" attrs=ALL > [28/Jul/2012:15:42:57 +0100] conn=229 op=2 RESULT err=0 tag=101 > nentries=1 etime=0 > [28/Jul/2012:15:42:57 +0100] conn=229 op=3 UNBIND > [28/Jul/2012:15:42:57 +0100] conn=229 op=3 fd=70 closed - U1 > > > But From command line , when i do > [root@home ~]# id falam > id: falam: No such user > > > > [28/Jul/2012:15:44:26 +0100] conn=230 fd=70 slot=70 connection from > 192.0.0.4 to 192.0.0.9 > [28/Jul/2012:15:44:26 +0100] conn=230 op=0 EXT > oid="1.3.6.1.4.1.1466.20037" name="startTLS" > [28/Jul/2012:15:44:26 +0100] conn=230 op=0 RESULT err=0 tag=120 > nentries=0 etime=0 > [28/Jul/2012:15:44:26 +0100] conn=230 SSL 256-bit AES > [28/Jul/2012:15:44:26 +0100] conn=230 op=1 BIND dn="" method=128 version=3 > [28/Jul/2012:15:44:26 +0100] conn=230 op=1 RESULT err=0 tag=97 > nentries=0 etime=0 dn="" > [28/Jul/2012:15:44:26 +0100] conn=230 op=2 SRCH > base="dc=fosiul,dc=lan" scope=2 > filter="(&(objectClass=posixAccount)(uid=falam))" attrs="uid > userPassword uidNumber gidNumber cn homeDirectory loginShell gecos > description objectClass" > [28/Jul/2012:15:44:26 +0100] conn=230 op=2 RESULT err=0 tag=101 > nentries=0 etime=0 > [28/Jul/2012:15:44:26 +0100] conn=230 op=-1 fd=70 closed - B1 > > > So basically, ldapsearch is working but authentication is not working .. > > Can any one please help me with this . > and i am using Centos 5.8 > > Fosiul. > -- > 389 users mailing list > 389-users@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/389-users -- Inviato dal mio dispositivo mobile -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
