Did you configure the nsswitch.conf file to define ldap as a source of authentication, or you could select use LDAP authentication in "setup". Thank you, Ryan Palamara ZAIS Group, LLC 2 Bridge Avenue, Suite 322 Red Bank, New Jersey 07701 Phone: (732) 450-7444 Ryan.palamara@xxxxxxxxxxxxx -----Original Message----- From: 389-users-bounces@xxxxxxxxxxxxxxxxxxxxxxx [mailto:389-users-bounces@xxxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Fosiul Alam Sent: Saturday, July 28, 2012 10:50 AM To: 389-users@xxxxxxxxxxxxxxxxxxxxxxx Subject: ldapsearch is fine but from authentication purpose its not doing anything Hi I have setup ldap server and from client its returning example : [root@home ~]# ldapsearch -x -ZZ -D "cn=Directory manager" -w xxx -h ldap-2.fosiul.lan -b "dc=fosiul,dc=lan" "(cn=Fosiul Alam)" # extended LDIF # # LDAPv3 # base <dc=fosiul,dc=lan> with scope subtree # filter: (cn=Fosiul Alam) # requesting: ALL # # falam, users, uk, fosiul.lan dn: uid=falam,ou=users,l=uk,dc=fosiul,dc=lan givenName: Fosiul sn: Alam loginShell: /bin/bash/bash uidNumber: 1000 gidNumber: 3000 objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetorgperson objectClass: posixAccount uid: falam cn: Fosiul Alam homeDirectory: /home/falam userPassword:: e1NTSEF9UGtqNjhvSU1pSR0RrSWNYYkVvYVU2V2c9PQ= = # search result search: 3 result: 0 Success # numResponses: 2 # numEntries: 1 and in the access log : 28/Jul/2012:15:42:57 +0100] conn=229 fd=70 slot=70 connection from 192.0.0.4 to 192.0.0.9 [28/Jul/2012:15:42:57 +0100] conn=229 op=0 EXT oid="1.3.6.1.4.1.1466.20037" name="startTLS" [28/Jul/2012:15:42:57 +0100] conn=229 op=0 RESULT err=0 tag=120 nentries=0 etime=0 [28/Jul/2012:15:42:57 +0100] conn=229 SSL 256-bit AES [28/Jul/2012:15:42:57 +0100] conn=229 op=1 BIND dn="cn=Directory manager" method=128 version=3 [28/Jul/2012:15:42:57 +0100] conn=229 op=1 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager" [28/Jul/2012:15:42:57 +0100] conn=229 op=2 SRCH base="dc=fosiul,dc=lan" scope=2 filter="(cn=Fosiul Alam)" attrs=ALL [28/Jul/2012:15:42:57 +0100] conn=229 op=2 RESULT err=0 tag=101 nentries=1 etime=0 [28/Jul/2012:15:42:57 +0100] conn=229 op=3 UNBIND [28/Jul/2012:15:42:57 +0100] conn=229 op=3 fd=70 closed - U1 But From command line , when i do [root@home ~]# id falam id: falam: No such user [28/Jul/2012:15:44:26 +0100] conn=230 fd=70 slot=70 connection from 192.0.0.4 to 192.0.0.9 [28/Jul/2012:15:44:26 +0100] conn=230 op=0 EXT oid="1.3.6.1.4.1.1466.20037" name="startTLS" [28/Jul/2012:15:44:26 +0100] conn=230 op=0 RESULT err=0 tag=120 nentries=0 etime=0 [28/Jul/2012:15:44:26 +0100] conn=230 SSL 256-bit AES [28/Jul/2012:15:44:26 +0100] conn=230 op=1 BIND dn="" method=128 version=3 [28/Jul/2012:15:44:26 +0100] conn=230 op=1 RESULT err=0 tag=97 nentries=0 etime=0 dn="" [28/Jul/2012:15:44:26 +0100] conn=230 op=2 SRCH base="dc=fosiul,dc=lan" scope=2 filter="(&(objectClass=posixAccount)(uid=falam))" attrs="uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass" [28/Jul/2012:15:44:26 +0100] conn=230 op=2 RESULT err=0 tag=101 nentries=0 etime=0 [28/Jul/2012:15:44:26 +0100] conn=230 op=-1 fd=70 closed - B1 So basically, ldapsearch is working but authentication is not working .. Can any one please help me with this . and i am using Centos 5.8 Fosiul. -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users ________________________________ This e-mail message is intended only for the named recipient(s) above. It may contain confidential information. If you are not the intended recipient you are hereby notified that any dissemination, distribution or copying of this e-mail and any attachment(s) is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender by replying to this e-mail and delete the message and any attachment(s) from your system. Thank you. This is not an offer (or solicitation of an offer) to buy/sell the securities/instruments mentioned or an official confirmation. This is not research and is not from ZAIS Group but it may refer to a research analyst/research report. Unless indicated, these views are the author's and may differ from those of ZAIS Group research or others in the Firm. We do not represent this is accurate or complete and we may not update this. Past performance is not indicative of future returns. IRS CIRCULAR 230 NOTICE:. To comply with requirements imposed by the IRS, we inform you that any U.S. federal tax advice contained herein (including any attachments), unless specifically stated otherwise, is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding penalties under the Internal Revenue Code or (ii) promoting, marketing or recommending any transaction or matter addressed herein to another party. Each taxpayer should seek advice based on the taxpayer's particular circumstances from an independent tax advisor. "ZAIS", "ZAIS Group" and "ZAIS Solutions" are trademarks of ZAIS Group, LLC. -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
