tor, 25.11.2004 kl. 22.49 skrev Kyrre Ness Sjobak: > After reading to many pages on screen and on dead wood, asking (with no > results) on forums, never receiving sign-up confirmation for the > padl.com pamldap list, getting my post rejected at other LDAP mailing > lists, and generally banging my head against the monitor for way to much > time, i am hoping for a merciful harbor here. Please? If for nothing > else, to save the forests from my printer? > > I am trying to set up a login-system based on LDAP - with a Debian > (sarge) box as LDAP (and NFS) server, and Fedora Core 3 machines as > clients. > > So far, no luck. (not for 2 months...). After finally getting the server > to *start*, and adding what i (think is) an appropriate directory basic > layout using phpldapadmin (running on an apache server on the same box), > i still can't login. > > If i try to login (using su - *username*) from root, all i get is "user > does not exist". I know the client is okay - if i direct it to an > (older) ldap-running box, it works mountainously. > > I have a structure where all the user accounts are put in > ou=People,dc=valler,dc=vgs,dc=no (as "PosixAccount" and "PosixGroup" > according to phpldapadmin). This does work on the before mentioned box > (if i have "copied" the setup right using gq to read it, and > phpldapadmin to edit the new servers directory.) > > If i try to connect to the server using directory administrator, I can > see all users/groups. Trying to change the user password gives an error, > and if i try to create a new user i get "object class violation". > > Anybody who can help me? I am quite inexperienced when it comes to LDAP, > and does now think i have spent way to many hours reading dead threes/on > screen documentation of varying quality and relevance. > > I shall post any material you ask for. > > Kyrre Ness Sjøbæk Sorry for answering myself, but comparing the ldiff-files: in both i have a structure up to ou=People,dc=valler,dc=vgs,dc=no But in the working one, there is a "cn=Users,ou=People,dc=valler,dc=vgs,dc=no" in which all the users are placed. The groups are placed directly on People. On the non-functional server, both users and groups are placed directly on People. "cn=Users,ou=People,dc=valler,dc=vgs,dc=no" seems to be the "primary group" for all users (which i know is correct). It is at least a "posixGroup" objectClass. I hope i figured it out! Isn't it typical, after two months of headbanging, you post a desperate mail, and then the solution is there, 10 minutes later... Kyrre
