* [Sysadmins] LDAP
@ 2007-12-23 16:33 Владимир
2007-12-23 21:03 ` Gennady Kovalev
0 siblings, 2 replies; 14+ messages in thread
From: Владимир @ 2007-12-23 16:33 UTC (permalink / raw)
To: ALT Linux sysadmin discuss
что-то я с ним замучился... логи -1 установлены, но что-то не видно что бы он
их писал...
slapcat выводит
dn: uid=masha,ou=People,dc=firma,dc=lan
uid: masha
cn: Masha
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQxJHpYcGdiL3BYJHZGdC56d251VkRCUG5OVy94eUZBeC8=
shadowLastChange: 13657
shadowMax: 99999
loginShell: /bin/bash
uidNumber: 517
gidNumber: 501
homeDirectory: /home/masha
structuralObjectClass: account
entryUUID: 352546a8-4405-102c-89c2-0929f9fb3173
creatorsName: cn=admin,dc=firma,dc=lan
createTimestamp: 20071221114000Z
entryCSN: 20071221114000Z#00000e#00#000000
modifiersName: cn=admin,dc=firma,dc=lan
modifyTimestamp: 20071221114000Z
# ldapsearch -LL -H
ldap://localhost -b"dc=poseydon,dc=lan" -x "(gidNumber=507)"
version: 1
и всё.
А тут вобще не понятно...
# ldapsearch -x -H 'ldap://localhost/' -d -1
ldap_create
ldap_url_parse_ext(ldap://localhost/)
ldap_bind
ldap_simple_bind
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP localhost:389
ldap_new_socket: 4
ldap_prepare_socket: 4
ldap_connect_to_host: Trying 127.0.0.1:389
ldap_connect_timeout: fd: 4 tm: -1 async: 0
ldap_open_defconn: successful
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_dump: buf=0x0805f718 ptr=0x0805f718 end=0x0805f726 len=14
0000: 30 0c 02 01 01 60 07 02 01 03 04 00 80 00 0....`........
ber_scanf fmt ({i) ber:
ber_dump: buf=0x0805f718 ptr=0x0805f71d end=0x0805f726 len=9
0000: 60 07 02 01 03 04 00 80 00 `........
ber_flush: 14 bytes to sd 4
0000: 30 0c 02 01 01 60 07 02 01 03 04 00 80 00 0....`........
ldap_write: want=14, written=14
0000: 30 0c 02 01 01 60 07 02 01 03 04 00 80 00 0....`........
ldap_result ld 0x8057528 msgid 1
ldap_chkResponseList ld 0x8057528 msgid 1 all 1
ldap_chkResponseList returns ld 0x8057528 NULL
wait4msg ld 0x8057528 msgid 1 (infinite timeout)
wait4msg continue ld 0x8057528 msgid 1 all 1
** ld 0x8057528 Connections:
* host: localhost port: 389 (default)
refcnt: 2 status: Connected
last used: Sun Dec 23 19:48:20 2007
** ld 0x8057528 Outstanding Requests:
* msgid 1, origid 1, status InProgress
outstanding referrals 0, parent count 0
** ld 0x8057528 Response Queue:
Empty
ldap_chkResponseList ld 0x8057528 msgid 1 all 1
ldap_chkResponseList returns ld 0x8057528 NULL
ldap_int_select
read1msg: ld 0x8057528 msgid 1 all 1
ber_get_next
ldap_read: want=8, got=8
0000: 30 0c 02 01 01 61 07 0a 0....a..
ldap_read: want=6, got=6
0000: 01 00 04 00 04 00 ......
ber_get_next: tag 0x30 len 12 contents:
ber_dump: buf=0x08060890 ptr=0x08060890 end=0x0806089c len=12
0000: 02 01 01 61 07 0a 01 00 04 00 04 00 ...a........
read1msg: ld 0x8057528 msgid 1 message type bind
ber_scanf fmt ({eaa) ber:
ber_dump: buf=0x08060890 ptr=0x08060893 end=0x0806089c len=9
0000: 61 07 0a 01 00 04 00 04 00 a........
read1msg: ld 0x8057528 0 new referrals
read1msg: mark request completed, ld 0x8057528 msgid 1
request done: ld 0x8057528 msgid 1
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 1, msgid 1)
ldap_free_connection 0 1
ldap_free_connection: refcnt 1
ldap_parse_result
ber_scanf fmt ({iaa) ber:
ber_dump: buf=0x08060890 ptr=0x08060893 end=0x0806089c len=9
0000: 61 07 0a 01 00 04 00 04 00 a........
ber_scanf fmt (}) ber:
ber_dump: buf=0x08060890 ptr=0x0806089c end=0x0806089c len=0
ldap_msgfree
# extended LDIF
#
# LDAPv3
# base <> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
ldap_search_ext
put_filter: "(objectclass=*)"
put_filter: simple
put_simple_filter: "objectclass=*"
ldap_build_search_req ATTRS: *
ldap_send_initial_request
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_dump: buf=0x0805f718 ptr=0x0805f718 end=0x0805f751 len=57
0000: 30 37 02 01 02 63 32 04 12 64 63 3d 70 6f 73 65 07...c2..dc=pose
0010: 79 64 6f 6e 2c 64 63 3d 6c 61 6e 0a 01 02 0a 01 ydon,dc=lan.....
0020: 00 02 01 00 02 01 00 01 01 00 87 0b 6f 62 6a 65 ............obje
0030: 63 74 63 6c 61 73 73 30 00 ctclass0.
ber_scanf fmt ({) ber:
ber_dump: buf=0x0805f718 ptr=0x0805f71d end=0x0805f751 len=52
0000: 63 32 04 12 64 63 3d 70 6f 73 65 79 64 6f 6e 2c c2..dc=firma,
0010: 64 63 3d 6c 61 6e 0a 01 02 0a 01 00 02 01 00 02 dc=lan..........
0020: 01 00 01 01 00 87 0b 6f 62 6a 65 63 74 63 6c 61 .......objectcla
0030: 73 73 30 00 ss0.
ber_flush: 57 bytes to sd 4
0000: 30 37 02 01 02 63 32 04 12 64 63 3d 70 6f 73 65 07...c2..dc=pose
0010: 79 64 6f 6e 2c 64 63 3d 6c 61 6e 0a 01 02 0a 01 ydon,dc=lan.....
0020: 00 02 01 00 02 01 00 01 01 00 87 0b 6f 62 6a 65 ............obje
0030: 63 74 63 6c 61 73 73 30 00 ctclass0.
ldap_write: want=57, written=57
0000: 30 37 02 01 02 63 32 04 12 64 63 3d 70 6f 73 65 07...c2..dc=pose
0010: 79 64 6f 6e 2c 64 63 3d 6c 61 6e 0a 01 02 0a 01 ydon,dc=lan.....
0020: 00 02 01 00 02 01 00 01 01 00 87 0b 6f 62 6a 65 ............obje
0030: 63 74 63 6c 61 73 73 30 00 ctclass0.
ldap_result ld 0x8057528 msgid -1
ldap_chkResponseList ld 0x8057528 msgid -1 all 0
ldap_chkResponseList returns ld 0x8057528 NULL
wait4msg ld 0x8057528 msgid -1 (infinite timeout)
wait4msg continue ld 0x8057528 msgid -1 all 0
** ld 0x8057528 Connections:
* host: localhost port: 389 (default)
refcnt: 2 status: Connected
last used: Sun Dec 23 19:48:20 2007
** ld 0x8057528 Outstanding Requests:
* msgid 2, origid 2, status InProgress
outstanding referrals 0, parent count 0
** ld 0x8057528 Response Queue:
Empty
ldap_chkResponseList ld 0x8057528 msgid -1 all 0
ldap_chkResponseList returns ld 0x8057528 NULL
ldap_int_select
read1msg: ld 0x8057528 msgid -1 all 0
ber_get_next
ldap_read: want=8, got=8
0000: 30 0c 02 01 02 65 07 0a 0....e..
ldap_read: want=6, got=6
0000: 01 00 04 00 04 00 ......
ber_get_next: tag 0x30 len 12 contents:
ber_dump: buf=0x08060890 ptr=0x08060890 end=0x0806089c len=12
0000: 02 01 02 65 07 0a 01 00 04 00 04 00 ...e........
read1msg: ld 0x8057528 msgid 2 message type search-result
ber_scanf fmt ({eaa) ber:
ber_dump: buf=0x08060890 ptr=0x08060893 end=0x0806089c len=9
0000: 65 07 0a 01 00 04 00 04 00 e........
read1msg: ld 0x8057528 0 new referrals
read1msg: mark request completed, ld 0x8057528 msgid 2
request done: ld 0x8057528 msgid 2
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 2, msgid 2)
ldap_free_connection 0 1
ldap_free_connection: refcnt 1
# search result
search: 2
ldap_parse_result
ber_scanf fmt ({iaa) ber:
ber_dump: buf=0x08060890 ptr=0x08060893 end=0x0806089c len=9
0000: 65 07 0a 01 00 04 00 04 00 e........
ber_scanf fmt (}) ber:
ber_dump: buf=0x08060890 ptr=0x0806089c end=0x0806089c len=0
ldap_err2string
result: 0 Success
ldap_msgfree
# numResponses: 1
ldap_free_connection 1 1
ldap_send_unbind
ber_flush: 7 bytes to sd 4
0000: 30 05 02 01 03 42 00 0....B.
ldap_write: want=7, written=7
0000: 30 05 02 01 03 42 00 0....B.
ldap_free_connection: actually freed
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [Sysadmins] LDAP
2007-12-23 16:33 [Sysadmins] LDAP Владимир
@ 2007-12-23 21:03 ` Gennady Kovalev
1 sibling, 0 replies; 14+ messages in thread
From: Gennady Kovalev @ 2007-12-23 21:03 UTC (permalink / raw)
To: ALT Linux sysadmin discuss
В сообщении от Sunday 23 December 2007 19:33:19 Владимир написал(а):
> что-то я с ним замучился... логи -1 установлены, но что-то не видно что бы
> он их писал...
> slapcat выводит
...
> gidNumber: 501
...
> # ldapsearch -LL -H
> ldap://localhost -b"dc=poseydon,dc=lan" -x "(gidNumber=507)"
> version: 1
>
> и всё.
Дык gidNumber 501 или 507?
--
Gennady Kovalev,
BIGUR, ALT Linux Team.
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [Sysadmins] LDAP
@ 2007-12-25 8:37 ` Владимир
0 siblings, 1 reply; 14+ messages in thread
From: Владимир @ 2007-12-25 8:37 UTC (permalink / raw)
To: ALT Linux sysadmin discuss
>Почемуто мне кажется, что у вас базовый DN слегка не тот,
>в каком-то из двух подходов...
упс.. ну это.. я типа зашифроваться пытался
в общем сообщаю, как я такого добивабсь.
ставлю сервер и клиент, открываю slapd-hdb-db01.conf и делаю замену
dc=example,dc=com на dc=firma,dc=lan :)
потом делаю ldif
dn: dc=firma,dc=lan
objectClass: organization
objectClass: dcObject
dc: firma
o: lan
dn: cn=admin,dc=firma,dc=lan
objectclass: organizationalRole
cn: admin
dn: ou=People,dc=firma,dc=lan
objectClass: organizationalUnit
ou: People
dn: ou=Group,dc=firma,dc=lan
objectClass: organizationalUnit
ou: Group
заливаю, пишет, что добавил...
такое ощущение, что что-то не доконца доделываю...
потом, эта версия не устарела случайно, вместо nis схема другая, вроде должна
быть.
#ldapsearch -LL -h localhost
SASL/SRP authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Invalid credentials (49)
additional info: SASL(-13): user not found: no secret in database
а вот
# ldapsearch -x -H 'ldap://localhost/' -d -1
<i>
# ldapsearch -x -H 'ldap://localhost/' -d -1
ldap_create
ldap_url_parse_ext(ldap://localhost/)
ldap_bind
ldap_simple_bind
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP localhost:389
ldap_new_socket: 4
ldap_prepare_socket: 4
ldap_connect_to_host: Trying 127.0.0.1:389
ldap_connect_timeout: fd: 4 tm: -1 async: 0
ldap_open_defconn: successful
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_dump: buf=0x08060128 ptr=0x08060128 end=0x08060136 len=14
0000: 30 0c 02 01 01 60 07 02 01 03 04 00 80 00 0....`........
ber_scanf fmt ({i) ber:
ber_dump: buf=0x08060128 ptr=0x0806012d end=0x08060136 len=9
0000: 60 07 02 01 03 04 00 80 00 `........
ber_flush: 14 bytes to sd 4
0000: 30 0c 02 01 01 60 07 02 01 03 04 00 80 00 0....`........
ldap_write: want=14, written=14
0000: 30 0c 02 01 01 60 07 02 01 03 04 00 80 00 0....`........
ldap_result ld 0x8057f30 msgid 1
ldap_chkResponseList ld 0x8057f30 msgid 1 all 1
ldap_chkResponseList returns ld 0x8057f30 NULL
wait4msg ld 0x8057f30 msgid 1 (infinite timeout)
wait4msg continue ld 0x8057f30 msgid 1 all 1
** ld 0x8057f30 Connections:
* host: localhost port: 389 (default)
refcnt: 2 status: Connected
last used: Tue Dec 25 11:25:55 2007
** ld 0x8057f30 Outstanding Requests:
* msgid 1, origid 1, status InProgress
outstanding referrals 0, parent count 0
** ld 0x8057f30 Response Queue:
Empty
ldap_chkResponseList ld 0x8057f30 msgid 1 all 1
ldap_chkResponseList returns ld 0x8057f30 NULL
ldap_int_select
read1msg: ld 0x8057f30 msgid 1 all 1
ber_get_next
ldap_read: want=8, got=8
0000: 30 0c 02 01 01 61 07 0a 0....a..
ldap_read: want=6, got=6
0000: 01 00 04 00 04 00 ......
ber_get_next: tag 0x30 len 12 contents:
ber_dump: buf=0x080612a8 ptr=0x080612a8 end=0x080612b4 len=12
0000: 02 01 01 61 07 0a 01 00 04 00 04 00 ...a........
read1msg: ld 0x8057f30 msgid 1 message type bind
ber_scanf fmt ({eaa) ber:
ber_dump: buf=0x080612a8 ptr=0x080612ab end=0x080612b4 len=9
0000: 61 07 0a 01 00 04 00 04 00 a........
read1msg: ld 0x8057f30 0 new referrals
read1msg: mark request completed, ld 0x8057f30 msgid 1
request done: ld 0x8057f30 msgid 1
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 1, msgid 1)
ldap_free_connection 0 1
ldap_free_connection: refcnt 1
ldap_parse_result
ber_scanf fmt ({iaa) ber:
ber_dump: buf=0x080612a8 ptr=0x080612ab end=0x080612b4 len=9
0000: 61 07 0a 01 00 04 00 04 00 a........
ber_scanf fmt (}) ber:
ber_dump: buf=0x080612a8 ptr=0x080612b4 end=0x080612b4 len=0
ldap_msgfree
# extended LDIF
#
# LDAPv3
# base <> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
ldap_search_ext
put_filter: "(objectclass=*)"
put_filter: simple
put_simple_filter: "objectclass=*"
ldap_build_search_req ATTRS: *
ldap_send_initial_request
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_dump: buf=0x08060128 ptr=0x08060128 end=0x0806014f len=39
0000: 30 25 02 01 02 63 20 04 00 0a 01 02 0a 01 00 02 0%...c .........
0010: 01 00 02 01 00 01 01 00 87 0b 6f 62 6a 65 63 74 ..........object
0020: 63 6c 61 73 73 30 00 class0.
ber_scanf fmt ({) ber:
ber_dump: buf=0x08060128 ptr=0x0806012d end=0x0806014f len=34
0000: 63 20 04 00 0a 01 02 0a 01 00 02 01 00 02 01 00 c ..............
0010: 01 01 00 87 0b 6f 62 6a 65 63 74 63 6c 61 73 73 .....objectclass
0020: 30 00 0.
ber_flush: 39 bytes to sd 4
0000: 30 25 02 01 02 63 20 04 00 0a 01 02 0a 01 00 02 0%...c .........
0010: 01 00 02 01 00 01 01 00 87 0b 6f 62 6a 65 63 74 ..........object
0020: 63 6c 61 73 73 30 00 class0.
ldap_write: want=3 0000: 30 25 02 01 02 63 20 04 00 0a 01 02 0a 01 00 02
0%...c .........
0010: 01 00 02 01 00 01 01 00 87 0b 6f 62 6a 65 63 74 ..........object
0020: 63 6c 61 73 73 30 00 class0.
ldap_result ld 0x8057f30 msgid -1
ldap_chkResponseList ld 0x8057f30 msgid -1 all 0
ldap_chkResponseList returns ld 0x8057f30 NULL
wait4msg ld 0x8057f30 msgid -1 (infinite timeout)
wait4msg continue ld 0x8057f30 msgid -1 all 0
** ld 0x8057f30 Connections:
* host: localhost port: 389 (default)
refcnt: 2 status: Connected
last used: Tue Dec 25 11:25:55 2007
** ld 0x8057f30 Outstanding Requests:
* msgid 2, origid 2, status InProgress
outstanding referrals 0, parent count 0
** ld 0x8057f30 Response Queue:
Empty
ldap_chkResponseList ld 0x8057f30 msgid -1 all 0
ldap_chkResponseList returns ld 0x8057f30 NULL
ldap_int_select
read1msg: ld 0x8057f30 msgid -1 all 0
ber_get_next
ldap_read: want=8, got=8
0000: 30 0c 02 01 02 65 07 0a 0....e..
ldap_read: want=6, got=6
0000: 01 20 04 00 04 00 . ....
ber_get_next: tag 0x30 len 12 contents:
ber_dump: buf=0x080612a8 ptr=0x080612a8 end=0x080612b4 len=12
0000: 02 01 02 65 07 0a 01 20 04 00 04 00 ...e... ....
read1msg: ld 0x8057f30 msgid 2 message type search-result
ber_scanf fmt ({eaa) ber:
ber_dump: buf=0x080612a8 ptr=0x080612ab end=0x080612b4 len=9
0000: 65 07 0a 01 20 04 00 04 00 e... ....
read1msg: ld 0x8057f30 0 new referrals
read1msg: mark request completed, ld 0x8057f30 msgid 2
request done: ld 0x8057f30 msgid 2
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 2, msgid 2)
ldap_free_connection 0 1
ldap_free_connection: refcnt 1
# search result
search: 2
ldap_parse_result
ber_scanf fmt ({iaa) ber:
ber_dump: buf=0x080612a8 ptr=0x080612ab end=0x080612b4 len=9
0000: 65 07 0a 01 20 04 00 04 00 e... ....
ber_scanf fmt (}) ber:
ber_dump: buf=0x080612a8 ptr=0x080612b4 end=0x080612b4 len=0
ldap_err2string
result: 32 No such object
ldap_msgfree
# numResponses: 1
ldap_free_connection 1 1
ldap_send_unbind
ber_flush: 7 bytes to sd 4
0000: 30 05 02 01 03 42 00 0....B.
ldap_write: want=7, written=7
0000: 30 05 02 01 03 42 00 0....B.
ldap_free_connection: actually freed
</i>
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [Sysadmins] LDAP
@ 2007-12-26 10:54 ` Владимир
0 siblings, 1 reply; 14+ messages in thread
From: Владимир @ 2007-12-26 10:54 UTC (permalink / raw)
To: ALT Linux sysadmin discuss
В сообщении от 26 декабря 2007 Dmitriy Kruglikov написал(a):
> dapsearch -x -h localhost
# ldapsearch -x -h localhost
# extended LDIF
#
# LDAPv3
# base <> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# search result
search: 2
result: 0 Success
# numResponses: 1
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [Sysadmins] LDAP
@ 2007-12-27 22:23 ` Владимир
2007-12-28 7:18 ` Максим Павлюкевич
0 siblings, 1 reply; 14+ messages in thread
From: Владимир @ 2007-12-27 22:23 UTC (permalink / raw)
To: ALT Linux sysadmin discuss
вот что-то вроде нащупал.
==> sasl_bind: dn="cn=admin,dc=firma,dc=lan" mech=SRP datalen=19
SASL Canonicalize [conn=2]: authcid="root"
slap_sasl_getdn: conn 2 id=root [len=4]
=> ldap_dn2bv(16)
<= ldap_dn2bv(uid=root,cn=SRP,cn=auth)=0
slap_sasl_getdn: u:id converted to uid=root,cn=SRP,cn=auth
>>> dnNormalize: <uid=root,cn=SRP,cn=auth>
=> ldap_bv2dn(uid=root,cn=SRP,cn=auth,0)
<= ldap_bv2dn(uid=root,cn=SRP,cn=auth)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=root,cn=srp,cn=auth)=0
<<< dnNormalize: <uid=root,cn=srp,cn=auth>
==>slap_sasl2dn: converting SASL name uid=root,cn=srp,cn=auth to a DN
slap_authz_regexp: converting SASL name uid=root,cn=srp,cn=auth
<==slap_sasl2dn: Converted SASL name to <nothing>
SASL Canonicalize [conn=2]: slapAuthcDN="uid=root,cn=srp,cn=auth"
SASL Canonicalize [conn=2]: authzid="root"
SASL [conn=2] Failure: no secret in database
send_ldap_result: conn=2 op=1 p=3
send_ldap_result: err=49 matched="" text="SASL(-13): user not found: no secret
in database"
send_ldap_response: msgid=2 tag=97 err=49
ber_flush: 62 bytes to sd 14
кстати, если под рута входить просто с su, то тогда использует uid
пользователя.
откуда srp и что это такое?
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [Sysadmins] LDAP
2007-12-27 22:23 ` Владимир
@ 2007-12-28 7:18 ` Максим Павлюкевич
2007-12-28 22:00 ` Владимир
` (4 more replies)
0 siblings, 5 replies; 14+ messages in thread
From: Максим Павлюкевич @ 2007-12-28 7:18 UTC (permalink / raw)
To: ALT Linux sysadmin discuss
Такое очучение что что-то с правами... в секции access
Попробуй запустить поиск от имени админа который присутствует в slapd.conf как переменная rootdn, и пароля который обозначается переменной rootpw
попробуй так еще...password-hash {CRYPT}
потому что такое очучение что root был добавлен через ldif, ну или другим способом.
-----Original Message-----
From: Владимир <haw@inbox.ru>
To: ALT Linux sysadmin discuss <sysadmins@lists.altlinux.org>
Date: Fri, 28 Dec 2007 01:23:09 +0300
Subject: Re: [Sysadmins] LDAP
> вот что-то вроде нащупал.
> ==> sasl_bind: dn="cn=admin,dc=firma,dc=lan" mech=SRP datalen=19
> SASL Canonicalize [conn=2]: authcid="root"
> slap_sasl_getdn: conn 2 id=root [len=4]
> => ldap_dn2bv(16)
> <= ldap_dn2bv(uid=root,cn=SRP,cn=auth)=0
> slap_sasl_getdn: u:id converted to uid=root,cn=SRP,cn=auth
> >>> dnNormalize: <uid=root,cn=SRP,cn=auth>
> => ldap_bv2dn(uid=root,cn=SRP,cn=auth,0)
> <= ldap_bv2dn(uid=root,cn=SRP,cn=auth)=0
> => ldap_dn2bv(272)
> <= ldap_dn2bv(uid=root,cn=srp,cn=auth)=0
> <<< dnNormalize: <uid=root,cn=srp,cn=auth>
> ==>slap_sasl2dn: converting SASL name uid=root,cn=srp,cn=auth to a DN
> slap_authz_regexp: converting SASL name uid=root,cn=srp,cn=auth
> <==slap_sasl2dn: Converted SASL name to <nothing>
> SASL Canonicalize [conn=2]: slapAuthcDN="uid=root,cn=srp,cn=auth"
> SASL Canonicalize [conn=2]: authzid="root"
> SASL [conn=2] Failure: no secret in database
> send_ldap_result: conn=2 op=1 p=3
> send_ldap_result: err=49 matched="" text="SASL(-13): user not found: no secret
> in database"
> send_ldap_response: msgid=2 tag=97 err=49
> ber_flush: 62 bytes to sd 14
>
> кстати, если под рута входить просто с su, то тогда использует uid
> пользователя.
> откуда srp и что это такое?
> _______________________________________________
> Sysadmins mailing list
> Sysadmins@lists.altlinux.org
> https://lists.altlinux.org/mailman/listinfo/sysadmins
>
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [Sysadmins] LDAP
2007-12-28 7:18 ` Максим Павлюкевич
@ 2007-12-28 22:00 ` Владимир
2007-12-29 14:37 ` Eugene Ostapets
2007-12-29 18:49 ` Владимир
` (3 subsequent siblings)
4 siblings, 1 reply; 14+ messages in thread
From: Владимир @ 2007-12-28 22:00 UTC (permalink / raw)
To: Максим
Павлюкевич,
ALT Linux sysadmin discuss
а кто-нибудь LDAP на 4.0 поднимал... что документация в дистрибутиве за 2005
год...
чисто провериться, вдруг не я накосячил.
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [Sysadmins] LDAP
2007-12-28 22:00 ` Владимир
@ 2007-12-29 14:37 ` Eugene Ostapets
0 siblings, 0 replies; 14+ messages in thread
From: Eugene Ostapets @ 2007-12-29 14:37 UTC (permalink / raw)
To: ALT Linux sysadmin discuss
29.12.07, Владимир<haw inbox.ru> написал(а):
> а кто-нибудь LDAP на 4.0 поднимал... что документация в дистрибутиве за 2005
> год...
> чисто провериться, вдруг не я накосячил.
Поднимал и не единожды... УМВР:)
--
С уважением,
Евгений Остапец
uin: 23747217
jid: eugene_ostapets@jabber.ru
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [Sysadmins] LDAP
2007-12-28 7:18 ` Максим Павлюкевич
2007-12-28 22:00 ` Владимир
@ 2007-12-29 18:49 ` Владимир
2008-01-14 18:10 ` Владимир
` (2 subsequent siblings)
4 siblings, 0 replies; 14+ messages in thread
From: Владимир @ 2007-12-29 18:49 UTC (permalink / raw)
To: Максим
Павлюкевич,
ALT Linux sysadmin discuss
test
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [Sysadmins] LDAP
2007-12-28 7:18 ` Максим Павлюкевич
2007-12-28 22:00 ` Владимир
2007-12-29 18:49 ` Владимир
@ 2008-01-14 18:10 ` Владимир
2008-01-15 6:05 ` Владимир
2008-01-15 6:32 ` Владимир
4 siblings, 0 replies; 14+ messages in thread
From: Владимир @ 2008-01-14 18:10 UTC (permalink / raw)
To: ALT Linux sysadmin discuss
Так и не справился. :(
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [Sysadmins] LDAP
2007-12-28 7:18 ` Максим Павлюкевич
` (2 preceding siblings ...)
2008-01-14 18:10 ` Владимир
@ 2008-01-15 6:05 ` Владимир
2008-01-15 6:32 ` Владимир
4 siblings, 0 replies; 14+ messages in thread
From: Владимир @ 2008-01-15 6:05 UTC (permalink / raw)
To: ALT Linux sysadmin discuss
Вроде всё уже попробовал. :(
Кто на office-server LDAP поднимал?
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [Sysadmins] LDAP
2007-12-28 7:18 ` Максим Павлюкевич
` (3 preceding siblings ...)
2008-01-15 6:05 ` Владимир
@ 2008-01-15 6:32 ` Владимир
2008-01-15 19:26 ` Владимир
4 siblings, 1 reply; 14+ messages in thread
From: Владимир @ 2008-01-15 6:32 UTC (permalink / raw)
To: ALT Linux sysadmin discuss
Так и не настроил...
У office-server работает?
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [Sysadmins] LDAP
2008-01-15 6:32 ` Владимир
@ 2008-01-15 19:26 ` Владимир
2008-01-18 12:03 ` Владимир
0 siblings, 1 reply; 14+ messages in thread
From: Владимир @ 2008-01-15 19:26 UTC (permalink / raw)
To: ALT Linux sysadmin discuss
Поставил 2.3.39 (20071118) из исходников.
./configure --prefix=/usr --libexecdir=/usr/sbin --sysconfdir=/etc/ --localstatedir=/var --libdir=/usr/lib --infodir=/usr/share/info --mandir=/usr/share/man
Настроил... из командной строки заполняет, ищет... как бы с тем LDAP, что в
системе подружиться?
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [Sysadmins] LDAP
2008-01-15 19:26 ` Владимир
@ 2008-01-18 12:03 ` Владимир
0 siblings, 0 replies; 14+ messages in thread
From: Владимир @ 2008-01-18 12:03 UTC (permalink / raw)
To: ALT Linux sysadmin discuss
так.. а мастер настройки на клиентах авторизацию LDAP не делает...
ручками приходится nss.conf nss_ldap.conf nsswitch.conf править.
^ permalink raw reply [flat|nested] 14+ messages in thread
end of thread, other threads:[~2008-01-18 12:03 UTC | newest]
Thread overview: 14+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2007-12-23 16:33 [Sysadmins] LDAP Владимир
2007-12-23 21:03 ` Gennady Kovalev
2007-12-25 8:37 ` Владимир
2007-12-26 10:54 ` Владимир
2007-12-27 22:23 ` Владимир
2007-12-28 7:18 ` Максим Павлюкевич
2007-12-28 22:00 ` Владимир
2007-12-29 14:37 ` Eugene Ostapets
2007-12-29 18:49 ` Владимир
2008-01-14 18:10 ` Владимир
2008-01-15 6:05 ` Владимир
2008-01-15 6:32 ` Владимир
2008-01-15 19:26 ` Владимир
2008-01-18 12:03 ` Владимир
ALT Linux sysadmins discussion
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/sysadmins/0 sysadmins/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 sysadmins sysadmins/ http://lore.altlinux.org/sysadmins \
sysadmins@lists.altlinux.org sysadmins@lists.altlinux.ru sysadmins@lists.altlinux.com
public-inbox-index sysadmins
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.sysadmins
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git