[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Trouble Installing LDAP Client On Ubuntu Linux

On Thursday 07 February 2008 18:35:33 Ldap Newbie wrote:
> Hi,
>   I have some trouble with the installation of the LDAP client on Ubuntu
> Linux.
>   I followed the instructions as described the articles below.
>     1. <http://www.linux.com/feature/114074>
>     2. <http://mcwhirter.com.au/node/25>

Lovely, neither document actually specifies that changes (and which ones) need 
to be made in the nss_ldap or pam_ldap configuration files, or even their 

In my opinion, you may be better off reading the documentation supplied by the 
software in question (or, at least you should consult it, and consider it to 
be more accurate).

>   Although I followed the steps in the article

There are different steps in the different documents, could you instead tell 
us the exact steps you took?

>   my Ubuntu keeps running 
> exactly as before, authenticating without using LDAP. Problem is that I
> don't have a clue what's happening.

Ouch. This is the problem with "Howtos", they don't explain what should be 
happening, and what to do when it doesn't.

> So any suggestions on what files to 
> check or what commands to run to test things are appreciated.
>   What I do know about this configuration problem is:
>     *  The LDAP server is up and running, it's usable from another
> application *  I don't see any incoming traces when I run slapd in full
> debug mode

No need to run "full debug mode" (whatever you mean by that), 'loglevel 
stats', or 'loglevel 256' should be sufficient to see all you need.

> and try some actions like rebooting

Rebooting is of no use here, it will not improve anything.

> or getent passwd from the  
> client *  The getent passwd <username> test as described in article .2
> fails
>   So likely something went wrong with the configuration of
>     $ apt-get install libpam-ldap libnss-ldap
>   Is there a way I can rerun the installer

Do you really want to rerun the installer? It may do things you don't 
necessarily want ...

>   so that I can verify the 
> configuration data I entered.

Rather edit the relevant configuration files directly, most 
likely /etc/libnss-ldap.conf and /etc/libpam-ldap.conf (although, pam_ldap 
isn't a libary .., but anyway).

> What other things should I try ? 

Read some documentation ('man pam_ldap;man nss_ldap').