[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP lookup problem



I forgot to add a ldapsearch output. Below is the results direct from
slave server. It finds without a problem the user but still not
resolving on terminal. I need this in order to chown a particular
directory which holds the mail settings (Maildir etc).

ldapsearch -x -b "dc=mydomain,dc=edu,dc=com" -D
"cn=admin,dc=mydomain,dc=edu,dc=com" -W uid=user1

# Stavros  Lolis, Users, mydomain.edu.com
dn: cn=Stavros  Lolis,ou=Users,dc=mydomain,dc=edu,dc=com
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: person
objectClass: organizationalPerson
objectClass: top
uid: user1
userPassword:: e01ENX1nbnpMRHVxS2NHeE1OS0Zva2ZoT2V3PT0=
uidNumber: 1761
gidNumber: 100
homeDirectory: /home/user1
loginShell: /bin/false
mail: user1@mydomain.edu.gr

Also my /etc/ldap.conf has:

host 192.168.1.0 192.168.1.1
base dc=com,dc=edu,dc=com
ldap_version 3
binddn uid=authenticate,ou=System,dc=com,dc=edu,dc=com
bindpw {MD5}jikxdsfdfsdfsdfsO5dIXw==
rootbinddn cn=admin,dc=com,dc=edu,dc=com
nss_initgroups_ignoreusers
amavis,backup,bin,bind,clamav,daemon,dhcp,dovecot,games,gnats,irc,klog,libuuid,list,lp,mail,man,mysql,news,openldap,postfix,proxy,root,smmsp,smmta,smtpguard,sshd,sync,sys,syslog,uucp,www-data
scope sub
nss_base_passwd ou=Users,dc=com,dc=edu,dc=com?sub


Any help is much appreciated.


2008/8/21 Stelios A. <stelios.a@gmail.com>:
> Hello all,
>
> I have a master and a slave Openldap server on an Ubuntu 8.0.4 server
> with 2.4.9 version of Openldap.
> I'm sing syncrepl to sync data between 2 servers. Data are transfered
> from master to the slave without a problem and I'm able to query the
> slave ldap via phpldapadmin without a problem.
> Having said that, as soon as I add a new user to the master ldap that
> is been replicated fine (I can see the user details on the slave
> server) but when I run from bash 'id user1' I'm getting an 'id: user1:
> No such user.
> This is happening no matter if I stop and start nscd or ldap.
>
> The sync part of the slave server is pasted below:
>
> syncrepl rid=001
>        provider=ldap://192.168.1.0
>        type=refreshOnly
>        interval=00:00:01:00
>        searchbase="dc=mydomain,dc=edu,dc=com"
>        binddn="uid=syncrepl,ou=System,dc=mydomain,dc=edu,dc=com"
>        bindmethod=simple
>        credentials=mypassword
>
> updateref       ldap://192.168.1.0
>
> and the ACL's into slave are:
>
> access to attrs=userPassword,shadowLastChange
>        by dn="cn=admin,dc=mydomain,dc=edu,dc=com" write
>        by dn="uid=syncrepl,ou=System,dc=mydomain,dc=edu,dc=com" write
>        by dn="uid=authenticate,ou=System,dc=mydomain,dc=edu,dc=com" read
>        by anonymous auth
>        by self write
>        by * none
>
> access to dn.base="" by * read
>
> access to *
>        by dn="cn=admin,dc=mydomain,dc=edu,dc=com" write
>        by dn="uid=syncrepl,ou=System,dc=mydomain,dc=edu,dc=com" write
>        by * read
>
> On master slave I can query any user fine. It just doesn't work on slave.
> nsswitch.conf is same as master:
>
> passwd: files ldap
> group: files ldap
> shadow: files ldap
>
> hosts:  files dns
> networks:       files
>
> protocols:      db files
> services:       db files
> ethers:         db files
> rpc:            db files
>
> netgroup:       nis ldap
>
>
> I have no clue how to troubleshoot this problem.
> Any help is much appreciated.
>
> Thanks a lot
>



-- 
Stelios A