[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP lookup problem



A little bit progress.
I discovered that this is happening probably because the following
attributes are not transfered to the slave server while using syncrepl

givenName:
sn:
cn:

Any ideas?

Thanks a lot

2008/8/21 Stelios A. <stelios.a@gmail.com>:
> I forgot to add a ldapsearch output. Below is the results direct from
> slave server. It finds without a problem the user but still not
> resolving on terminal. I need this in order to chown a particular
> directory which holds the mail settings (Maildir etc).
>
> ldapsearch -x -b "dc=mydomain,dc=edu,dc=com" -D
> "cn=admin,dc=mydomain,dc=edu,dc=com" -W uid=user1
>
> # Stavros  Lolis, Users, mydomain.edu.com
> dn: cn=Stavros  Lolis,ou=Users,dc=mydomain,dc=edu,dc=com
> objectClass: inetOrgPerson
> objectClass: posixAccount
> objectClass: person
> objectClass: organizationalPerson
> objectClass: top
> uid: user1
> userPassword:: e01ENX1nbnpMRHVxS2NHeE1OS0Zva2ZoT2V3PT0=
> uidNumber: 1761
> gidNumber: 100
> homeDirectory: /home/user1
> loginShell: /bin/false
> mail: user1@mydomain.edu.gr
>
> Also my /etc/ldap.conf has:
>
> host 192.168.1.0 192.168.1.1
> base dc=com,dc=edu,dc=com
> ldap_version 3
> binddn uid=authenticate,ou=System,dc=com,dc=edu,dc=com
> bindpw {MD5}jikxdsfdfsdfsdfsO5dIXw==
> rootbinddn cn=admin,dc=com,dc=edu,dc=com
> nss_initgroups_ignoreusers
> amavis,backup,bin,bind,clamav,daemon,dhcp,dovecot,games,gnats,irc,klog,libuuid,list,lp,mail,man,mysql,news,openldap,postfix,proxy,root,smmsp,smmta,smtpguard,sshd,sync,sys,syslog,uucp,www-data
> scope sub
> nss_base_passwd ou=Users,dc=com,dc=edu,dc=com?sub
>
>
> Any help is much appreciated.
>
>
> 2008/8/21 Stelios A. <stelios.a@gmail.com>:
>> Hello all,
>>
>> I have a master and a slave Openldap server on an Ubuntu 8.0.4 server
>> with 2.4.9 version of Openldap.
>> I'm sing syncrepl to sync data between 2 servers. Data are transfered
>> from master to the slave without a problem and I'm able to query the
>> slave ldap via phpldapadmin without a problem.
>> Having said that, as soon as I add a new user to the master ldap that
>> is been replicated fine (I can see the user details on the slave
>> server) but when I run from bash 'id user1' I'm getting an 'id: user1:
>> No such user.
>> This is happening no matter if I stop and start nscd or ldap.
>>
>> The sync part of the slave server is pasted below:
>>
>> syncrepl rid=001
>>        provider=ldap://192.168.1.0
>>        type=refreshOnly
>>        interval=00:00:01:00
>>        searchbase="dc=mydomain,dc=edu,dc=com"
>>        binddn="uid=syncrepl,ou=System,dc=mydomain,dc=edu,dc=com"
>>        bindmethod=simple
>>        credentials=mypassword
>>
>> updateref       ldap://192.168.1.0
>>
>> and the ACL's into slave are:
>>
>> access to attrs=userPassword,shadowLastChange
>>        by dn="cn=admin,dc=mydomain,dc=edu,dc=com" write
>>        by dn="uid=syncrepl,ou=System,dc=mydomain,dc=edu,dc=com" write
>>        by dn="uid=authenticate,ou=System,dc=mydomain,dc=edu,dc=com" read
>>        by anonymous auth
>>        by self write
>>        by * none
>>
>> access to dn.base="" by * read
>>
>> access to *
>>        by dn="cn=admin,dc=mydomain,dc=edu,dc=com" write
>>        by dn="uid=syncrepl,ou=System,dc=mydomain,dc=edu,dc=com" write
>>        by * read
>>
>> On master slave I can query any user fine. It just doesn't work on slave.
>> nsswitch.conf is same as master:
>>
>> passwd: files ldap
>> group: files ldap
>> shadow: files ldap
>>
>> hosts:  files dns
>> networks:       files
>>
>> protocols:      db files
>> services:       db files
>> ethers:         db files
>> rpc:            db files
>>
>> netgroup:       nis ldap
>>
>>
>> I have no clue how to troubleshoot this problem.
>> Any help is much appreciated.
>>
>> Thanks a lot
>>
>
>
>
> --
> Stelios A
>



-- 
Stelios A