[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Getting ldappasswd and PAM in the same page under CentOS 7

To: Dieter Klünter <dieter@dkluenter.de>
Subject: Re: Getting ldappasswd and PAM in the same page under CentOS 7
From: Robert Heller <heller@deepsoft.com>
Date: Wed, 20 Sep 2017 14:20:54 -0400 (EDT)
Cc: Robert Heller <heller@deepsoft.com>, openldap-technical@openldap.org
Dkim-filter: OpenDKIM Filter v2.11.0 sharky3.deepsoft.com 06E2E73214C
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=deepsoft.com; s=deepsoft.com; t=1505931655; bh=f1Co11/M00xzMFbxyuW+zMKI9nGo6h9YmsXlmddGVn0=; h=From:Subject:In-Reply-To:References:To:Cc:Date:From; b=LBJ2Lz0T7Z6ZpcvAyXt6fonVbgNp3nqCJbunKnV7uXVZVpi/QagGJ5HicglYW1KD7 2tGEe/th333tR+QQOw89x/+PwNnHnOUroNA+6Boz/c3kqAy9CJXJdO7iF1TpFOKCDv SlgLXIz8X5xMFK6UnuhyssSJWCCpqQhXiZ4cA/sk=
In-reply-to: <20170920193017.6ac56700.dieter@dkluenter.de>
Organization: Deepwoods Software
References: <20170919164516.65FA373236F@sharky3.deepsoft.com> <c04b755c-a765-a779-5128-f5dc38daa392@savoirfairelinux.com> <20170920131440.796B473214C@sharky3.deepsoft.com> <20170920163237.F00367321F1@sharky3.deepsoft.com> <20170920193017.6ac56700.dieter@dkluenter.de>

At Wed, 20 Sep 2017 19:30:17 +0200 Dieter =?UTF-8?B?S2zDvG50ZXI=?= <dieter@dkluenter.de> wrote:

> 
> Am Wed, 20 Sep 2017 12:32:37 -0400 (EDT)
> schrieb Robert Heller <heller@deepsoft.com>:
> 
> > OK, I fixed the ACLs (I think), but it is still not working.  I
> > turned on verbose debugging for sssd[pam] and moderate debugging for
> > slapd.
> >=20
> > Here are my ACLs
> > in /etc/openldap/slapd.d/cn\=3Dconfig/olcDatabase\=3D{2}hdb.ldif:
> >=20
> > olcAccess: {0}to attrs=3DuserPassword
> >   by self write
> >   by anonymous auth
> >   by dn=3Duid=3Dheller,ou=3DPeople,dc=3Ddeepsoft,dc=3Dcom write
> >   by * none
> > olcAccess: {1}to *
> >   by dn=3Duid=3Dheller,ou=3DPeople,dc=3Ddeepsoft,dc=3Dcom write
> >   by * read
> >=20
> > There are also these olcAccess entries:
> >=20
> > in /etc/openldap/slapd.d/cn\=3Dconfig/olcDatabase\=3D{0}config.ldif:
> >=20
> > olcAccess: {0}to * by
> > dn.base=3D"gidNumber=3D0+uidNumber=3D0,cn=3Dpeercred,cn=3Dextern al,cn=3D=
> auth"
> > manage by * none
> >=20
> > and in /etc/openldap/slapd.d/cn\=3Dconfig/olcDatabase\=3D{1}monitor.ldif:
> >=20
> > olcAccess: {0}to * by
> > dn.base=3D"gidNumber=3D0+uidNumber=3D0,cn=3Dpeercred,cn=3Dextern al,cn=3D=
> auth"
> > read by dn.base=3D"cn=3DManager,dc=3Ddeepsoft,dc=3Dcom" read by * none
> [...]
> 
> You may run slapd in debugging mode 128.

How do I do that using the "new" configuration method in 
/etc/openldap/slapd.d?

I added:

logLevel: 128

to the end of /etc/openldap/slapd.d/cn=config.ldif

But it does not like it:

Sep 20 13:59:47 c764guest.deepsoft.com slapd[32362]: UNKNOWN attributeDescription "LOGLEVEL" inserted.

The documentaion talks about loglevel in slapd.conf, but I am not using 
slapd.conf...

> 
> -Dieter
> 
> --=20
> Dieter Kl=C3=BCnter | Systemberatung
> http://sys4.de
> GPG Key ID: E9ED159B
> 53=C2=B037'09,95"N
> 10=C2=B008'02,42"E
> 
>                              

-- 
Robert Heller             -- 978-544-6933
Deepwoods Software        -- Custom Software Services
http://www.deepsoft.com/  -- Linux Administration Services
heller@deepsoft.com       -- Webhosting Services

Follow-Ups:
- Re: Getting ldappasswd and PAM in the same page under CentOS 7
  - From: Dieter Klünter <dieter@dkluenter.de>
- Re: Getting ldappasswd and PAM in the same page under CentOS 7
  - From: Dieter Klünter <dieter@dkluenter.de>

References:
- Getting ldappasswd and PAM in the same page under CentOS 7
  - From: Robert Heller <heller@deepsoft.com>
- Re: Getting ldappasswd and PAM in the same page under CentOS 7
  - From: Clément OUDOT <clement.oudot@savoirfairelinux.com>
- Re: Getting ldappasswd and PAM in the same page under CentOS 7
  - From: Robert Heller <heller@deepsoft.com>
- Re: Getting ldappasswd and PAM in the same page under CentOS 7
  - From: Robert Heller <heller@deepsoft.com>
- Re: Getting ldappasswd and PAM in the same page under CentOS 7
  - From: Dieter Klünter <dieter@dkluenter.de>

Prev by Date: Re: Getting ldappasswd and PAM in the same page under CentOS 7
Next by Date: Re: Getting ldappasswd and PAM in the same page under CentOS 7
Index(es):
- Chronological
- Thread