<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.5730.11" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Tahoma size=2>When comminting out, it seems to work
fine.</FONT></DIV>
<DIV><FONT face=Tahoma size=2></FONT> </DIV>
<DIV><FONT face=Tahoma size=2>[28/Feb/2007:18:31:42 +0100] conn=21 op=-1 fd=66
closed error 104 (Connection reset by peer) - TCP connection reset by
peer.<BR>[28/Feb/2007:18:31:45 +0100] conn=114 fd=66 slot=66 connection from
192.168.100.118 to 192.168.100.120<BR>[28/Feb/2007:18:31:45 +0100] conn=114 op=0
BIND dn="" method=128 version=3<BR>[28/Feb/2007:18:31:45 +0100] conn=114 op=0
RESULT err=0 tag=97 nentries=0 etime=0 dn=""<BR>[28/Feb/2007:18:31:45 +0100]
conn=114 op=1 SRCH base="dc=van-boxtel-software,dc=nl" scope=2
filter="(&(objectClass=posixAccount)(uid=mvheukelom))" attrs="uid
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description
objectClass"<BR>[28/Feb/2007:18:31:45 +0100] conn=114 op=1 RESULT err=0 tag=101
nentries=0 etime=0<BR>[28/Feb/2007:18:31:45 +0100] conn=114 op=2 SRCH
base="dc=van-boxtel-software,dc=nl" scope=2
filter="(&(objectClass=posixAccount)(uid=mvheukelom))" attrs="uid
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description
objectClass"<BR>[28/Feb/2007:18:31:45 +0100] conn=114 op=2 RESULT err=0 tag=101
nentries=0 etime=0<BR>[28/Feb/2007:18:31:54 +0100] conn=114 op=3 SRCH
base="dc=van-boxtel-software,dc=nl" scope=2
filter="(&(objectClass=posixAccount)(uid=mvheukelom))" attrs="uid
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description
objectClass"<BR>[28/Feb/2007:18:31:54 +0100] conn=114 op=3 RESULT err=0 tag=101
nentries=0 etime=0<BR>[28/Feb/2007:18:31:54 +0100] conn=22 op=-1 fd=67 closed
error 104 (Connection reset by peer) - TCP connection reset by
peer.<BR>[28/Feb/2007:18:31:57 +0100] conn=115 fd=67 slot=67 connection from
192.168.100.118 to 192.168.100.120<BR>[28/Feb/2007:18:31:57 +0100] conn=115 op=0
BIND dn="" method=128 version=3<BR>[28/Feb/2007:18:31:57 +0100] conn=115 op=0
RESULT err=0 tag=97 nentries=0 etime=0 dn=""<BR>[28/Feb/2007:18:31:57 +0100]
conn=115 op=1 SRCH base="dc=van-boxtel-software,dc=nl" scope=2
filter="(uid=mvheukelom)" attrs=ALL<BR>[28/Feb/2007:18:31:57 +0100] conn=115
op=1 RESULT err=0 tag=101 nentries=0 etime=0<BR>[28/Feb/2007:18:31:59 +0100]
conn=114 op=5 SRCH base="dc=van-boxtel-software,dc=nl" scope=2
filter="(&(objectClass=posixAccount)(uid=mvheukelom))" attrs="uid
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description
objectClass"<BR>[28/Feb/2007:18:31:59 +0100] conn=114 op=5 RESULT err=0 tag=101
nentries=0 etime=0<BR></FONT></DIV>
<DIV><FONT face=Tahoma size=2>err=0 so it looks o.k.</FONT></DIV>
<DIV><FONT face=Tahoma size=2></FONT> </DIV>
<DIV><FONT face=Tahoma size=2>thnx</DIV></FONT>
<DIV> </DIV>
<BLOCKQUOTE
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style="FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV
style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black"><B>From:</B>
<A title=joona.hartman@gmail.com href="mailto:joona.hartman@gmail.com">J.
Hartman</A> </DIV>
<DIV style="FONT: 10pt arial"><B>To:</B> <A
title=fedora-directory-devel@redhat.com
href="mailto:fedora-directory-devel@redhat.com">Fedora Directory server
developer discussion.</A> </DIV>
<DIV style="FONT: 10pt arial"><B>Sent:</B> Wednesday, February 28, 2007 4:02
PM</DIV>
<DIV style="FONT: 10pt arial"><B>Subject:</B> Re: [Fedora-directory-devel]
LDAP Authentication</DIV>
<DIV><BR></DIV>Hi,<BR><BR>In your client's ldap.conf, the rootbinddn should be
set to a real account object, possibly the "cn=directory manager".<BR><BR>In
access log, you can see that the client is trying to bind as <FONT face=Tahoma
size=2>"dc=example,dc=com" (server's naming context!), and err=48 shows that
the entry doesn't have userPassword attribute.<BR><BR>Try commenting out the
rootbinddn line or use "cn=directory manager". <BR><BR>Regards,<BR>Joona
Hartman<BR></FONT><BR>
<DIV><SPAN class=gmail_quote>On 2/28/07, <B class=gmail_sendername>Michiel van
Heukelom - Van Boxtel Software BV</B> <<A
href="mailto:mvheukelom@van-boxtel-software.nl">
mvheukelom@van-boxtel-software.nl</A>> wrote:</SPAN>
<BLOCKQUOTE class=gmail_quote
style="PADDING-LEFT: 1ex; MARGIN: 0pt 0pt 0pt 0.8ex; BORDER-LEFT: rgb(204,204,204) 1px solid">
<DIV bgcolor="#ffffff">
<DIV><FONT face=Tahoma size=2></FONT> </DIV>
<DIV><FONT face=Tahoma size=2></FONT>
<P><FONT face=Tahoma size=2>Problem with authenticate. </FONT></P>
<P><FONT face=Tahoma size=2>I've installed
fedora-ds-1.0.4-1.RHEL4.i386.opt.rpm and it seems to be working fine. I can
manage users by the console. On another machine i want to use the directory,
but when ik log in, in /var/log/messages i get the following error:
</FONT></P>
<P><FONT face=Tahoma size=2>Feb 23 13:07:59 ldap-vm4 remote(pam_unix)[3885]:
check pass; user unknown </FONT></P>
<P><FONT face=Tahoma size=2>Feb 23 13:07:59 ldap-vm4 remote(pam_unix)[3885]:
authentication failure; logname= uid=0 euid=0 tty=pts/2 ruser= rhost=<A
onclick="return top.js.OpenExtLink(window,event,this)"
href="http://192.168.100.176" target=_blank>192.168.100.176</A> </FONT></P>
<P><FONT face=Tahoma size=2>Feb 23 13:07:59 ldap-vm4 remote(pam_unix)[3885]:
could not identify user (from getpwnam(mvheukelom)) </FONT></P>
<P><FONT face=Tahoma size=2>Feb 23 13:07:59 ldap-vm4 login[3885]: User not
known to the underlying authentication module </FONT></P>
<P><FONT face=Tahoma size=2>On my ldap server the file
/opt/fedora-ds/slapd/logs/access</FONT></P>
<P><FONT face=Tahoma size=2>[28/Feb/2007:11:27:49 +0100] conn=250 op=0 BIND
dn="dc=example,dc=com" method=128 version=3<BR>[28/Feb/2007:11:27:49 +0100]
conn=250 op=0 RESULT err=48 tag=97 nentries=0
etime=0<BR>[28/Feb/2007:11:27:51 +0100] conn=251 fd=67 slot=67 connection
from <A onclick="return top.js.OpenExtLink(window,event,this)"
href="http://192.168.100.118" target=_blank>192.168.100.118</A> to <A
onclick="return top.js.OpenExtLink(window,event,this)"
href="http://192.168.100.119"
target=_blank>192.168.100.119</A><BR>[28/Feb/2007:11:27:51 +0100] conn=251
op=0 BIND dn="dc=example,dc=com" method=128
version=3<BR>[28/Feb/2007:11:27:51 +0100] conn=251 op=0 RESULT err=48 tag=97
nentries=0 etime=0<BR>[28/Feb/2007:11:27:51 +0100] conn=251 op=1
UNBIND<BR>[28/Feb/2007:11:27:51 +0100] conn=251 op=1 fd=67 closed -
U1<BR></FONT></P>
<P><FONT face=Tahoma size=2>my ldap.conf on my client:</FONT></P>
<P><FONT face=Tahoma size=2>host <A
onclick="return top.js.OpenExtLink(window,event,this)"
href="http://192.168.100.119" target=_blank>192.168.100.119</A></FONT></P>
<P><FONT face=Tahoma size=2>base dc=Example,dc=com</FONT></P>
<P><FONT face=Tahoma size=2>rootbinddn dc=example,dc=com</FONT></P>
<P><FONT face=Tahoma size=2>In authconfig i've made the changes to: use
ladap and user ldap authentication. I've also filled in my server
(IP-number) and my base. </FONT></P>
<P><FONT face=Tahoma size=2>Can someone advise me what to check please....
</FONT></P><FONT face=Tahoma size=2><B><FONT face=Tahoma size=2><FONT
face=Tahoma size=2>
<P><BR>Best regards,</P>
<P style="MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px">Michiel van Heukelom</P>
<P style="MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px"><B>Van Boxtel Software
B.V.</B></P>
<P style="MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px"> </P>
<P></P></FONT>
<TABLE height=15 cellSpacing=0 cellPadding=0 width=300 border=0>
<TBODY>
<TR>
<TD width=50 height=15><FONT face=Tahoma size=1>Phone:</FONT></TD>
<TD width=250 height=15><FONT face=Tahoma size=1>+31 (0) 492 - 327
357</FONT></TD></TR>
<TR>
<TD width=50 height=15><FONT face=Tahoma size=1>Fax: </FONT></TD>
<TD width=250 height=15><FONT face=Tahoma size=1>+31 (0) 492 - 324
326</FONT></TD></TR>
<TR>
<TD width=50 height=15><FONT face=Tahoma size=1>E-mail:</FONT></TD>
<TD width=250 height=15><A
onclick="return top.js.OpenExtLink(window,event,this)"
href="mailto:mvheukelom@van-boxtel-software.nl" target=_blank><FONT
face=Tahoma size=1>mvheukelom@van-boxtel-software.nl</FONT> </A></TD></TR>
<TR>
<TD width=50 height=15><FONT face=Tahoma size=1>Website:</FONT></TD>
<TD width=250 height=15><A
onclick="return top.js.OpenExtLink(window,event,this)"
href="http://www.van-boxtel-software.nl/" target=_blank><FONT
face=Tahoma
size=1>www.van-boxtel-software.nl</FONT></A></TD></TR></TBODY></TABLE></FONT></B></FONT></DIV></DIV><BR>--<BR>Fedora-directory-devel
mailing list<BR><A onclick="return top.js.OpenExtLink(window,event,this)"
href="mailto:Fedora-directory-devel@redhat.com">Fedora-directory-devel@redhat.com</A><BR><A
onclick="return top.js.OpenExtLink(window,event,this)"
href="https://www.redhat.com/mailman/listinfo/fedora-directory-devel"
target=_blank>https://www.redhat.com/mailman/listinfo/fedora-directory-devel</A><BR><BR></BLOCKQUOTE></DIV><BR>
<P>
<HR>
<P></P>--<BR>Fedora-directory-devel mailing
list<BR>Fedora-directory-devel@redhat.com<BR>https://www.redhat.com/mailman/listinfo/fedora-directory-devel<BR></BLOCKQUOTE></BODY></HTML>