[K12OSN] RE: K12OSN Digest, Vol 19, Issue 45
Selzler, Bruce
SelzlerB at esuhsd.org
Fri Sep 30 15:08:42 UTC 2005
Hello Team,
Perhaps I'm looking at this the wrong way. I assumed that by
authenticating against a different LDAP server, I could use one "list"
of accounts for a number of servers. The second response below seems to
be saying that I need to duplicate the userlist on the LTSP server. If
so, what is the point of authenticating to the LDAP server? I thought
the idea of LDAP was "one user list available in many places". Is this
not correct?
My LDAP logs in OSX show the following;
Sep 29 11:16:45 ybstudent slapd[52]: <= bdb_equality_candidates: (rid)
index_param failed (18)
Sep 29 14:31:33 ybstudent slapd[52]: do_search: invalid dn (dc=ybstudent
dc=org)
Sep 29 14:31:35 ybstudent slapd[52]: do_search: invalid dn (dc=ybstudent
dc=org)
Sep 29 14:31:51 ybstudent slapd[52]: do_search: invalid dn (dc=ybstudent
dc=org)
Sep 29 14:31:55 ybstudent slapd[52]: do_search: invalid dn (dc=ybstudent
dc=org)
Sep 30 07:59:34 localhost slapd[52]: @(#) $OpenLDAP: slapd 2.2.19 $
Sep 30 07:59:34 localhost slapd[52]: bdb_back_initialize: Sleepycat
Software: Berkeley DB 4.2.52: (December 3, 2003)
Sep 30 07:59:35 localhost slapd[52]: bdb_db_init: Initializing BDB
database
Sep 30 07:59:36 localhost slapd[52]: slapd starting
Sep 30 08:00:00 ybstudent slapd[52]: <= bdb_substring_candidates:
(apple-mcxflags) index_param failed (18)
Let me know what you think.
- Sez
*********************************************
Bruce Selzler
Digital High School Resource Teacher
http://www.mindsinsight.com
http://homepage.mac.com/sez
selzlerb at esuhsd.org
sez at mac.com
office:(408) 347.4936
cell: (408) 893.6161
************************************************
------------------------------
Message: 5
Date: Fri, 30 Sep 2005 00:37:19 GMT
From: cliebow at downeast.net
Subject: Re: [K12OSN] Authenticating from an OSX LDAP Server
To: "Support list for opensource software in schools."
<k12osn at redhat.com>
Message-ID: <200509300248.j8U2mCB16904 at downeast.net>
Are there any logfiles to look at inosx? can you increase
loglevel??change
the types of logging info? do a slapcat? run ethereal and read the
>For more info see <http://www.k12os.org>
David N. Trask
packets?? all these would help narrow down what is going on..let us know
more !! chuck
> Hello Team,
>
> I have a k12LTSP server running as a "stand alone" server with local
> authentication. I want to change the authentication method to LDAP
> services being run on an OSX server (Tiger).
>
> I'm entering what I believe to be the correct server information in
the
> Gnome authentication module. However it doesn't seem to authenticate.
> Although there is an odd twist to this.
>
> I have an account with the same username on both servers. "selzlerb".
> On the k12ltsp server the password for this (local) account is
different
> from the password on the OSX server. I can log on to the LTSP server
> with the username and the password from the OSX (remote) server.
>
> Doing this had me thinking it was actually working. But I can't log
on
> to any other account that should be authenticated via the OSX server.
> Anyone have any advice?
>
> Let me know what you think.
>
> - Sez
Bruce,
<disclaimer> This is not a difinitive answer, but something I think I
rememeber reading in the past and it may not even apply. </disclaimer>
If the users already exsist on the LTSP box and are just authenticating
to the OS X box then I think the UIDs have to match up. That *could*
explain why your admin user works - they both happen to have the same
UID, possibly 501. If my idea is correct, then I guess the solution is
to make the UID's match up. As for how to do this, I don't know. Hope
that helps a little bit.
Peace,
Jimmy Schwankl
+++++++++++++++++++++++++++++++++++++++++++++++
More information about the K12OSN
mailing list