OT: Help Kyrre with his LDAP authentification headatches :)

[Kyrre Ness Sjobak]

tor, 25.11.2004 kl. 23.12 skrev Kyrre Ness Sjobak:
> tor, 25.11.2004 kl. 22.49 skrev Kyrre Ness Sjobak:
> > After reading to many pages on screen and on dead wood, asking (with no
> > results) on forums, never receiving sign-up confirmation for the
> > padl.com pamldap list, getting my post rejected at other LDAP mailing
> > lists, and generally banging my head against the monitor for way to much
> > time, i am hoping for a merciful harbor here. Please? If for nothing
> > else, to save the forests from my printer?
> > 
> > I am trying to set up a login-system based on LDAP - with a Debian
> > (sarge) box as LDAP (and NFS) server, and Fedora Core 3 machines as
> > clients.
> > 
> > So far, no luck. (not for 2 months...). After finally getting the server
> > to *start*, and adding what i (think is) an appropriate directory basic
> > layout using phpldapadmin (running on an apache server on the same box),
> > i still can't login.
> > 
> > If i try to login (using su - *username*) from root, all i get is "user
> > does not exist". I know the client is okay - if i direct it to an
> > (older) ldap-running box, it works mountainously.
> > 
> > I have a structure where all the user accounts are put in
> > ou=People,dc=valler,dc=vgs,dc=no (as "PosixAccount" and "PosixGroup"
> > according to phpldapadmin). This does work on the before mentioned box
> > (if i have "copied" the setup right using gq to read it, and
> > phpldapadmin to edit the new servers directory.)
> > 
> > If i try to connect to the server using directory administrator, I can
> > see all users/groups. Trying to change the user password gives an error,
> > and if i try to create a new user i get "object class violation".
> > 
> > Anybody who can help me? I am quite inexperienced when it comes to LDAP,
> > and does now think i have spent way to many hours reading dead threes/on
> > screen documentation of varying quality and relevance.
> > 
> > I shall post any material you ask for.
> > 
> > Kyrre Ness Sjøbæk
> 
> Sorry for answering myself, but comparing the ldiff-files:
> 
> in both i have a structure up to ou=People,dc=valler,dc=vgs,dc=no
> 
> But in the working one, there is a
> "cn=Users,ou=People,dc=valler,dc=vgs,dc=no"
> in which all the users are placed. The groups are placed directly on
> People.
> 
> On the non-functional server, both users and groups are placed directly
> on People.
> 
> "cn=Users,ou=People,dc=valler,dc=vgs,dc=no" seems to be the "primary
> group" for all users (which i know is correct). It is at least a
> "posixGroup" objectClass.
> 
> I hope i figured it out! Isn't it typical, after two months of
> headbanging, you post a desperate mail, and then the solution is there,
> 10 minutes later...
> 
> Kyrre

Hmm... Worked. I don't have a clue why, but putting it there worked.
Yuhu!

Now i only have to figure out indexing and why directory administrator
won't work...

Anybody know about a good web(min) based LDAP server interface, which
could let me create a huge batch of users/w. populated homedirs
automagically? I have tried to use the skolelinux (norwegian school
distro) webmin ldap module, but without luck...

Kyrre