ldap and hosts

Craig White craigwhite at azapple.com
Tue Apr 11 14:49:14 UTC 2006


On Tue, 2006-04-11 at 08:36 -0600, Andrew wrote:
> Craig White wrote:
> > On Mon, 2006-04-10 at 16:21 -0600, Andrew wrote:
> >   
> >> Craig White wrote:
> >>     
> >>> On Mon, 2006-04-10 at 15:17 -0600, Andrew wrote:
> >>>   
> >>>       
> >>>> Hello everyone,
> >>>>
> >>>> I have a ldap server running on another distro and I use it for a lot of 
> >>>> different things (such as users, passwords, and hosts) and it all works 
> >>>> fine on that distro.  I'm also trying to get all of this to work in FC5 
> >>>> and so far I have gotten users and passwords to work but the hosts is 
> >>>> giving me problems.  If I type getent hosts I see the complete list of 
> >>>> hosts as it should be but if I try to ping one of the hosts it just 
> >>>> hangs.  If I try to ping the ip address everything works fine.  I should 
> >>>> also note that I can't ping domain's either (such as yahoo.com) again it 
> >>>> just hangs but if I use a browser I can browse to them.  On another 
> >>>> note, when I type getent hosts in the ldap console i can see the query 
> >>>> but when I try to ping a single domain I see nothing in the ldap 
> >>>> console, not even an attempt.
> >>>>
> >>>>     
> >>>>         
> >>> ----
> >>> you need to confirm padl tools setup...
> >>>
> >>> what's output of ???
> >>>
> >>> grep host /etc/nsswitch
> >>>
> >>> grep host /etc/ldap.conf
> >>>
> >>> Craig
> >>>
> >>>   
> >>>       
> >> padl tools setup?
> >>
> >> the hosts line from my ldap config
> >> nss_base_hosts  ou=Hosts,dc=example,dc=org
> >>     
> > ----
> > wouldn't it make sense to make the above line something that could
> > possibly be meaningful from ldap?
> >
> > how about ldapsearch?  can you get hosts by querying via ldapsearch?
> >
> > if so, the answer to what you need in the line above should be obvious.
> >
> >   
> >> from nsswitch.conf
> >> #hosts:     db files nisplus nis dns
> >> hosts:      files dns ldap
> >>
> >> Note: ldap was before dns but by moving it back i was able to ping 
> >> yahoo.com.  But I still can't ping hosts in the hosts list.
> >>     
> > ----
> > probably should be running local dns for this but ldap.conf above is the
> > reason why it's not working for you.
> >
> > Craig
> >
> >   
> Actually I was thinking about putting up a DNS server, I'm just not 
> excited about having another service to run and maintain but.  The Hosts 
> line is actually not what i put i just didn't want to post my domain 
> name here however you could probably tell by my email.  But the dn is 
> correct i a sure you.
----
how about ldapsearch?

does

ldapsearch -x -h localhost -D 'YOUR_ROOTBIND_DN' -W '(ou=Host*)'

return anything useful?

Craig




More information about the fedora-list mailing list