[rhelv6-list] trying to get ldap system authentication working via nslcd
Jason Welsh
jawelsh at cisco.com
Fri Aug 23 21:33:02 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 08/23/2013 04:35 PM, Camron W. Fox wrote:
> On 13/08/23 5:03 AM, Jason Welsh wrote:
>> hey folks, Im using a RHEL 6.4 server and I am trying to set up
>> system ldap authentication via nslcd.conf and I have the
>> authenticated bind working, but I cannot get the system to
>> recognize users when i do a "su - userid"
>
>> im pretty sure its my filter thats not right.. Im not quite sure
>> what my filter and map statements should look like.
>
>> right now, im using a simple filter in nslcd.conf like
>
>> filter passwd (objectClass=User)
>
>> when i sniff the transaction to the ldap server (not using
>> encryption yet) i see the client bind to the ldap server, and in
>> the search request, i see Filter:
>> (&(objectClass=posixGroup)(memberUid=tcpdump))
>
>> huh? tcpdump user? o_O and of course 0 results come back.
>
>> any ideas why this is happening? Any suggestions on a better
>> filter/map to use?
>
>> regards, Jason
>
>
> Jason,
>
> What did your authconfig line look like when you setup authentication?
>
> Best Regards,
> Camron
>
authconfig --enableshadow --enablemd5 --enableldap --enableldapauth --disablesssd --disablesssdauth --enableforcelegacy --disableldaptls --ldapserver="myldapserver.cisco.com" --ldapbasedn="ou=Some Users,dc=cisco,dc=com" --updateall
- --
Jason Welsh
Systems Administrator .:|:.:|:.
Threat Response, Intelligence and Development
W: 919-392-6816
M: 919-637-3693
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlIX1Q4ACgkQrKCA2ghdtQQ+uQCePqvpOzoO/1/zpaN7KnuRIt55
tHEAmgPsA3zdTxW/fSDlvFi/M8o4lZVT
=HcTu
-----END PGP SIGNATURE-----
More information about the rhelv6-list
mailing list