winbind
Clodonil Trigo
clodonil at nisled.org
Tue Dec 4 04:27:41 MST 2012
Hi Chirana,
You made the LDAP connection. I will test this configuration.
Thank you,
Prof. Msc. Clodonil H. Trigo
www.nisled.org
E-mail: clodonil at nisled.org
Classificação: () Confidencial (X) Interna
As informações contidas nesta mensagem e respectivos anexos são de
interesse exclusivo a quem foram dirigidos, podendo ser confidenciais,
portanto fica proibida sua retenção, distribuição, divulgação, reprodução
ou utilização, sob as penas da lei. Caso tenha recebido esta mensagem por
engano, pedimos a gentileza de informar ao seu autor, eliminando-a de sua
caixa de entrada, registros ou sistema de controle.
2012/12/3 Chirana Gheorghita Eugeniu Theodor <office at adaptcom.ro>
> Hello,
> Centos 6.3 is somehow different in ldap auth
> Here is my config that works:
>
> [root at cerberus ~]# cat /etc/ldap.conf
> #start_tls
> ssl no
> suffix "cn=aviamotors,cn=ro"
> bind_policy soft
> timelimit 30
> bind_timelimit 30
>
> #uri ldaps://auth.aviamotors.ro ldaps://smtp.aviamotors.ro
> uri ldap://smtp.aviamotors.ro/
>
> pam_password md5
>
> ldap_version 3
>
> pam_filter objectclass=posixAccount
> pam_login_attribute uid
> pam_member_attribute memberuid
>
> nss_base_passwd ou=Users,dc=aviamotors,dc=ro
> nss_base_shadow ou=Users,dc=aviamotors,dc=ro
> nss_base_group ou=Groups,dc=aviamotors,dc=ro
> nss_base_hosts ou=Computers,dc=aviamotors,dc=ro
>
> scope one
>
> TLS_CACERT /etc/openldap/certs/cacert.pem
> TLS_CERT /etc/openldap/certs/servercrt.pem
> TLS_KEY /etc/openldap/certs/serverkey.pem
> base cn=aviamotors,cn=ro
> tls_cacertdir /etc/openldap/cacerts
>
> [root at cerberus ~]# cat /etc/nsswitch.conf
> passwd: files ldap
> shadow: files ldap
> group: files ldap
>
>
> hosts: files dns
> networks: files dns
>
> services: files
> protocols: files db
> rpc: files db
> ethers: files db
> netmasks: files
> netgroup: files ldap
> bootparams: files
>
> automount: files ldap
> aliases: files ldap
>
> [root at cerberus ~]# cat /etc/nslcd.conf
> uri ldap://10.124.112.5
> base dc=aviamotors,dc=ro
> uid nslcd
> gid ldap
>
> nslcd daemon is essential. It seems that it replaces nsswitch.conf and
> pam.d configs.
>
> use the ip of the ldap and not the dns name. I could not make it work with
> the ip.
>
> [root at cerberus ~]# cat /etc/resolv.conf
> options single-request-reopen
> nameserver 10.124.112.3
>
> [root at cerberus ~]# ip a
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> inet 127.0.0.1/8 scope host lo
> 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen
> 1000
> link/ether 00:1e:67:2f:46:dc brd ff:ff:ff:ff:ff:ff
> inet 192.168.30.250/24 brd 192.168.30.255 scope global eth0
> inet 10.124.112.3/24 brd 10.124.112.255 scope global eth0:0
> 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
> link/ether 00:1e:67:2f:46:dd brd ff:ff:ff:ff:ff:ff
>
> [root at cerberus ~]# service --status-all
> abrtd (pid 2021) is running...
> abrt-dump-oops (pid 2029) is running...
> acpid (pid 1865) is running...
> atd (pid 2063) is running...
> auditd (pid 1558) is running...
> automount (pid 1954) is running...
> named is stopped
> certmonger is stopped
> Stopped
> cgred is stopped
> Frequency scaling enabled using ondemand governor
> crond (pid 2052) is running...
> cupsd (pid 1840) is running...
> hald (pid 1874) is running...
> ip6tables: Firewall is not running.
> iptables: Firewall is not running.
> irqbalance (pid 1638) is running...
> kadmind is stopped
> Kdump is operational
> kpropd is stopped
> krb5kdc is stopped
> ksm is not running
> ksmtuned (pid 2043) is running...
> ktune settings are not applied.
> started
> lvmetad is stopped
> qpidd is stopped
> matahari-qmf-hostd is stopped
> matahari-qmf-networkd is stopped
> matahari-qmf-rpcd is stopped
> matahari-qmf-serviced is stopped
> matahari-qmf-sysconfigd is stopped
> matahari-qmf-sysconfig-consoled is stopped
> Checking for mcelog
> mcelog (pid 1735) is running...
> mdmonitor (pid 1683) is running...
> messagebus (pid 1818) is running...
> No open transaction
> netconsole module not loaded
> Configured devices:
> lo eth0 eth1
> Currently active devices:
> lo eth0
> rpc.svcgssd is stopped
> rpc.mountd is stopped
> nfsd is stopped
> rpc.rquotad is stopped
> rpc.statd (pid 1670) is running...
> nscd (pid 1971) is running...
> nslcd (pid 1583) is running...
> ntpd (pid 1999) is running...
> oddjobd (pid 2071) is running...
> portreserve (pid 1576) is running...
> master is stopped
> Process accounting is disabled.
> qpidd is stopped
> quota_nld is stopped
> rdisc is stopped
> rngd is stopped
> rpcbind (pid 1652) is running...
> rpc.gssd is stopped
> rpc.idmapd (pid 1716) is running...
> rpc.svcgssd is stopped
> rsyslogd (pid 1596) is running...
> sandbox is stopped
> saslauthd is stopped
> slapd is stopped
> smartd is stopped
> openssh-daemon (pid 1983) is running...
> tuned is stopped
> xinetd (pid 1991) is running...
> ypbind is stopped
> [root at cerberus ~]# service
> Usage: service < option > | --status-all | [ service_name [ command |
> --full-restart ] ]
> [root at cerberus ~]# service --status-all
> abrtd (pid 2021) is running...
> abrt-dump-oops (pid 2029) is running...
> acpid (pid 1865) is running...
> atd (pid 2063) is running...
> auditd (pid 1558) is running...
> automount (pid 1954) is running...
> named is stopped
> certmonger is stopped
> Stopped
> cgred is stopped
> Frequency scaling enabled using ondemand governor
> crond (pid 2052) is running...
> cupsd (pid 1840) is running...
> hald (pid 1874) is running...
> ip6tables: Firewall is not running.
> iptables: Firewall is not running.
> irqbalance (pid 1638) is running...
> kadmind is stopped
> Kdump is operational
> kpropd is stopped
> krb5kdc is stopped
> ksm is not running
> ksmtuned (pid 2043) is running...
> ktune settings are not applied.
> started
> lvmetad is stopped
> qpidd is stopped
> matahari-qmf-hostd is stopped
> matahari-qmf-networkd is stopped
> matahari-qmf-rpcd is stopped
> matahari-qmf-serviced is stopped
> matahari-qmf-sysconfigd is stopped
> matahari-qmf-sysconfig-consoled is stopped
> Checking for mcelog
> mcelog (pid 1735) is running...
> mdmonitor (pid 1683) is running...
> messagebus (pid 1818) is running...
> No open transaction
> netconsole module not loaded
> Configured devices:
> lo eth0 eth1
> Currently active devices:
> lo eth0
> rpc.svcgssd is stopped
> rpc.mountd is stopped
> nfsd is stopped
> rpc.rquotad is stopped
> rpc.statd (pid 1670) is running...
> nscd (pid 1971) is running...
> nslcd (pid 1583) is running...
> ntpd (pid 1999) is running...
> oddjobd (pid 2071) is running...
> portreserve (pid 1576) is running...
> master is stopped
> Process accounting is disabled.
> qpidd is stopped
> quota_nld is stopped
> rdisc is stopped
> rngd is stopped
> rpcbind (pid 1652) is running...
> rpc.gssd is stopped
> rpc.idmapd (pid 1716) is running...
> rpc.svcgssd is stopped
> rsyslogd (pid 1596) is running...
> sandbox is stopped
> saslauthd is stopped
> slapd is stopped
> smartd is stopped
> openssh-daemon (pid 1983) is running...
> tuned is stopped
> xinetd (pid 1991) is running...
> ypbind is stopped
>
>
>
> --
> ___________________________________________________
> Cu stima/Best regards/Mit freundlichen Grüßen/最好的问候,
>
> Chirana-Gheorghita Eugeniu-Theodor
> Bucharest, Romania
>
> e-mail : office at adaptcom.ro
> mobile: 0743 698721
> 0747 447675
>
More information about the samba-technical
mailing list