winbind

Clodonil Trigo clodonil at nisled.org
Tue Dec 4 04:27:41 MST 2012 

Hi Chirana,

You made the LDAP connection. I will test this configuration.

Thank you,


Prof. Msc. Clodonil H. Trigo
www.nisled.org
E-mail: clodonil at nisled.org

Classificação: () Confidencial (X) Interna
As informações contidas nesta mensagem e respectivos anexos são de
interesse exclusivo a quem foram dirigidos, podendo ser confidenciais,
portanto fica proibida sua retenção, distribuição, divulgação, reprodução
ou utilização, sob as penas da lei. Caso tenha recebido esta mensagem por
engano, pedimos a gentileza de informar ao seu autor, eliminando-a de sua
caixa de entrada, registros ou sistema de controle.



2012/12/3 Chirana Gheorghita Eugeniu Theodor <office at adaptcom.ro>

> Hello,
> Centos 6.3 is somehow different in ldap auth
> Here is my config that works:
>
> [root at cerberus ~]# cat /etc/ldap.conf
> #start_tls
> ssl no
> suffix "cn=aviamotors,cn=ro"
> bind_policy soft
> timelimit 30
> bind_timelimit 30
>
> #uri ldaps://auth.aviamotors.ro ldaps://smtp.aviamotors.ro
> uri ldap://smtp.aviamotors.ro/
>
> pam_password md5
>
> ldap_version 3
>
> pam_filter objectclass=posixAccount
> pam_login_attribute uid
> pam_member_attribute memberuid
>
> nss_base_passwd ou=Users,dc=aviamotors,dc=ro
> nss_base_shadow ou=Users,dc=aviamotors,dc=ro
> nss_base_group  ou=Groups,dc=aviamotors,dc=ro
> nss_base_hosts  ou=Computers,dc=aviamotors,dc=ro
>
> scope one
>
> TLS_CACERT     /etc/openldap/certs/cacert.pem
> TLS_CERT     /etc/openldap/certs/servercrt.pem
> TLS_KEY     /etc/openldap/certs/serverkey.pem
> base cn=aviamotors,cn=ro
> tls_cacertdir /etc/openldap/cacerts
>
> [root at cerberus ~]# cat /etc/nsswitch.conf
> passwd:     files ldap
> shadow:     files ldap
> group:      files ldap
>
>
> hosts:      files dns
> networks:    files dns
>
> services:   files
> protocols:   files db
> rpc:         files db
> ethers:      files db
> netmasks:    files
> netgroup:   files ldap
> bootparams:  files
>
> automount:  files ldap
> aliases:     files ldap
>
> [root at cerberus ~]# cat /etc/nslcd.conf
> uri ldap://10.124.112.5
> base dc=aviamotors,dc=ro
> uid nslcd
> gid ldap
>
> nslcd daemon is essential. It seems that it replaces nsswitch.conf and
> pam.d configs.
>
> use the ip of the ldap and not the dns name. I could not make it work with
> the ip.
>
> [root at cerberus ~]# cat /etc/resolv.conf
> options single-request-reopen
> nameserver 10.124.112.3
>
> [root at cerberus ~]# ip a
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
>     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>     inet 127.0.0.1/8 scope host lo
> 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen
> 1000
>     link/ether 00:1e:67:2f:46:dc brd ff:ff:ff:ff:ff:ff
>     inet 192.168.30.250/24 brd 192.168.30.255 scope global eth0
>     inet 10.124.112.3/24 brd 10.124.112.255 scope global eth0:0
> 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
>     link/ether 00:1e:67:2f:46:dd brd ff:ff:ff:ff:ff:ff
>
> [root at cerberus ~]# service --status-all
> abrtd (pid  2021) is running...
> abrt-dump-oops (pid 2029) is running...
> acpid (pid  1865) is running...
> atd (pid  2063) is running...
> auditd (pid  1558) is running...
> automount (pid  1954) is running...
> named is stopped
> certmonger is stopped
> Stopped
> cgred is stopped
> Frequency scaling enabled using ondemand governor
> crond (pid  2052) is running...
> cupsd (pid  1840) is running...
> hald (pid  1874) is running...
> ip6tables: Firewall is not running.
> iptables: Firewall is not running.
> irqbalance (pid  1638) is running...
> kadmind is stopped
> Kdump is operational
> kpropd is stopped
> krb5kdc is stopped
> ksm is not running
> ksmtuned (pid  2043) is running...
> ktune settings are not applied.
> started
> lvmetad is stopped
> qpidd is stopped
> matahari-qmf-hostd is stopped
> matahari-qmf-networkd is stopped
> matahari-qmf-rpcd is stopped
> matahari-qmf-serviced is stopped
> matahari-qmf-sysconfigd is stopped
> matahari-qmf-sysconfig-consoled is stopped
> Checking for mcelog
> mcelog (pid  1735) is running...
> mdmonitor (pid  1683) is running...
> messagebus (pid  1818) is running...
> No open transaction
> netconsole module not loaded
> Configured devices:
> lo eth0 eth1
> Currently active devices:
> lo eth0
> rpc.svcgssd is stopped
> rpc.mountd is stopped
> nfsd is stopped
> rpc.rquotad is stopped
> rpc.statd (pid  1670) is running...
> nscd (pid 1971) is running...
> nslcd (pid  1583) is running...
> ntpd (pid  1999) is running...
> oddjobd (pid  2071) is running...
> portreserve (pid  1576) is running...
> master is stopped
> Process accounting is disabled.
> qpidd is stopped
> quota_nld is stopped
> rdisc is stopped
> rngd is stopped
> rpcbind (pid  1652) is running...
> rpc.gssd is stopped
> rpc.idmapd (pid 1716) is running...
> rpc.svcgssd is stopped
> rsyslogd (pid  1596) is running...
> sandbox is stopped
> saslauthd is stopped
> slapd is stopped
> smartd is stopped
> openssh-daemon (pid  1983) is running...
> tuned is stopped
> xinetd (pid  1991) is running...
> ypbind is stopped
> [root at cerberus ~]# service
> Usage: service < option > | --status-all | [ service_name [ command |
> --full-restart ] ]
> [root at cerberus ~]# service --status-all
> abrtd (pid  2021) is running...
> abrt-dump-oops (pid 2029) is running...
> acpid (pid  1865) is running...
> atd (pid  2063) is running...
> auditd (pid  1558) is running...
> automount (pid  1954) is running...
> named is stopped
> certmonger is stopped
> Stopped
> cgred is stopped
> Frequency scaling enabled using ondemand governor
> crond (pid  2052) is running...
> cupsd (pid  1840) is running...
> hald (pid  1874) is running...
> ip6tables: Firewall is not running.
> iptables: Firewall is not running.
> irqbalance (pid  1638) is running...
> kadmind is stopped
> Kdump is operational
> kpropd is stopped
> krb5kdc is stopped
> ksm is not running
> ksmtuned (pid  2043) is running...
> ktune settings are not applied.
> started
> lvmetad is stopped
> qpidd is stopped
> matahari-qmf-hostd is stopped
> matahari-qmf-networkd is stopped
> matahari-qmf-rpcd is stopped
> matahari-qmf-serviced is stopped
> matahari-qmf-sysconfigd is stopped
> matahari-qmf-sysconfig-consoled is stopped
> Checking for mcelog
> mcelog (pid  1735) is running...
> mdmonitor (pid  1683) is running...
> messagebus (pid  1818) is running...
> No open transaction
> netconsole module not loaded
> Configured devices:
> lo eth0 eth1
> Currently active devices:
> lo eth0
> rpc.svcgssd is stopped
> rpc.mountd is stopped
> nfsd is stopped
> rpc.rquotad is stopped
> rpc.statd (pid  1670) is running...
> nscd (pid 1971) is running...
> nslcd (pid  1583) is running...
> ntpd (pid  1999) is running...
> oddjobd (pid  2071) is running...
> portreserve (pid  1576) is running...
> master is stopped
> Process accounting is disabled.
> qpidd is stopped
> quota_nld is stopped
> rdisc is stopped
> rngd is stopped
> rpcbind (pid  1652) is running...
> rpc.gssd is stopped
> rpc.idmapd (pid 1716) is running...
> rpc.svcgssd is stopped
> rsyslogd (pid  1596) is running...
> sandbox is stopped
> saslauthd is stopped
> slapd is stopped
> smartd is stopped
> openssh-daemon (pid  1983) is running...
> tuned is stopped
> xinetd (pid  1991) is running...
> ypbind is stopped
>
>
>
> --
> ___________________________________________________
> Cu stima/Best regards/Mit freundlichen Grüßen/最好的问候,
>
> Chirana-Gheorghita Eugeniu-Theodor
> Bucharest, Romania
>
> e-mail : office at adaptcom.ro
> mobile: 0743 698721
>             0747 447675
>

More information about the samba-technical mailing list