LDAP query

Taking care of your Linux box.

LDAP query

Postby zaeemarshad » Sun Oct 19, 2003 2:44 am

i have been facing this problem for about a year now trying to solve it on my own but it seems like i dont possess enuff guts and the required talent to do it. The Mission Impossible is getting LDAP running on RHL8.0 r 9.0 . I want to provide a central authentication server and then move on to the AD stuff as M$ has developed AD over LDAP v3. did any one do it. my ldap fails as it says invalid credentials to bind with. i have tried everything from messing with slapd.conf and etc etc. i have all the freaking documentation and i have RTFM on my RHL box but even the basics dont get to work. can some one help.

regards
zaeem
zaeemarshad
Lieutenant Colonel
 
Posts: 660
Joined: Sat Jul 06, 2002 12:35 pm
Website: http://zaeem.no-ip.org
WLM: zarshadvirk@hotmail.com
Yahoo Messenger: negativecreep61@yahoo.com
AOL: zarshadvirk
Location: Islamabad

Postby zaeemarshad » Thu Oct 23, 2003 11:29 pm

should i expect a reply on this topic or is it closed. i think it will make a record of most views without an answer. BTW what is the current record at our forum
zaeemarshad
Lieutenant Colonel
 
Posts: 660
Joined: Sat Jul 06, 2002 12:35 pm
Website: http://zaeem.no-ip.org
WLM: zarshadvirk@hotmail.com
Yahoo Messenger: negativecreep61@yahoo.com
AOL: zarshadvirk
Location: Islamabad

Re:

Postby LinuxFreaK » Sun Oct 26, 2003 6:17 am

Dear zaeemarshad,
Salam,

Sir, Check the following links MS Active Directory, LDAP Enabled Software, LDAP Authentication and http://www.wedgetail.com/technology/act ... ctory.html Hope these sites help you.

Best Regards.
Farrukh Ahmed
LinuxFreaK
Site Admin
 
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
ICQ: 82075802
Website: http://www.linuxpakistan.net/wiki/index.php?pagename=LinuxFreak
WLM: f4fahmed@hotmail.com
Yahoo Messenger: f4fahmed@yahoo.com
AOL: linuxpakistan@aol.com
Location: Karachi

Re: LDAP query

Postby lambda » Mon Oct 27, 2003 7:28 pm

please describe your problem in more detail. do you want just linux systems to authenticate with your ldap server (via pam_ldap or something similar)? or do you want both linux systems and microsoft systems to authenticate with the same ldap db?

what schemas have you tried out? which web sites/howtos have you followed?
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

Postby zaeemarshad » Mon Oct 27, 2003 11:54 pm

i at first want my linux system to authenticate from a ldap server saving me the hassle of replicating users on each system. the howto that i have followed is at
http://www.mandrakesecure.net/en/docs/ldap-auth2.php

though i am using RHL but it should not make any difference. anyway the error i get is when i am trying to move the hosts and other stuff to ldap tree using the padl's all_online script. when it asks for credentials to bind with i give it the name or cn i entered in slapd.conf but after asking for the password when it tries to connect to the base tree it says authentication failed. invalid credentials. i am following exactly as the above page says and i have tried a zillion time. plz help me out and plz donot point to commercial links as i am not interested in one. thanks for at least listening. thanks all

regards
zaeem
zaeemarshad
Lieutenant Colonel
 
Posts: 660
Joined: Sat Jul 06, 2002 12:35 pm
Website: http://zaeem.no-ip.org
WLM: zarshadvirk@hotmail.com
Yahoo Messenger: negativecreep61@yahoo.com
AOL: zarshadvirk
Location: Islamabad

Re:

Postby LinuxFreaK » Tue Oct 28, 2003 12:18 am

Dear Zaeemarshad,
Salam,

Sir, Actually windows is not really using LDAP. I had asked this to many peoples.... they answered no.... AD includes LDAP, and future versions may actually use it properly.. but they still use their own proprietary SMB based RPCs to do anything useful. probably... but you should consider a PDC running samba instead.... much less headaches... You'll spend a month trying to hack this LDAP thing.... when a simple samba 3.0 setup will work...

Best Regards.
Farrukh Ahmed
LinuxFreaK
Site Admin
 
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
ICQ: 82075802
Website: http://www.linuxpakistan.net/wiki/index.php?pagename=LinuxFreak
WLM: f4fahmed@hotmail.com
Yahoo Messenger: f4fahmed@yahoo.com
AOL: linuxpakistan@aol.com
Location: Karachi

Postby lambda » Tue Oct 28, 2003 1:13 pm

can you connect from the commandline? like

ldapsearch -x -b 'dc=example,dc=com' -W -D 'cn=admin,dc=example,dc=com' '(uid=*)'

(change the options to match your site)
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

Re:

Postby LinuxFreaK » Thu Oct 30, 2003 12:30 am

Dear lambda,
Salam,

As, Mr.Zaeem Arshad Told me that he want to make LDAP as an Authrentication server which will Authrenticate Linux as well as M$ Windows 2000 Server which is running AD...

Best Regards.
Farrukh Ahmed
LinuxFreaK
Site Admin
 
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
ICQ: 82075802
Website: http://www.linuxpakistan.net/wiki/index.php?pagename=LinuxFreak
WLM: f4fahmed@hotmail.com
Yahoo Messenger: f4fahmed@yahoo.com
AOL: linuxpakistan@aol.com
Location: Karachi

Postby zaeemarshad » Thu Oct 30, 2003 6:36 pm

actually i followed the tutorial given on mandrakesecure.com . when i use the padl's script all_online to move my system data to the ldap tree it asks for the manager name and password which i enter exactly as i have then in my slapd.conf. but it says invalid credentials. and is unable to add data. i followed exactly as the tutorial pointed out but no use. i am using RHl 7.3,8.0,9.0 . thanks for the input

regards
zaeem
zaeemarshad
Lieutenant Colonel
 
Posts: 660
Joined: Sat Jul 06, 2002 12:35 pm
Website: http://zaeem.no-ip.org
WLM: zarshadvirk@hotmail.com
Yahoo Messenger: negativecreep61@yahoo.com
AOL: zarshadvirk
Location: Islamabad

Re:

Postby LinuxFreaK » Fri Oct 31, 2003 10:43 pm

Dear Zaeem Arshad,
Salam,

Sir Check this Link hope it will help you alot http://www.padl.com/Contents/Documentation.html

Best Regards.
Farrukh Ahmed
LinuxFreaK
Site Admin
 
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
ICQ: 82075802
Website: http://www.linuxpakistan.net/wiki/index.php?pagename=LinuxFreak
WLM: f4fahmed@hotmail.com
Yahoo Messenger: f4fahmed@yahoo.com
AOL: linuxpakistan@aol.com
Location: Karachi

Postby zaeemarshad » Fri Oct 31, 2003 10:55 pm

dear lambda,
if you follow the tutorial i pointed out i am able to connect to the base tree but when i start to add an ldif file it throws out the invalid credentials error. i would like to make it clear that for authentication to succeed we first need to move our passwd,shadow and groups file as a bare minimum to the base tree. i would like to point out that MS does use LDAP in AD as we talk about schema editing. i also read in M$ documentation that they use LDAPv3 in AD. my teacher had an AD project and he used the ldap api windows provided for it so i am dead sure that M$ does use LDAP. SMB based RPC can only be used for session as i believe.

Regards
Zaeem
zaeemarshad
Lieutenant Colonel
 
Posts: 660
Joined: Sat Jul 06, 2002 12:35 pm
Website: http://zaeem.no-ip.org
WLM: zarshadvirk@hotmail.com
Yahoo Messenger: negativecreep61@yahoo.com
AOL: zarshadvirk
Location: Islamabad


Return to “%s” Administration

Who is online

Users browsing this forum: No registered users and 2 guests

cron