SUMMARY: Initialized my first ldap but can't login
From: Dave Martini (martini_at_mrpeabody.llnl.gov)
Date: 11/30/05
- Previous message: r.polanskis_at_uws.edu.au: "SUMMARY: Chicken & egg problem: 112945-33"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Tue, 29 Nov 2005 16:57:19 -0800 To: sunmanagers@sunmanagers.org
Looks like it had something to do with my proxy password becasue I
changed it and re-initialized the client and now it looks better.
# ldaplist -l passwd user10
dn: uid=user10,ou=People,dc=llnl,dc=gov
cn: user10 test account
gecos: a test account for ldap
gidNumber: 10
objectClass: top
objectClass: account
objectClass: posixaccount
objectClass: shadowaccount
uid: user10
uidNumber: 1011
homeDirectory: /export/home/user10
loginShell: csh
But I still can't login as user10 with the password I gave it. It keeps
asking me for the password over and over.
ldapclient# ssh -l user10 128.115.61.115
Password:
Password:
Password:
Permission denied
(gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive).
Do you think this has something to do with the pam_unix mechanism?
Pam_unix is the default. Should I be using pam_ldap instead?
When I ran idsconfig I selected credential level proxy.
Thanks.
Dave.
Below is my original question
I just setup an iPlanet Directory Server 5.1 on my Solaris 9 box. I ran
through the setup utility and the idsconfig.
I initialized my first client with the ldapclient command and it created
the files in /var/ldap on the client machine. I'm trying to have the
client talk to my ldap server to verify it's working.
When I run this from the client I get an error
client# ldaplist groups
ldaplist: Object not found (Session error no available conn.
)
Does that mean it's not communicating with the server?
What's a good test command to run using ldaplist from the client?
I created a new user and adding the posix account and shadow account.
The user is called user10 on the ldap server. I'm not able to see this
user from the client nor log in as this user from the client.
client# ldaplist passwd user10
ldaplist: Object not found (Session error no available conn.
client# ssh -l user10 server
user10@server's password:
Permission denied, please try again.
user10@server's password:
Nor from the server
server# ssh -l user10 server
user10@server's password:
Permission denied, please try again.
user10@server's password:
In fact ldapsearch from the server doesn't show user10 but I do see
user10 in the Directory Console GUI.
server# ldapsearch -b "ou=people,dc=server,dc=llnl,dc=gov" -L
"uid=user10" > user_template.ldif
ldap_search: No such object
server#
I can do an ldapclient list from the client and it reads the files in
/var/ldap but can't do ldaplists as shown above or login as user10.
Any tips from the iPlanet/Sun One guru's would be greatly appreciated!
Thank you.
Dave Martini
LLNL
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
- Previous message: r.polanskis_at_uws.edu.au: "SUMMARY: Chicken & egg problem: 112945-33"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
