I've been unsuccessfully trying to get nss_ldap to work. I've chased down hundreds of google searches over the last 3 days, and I can't seem to get a centos system to authenticate against ldap. Every daemon on the system is running into the same problem: nss_ldap: could not search LDAP server - Server is unavailable sshd, nscd, httpd, you name it.. slapd is clearly running, telnet localhost 389 actually connects me to it. I've run authconfig, /etc/sysconfig/authconfig agrees. I'm at a complete and utter loss. I've followed every how-to out there, RH, Openldap, Debian, FreeBSD I can verify ldap is working, I can't seem to get any PAM applications to use it. Peter -- Peter Serwe http://truthlightway.blogspot.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20091216/5e3a2650/attachment.html>
On Wed, 2009-12-16 at 11:24 -0800, Peter Serwe wrote:> I've been unsuccessfully trying to get nss_ldap to work. I've chased > down hundreds of google searches over the last 3 days, and I can't > seem to get a centos system to authenticate against ldap. > > Every daemon on the system is running into the same problem: > > nss_ldap: could not search LDAP server - Server is unavailable > > sshd, nscd, httpd, you name it.. > > slapd is clearly running, telnet localhost 389 actually connects me to > it. > > I've run authconfig, /etc/sysconfig/authconfig agrees. > > I'm at a complete and utter loss. I've followed every how-to out > there, RH, Openldap, Debian, FreeBSD I can verify ldap is working, I > can't seem to get any PAM applications to use it.---- forget 'telnet' Can you do an ldapsearch? ldapsearch -x -h localhost -D '$YOUR_ROOT_BIND_DN' -W '(ou=*)' Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
m.roth at 5-cent.us
2009-Dec-16 19:33 UTC
[CentOS] Problems with nss_ldap - where to start?
> I've been unsuccessfully trying to get nss_ldap to work. I've chased down > hundreds of google searches over the last 3 days, and I can't seem to get > a > centos system to authenticate against ldap. > > Every daemon on the system is running into the same problem: > > nss_ldap: could not search LDAP server - Server is unavailable > > sshd, nscd, httpd, you name it.. > > slapd is clearly running, telnet localhost 389 actually connects me to it. > > I've run authconfig, /etc/sysconfig/authconfig agrees. > > I'm at a complete and utter loss. I've followed every how-to out there, > RH, Openldap, Debian, FreeBSD I can verify ldap is working, I can't seem > to get any PAM applications to use it.First question: do you have tls enabled on the client, and not the server, or vice versa? Second question: on the server, can you do a search? Handy tool: webmin has a whole ldap section, and can give you a *lot* of clues as to what's going wrong. mark
Peter Serwe wrote:> I've been unsuccessfully trying to get nss_ldap to work. I've chased down > hundreds of google searches over the last 3 days, and I can't seem to get a > centos system to authenticate against ldap. > > Every daemon on the system is running into the same problem:Disable all SSL/TLS functions on the server and client and try it in the most basic mode, if it still doesn't work run tcpdump to look at what is actually being sent and what the response is. nate
Maybe Matching Threads
- No RTP from asterisk?
- Image conversion with ImageMagick doesn't work on CentOS, but it works fine on Debian Lenny.
- Trying to get xen to boot off of an iso or a sysresc image so I can expand a filesystem to the extent of the LVM's free space.
- nss_ldap failed to bind to LDAP server 127.0.0.1
- Mysterious new problem: nss_ldap: could not soft reconnect to LDAP server