search for: ldapbasedn

...yption. error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (self signed certificate)| In my kickstart file I use: auth? --useshadow --enableldaptls --enablecache? --passalgo=sha512 --enableldap --enableldapauth --ldapserver="ldaps://my.ldap.server.fr" --ldapbasedn=dc=my,dc=base,dc=dn Then in a post install script I download the server and ca certificates and stops nslcd that I do not use: echo "TLS_REQCERT allow">>/etc/openldap/ldap.conf cd /etc/openldap/cacerts/ && wget http://xxx.xxx.xxx.xxx/Softwares7/LDAPCERTS/ca-bundle.crt &a...

...ge, without using client-side certificate) I have run a similar command as I did on the remote servers, replacing ldap://localldapserver by ldaps://ldap.mycompany.com: authconfig --enableldap --enableldapauth --enablecache --enablemkhomedir --ldapserver=ldaps://ldap.mycompany.com --enableldaptls --ldapbasedn=dc=mycompany,dc=com --passalgo=sha256 --updateall and I put the CA certificate at the right place. (either explicitly pointing to it TLS_CACERT or downloading it to /etc/openldap/cacerts vi system-configuration-authentication) In all my various tests, ldapsearch -x returns the content of the remo...

...the examples in SBE, they still appear to be returning information from local files rather than the ldap info.) I wanted to go back and check my authconfig and reset the parameters. However now when I do a authconfig I get this: ---- authconfig --enablecache --enableldap --ldapserver=127.0.0.1 --ldapbasedn="dc=sncc-pdc,dc=net" --enableshadow --enablemd5 --enableldapauth --update Traceback (most recent call last): File "/usr/sbin/authconfig", line 738, in ? module.run() File "/usr/sbin/authconfig", line 323, in run self.readAuthInfo() File "/usr/sbin/au...

...outines:ssl3_get_server_certificate:certificate verify failed (self signed > certificate)| > > In my kickstart file I use: > auth? --useshadow --enableldaptls --enablecache? --passalgo=sha512 > --enableldap --enableldapauth --ldapserver="ldaps://my.ldap.server.fr" > --ldapbasedn=dc=my,dc=base,dc=dn > > Then in a post install script I download the server and ca certificates and > stops nslcd that I do not use: > > echo "TLS_REQCERT allow">>/etc/openldap/ldap.conf > cd /etc/openldap/cacerts/ && wget > http://xxx.xxx.xxx.xxx/Soft...

Hi all, On a C6 box, when I want to enable LDAP authentication, I issue: # yum -y install nss-pam-ldapd pam_ldap nscd # authconfig --enableldap --enableldapauth --enablemkhomedir \ --ldapserver=ldap://ldap-blabla/ \ --ldapbasedn="blabla" \ --enablecache --disablefingerprint \ --kickstart --update All is working fine, the directory structure is fine and compliant. What about C7? As far as I read, - there is a switch to "sssd" - I found 1 link: http://www.certdepot.net/ldap-client-configurat...

...p: LDAP RealTime: Query Failed because: Operations error Jan 18 18:47:38 NOTICE[26197]: chan_sip.c:10815 handle_request_register: Registration from 'dirsearch <sip:dirsearch@192.168.3.169>' failed for ' 192.168.1.186' - Username/auth name mismatch actually ldap_search_s(ldap, ldapbasedn, LDAP_SCOPE_ONELEVEL, query2, NULL, 0, &res) function is not execution successfully in the file res_config_ldap.c. I am not able to find the reason. Chandan -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.digium.com/pipermail/asterisk-users/attach...

...i made the following entries. I am using my normal username and password to connect my asterisk server to the LDAP server of my organization. Is some administrator login is requried to connect ? [general] ldapuser=cn=chandan.mishra,dc=synapse,dc=com ldaphost=ldap://192.168.0.16 ldappass=chandan123 ldapbasedn=dc=synapse,dc=com After this the asterisk is not able to connect to the ldap database. And hence asterisk is not able to start. Its giving me following errors: == Parsing '/etc/asterisk/res_ldap.conf': Found Jan 17 23:38:09 WARNING[11207]: res_config_ldap.c:615 parse_config: LDAP RealTi...

...end. I need to configure the DC with user accounts and since: * I can't use winbind on a DC * I can't use SSSD with the sernet packages it looks like the best thing to use is LDAP. I've configured it with: authconfig --enableldap --enableldapauth --ldapserver=ldap://ad.example.com --ldapbasedn=dc=ad,dc=example,dc=com --enablerfc2307bis --enablekrb5 --update (I get "error reading information on service winbind: No such file or directory" but I just ignore it as it looks like it configured LDAP) and added entries to /etc/pam_ldap.conf so it ends up looking like this: base dc...

...r Red Hat 6.x compatible systems License ------- Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License Setup ----- On Red Hat 6.x compatible systems: (1) command: yum install pam_ldap (2) command: authconfig --enableldapauth --ldapserver="ldap://ad.example.com" --ldapbasedn="dc=example,dc=com" --updateall (3) in /etc/pam_ldap.conf, add the following lines towards the end binddn cn=foo,ou=bar,dc=example,dc=com bindpw fubar pam_login_attribute sAMAccountName In the lpep module: (1) edit manifests/lpep.ini to configure ldap settings (2) ensure bin/lpep.py i...

Hello all: Happy New Year to everyone and thank you for all the knowledge this past year. I have a hopefully simple question about kickstart. In the authconfig section I can enable ldap, credential caching, etc.. Using the GUI tool there's an option to create the user home directories on first login. The docs don't show a similar option for authconfig in kickstart. For now I'm

Hi! How to get usermod working with SSSD/389DS ? We have SSSD set up on our server and it uses 389DS. SSSD was enabled with the following command: authconfig --enablesssd --enablesssdauth --ldapbasedn=dc=example,dc=com --enableshadow --enablemkhomedir --enablelocauthorize --update Running for example "usermod -L username" returns: usermod: user 'username' does not exist in /etc/passwd Each time usermod is executed there is a query logged in 389DS, so SSSD does pass the requ...

I'm having trouble setting up ldap based authenication. I have a virtual (KVM) CentOS 5.4 box set up to authenticate to a 389 (fedora) directory server, and that works fine. However, I set up a virtual box running CentOS 6, and I can't get it to authenicate. I've run authconfig with the appropriate flags, ldapsearch properly finds the data, but I can't log in. /var/log/secure

So I have this centos 5.10 box which authenticates network users against ldap(authorizing)+kerberos(authentication). And I now would like to have sudo be able to allow admins (netgroup chinbeards) to sudo about. I am not using sssd though (yet). Here is the output of me trying sudo (debug on): [raub at centos5-x64 ~]$ sudo pwd LDAP Config Summary =================== uri

Samba experts, I am using Samba 3.0.8 on an AIX 5.1 system with ldap authentication. I have ldap working so that users can authenticate in their samba account via ldap. However, I am trying to figure out the best method for allowing users to change their ldap samba account password. What is the best method to allow end users to change their LM/NT passwords for Samba via LDAP? Should

...here the error occurs: The following error occurred attempting to join the domain "office": A device attached to the system is not functioning. But, I've verified the workstation account is resident in the ldap database at this point: # ldapsearch -x -H ldap://${FQDNAME} -b "${LDAPBASEDN}" "(&(uid=7TEST1$)(objectClass=sambaSamAccount))" -D cn=config -w ${LDAPPASSWD} # extended LDIF # # LDAPv3 # base <dc=domain,dc=tld> with scope subtree # filter: (&(uid=7TEST1$)(objectClass=sambaSamAccount)) # requesting: ALL # # 7TEST1$, machines, domain.tld dn: uid...

Hello, i'm using Samba Version : 2:3.5.5~dfsg-1~bpo50+2 from backports Patch applied : http://support.microsoft.com/kb/2171571 Key modified : [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManWorkstation\Parameters] "DNSNameResolutionRequired"=dword:00000000 "DomainCompatibilityMode"=dword:00000001

Is it at all possible to do a graphical netinstall ? I am using centos 5.2, and i have been doing net installs (pxe) for a while in console mode... -- Test <test at remedial-teacher.nl>