Problem with resolving user names from LDAP

S

StRaNNiK

I have a problem. It was required to setup and configure LDAP. With configuring there were no problem. But after creation of the system user in LDAP and loging in under it by ssh, I see the following:

Code: 
[I have no name! @tim ~] $

Apparently, the name for some reason is not visible. Only a numerical equivalent.
Code: 
[I have no name! @tim ~] $ id
uid=12671 gid=12671 groups=12671

By "ls" it is similar.

There is my configs.

cat /usr/local/etc/openldap/slapd.conf
Code: 
include         /usr/local/etc/openldap/schema/core.schema

include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/inetorgperson.schema
include         /usr/local/etc/openldap/schema/misc.schema
include         /usr/local/etc/openldap/schema/nis.schema
include         /usr/local/etc/openldap/schema/openldap.schema

pidfile         /var/run/openldap/slapd.pid
argsfile        /var/run/openldap/slapd.args

modulepath      /usr/local/libexec/openldap
moduleload      back_bdb

access to attrs=userPassword
        by self write
        by anonymous auth
        by * none

access to *
        by self write
        by anonymous read
        by * none

database        bdb
suffix          "dc=tim,dc=ru"
rootdn          "cn=root,dc=tim,dc=ru"
rootpw          {SSHA}eWaZCH7qTU9SwcqQJhlB57se5Wyg/qZs
directory       /var/db/openldap-data

index   objectClass,uid,uidNumber,gidNumber     eq
index   cn,mail,surname,givenname       eq,subinitial

cat /usr/local/etc/nss_ldap.conf
Code: 
host 127.0.0.1
base dc=tim,dc=ru
ldapi://%2fvar%2frun%2fopenldap%2fldapi/
ldap_version 3
port 389
scope one
timelimit 30
bind_timelimit 30
pam_min_uid 1000
pam_max_uid 65530
pam_password exop
nss_base_passwd         ou=users,dc=tim,dc=ru?one
nss_base_shadow         ou=users,dc=tim,dc=ru?one
nss_base_group          ou=groups,dc=tim,dc=ru?one

cat /etc/nsswitch.conf
Code: 
group: files ldap
group_compat: nis
hosts: files dns
networks: files
passwd: files ldap
passwd_compat: nis
shells: files
services: compat
services_compat: nis
protocols: files
rpc: files

And I'm not understand why after login in under users from LDAP i see this:
Code: 
$ ldapwhoami
anonymous
Result: Success (0)
 
helo! i get this:
Code: 
ldapwhoami
ldap_parse_result: Confidentiality required (13)
	additional info: confidentiality required
Result: Confidentiality required (13)
Additional info: confidentiality required
any idea?
 
alligator424 said:
helo! i get this:
Code: 
ldapwhoami
ldap_parse_result: Confidentiality required (13)
	additional info: confidentiality required
Result: Confidentiality required (13)
Additional info: confidentiality required
any idea?
Click to expand...

Your LDAP server requires SSL/TLS and you are working over a clear text channel. Disable the SSL/TLS on you server(probably the worst idea ever) or enable SSL/TLS encryption on your client(the proper thing to do).

Any further problems with ldap I suggest that just google "ldap error XX" (in this case 13) and you will get a lot of answers.
 
You must log in or register to reply here.
Back
Top