1 |
bijayant kumar schrieb: |
2 |
> Hi Marc, |
3 |
> First of all i want to thank you for your response. I tried everything which you have suggested to me, but unfortunately it didnot worked for me. It still taking 15 to 20 seconds to authenticate. Does it takes too much time or i am doing something wrong. Please help me. I am doing this from last 8 days. And one more thing i want to know, how would i know that user is authenticated via the ldap not the system. |
4 |
|
5 |
|
6 |
15-20 seconds is to long. I only authentificate ldap-users via |
7 |
Samba-login with windows machines, and this works fast without any delay. |
8 |
|
9 |
For the authentification issue: if your user is in the local user data |
10 |
base, it is authentificated against it (depending on your nsswitch and |
11 |
pam settings), if he is in ldap, he is authentificated against ldap. You |
12 |
should't have users in both, local and ldap. |
13 |
|
14 |
I looked again at your access rules in slapd.conf: try out these rules: |
15 |
|
16 |
|
17 |
----- |
18 |
|
19 |
access to attrs=userPassword,gecos,description,loginShell |
20 |
by dn="uid=root,ou=people,dc=kavach,dc=blr" write |
21 |
by anonymous auth |
22 |
by self write |
23 |
by * none |
24 |
|
25 |
access to * |
26 |
by dn="uid=root,ou=people,dc=kavach,dc=blr" write |
27 |
by users read |
28 |
|
29 |
----- |
30 |
|
31 |
The first rule allows root to and self to change the attributes |
32 |
"userPassword,gecos,description,loginShell", anonymous to authentificate |
33 |
(=login!) and * nothing. |
34 |
|
35 |
The second rule allows root to change all other attributes and |
36 |
authentificated users to read all other attributes. |
37 |
|
38 |
Regards, |
39 |
Marc |
40 |
-- |
41 |
gentoo-user@g.o mailing list |