1 |
Marc, |
2 |
I tried it also, but no luck this time also. Also i want to show you my /var/log/syslog also, which may be useful to rectify my problem :- |
3 |
|
4 |
|
5 |
Aug 28 16:18:01 bijayant slapd[8302]: conn=145 fd=16 ACCEPT from IP=127.0.0.1:49850 (IP=0.0.0.0:389) |
6 |
Aug 28 16:18:01 bijayant slapd[8302]: conn=145 op=0 BIND dn="cn=Manager,dc=kavach,dc=blr" method=128 |
7 |
Aug 28 16:18:01 bijayant slapd[8302]: conn=145 op=0 RESULT tag=97 err=49 text= |
8 |
Aug 28 16:18:01 bijayant slapd[8302]: conn=146 fd=17 ACCEPT from IP=127.0.0.1:49851 (IP=0.0.0.0:389) |
9 |
Aug 28 16:18:01 bijayant slapd[8302]: conn=145 op=1 UNBIND |
10 |
Aug 28 16:18:01 bijayant slapd[8302]: conn=145 fd=16 closed |
11 |
Aug 28 16:18:01 bijayant slapd[8302]: conn=146 op=0 BIND dn="cn=Manager,dc=kavach,dc=blr" method=128 |
12 |
Aug 28 16:18:01 bijayant slapd[8302]: conn=146 op=0 RESULT tag=97 err=49 text= |
13 |
Aug 28 16:18:01 bijayant slapd[8302]: conn=147 fd=16 ACCEPT from IP=127.0.0.1:49852 (IP=0.0.0.0:389) |
14 |
Aug 28 16:18:01 bijayant slapd[8302]: conn=146 op=1 UNBIND |
15 |
Aug 28 16:18:01 bijayant slapd[8302]: conn=146 fd=17 closed |
16 |
Aug 28 16:18:01 bijayant slapd[8302]: conn=147 op=0 BIND dn="cn=Manager,dc=kavach,dc=blr" method=128 |
17 |
Aug 28 16:18:01 bijayant slapd[8302]: conn=147 op=0 RESULT tag=97 err=49 text= |
18 |
Aug 28 16:18:01 bijayant slapd[8302]: conn=147 op=1 UNBIND |
19 |
Aug 28 16:18:01 bijayant slapd[8302]: conn=147 fd=16 closed |
20 |
Aug 28 16:18:05 bijayant slapd[8302]: conn=148 fd=16 ACCEPT from IP=127.0.0.1:49853 (IP=0.0.0.0:389) |
21 |
Aug 28 16:18:05 bijayant slapd[8302]: conn=148 op=0 BIND dn="cn=Manager,dc=kavach,dc=blr" method=128 |
22 |
Aug 28 16:18:05 bijayant slapd[8302]: conn=148 op=0 RESULT tag=97 err=49 text= |
23 |
Aug 28 16:18:05 bijayant slapd[8302]: conn=149 fd=17 ACCEPT from IP=127.0.0.1:49854 (IP=0.0.0.0:389) |
24 |
Aug 28 16:18:05 bijayant slapd[8302]: conn=148 op=1 UNBIND |
25 |
Aug 28 16:18:05 bijayant slapd[8302]: conn=148 fd=16 closed |
26 |
|
27 |
|
28 |
Marc Blumentritt <M.Blumentritt@×××××××××××××××.de> wrote:15-20 seconds is to long. I only authentificate ldap-users via |
29 |
Samba-login with windows machines, and this works fast without any delay. |
30 |
|
31 |
For the authentification issue: if your user is in the local user data |
32 |
base, it is authentificated against it (depending on your nsswitch and |
33 |
pam settings), if he is in ldap, he is authentificated against ldap. You |
34 |
should't have users in both, local and ldap. |
35 |
|
36 |
I looked again at your access rules in slapd.conf: try out these rules: |
37 |
|
38 |
|
39 |
----- |
40 |
|
41 |
access to attrs=userPassword,gecos,description,loginShell |
42 |
by dn="uid=root,ou=people,dc=kavach,dc=blr" write |
43 |
by anonymous auth |
44 |
by self write |
45 |
by * none |
46 |
|
47 |
access to * |
48 |
by dn="uid=root,ou=people,dc=kavach,dc=blr" write |
49 |
by users read |
50 |
|
51 |
----- |
52 |
|
53 |
The first rule allows root to and self to change the attributes |
54 |
"userPassword,gecos,description,loginShell", anonymous to authentificate |
55 |
(=login!) and * nothing. |
56 |
|
57 |
The second rule allows root to change all other attributes and |
58 |
authentificated users to read all other attributes. |
59 |
|
60 |
Regards, |
61 |
Marc |
62 |
-- |
63 |
gentoo-user@g.o mailing list |
64 |
|
65 |
|
66 |
|
67 |
Send instant messages to your online friends http://uk.messenger.yahoo.com |
68 |
Send instant messages to your online friends http://uk.messenger.yahoo.com |