1 |
bijayant kumar schrieb: |
2 |
> Marc, |
3 |
> I tried it also, but no luck this time also. Also i want to show you my /var/log/syslog also, which may be useful to rectify my problem :- |
4 |
> |
5 |
> |
6 |
> Aug 28 16:18:01 bijayant slapd[8302]: conn=145 fd=16 ACCEPT from IP=127.0.0.1:49850 (IP=0.0.0.0:389) |
7 |
> Aug 28 16:18:01 bijayant slapd[8302]: conn=145 op=0 BIND dn="cn=Manager,dc=kavach,dc=blr" method=128 |
8 |
|
9 |
What is it exactly, you are trying to do with |
10 |
dn="cn=Manager,dc=kavach,dc=blr" ? This is your ldap rootdn. It is not a |
11 |
unix-user. |
12 |
|
13 |
> Marc Blumentritt <M.Blumentritt@×××××××××××××××.de> wrote: |
14 |
> I looked again at your access rules in slapd.conf: try out these rules: |
15 |
> |
16 |
> |
17 |
> ----- |
18 |
> |
19 |
> access to attrs=userPassword,gecos,description,loginShell |
20 |
> by dn="uid=root,ou=people,dc=kavach,dc=blr" write |
21 |
> by anonymous auth |
22 |
> by self write |
23 |
> by * none |
24 |
> |
25 |
> access to * |
26 |
> by dn="uid=root,ou=people,dc=kavach,dc=blr" write |
27 |
> by users read |
28 |
> |
29 |
> ----- |
30 |
|
31 |
Next thing I just realized: in your /etc/ldap.conf you set |
32 |
nss_base_passwd to "ou=People,dc=kavach,dc=blr?one", while above |
33 |
"people" is not starting with a capital letter! Correct this and while |
34 |
you are at it, change the access rules to this: |
35 |
|
36 |
--- |
37 |
access to attrs=userPassword,gecos,description,loginShell |
38 |
by dn="uid=root,ou=people,dc=kavach,dc=blr" write |
39 |
by dn="cn=Manager,dc=kavach,dc=blr" write |
40 |
by anonymous auth |
41 |
by self write |
42 |
by * none |
43 |
|
44 |
access to * |
45 |
by dn="uid=root,ou=people,dc=kavach,dc=blr" write |
46 |
by dn="cn=Manager,dc=kavach,dc=blr" write |
47 |
by users read |
48 |
--- |
49 |
|
50 |
Since manager is your rootdn, he should have access to everything. In |
51 |
fact, do you really want a root account in your ldap? I think you do not |
52 |
need, so if you aggree, delete the root lines in your access rules. |
53 |
|
54 |
How to you plan to add users to ldap? I mean, which tools you use? |
55 |
|
56 |
Regards, |
57 |
Marc |
58 |
|
59 |
-- |
60 |
gentoo-user@g.o mailing list |