Configuring OpenLDAP Client (slapd.conf missing)

Issues related to applications and software problems

Configuring OpenLDAP Client (slapd.conf missing)

Postby bratan » 2012/11/26 16:41:09

Hi. I'm new to both CentOS and OpenLDAP.
I just need to configure very basic authentication with existing AD (Windows) for FTP users.
I've installed OpenLDAP client but cannot get it working.
All tutorials and even official CentOS docs talk about editing slapd.conf file. But I don't have this file :(
I think it was depreciated. So where would I add "rootdn" user? /etc/openldap/ldap.conf ?
bratan
 
Posts: 3
Joined: 2012/11/26 16:35:54

Configuring OpenLDAP Client (slapd.conf missing)

Postby TrevorH » 2012/11/26 21:07:49

The slapd.conf file belongs to an openldap server not a client. You need to look at /etc/openldap/ldap.conf and /etc/pam_ldap.conf and /etc/nslcd.conf (assuming you are running CentOS 6). If you're using SSL or STARTTLS then you will also need a copy of the CA certificate (if the server cert is not signed by a recognised CA) in /etc/openldap/certs. Configure those files first and test it with the ldapsearch command to see if it works.
User avatar
TrevorH
Forum Moderator
 
Posts: 9147
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Configuring OpenLDAP Client (slapd.conf missing)

Postby bratan » 2012/11/27 15:16:21

Thank you! Now it starts making more sense to me ! I'm not use SSL.
I'm still getting an error when performing ldpasearch:
ldapsearch -D "cn=someuser,dc=rr,dc=local" -W
Enter LDAP Password:
ldap_bind: Invalid credentials (49)


My Windows AD server is prod.rr.local, I added it to hosts file so it can be resolved. AD administrative user is for example "someuser".
This is what I have in /etc/openldap/ldap.conf:
URI ldap://prod.rr.local/
BASE dc=rr,dc=local

in /etc/pam_ldap.conf I have:
base dc=rr,dc=local
rootbinddn cn=someuser,dc=rr,dc=local (Not sure if I needed this line?)

in /etc/nslcd.conf:

uri ldap://prod.rr.local
base dc=rr,dc=local
ssl no
tls_cacertdir /etc/openldap/cacerts

Is this is all I need to be able to peform ldapsearch command?
bratan
 
Posts: 3
Joined: 2012/11/26 16:35:54

Re: Configuring OpenLDAP Client (slapd.conf missing)

Postby TrevorH » 2012/11/27 18:21:22

Try adding the -x switch to your ldapsearch command.
User avatar
TrevorH
Forum Moderator
 
Posts: 9147
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Configuring OpenLDAP Client (slapd.conf missing)

Postby bratan » 2012/11/27 20:14:04

Same error :(
I'm missing something...
bratan
 
Posts: 3
Joined: 2012/11/26 16:35:54

Re: Configuring OpenLDAP Client (slapd.conf missing)

Postby TrevorH » 2012/11/27 23:23:51

So this works for me:

Edit /etc/openldap/ldap.conf and add URI ldap://your.domain.controller

Run `ldapsearch -x -W -D "myemailaddress@mydomain.com" -LLL
User avatar
TrevorH
Forum Moderator
 
Posts: 9147
Joined: 2009/09/24 10:40:56
Location: Brighton, UK


Return to CentOS 6 - Software Support

Who is online

Users browsing this forum: No registered users and 6 guests