Zentyal Forum, Linux Small Business Server
Zentyal Server => Installation and Upgrades => Topic started by: MOSEK on November 13, 2014, 12:27:39 pm
-
Hello all
How do I get a CentOS 7 client to authenticate against my zentyal DC via ldap?
Anyone can give me the configs needed and a how-to guide? I tried with samba-winbind already but that solution got me wrong id's for the users and group.
I got an ubuntu client authenticating with ldap, and that works just fine, but I can't do the same configurations on the centos as I did on ubuntu, so now I need help
cheers
-
I will just post the configurations, that i'm working on so far. I still haven't got it working, but I think i'm close.
/etc/openldap/ldap.conf and /etc/ldap.conf:
TLS_CACERTDIR /etc/openldap/cacerts
# Turning this off breaks GSSAPI used with krb5 when rdns = false
SASL_NOCANON on
URI ldap://172.16.0.5:390
BASE dc=mosek,dc=zentyal
/etc/nsswitch.conf:
passwd: files sss ldap
shadow: files sss ldap
group: files sss ldap
#initgroups: files
#hosts: db files nisplus nis dns
hosts: files dns
# Example - obey only what nisplus tells us...
#services: nisplus [NOTFOUND=return] files
#networks: nisplus [NOTFOUND=return] files
#protocols: nisplus [NOTFOUND=return] files
#rpc: nisplus [NOTFOUND=return] files
#ethers: nisplus [NOTFOUND=return] files
#netmasks: nisplus [NOTFOUND=return] files
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files
netgroup: files ldap
publickey: nisplus
automount: files ldap
aliases: files nisplus
/etc/nslcd.conf:
uid nslcd
gid ldap
uri ldap://172.16.0.5:390
ldap_version 3
base dc=mosek,dc=zentyal
binddn cn=zentyalro,dc=mosek,dc=zentyal
bindpw ig7k77MY@lVxsXWBGcI8
scope sub
base group ou=Groups,dc=mosek,dc=zentyal
base passwd ou=Users,dc=mosek,dc=zentyal
base shadow ou=Computers,dc=mosek,dc=zentyal
i tried running nslcd in dbug mode:
[root@centosy ~]# nslcd -d
nslcd: DEBUG: add_uri(ldap://172.16.0.5:390)
nslcd: version 0.8.13 starting
nslcd: DEBUG: unlink() of /var/run/nslcd/socket failed (ignored): No such file or directory
nslcd: DEBUG: initgroups("nslcd",55) done
nslcd: DEBUG: setgid(55) done
nslcd: DEBUG: setuid(65) done
nslcd: accepting connections
nslcd: [8b4567] DEBUG: connection from pid=2640 uid=0 gid=0
nslcd: [8b4567] <sess_o="root"> DEBUG: nslcd_pam_sess_o("root","crond","cron","","")
nslcd: [7b23c6] DEBUG: connection from pid=2640 uid=0 gid=0
nslcd: [7b23c6] <sess_c="root"> DEBUG: nslcd_pam_sess_c("root","crond",12345)
If any of you guys can see something wrong with the config, please say so. I really need to get it working
-
Hi how do you manage to use Ubuntu with LDAP authentication ?
i'm using Ubuntu client 14.04 and Zentyal Server 4.1, and the process is hard,
because the binddn and bindpw keep on rejected.
I've tried zentyal, zentyalro, administrator but still got LDAP login failure
could you guide me on this ?
-
zentyal and zentyalro are users which only exist on versions lower than 3.4
For newer versions you need to use any user you may have created on samba module. You may use ldbsearch -H /var/lib/samba/private/samb.ldb dn -b "CN=Users, dc=your,dc=domain,dc=tld" in order to grab the DN's for those who currently exist