SUMMARY: Initialized my first ldap but can't login

From: Dave Martini <martini_at_mrpeabody.llnl.gov>
Date: Tue Nov 29 2005 - 19:57:19 EST
Looks like it had something to do with my proxy password becasue I 
changed it and re-initialized the client and now it looks better.
# ldaplist -l passwd user10
dn: uid=user10,ou=People,dc=llnl,dc=gov
         cn: user10 test account
         gecos: a test account for ldap
         gidNumber: 10
         objectClass: top
         objectClass: account
         objectClass: posixaccount
         objectClass: shadowaccount
         uid: user10
         uidNumber: 1011
         homeDirectory: /export/home/user10
         loginShell: csh

But I still can't login as user10 with the password I gave it. It keeps 
asking me for the password over and over.

ldapclient# ssh -l  user10 128.115.61.115
Password:
Password:
Password:
Permission denied 
(gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive).

Do you think this has something to do with the pam_unix mechanism? 
Pam_unix is the default. Should I  be using pam_ldap instead?

When I ran idsconfig I  selected credential level proxy.

Thanks.
Dave.




Below is my original question

I  just setup an iPlanet Directory Server 5.1 on my Solaris 9 box. I ran 
through the setup utility and the idsconfig.
I initialized my first client with the ldapclient command and it created 
the files in /var/ldap on the client machine. I'm trying to have the 
client talk to my ldap server to verify it's working.

When I run this from the client I  get an error

client# ldaplist groups
ldaplist: Object not found (Session error no available conn.
)

Does that mean it's not communicating with the server?
What's a good test command to run using ldaplist from the client?

I created a new user and adding the posix account and shadow account. 
The user is called user10 on the ldap server. I'm not able to see this 
user from the client nor log in as this user from the client.

client#  ldaplist passwd user10
ldaplist: Object not found (Session error no available conn.

client# ssh -l user10 server
user10@server's password:
Permission denied, please try again.
user10@server's password:

Nor from the server

server# ssh -l user10 server
user10@server's password:
Permission denied, please try again.
user10@server's password:

In fact ldapsearch from the server doesn't show user10 but I do see 
user10 in the Directory Console GUI.

server# ldapsearch -b "ou=people,dc=server,dc=llnl,dc=gov" -L 
"uid=user10" > user_template.ldif
ldap_search: No such object
server#

I  can do an ldapclient list from the client and it reads the files in 
/var/ldap but can't do ldaplists as shown above or login as user10.

Any tips from the iPlanet/Sun One guru's would be greatly appreciated!


Thank you.
Dave Martini
LLNL
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
Received on Tue Nov 29 21:53:46 2005

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:53 EST