[Fedora-directory-users] Support for Windows login?
Ian Bishop
ibishop at netoptions.com.au
Wed Jun 8 23:29:09 UTC 2005
Nathan Kinder wrote:
> Ian Bishop wrote:
>
>>
>> Rich Megginson wrote:
>>
>>> Ian Bishop wrote:
>>>
>>>> Has anyone tested pgina against FDS?
>>>>
>>>> I've tried creating an entry: cn=ibishop,ou=People,dc=localdomain in
>>>> my directory and then test authenticating against the directory from
>>>> a PC running pgina on WinXP.
>>>>
>>>> The pgina ldap config is:
>>>> LDAP method: map mode
>>>> LDAP server: 192.168.2.200
>>>> prepend: cn=
>>>> append: ou=People,dc=localdomain
>>>>
>>>>
>>>> When I try and bind to this with pgina I get the following in the
>>>> slapd log:
>>>>
>>>> fd=75 slot=75 connection from 192.168.2.183 to 192.168.2.200
>>>> [08/Jun/2005:12:30:47 +1000] conn=42 op=0 BIND
>>>> dn="cn=ibishop,ou=people,dc=localdomain" method=128 version=3
>>>> [08/Jun/2005:12:30:47 +1000] conn=42 op=0 RESULT err=32 tag=97
>>>> nentries=0 etime=0
>>>> [08/Jun/2005:12:30:47 +1000] conn=42 op=1 UNBIND
>>>> [08/Jun/2005:12:30:47 +1000] conn=42 op=1 fd=75 closed - U1
>>>>
>>>>
>>>> My directory has all the default bind permissions (which should
>>>> allow this right?)...can anyone see what I'm doing wrong?
>>>
>>>
>>>
>>>
>>> Can you use ldapsearch -D "cn=ibishop,ou=people,dc=localdomain" -w
>>> yourpassword -s base -b "cn=ibishop,ou=people,dc=localdomain"
>>> "objectclass=*"
>>> ? If not, do you get the same error in your access log?
>>>
>>
>> No, that fails with:
>>
>> ldap_simple_bind: No such object
>> ldap_simple_bind: matched: ou=people,dc=localdomain
>>
>> Log shows:
>>
>> [08/Jun/2005:13:18:10 +1000] conn=52 fd=74 slot=74 connection from
>> 127.0.0.1 to 127.0.0.1
>> [08/Jun/2005:13:18:10 +1000] conn=52 op=0 BIND
>> dn="cn=ibishop,ou=people,dc=localdomain" method=128 version=3
>> [08/Jun/2005:13:18:10 +1000] conn=52 op=0 RESULT err=32 tag=97
>> nentries=0 etime=0
>> [08/Jun/2005:13:18:10 +1000] conn=52 op=1 UNBIND
>> [08/Jun/2005:13:18:10 +1000] conn=52 op=1 fd=74 closed - U1
>>
>>
>> If I do a ldapsearch -b "ou=people,dc=localdomain" cn=ibishop, I do
>> get a result..?
>
>
> You should verify the DN for this entry in the Directory Server. The
> "cn" attribute may be equal to "ibishop", but the "dn" may be using the
> "uid" as the RDN.
Ahh, that's it. It works now binding with
uid=ibishop,ou=people,dc=localdomain
Sorry, I'm still getting my head around LDAP. :/
Thanks,
Ian.
More information about the Fedora-directory-users
mailing list