http://www.jukie.net/~bart/tags/ldap/ Recent content in Ldap on bartman's blog Hugo en Sat, 28 Jun 2008 16:07:32 -0400 http://www.jukie.net/~bart/blog/osx-ldap-authentication/ Sat, 28 Jun 2008 16:07:32 -0400 http://www.jukie.net/~bart/blog/osx-ldap-authentication/ <p>I was recently asked by a colleague, and now also a <a href="http://infonium.ca/">client</a>, to look over the [LDAP]{tag/ldap} configuration on his Ubuntu boxen. He was having issues with the root account. The problem turned out being that the Ubuntu box was trying to get the root authentication from LDAP. It successfully found an LDAP account on the OSX LDAP server, but was unable to login since that account is disabled. The solution was to filter out the root account from the LDAP reply using the <code>pam_filter</code> directive in <code>/etc/ldap.conf</code>. Jay was also kind enough to document his <a href="https://help.ubuntu.com/community/OSXLDAPClientAuthentication">setup for others</a> that are trying to accomplish a similar task.</p> http://www.jukie.net/~bart/blog/filter-ldap-accounts-by-host/ Mon, 12 Jun 2006 22:22:04 -0400 http://www.jukie.net/~bart/blog/filter-ldap-accounts-by-host/ <p>Ok, so in [last eppisode]{ldap-upgrade-to-2.3.23-brakage} we looked at how my Debian/testing upgrade of <code>slapd</code> killed my slapd install because I was using two incompatible schemas.</p> <p>Now, I will show you how to limit what accounts are accessible to pam_ldap module on each host.</p> http://www.jukie.net/~bart/blog/ldap-upgrade-to-2.3.23-brakage/ Mon, 12 Jun 2006 19:45:23 -0400 http://www.jukie.net/~bart/blog/ldap-upgrade-to-2.3.23-brakage/ <p>For some very stupid reason I decided to upgrade my fileserver, which happens to run my ldap database as well.</p> <pre><code>Setting up slapd (2.3.23-1) ... Backing up /etc/ldap/slapd.conf in /var/backups/slapd-2.2.26-5... done. Moving old database directories to /var/backups: Backup path /var/backups/dc=jukie-2.2.26-5.ldapdb exists. Giving up... dpkg: error processing slapd (--configure): subprocess post-installation script returned error exit status 1 Errors were encountered while processing: slapd E: Sub-process /usr/bin/dpkg returned an error code (1) </code></pre> <p><em>Frig!</em></p> http://www.jukie.net/~bart/blog/ldap-on-debian/ Sun, 25 Sep 2005 13:00:02 -0400 http://www.jukie.net/~bart/blog/ldap-on-debian/ <p> I've started writing a debian authentication from ldap tutorial. Here is the unfinished text: </p> <li><a href=http://www.jukie.net/~bart/ldap/ldap-authentication-on-debian/index.html>Ldap Authentication on Debian</a> <p> I've seen a much more ass kicking one on Planet Debian recently from Edd Dumbill. Here is a link: </p> <li><a href=http://usefulinc.com/edd/blog/contents/2005/09/25-ldap/read>Turn your world LDAP-tastic</a>, and <li><a href=http://usefulinc.com/edd/blog/contents/2005/09/28-ldap/read>Visual LDAP administration tools</a> - <i>a recent fallowup</i> http://www.jukie.net/~bart/blog/ldap-authentication-part-1/ Sat, 08 Jan 2005 09:50:26 -0500 http://www.jukie.net/~bart/blog/ldap-authentication-part-1/ <p>.</p> <p>Wasted some time this week converting my server to LDAP directories and renumbering UIDs/GIDs to the &ldquo;Debian numbering ranges&rdquo; from the RedHat ranges that I have lived with for 7 years &ndash; I have a lot of data to migrate over to the new IDs&hellip; data is intact.</p> <p>LDAP is so ugly after you used SQL, and is a bitch to setup, but after a few hours I managed to get it working with PAM and NSS. I will have to document my steps because I had to read ~10 documents on the web to finally get things working &ndash; the Debian packages do not do all the work for you in this case.</p>