Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Binding Gentoo openLDAP server w/ OSX (10.7) client
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
bertaboy
Guru
Guru


Joined: 05 Nov 2004
Posts: 599

PostPosted: Mon Feb 18, 2013 3:13 pm    Post subject: Binding Gentoo openLDAP server w/ OSX (10.7) client Reply with quote

Hi all,

I'm trying to set up a local server at home to consolidate a bunch of the information that we're gathering on our various computers by building a network using openLDAP+kerberos, where the server (hostname:microserver) is running Gentoo and the client I'm starting with is OS X 10.7.5. I've been able to acquire (MIT) kerberos tickets on the OSX client (hostname:mini), however now I'm stuck at binding the OSX client to the openLDAP server. openLDAP queries report back with no errors when pinged from the server, so I'm inclined to think that the issues are stemming from Apple.

Attempt to query openLDAP from client:
Code:
mini: $ ldapsearch -x -D "cn=Manager,dc=hulljensen,dc=net" -W
Enter LDAP Password:
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)


Proper query from server:
Code:
microserver :$ ldapsearch -x -D "cn=Manager,dc=hulljensen,dc=net" -W
...
# search result
search: 2
result: 0 Success

# numResponses: 15
# numEntries: 14


Confirming that server's LDAP port is accessible from the client
Code:
mini: $ nmap microserver.hulljensen.net

Starting Nmap 6.25 ( http://nmap.org ) at 2013-02-18 09:33 EST
Nmap scan report for microserver.hulljensen.net (192.168.1.90)
Host is up (0.00036s latency).
Not shown: 993 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
389/tcp  open  ldap
464/tcp  open  kpasswd5
636/tcp  open  ldapssl
749/tcp  open  kerberos-adm
3306/tcp open  mysql
6543/tcp open  mythtv

Nmap done: 1 IP address (1 host up) scanned in 1.31 seconds


slapd.conf
Code:
microserver: # cat /etc/openldap/slapd.conf
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include      /etc/openldap/schema/core.schema
include      /etc/openldap/schema/cosine.schema
include       /etc/openldap/schema/inetorgperson.schema
include       /etc/openldap/schema/nis.schema
include      /etc/openldap/schema/misc.schema

pidfile      /var/run/openldap/slapd.pid
argsfile   /var/run/openldap/slapd.args

serverID 0
loglevel 0

 access to dn.base="" by * read
 access to dn.base="cn=Subschema" by * read
 access to *
   by dn="uid=root,ou=People,dc=hulljensen,dc=net" write
   by users read
   by anonymous auth

access to attrs=userPassword,gecos,description,loginShell
   by self write

#######################################################################
# BDB database definitions
#######################################################################

database   hdb
suffix      "dc=hulljensen,dc=net"
checkpoint   32   30
rootdn      "cn=Manager,dc=hulljensen,dc=net"
rootpw   <redacted>
directory   /var/lib/openldap-ldbm
index   objectClass   eq


ldap.conf (identical on both machines)
Code:
$ cat /etc/openldap/ldap.conf

BASE   dc=hulljensen,dc=net
URI   ldap://ldap.hulljensen.net:389/ ldap://ldap1.hulljensen.net:389/
TLS_REQCERT   allow
TIMELIMIT   2


Server FQDN:
Code:
microserver: $ hostname -f
microserver.hulljensen.net


Client FQDN:
Code:
mini: $ hostname -f
mini.hulljensen.net
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum