On Wed, Nov 20, 2002 at 18:16:34 -0500, Derrick 'dman' Hudson wrote:
> On Tue, Nov 19, 2002 at 01:24:18PM +1000, mdevin wrote:
>
> | One thing interesting though is that if I enter my proper system
> | password then ldap refuses me once and gives another Password: prompt.
> | If I then enter the p
On Mon, Nov 18, 2002 at 07:40:30PM -0800, nate wrote:
| mdevin said:
| > Another thing: I just noticed that everytime I send and email now, the
| > log screen for slapd spews heaps of stuff. I guess postfix is already
| > communicating with it for some reason, although I am not sure what. There
|
On Tue, Nov 19, 2002 at 01:24:18PM +1000, mdevin wrote:
| One thing interesting though is that if I enter my proper system
| password then ldap refuses me once and gives another Password: prompt.
| If I then enter the proper system password again, I am allowed to login.
| So ssh must check /etc/pa
mdevin said:
> So I did the following:
> Created a short ldif file to add user mark to the ldap directory
> Used ldapadd to add the user and group. And it worked!
cool! that was easy, huh:)
> So you would expect ssh to fall back to pam_unix.so etc.
yep, which is useful for doing host-based ACL
On Mon, Nov 18, 2002 at 17:54:43 -0800, nate wrote:
> did you restart SSH after making the change?
Yes.
> I have priviledge speration set to no, just because I haven't had a
> chance to test it with yes yet, I don't think it would work with the
> strict permissions on the pam_ldap.conf. maybe yo
mdevin said:
> Another thing: I just noticed that everytime I send and email now, the
> log screen for slapd spews heaps of stuff. I guess postfix is already
> communicating with it for some reason, although I am not sure what. There
> are is far too much info flying off the screen for me to figu
Another thing: I just noticed that everytime I send and email now, the
log screen for slapd spews heaps of stuff. I guess postfix is already
communicating with it for some reason, although I am not sure what.
There are is far too much info flying off the screen for me to figure
out what is happen
mdevin said:
> You are a legend. I don't know how you figured out all that stuff but
> after copying and pasting from your howto I can finger user aphro (which
> doesn't exist otherwise on my system).
ok thats a good start :)
>
> I still can't get the pam_ldap working with ssh, despite copying
mdevin said:
> Agh, I am going crazy here. Going very basic now and still can't seem
> to be able to use ldapadd like the documentation suggests. Here is what I
> have just tried.
>
> 1. Stopped slapd:
>/etc/init.d/slapd stop
> 2. Removed all files in /var/lib/ldap/
>rm /var/lib/ldap/
Derrick dman Hudson said:
> SSHA is Salted SHA. The difference between SSHA and SHA is the salt used
> in the beginning (which is also why you can get different values out for
> the same input, which makes it harder to crack). I think
> SSHA is what openldap tends to use when you set a password
On Mon, Nov 18, 2002 at 10:26:22 -0500, Derrick 'dman' Hudson wrote:
> On Sun, Nov 17, 2002 at 11:11:56PM -0800, nate wrote:
> | mdevin said:
> |
> | > Can you spell that out even more for this ldap newbie?
> | > In my slapd.conf I do have the following:
> | > rootdn "cn=admin,dc=mycompan
On Sun, Nov 17, 2002 at 11:11:56PM -0800, nate wrote:
| mdevin said:
|
| > Can you spell that out even more for this ldap newbie?
| > In my slapd.conf I do have the following:
| > rootdn "cn=admin,dc=mycompany,dc=com"
| > rootpw {SSHA}JuaWFhw+AXDgppTgOJPtpZARL1PpWRoj
|
|
| you
Agh, I am going crazy here. Going very basic now and still can't
seem to be able to use ldapadd like the documentation suggests. Here is
what I have just tried.
1. Stopped slapd:
/etc/init.d/slapd stop
2. Removed all files in /var/lib/ldap/
rm /var/lib/ldap/*
3. Created a /etc/ldap/sla
On Sun, Nov 17, 2002 at 23:11:56 -0800, nate wrote:
> mdevin said:
>
> > Can you spell that out even more for this ldap newbie?
> > In my slapd.conf I do have the following:
> > rootdn "cn=admin,dc=mycompany,dc=com"
> > rootpw {SSHA}JuaWFhw+AXDgppTgOJPtpZARL1PpWRoj
>
>
> you su
mdevin said:
> Can you spell that out even more for this ldap newbie?
> In my slapd.conf I do have the following:
> rootdn "cn=admin,dc=mycompany,dc=com"
> rootpw {SSHA}JuaWFhw+AXDgppTgOJPtpZARL1PpWRoj
you sure thats right? I think it should be SHA, though I prefer
MD5.
nate
On Mon, Nov 18, 2002 at 00:13:28 -0500, Derrick 'dman' Hudson wrote:
> On Sun, Nov 17, 2002 at 07:45:37PM -0800, nate wrote:
> | mdevin said:
> | > On Sun, Nov 17, 2002 at 18:49:40 -0800, nate wrote:
> |
> | > Thanks, it worked straight away. But you have scared me now. I want to
> | > migrate o
On Sun, Nov 17, 2002 at 07:45:37PM -0800, nate wrote:
| mdevin said:
| > On Sun, Nov 17, 2002 at 18:49:40 -0800, nate wrote:
|
| > Thanks, it worked straight away. But you have scared me now. I want to
| > migrate over other stuff too for host information, users passwords etc.
| > Should I keep
mdevin said:
> On Sun, Nov 17, 2002 at 18:49:40 -0800, nate wrote:
> Thanks, it worked straight away. But you have scared me now. I want to
> migrate over other stuff too for host information, users passwords etc.
> Should I keep using the perl scripts in migrationtools and then slapadd
> to add
On Sun, Nov 17, 2002 at 18:49:40 -0800, nate wrote:
> mdevin said:
>
> > In my most recent attempt I deleted the /var/lib/ldap/* files, put my
> > slapd.conf file in place and started slapd. However, when I try to
> > migrate the base system I get "Invalid credentials" errors.
>
> don't use ldapa
mdevin said:
> In my most recent attempt I deleted the /var/lib/ldap/* files, put my
> slapd.conf file in place and started slapd. However, when I try to
> migrate the base system I get "Invalid credentials" errors.
don't use ldapadd, use slapadd that will fix your problems, just be
sure your ent
20 matches
Mail list logo
