thing so anyone reading this may save
> > wasting the time that I wasted :-)
> >
> > Your LDIF entry that you read into ldap must be as follows for
> > userPassword
> >
> > userPassword: {CRYPT}${ENCRYPTED_PASSWD}
> >
> > ie uppercase CRYPT - I was stuff
F entry that you read into ldap must be as follows for
> userPassword
>
> userPassword: {CRYPT}${ENCRYPTED_PASSWD}
>
> ie uppercase CRYPT - I was stuffing around for ages with trying to
> understand why login_ldap was failing to bind because I had {crypt} in
> lowercase.
Per
On Wed, Mar 28, 2007 at 12:45:04PM -0400, Mike Erdely wrote:
> Joachim Schipper wrote:
> >On Tue, Mar 27, 2007 at 04:49:05PM -0400, Mike Erdely wrote:
> >>I'm trying to get login_ldap to work with cvs pserver (run out of inetd).
> >I think you are misunderstanding so
On Wed, Mar 28, 2007 at 12:45:04PM -0400, Mike Erdely wrote:
> What I've decided to do since I can't make this work ('cause I'm an
> idiot) and pserver is insecure and sucks, I'm going to set local
> passwords for users that require pserver that are different from their
> LDAP password. That wa
Vijay Sankar wrote:
I use login_ldap but don't have any experience with cvs pserver. Just in
case it has any relevance or triggers some other solution . . .
1) Are you using LDAPv2 or LDAPv3? If you are using v3, you may want to
try v2.
I'm using the default in login.conf for
On Wednesday 28 March 2007 11:45, Mike Erdely wrote:
> Joachim Schipper wrote:
> > On Tue, Mar 27, 2007 at 04:49:05PM -0400, Mike Erdely wrote:
> >> I'm trying to get login_ldap to work with cvs pserver (run out of
> >> inetd).
> >
> > I think yo
Joachim Schipper wrote:
On Tue, Mar 27, 2007 at 04:49:05PM -0400, Mike Erdely wrote:
I'm trying to get login_ldap to work with cvs pserver (run out of inetd).
I think you are misunderstanding some things, or doing something that
doesn't work; however, since I've never tried to s
On Wed, Mar 28, 2007 at 01:19:05AM +0200, Joachim Schipper wrote:
> I don't believe GNU CVS does that, and OpenCVS doesn't do authentication
> at all. Your best bet is probably setting up ssh; sshd uses the BSD
> authentication routines by default.
More specifically, OpenCVS doesn't do pserver at
On Tue, Mar 27, 2007 at 04:49:05PM -0400, Mike Erdely wrote:
> I'm trying to get login_ldap to work with cvs pserver (run out of inetd).
>
> Regular SSH logins work fine.
> I know to make ftpd work with login_ldap, you have to make the following
> change in login.conf:
> -
I'm trying to get login_ldap to work with cvs pserver (run out of inetd).
Regular SSH logins work fine.
I know to make ftpd work with login_ldap, you have to make the following
change in login.conf:
- auth-ftp-defaults:auth-ftp=password:
+ auth-ftp-defaults:auth-ftp=-ldap:
For trying to
In message <[EMAIL PROTECTED]>
so spake "Rogier Krieger" (rkrieger):
> Is there a way to open up login.conf without divulging the bindpw?
> Reading the login_ldap and login.conf man pages, I did not find any.
>
> So far, I see two possible remedies: [1] p
Dear list,
As a side effect of using login_ldap from ports, I encounter trouble
using skeyinit and lock for regular users. This appears to be caused
by the permission I put in place on /etc/login.conf (0600) to shield
off login_ldap's bindpw attribute.
Unsurprisingly, lifting these restric
Hi all,
Anybody out there is working with this scenery? (cron activated, no need for
real time). I don't want to use YP just for this and I see a lot a people in
linux world using scripts for remote ldap sync. But I have not found any obsd
specific experience.
Regads.
Alexander Farber wrote:
One more problem I have with login_ldap is that after I lock KDE with the blue
lock-applet (kdesktop_lock), then I can't login anymore. The /var/log/authlog:
Aug 8 13:52:43 blowfish kcheckpass[7059]: Authentication failure for
afarber (invoked by uid
One more problem I have with login_ldap is that after I lock KDE with the blue
lock-applet (kdesktop_lock), then I can't login anymore. The /var/log/authlog:
Aug 8 13:52:43 blowfish kcheckpass[7059]: Authentication failure for
afarber (invoked by uid 25323)
I've searc
2005/8/4, John Wright <[EMAIL PROTECTED]>:
> On Thu, Aug 04, 2005 at 10:47:00AM +0200, Alexander Farber wrote:
> > # base with scope sub
>
> Maybe the scope? If I'm reading the code correctly the default is onelevel
> (or "-s one" on the ldapsearch command line) but the default for ldapsearch
>
On Thu, Aug 04, 2005 at 10:47:00AM +0200, Alexander Farber wrote:
> # base with scope sub
Maybe the scope? If I'm reading the code correctly the default is onelevel
(or "-s one" on the ldapsearch command line) but the default for ldapsearch
is subtree.
Here is what I get on the command line
(a "result: 0 Success", so I wonder why does login_-ldap fail?)
blowfish# ldapsearch -x -h 172.25.93.242 \
-b o=bonmp.XXX.com "(uid=afarber)"
# extended LDIF
#
# LDAPv3
# base with scope sub
# filter: (uid=afarber)
# requesting: ALL
#
2005/8/4, John Wright <[EMAIL PROTECTED]>:
> /usr/libexec/auth/login_-ldap -d afarber should be more verbose.
>
Thank you, now I get:
blowfish# /usr/local/libexec/auth/login_-ldap -d afarber
Password:
couldn't get x-ldap-server
reject
Aug 4 10:11:43 blow
On Thu, Aug 04, 2005 at 09:43:28AM +0200, Alexander Farber wrote:
> Also, does anybody know, how to run /usr/local/libexec/auth/login_-ldap
> on a command line, to see if it works at all? I try following:
>
> blowfish# /usr/local/libexec/auth/login_-ldap afarber
> blowfish# echo $?
>
I'm trying to setup this OpenBSD PC:
blowfish# uname -a
OpenBSD blowfish.europe.XXX.com 3.7 GENERIC#50 i386
blowfish# pkg_info | grep -i ldap
login_ldap-3.3 provide ldap authentication type
openldap-client-2.2.23 Open source LDAP software (client
21 matches
Mail list logo
