abclinuxu.cz AbcLinuxu.cz itbiz.cz ITBiz.cz HDmag.cz HDmag.cz abcprace.cz AbcPráce.cz
AbcLinuxu hledá autory!
Inzerujte na AbcPráce.cz od 950 Kč
Rozšířené hledání
×
včera 16:00 | Nová verze

Byl vydán Mozilla Firefox 51.0. Z novinek lze upozornit například na upozorňování na přihlašování přes nešifrované spojení (HTTP), podporu pro přehrávání bezeztrátového formátu FLAC nebo podporu WebGL 2. Podrobné informace v poznámkách k vydání a na stránce věnované vývojářům. Řešeny jsou také bezpečnostní chyby.

Ladislav Hagara | Komentářů: 2
23.1. 17:25 | IT novinky

Do prodeje (Farnell) se dostal jednodeskový počítač Tinker Board (unboxing). Jedná se o konkurenci Raspberry Pi 3 od společnosti Asus. Porovnání (jpg) těchto počítačů například na CNXSoft. Cena Tinker Boardu je 55 £.

Ladislav Hagara | Komentářů: 15
23.1. 14:44 | Zajímavý projekt

Byla zveřejněna pravidla hackerské soutěže Pwn2Own 2017, jež proběhne od 15. do 17. března v rámci bezpečnostní konference CanSecWes ve Vancouveru. Soutěžit se bude o více než milion dolarů v pěti kategoriích. Letos se bude útočit i na Ubuntu. Jedná se již o 10. ročník této soutěže.

Ladislav Hagara | Komentářů: 2
23.1. 13:33 | Nová verze

Po sedmi měsících vývoje od vydání verze 5.7 byla vydána verze 5.8 (YouTube) toolkitu Qt. Z novinek lze zmínit například Qt Lite pro vestavěná zařízení. Nově jsou plně podporovány moduly Qt Wayland Compositor (YouTube) a Qt SCXML (YouTube). Současně byla vydána verze 4.2.1 integrovaného vývojového prostředí (IDE) Qt Creator.

Ladislav Hagara | Komentářů: 1
23.1. 11:52 | Pozvánky

Lednový Prague Containers Meetup se koná ve čtvrtek 26. ledna 2017 od 18:00 v Apiary, Pernerova 49, Praha 8. Přijďte se podívat na přednášky o Enterprise Kubernetes a Jenkins as a code.

little-drunk-jesus | Komentářů: 0
23.1. 11:40 | Pozvánky

Program letošního ročníku konference Prague PostgreSQL Developer Days, která se koná již 15. a 16. února 2017 na ČVUT FIT, Thákurova 9, Praha 6, byl dnes zveřejněn. Najdete ho na stránkách konference včetně anotací přednášek a školení. Registrace na konferenci bude otevřena zítra (24. ledna) v brzkých odpoledních hodinách.

TomasVondra | Komentářů: 0
22.1. 02:20 | Zajímavý článek

David Revoy, autor open source webového komiksu Pepper&Carrot nebo portrétu GNU/Linuxu, upozorňuje na svém blogu, že nový Inkscape 0.92 rozbíjí dokumenty vytvořené v předchozích verzích Inkscape. Problém by měl být vyřešen v Inkscape 0.92.2 [reddit].

Ladislav Hagara | Komentářů: 0
22.1. 02:02 | Komunita

Øyvind Kolås, hlavní vývojář grafických knihoven GEGL a babl, které využívá grafický program GIMP, žádá o podporu na Patreonu. Díky ní bude moci pracovat na vývoji na plný úvazek. Milník 1000 $, který by stačil na holé přežití, se již téměř podařilo vybrat, dalším cílem je dosažení 2500 $, které mu umožní běžně fungovat ve společnosti.

xkomczax | Komentářů: 12
21.1. 23:54 | Pozvánky

DevConf.cz 2017, již devátý ročník jedné z největších akcí zaměřených na Linux a open source ve střední Evropě, proběhne od pátku 27. ledna do neděle 29. ledna v prostorách Fakulty informačních technologií Vysokého učení technického v Brně. Na programu je celá řada zajímavých přednášek a workshopů. Letos je povinná registrace.

Ladislav Hagara | Komentářů: 0
21.1. 22:11 | Nová verze

Byla vydána verze 1.0.0 emulátoru terminálu Terminology postaveného nad EFL (Enlightenment Foundation Libraries). Přehled novinek v poznámkách k vydání.

Ladislav Hagara | Komentářů: 0
Jak se stavíte k trendu ztenčování přenosných zařízení (smartphony, notebooky)?
 (12%)
 (2%)
 (72%)
 (3%)
 (11%)
Celkem 395 hlasů
 Komentářů: 39, poslední včera 19:30
Rozcestník
Reklama

Dotaz: FreeBSD OpenLDAP nelze připojit

14.6.2010 13:02 Martin
FreeBSD OpenLDAP nelze připojit
Přečteno: 669×
Dobrý den, snažím se rozjet OpenLDAP server a nedaří se mi. V podstatě jsem postupoval dle tohoto návodu, http://www.root.cz/clanky/poznamky-k-ldap/ Jen podotýkám že je vše postavené na FreeBSD 8.0. Tady jsou mé konfiguráky:
cat /usr/local/etc/openldap/ldap.conf
#
# LDAP Defaults
#

# See ldap.conf(5) for details
# This file should be world readable but not world writable.

BASE	dc=test, dc=cz
URI	ldap://127.0.0.1/ 
#ldap://ldap-master.example.com:666

#SIZELIMIT	12
#TIMELIMIT	15
#DEREF		never
# 
cat /usr/local/etc/openldap/slapd.conf
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include		/usr/local/etc/openldap/schema/core.schema
include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/inetorgperson.schema
include         /usr/local/etc/openldap/schema/nis.schema

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral	ldap://root.openldap.org

#loglevel 255 # pro debugging, do logu se dostane takka ve. Pozdji snite.

pidfile		/var/run/openldap/slapd.pid
argsfile	/var/run/openldap/slapd.args

# Load dynamic backend modules:
modulepath	/usr/local/libexec/openldap
moduleload	back_bdb
# moduleload	back_ldap
# moduleload	back_ldbm
# moduleload	back_passwd
# moduleload	back_shell

# Sample security restrictions
#	Require integrity protection (prevent hijacking)
#	Require 112-bit (3DES or better) encryption for updates
#	Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:
#	Root DSE: allow anyone to read it
#	Subschema (sub)entry DSE: allow anyone to read it
#	Other DSEs:
#		Allow self write access
#		Allow authenticated users read access
#		Allow anonymous users to authenticate
#	Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
#	by self write
#	by users read
#	by anonymous auth
#
# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn.  (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!

#allow bind_v2  
# abyste mohli pouvat LDAP funkce PHP
password-hash {SSHA} 
# nebo njakou jinou; vyberte si z SMD5, SHA, SSHA, CRYPT

#######################################################################
# BDB database definitions
#######################################################################

database	bdb
suffix		"dc=test,dc=cz"
rootdn		"cn=root,dc=test,dc=cz"
# Cleartext passwords, especially for the rootdn, should
# be avoid.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw		{SSHA}GPtyCSYW9X9+Qsx8FKGNehYjFjjQePdt
# The database directory MUST exist prior to running slapd AND 
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory	/var/db/openldap-data
# Indices to maintain
index	objectClass	eq
# 
cat /usr/local/etc/ldap.conf 
suffix  "dc=test, dc=cz"
host 127.0.0.1
#uri ldaps://ldap.test.cz/
pam_password md5

ldap_version 3
bind_policy             soft
pam_filter              objectclass=posixAccount
pam_login_attribute     uid
pam_member_attribute    memberuid

nss_base_passwd ou=People,dc=test,dc=cz
nss_base_shadow ou=People,dc=test,dc=cz
nss_base_group  ou=Group,dc=test,dc=cz

#nss_reconnect_sleeptime
#nss_reconnect_maxsleeptime
#nss_reconnect_maxconntries directives

scope one
cat /etc/pam.d/system 
#%PAM-1.0

auth            required        pam_env.so
auth            sufficient      pam_unix.so likeauth nullok
auth            sufficient      /usr/local/lib/pam_ldap.so use_first_pass
auth            required        pam_deny.so

account         required        pam_unix.so
account         sufficient      /usr/local/lib/pam_ldap.so

password        required        pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
password        sufficient      pam_unix.so nullok md5 shadow use_authtok
password        sufficient      /usr/local/lib/pam_ldap.so use_authtok
password        required        pam_deny.so

session         required        pam_limits.so
session         required        pam_unix.so
session         optional        /usr/local/lib/pam_ldap.so
cat /etc/pam.d/sshd 
#
# $FreeBSD: src/etc/pam.d/sshd,v 1.16.10.1.2.1 2009/10/25 01:10:29 kensmith Exp $
#
# PAM configuration for the "sshd" service
#

# auth
auth		sufficient	pam_opie.so		no_warn no_fake_prompts
auth		requisite	pam_opieaccess.so	no_warn allow_local
#auth		sufficient	pam_krb5.so		no_warn try_first_pass
#auth		sufficient	pam_ssh.so		no_warn try_first_pass
auth 		sufficient 	/usr/local/lib/pam_ldap.so no_warn try_first_pass
auth		required	pam_unix.so		no_warn try_first_pass

# account
account		required	pam_nologin.so
#account 	required	pam_krb5.so
account		required	pam_login_access.so
account sufficient /usr/local/lib/pam_ldap.so
account		required	pam_unix.so

# session
#session 	optional	pam_ssh.so
session sufficient /usr/local/lib/pam_ldap.so
session		required	pam_permit.so

# password
#password	sufficient	pam_krb5.so		no_warn try_first_pass
password sufficient /usr/local/lib/pam_ldap.so
password	required	pam_unix.so		no_warn try_first_pass
cat /etc/nsswitch.conf 
#
# nsswitch.conf(5) - name service switch configuration file
# $FreeBSD: src/etc/nsswitch.conf,v 1.1.10.1.2.1 2009/10/25 01:10:29 kensmith Exp $
#
group: files ldap
group_compat: nis
hosts: files dns
networks: files
passwd: files ldap
passwd_compat: nis
shells: files
services: compat
services_compat: nis
protocols: files
rpc: files
Po nastartování OpenLDAP mi vyhodí do logu:
Jun 14 12:11:49 freebsd sshd[5132]: pam_ldap: ldap_simple_bind Can't contact LDAP server
Jun 14 12:11:49 freebsd sshd[5132]: pam_ldap: reconnecting to LDAP server...
Jun 14 12:11:49 freebsd sshd[5132]: pam_ldap: ldap_simple_bind Can't contact LDAP server
pokud se snažím připojit pomocí ssh tak:
sshd[5132]: in _openpam_check_error_code(): pam_sm_acct_mgmt(): unexpected return value 12
a pokud pomocí su z konzole tak:
su root
su: pam_start: system error
Mohl by mi někdo poradit co dělám špatně? Uživatele mám převedené pomocí scriptů. A pokud zadám ldapsearch -x -D "cn=root,dc=test,dc=cz" -W tak to taky správně vše vypíše.

Odpovědi

cynic_asshole avatar 14.6.2010 19:07 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Odkomentuj řádek loglevel, nastav na 255, spusť openldap server, zkus se přihlásit a pak pošli log.
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 19:33 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Takže log zapnutý, udělal jsem to že se připojuji na pomocí SSH na server jako root.
auth.log
Jun 14 19:28:54 freebsd sshd[5261]: pam_ldap: error trying to bind as user "uid=root,ou=People,dc=test,dc=cz" (Invalid credentials)
Jun 14 19:28:54 freebsd sshd[5259]: Accepted keyboard-interactive/pam for root from 192.168.56.1 port 40699 ssh2
debug.log
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=sshd,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=sshd,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=sshd,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=smmsp,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=smmsp,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=smmsp,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=smmsp,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=smmsp,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=smmsp,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=mailnull,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=mailnull,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=mailnull,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=mailnull,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=mailnull,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=mailnull,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=guest,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=guest,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=guest,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=guest,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=guest,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=guest,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=bind,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=bind,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=bind,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=bind,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=bind,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=bind,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=proxy,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=proxy,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=proxy,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=proxy,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=proxy,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=proxy,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=authpf,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=authpf,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=authpf,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=authpf,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=authpf,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=authpf,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=_pflogd,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=_pflogd,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=_pflogd,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=_pflogd,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=_pflogd,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=_pflogd,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=_dhcp,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=_dhcp,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=_dhcp,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=_dhcp,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=_dhcp,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=_dhcp,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=uucp,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=uucp,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=uucp,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=uucp,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=uucp,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=uucp,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=dialer,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=dialer,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=dialer,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=dialer,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=dialer,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=dialer,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=network,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=network,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=network,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=network,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=network,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=network,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=audit,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=audit,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=audit,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=audit,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=audit,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=audit,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=www,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=www,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=www,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=www,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=www,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=www,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=nogroup,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=nogroup,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=nogroup,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=nogroup,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=nogroup,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=nogroup,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=nobody,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=nobody,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=nobody,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=nobody,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=nobody,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=nobody,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=ldap,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=ldap,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=ldap,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=ldap,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=ldap,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=ldap,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=freeradius,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=freeradius,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=freeradius,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=freeradius,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=freeradius,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=freeradius,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=pheek,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=pheek,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=pheek,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=pheek,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=pheek,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=pheek,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=test,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=test,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=test,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=test,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=test,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=test,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: send_paged_response: lastid=0x00000000 nentries=33
Jun 14 19:30:07 freebsd slapd[5211]: send_ldap_result: conn=10 op=1 p=3
Jun 14 19:30:07 freebsd slapd[5211]: send_ldap_result: err=0 matched="" text=""
Jun 14 19:30:07 freebsd slapd[5211]: send_ldap_response: msgid=2 tag=101 err=0
Jun 14 19:30:07 freebsd slapd[5211]: daemon: activity on 1 descriptor
Jun 14 19:30:07 freebsd slapd[5211]: daemon: activity on:
Jun 14 19:30:07 freebsd slapd[5211]:  11r
Jun 14 19:30:07 freebsd slapd[5211]: 
Jun 14 19:30:07 freebsd slapd[5211]: daemon: read activity on 11
Jun 14 19:30:07 freebsd slapd[5211]: daemon: select: listen=6 active_threads=0 tvp=NULL
Jun 14 19:30:07 freebsd slapd[5211]: daemon: select: listen=7 active_threads=0 tvp=NULL
Jun 14 19:30:07 freebsd slapd[5211]: connection_get(11)
Jun 14 19:30:07 freebsd slapd[5211]: connection_get(11): got connid=10
Jun 14 19:30:07 freebsd slapd[5211]: connection_read(11): checking for input on id=10
Jun 14 19:30:07 freebsd slapd[5211]: ber_get_next on fd 11 failed errno=0 (Undefined error: 0)
Jun 14 19:30:07 freebsd slapd[5211]: connection_read(11): input error=-2 id=10, closing.
Jun 14 19:30:07 freebsd slapd[5211]: connection_closing: readying conn=10 sd=11 for close
Jun 14 19:30:07 freebsd slapd[5211]: daemon: activity on 1 descriptor
Jun 14 19:30:07 freebsd slapd[5211]: daemon: waked
Jun 14 19:30:07 freebsd slapd[5211]: daemon: select: listen=6 active_threads=0 tvp=NULL
Jun 14 19:30:07 freebsd slapd[5211]: daemon: select: listen=7 active_threads=0 tvp=NULL
Jun 14 19:30:07 freebsd slapd[5211]: connection_close: conn=10 sd=11
Jun 14 19:30:07 freebsd slapd[5211]: daemon: removing 11
messages
Jun 14 19:28:54 freebsd sshd[5261]: pam_ldap: error trying to bind as user "uid=root,ou=People,dc=test,dc=cz" (Invalid credentials)
cynic_asshole avatar 14.6.2010 19:39 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Bylo by možný poslat ten debug log od stejného časového údaje, jaký je uveden u toho chybného přihlášení? Tj. Jun 14 19:28:54 nebo o pár vteřin dřív? Mám určité tušení…
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 19:47 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Příloha:
Posílám.
cynic_asshole avatar 14.6.2010 19:57 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Takže, chybka bude někde tady:

Jun 14 19:28:54 freebsd slapd[5211]: >>> dnPrettyNormal: uid=root,ou=People,dc=test,dc=cz
Jun 14 19:28:54 freebsd slapd[5211]: <<< dnPrettyNormal: uid=root,ou=People,dc=test,dc=cz, uid=root,ou=people,dc=test,dc=cz
Jun 14 19:28:54 freebsd slapd[5211]: do_bind: version=3 dn="uid=root,ou=People,dc=test,dc=cz" method=128
Jun 14 19:28:54 freebsd slapd[5211]: ==> bdb_bind: dn: uid=root,ou=People,dc=test,dc=cz
Jun 14 19:28:54 freebsd slapd[5211]: bdb_dn2entry("uid=root,ou=people,dc=test,dc=cz")
Jun 14 19:28:54 freebsd slapd[5211]: => access_allowed: auth access to "uid=root,ou=People,dc=test,dc=cz" "userPassword" requested
Jun 14 19:28:54 freebsd slapd[5211]: => slap_access_allowed: backend default auth access granted to "(anonymous)"
Jun 14 19:28:54 freebsd slapd[5211]: => access_allowed: auth access granted by read(=rscxd)
Jun 14 19:28:54 freebsd slapd[5211]: send_ldap_result: conn=8 op=3 p=3
Jun 14 19:28:54 freebsd slapd[5211]: send_ldap_result: err=49 matched="" text=""
Jun 14 19:28:54 freebsd slapd[5211]: send_ldap_response: msgid=4 tag=97 err=49

Přesněji řečeno ta chyba 49. Pohledem do dokumentace jsem zjistil, že err=49 znamená LDAP_INVALID_CREDENTIALS, nicméně je to u uživatele, skrze kterého se snažíte připojit k LDAP serveru, nikoliv kterého se snažíte autentifikovat. Mohl byste zaslat ještě konfigurák k tomu ldap PAM modulu?
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 20:00 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Mod děkuji za pomoc, já už vyzkoušel všechno co jsem mohl ale nic nepomohlo, tady je konfigurák:
cat ldap.conf 
host 127.0.0.1
suffix  "dc=test, dc=cz"

uri ldap://127.0.0.1
pam_password md5

ldap_version 3
bind_policy             soft
pam_filter              objectclass=posixAccount
pam_login_attribute     uid
pam_member_attribute    memberuid

nss_base_passwd ou=People,dc=test,dc=cz
nss_base_shadow ou=People,dc=test,dc=cz
nss_base_group  ou=Group,dc=test,dc=cz

scope one
cynic_asshole avatar 14.6.2010 20:06 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Prima. Zkuste do toho souboru dopsat řádky
binddn "cn=root,dc=test,dc=cz"
bindpw {SSHA}GPtyCSYW9X9+Qsx8FKGNehYjFjjQePdt
Pak to bude chtít asi restartovat PAM subsystém.
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 20:22 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Takže jsem přidal, výsledek po restartu je:
debug.log
Jun 14 20:18:37 freebsd slapd[5685]: matchingRuleUse: ( 2.5.13.5 NAME 'caseExactMatch' APPLIES ( supportedSASLMechanisms $ vendorName $ vendorVersion $ ref $ name $ cn $ uid $ labeledURI $ description $ olcConfigFile $ olcConfigDir $ olcAccess $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcBackend $ olcDatabase $ olcDisallows $ olcDitContentRules $ olcInclude $ olcLdapSyntaxes $ olcLimits $ olcLogFile $ olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectClasses $ olcObjectIdentifier $ olcOverlay $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPlugin $ olcPluginLogFile $ olcReferral $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDSE $ olcRootPW $ olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcServerID $ olcSizeLimit $ olcSortVals $ olcSubordinate $ olcSyncrepl $ olcTCPBuffer $ olcTimeLimit $ olcTLSCACertificateFile $ olcT
Jun 14 20:18:37 freebsd slapd[5685]: matchingRuleUse: ( 2.5.13.2 NAME 'caseIgnoreMatch' APPLIES ( supportedSASLMechanisms $ vendorName $ vendorVersion $ ref $ name $ cn $ uid $ labeledURI $ description $ olcConfigFile $ olcConfigDir $ olcAccess $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcBackend $ olcDatabase $ olcDisallows $ olcDitContentRules $ olcInclude $ olcLdapSyntaxes $ olcLimits $ olcLogFile $ olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectClasses $ olcObjectIdentifier $ olcOverlay $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPlugin $ olcPluginLogFile $ olcReferral $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDSE $ olcRootPW $ olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcServerID $ olcSizeLimit $ olcSortVals $ olcSubordinate $ olcSyncrepl $ olcTCPBuffer $ olcTimeLimit $ olcTLSCACertificateFile $ olc
Jun 14 20:20:10 freebsd slapd[5686]: send_ldap_result: err=34 matched="" text="invalid DN"
Jun 14 20:20:10 freebsd slapd[5686]: send_ldap_response: msgid=1 tag=97 err=34
Jun 14 20:20:10 freebsd slapd[5686]: ber_get_next on fd 11 failed errno=0 (Undefined error: 0)
Jun 14 20:20:10 freebsd slapd[5686]: connection_read(11): input error=-2 id=0, closing.
Jun 14 20:20:10 freebsd slapd[5686]: connection_close: deferring conn=0 sd=11
Nevím jak v freebsd restartovat pam, ostatní logy mlčí. Při pokus se přihlásit:
debug.log
Jun 14 20:20:39 freebsd slapd[5686]: send_ldap_result: err=34 matched="" text="invalid DN"
Jun 14 20:20:39 freebsd slapd[5686]: send_ldap_response: msgid=1 tag=97 err=34
Jun 14 20:20:41 freebsd slapd[5686]: send_ldap_result: err=34 matched="" text="invalid DN"
Jun 14 20:20:41 freebsd slapd[5686]: send_ldap_response: msgid=2 tag=97 err=34
Jun 14 20:20:41 freebsd slapd[5686]: ber_get_next on fd 11 failed errno=0 (Undefined error: 0)
Jun 14 20:20:41 freebsd slapd[5686]: connection_read(11): input error=-2 id=1, closing.
Jun 14 20:20:41 freebsd slapd[5686]: send_ldap_result: err=34 matched="" text="invalid DN"
Jun 14 20:20:41 freebsd slapd[5686]: send_ldap_response: msgid=1 tag=97 err=34
auth.log
Jun 14 20:20:39 freebsd sshd[5691]: pam_ldap: error trying to bind (Invalid DN syntax)
Jun 14 20:20:41 freebsd sshd[5691]: pam_ldap: error trying to bind (Invalid DN syntax)
Jun 14 20:20:41 freebsd sshd[5689]: Accepted keyboard-interactive/pam for root from 192.168.56.1 port 60097 ssh2
Jun 14 20:20:41 freebsd sshd[5692]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Invalid DN syntax
message
Jun 14 20:18:37 freebsd slapd[5685]: nss_ldap: could not search LDAP server - Server is unavailable
Jun 14 20:20:39 freebsd sshd[5691]: pam_ldap: error trying to bind (Invalid DN syntax)
Jun 14 20:20:41 freebsd sshd[5691]: pam_ldap: error trying to bind (Invalid DN syntax)
cynic_asshole avatar 14.6.2010 20:28 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Okey, tak zkuste ten binddn zapsat bez uvozovek a taky zkuste to bindpw zadat nezašifrované, tedy v plaintextu (je to to heslo, co máte jako admin do LDAP). Nejsem si právě jist, v jakém tvaru to má být zapsané.
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 20:42 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Příloha:
Bez uvozovek je to o něco lepší ale stále to nefunguje. Zkusil jsme i plaintext ale to je stejné jako když tam dám SSHA Log po restartu:
debug.log
Jun 14 20:31:29 freebsd slapd[5754]: daemon: shutdown requested and initiated.
Jun 14 20:31:29 freebsd slapd[5754]: daemon: closing 6
Jun 14 20:31:29 freebsd slapd[5754]: daemon: closing 7
Jun 14 20:31:29 freebsd slapd[5754]: slapd shutdown: waiting for 0 operations/tasks to finish
Jun 14 20:31:29 freebsd slapd[5754]: slapd shutdown: initiated
Jun 14 20:31:29 freebsd slapd[5754]: ====> bdb_cache_release_all
Jun 14 20:31:29 freebsd slapd[5754]: slapd destroy: freeing system resources.
Jun 14 20:31:29 freebsd slapd[5754]: slapd stopped.
Jun 14 20:31:29 freebsd slapd[5797]: @(#) $OpenLDAP: slapd 2.4.18 (Sep  9 2009 07:45:36) $ 	root@freebsd.org:/work/a/ports/net/openldap24-server/work/openldap-2.4.18/servers/slapd
Jun 14 20:31:29 freebsd slapd[5797]: line 18 (pidfile		/var/run/openldap/slapd.pid)
Jun 14 20:31:29 freebsd slapd[5797]: line 19 (argsfile	/var/run/openldap/slapd.args)
Jun 14 20:31:29 freebsd slapd[5797]: line 22 (modulepath	/usr/local/libexec/openldap)
Jun 14 20:31:29 freebsd slapd[5797]: line 23 (moduleload	back_bdb)
Jun 14 20:31:29 freebsd slapd[5797]: loaded module back_bdb
Jun 14 20:31:29 freebsd slapd[5797]: bdb_back_initialize: initialize BDB backend
Jun 14 20:31:29 freebsd slapd[5797]: bdb_back_initialize: Berkeley DB 4.6.21: (September 27, 2007)
Jun 14 20:31:29 freebsd slapd[5797]: module back_bdb: null module registered
Jun 14 20:31:29 freebsd slapd[5797]: line 53 (password-hash {SSHA})
Jun 14 20:31:29 freebsd slapd[5797]: line 59 (database	bdb)
Jun 14 20:31:29 freebsd slapd[5797]: bdb_db_init: Initializing BDB database
Jun 14 20:31:29 freebsd slapd[5797]: line 60 (suffix		"=test,=cz")
Jun 14 20:31:29 freebsd slapd[5797]: >>> dnPrettyNormal: <=test,=cz>
Jun 14 20:31:29 freebsd slapd[5797]: <<< dnPrettyNormal: <=test,=cz>, <=test,=cz>
Jun 14 20:31:29 freebsd slapd[5797]: line 61 (rootdn		"=root,=test,=cz")
Jun 14 20:31:29 freebsd slapd[5797]: >>> dnPrettyNormal: <=root,=test,=cz>
Jun 14 20:31:29 freebsd slapd[5797]: <<< dnPrettyNormal: <=root,=test,=cz>, <=root,=test,=cz>
Jun 14 20:31:29 freebsd slapd[5797]: line 65 (rootpw ***)
Jun 14 20:31:29 freebsd slapd[5797]: line 69 (directory	/var/db/openldap-data)
Jun 14 20:31:29 freebsd slapd[5797]: line 71 (index	objectClass	eq)
Jun 14 20:31:29 freebsd slapd[5797]: index objectClass 0x0004
Jun 14 20:31:29 freebsd slapd[5797]: >>> dnNormalize: <=Subschema>
Jun 14 20:31:29 freebsd slapd[5797]: <<< dnNormalize: <=subschema>
Jun 14 20:31:29 freebsd slapd[5797]: matching_rule_use_init
Jun 14 20:31:29 freebsd slapd[5797]:     1.2.840.113556.1.4.804 (integerBitOrMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 1.2.840.113556.1.4.804 NAME 'integerBitOrMatch' APPLIES ( supportedLDAPVersion $ entryTtl $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcWriteTimeout $ olcSpSessionlog $ olcDbCacheFree $ olcDbCacheSize $ olcDbDNcacheSize $ olcDbIDLcacheSize $ olcDbSearchStack $ olcDbShmKey $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpumber ) )
Jun 14 20:31:29 freebsd slapd[5797]:     1.2.840.113556.1.4.803 (integerBitAndMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 1.2.840.113556.1.4.803 NAME 'integerBitAndMatch' APPLIES ( supportedLDAPVersion $ entryTtl $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcWriteTimeout $ olcSpSessionlog $ olcDbCacheFree $ olcDbCacheSize $ olcDbDNcacheSize $ olcDbIDLcacheSize $ olcDbSearchStack $ olcDbShmKey $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpumber ) )
Jun 14 20:31:29 freebsd slapd[5797]:     1.3.6.1.4.1.1466.109.114.2 (caseIgnoreIA5Match): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' APPLIES ( altServer $ olcDbConfig $ c $ mail $  $ associatedDomain $ email $ aRecord $ mDRecord $ mXRecord $ nSRecord $ sOARecord $ AMERecord $ janetMailbox $ gecos $ homeDirectory $ loginShell $ memberUid $ memberNisNetgroup $ ipHostNumber $ ipNetworkNumber $ ipNetmaskNumber $ macAddress $ bootFile $ nisMapEntry ) )
Jun 14 20:31:29 freebsd slapd[5797]:     1.3.6.1.4.1.1466.109.114.1 (caseExactIA5Match): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' APPLIES ( altServer $ olcDbConfig $ c $ mail $  $ associatedDomain $ email $ aRecord $ mDRecord $ mXRecord $ nSRecord $ sOARecord $ AMERecord $ janetMailbox $ gecos $ homeDirectory $ loginShell $ memberUid $ memberNisNetgroup $ ipHostNumber $ ipNetworkNumber $ ipNetmaskNumber $ macAddress $ bootFile $ nisMapEntry ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.39 (certificateListMatch): 
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.38 (certificateListExactMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.38 NAME 'certificateListExactMatch' APPLIES ( authorityRevocationList $ certificateRevocationList $ deltaRevocationList ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.35 (certificateMatch): 
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.34 (certificateExactMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.34 NAME 'certificateExactMatch' APPLIES ( userCertificate $ cACertificate ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.30 (objectIdentifierFirstComponentMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.30 NAME 'objectIdentifierFirstComponentMatch' APPLIES ( supportedControl $ supportedExtension $ supportedFeatures $ ldapSyntaxes $ supportedApplicationContext ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.29 (integerFirstComponentMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.29 NAME 'integerFirstComponentMatch' APPLIES ( supportedLDAPVersion $ entryTtl $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcWriteTimeout $ olcSpSessionlog $ olcDbCacheFree $ olcDbCacheSize $ olcDbDNcacheSize $ olcDbIDLcacheSize $ olcDbSearchStack $ olcDbShmKey $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpumber ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.27 (generalizedTimeMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.27 NAME 'generalizedTimeMatch' APPLIES ( createTimestamp $ modifyTimestamp ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.24 (protocolInformationMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.24 NAME 'protocolInformationMatch' APPLIES protocolInformation )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.23 (uniqueMemberMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.23 NAME 'uniqueMemberMatch' APPLIES uniqueMember )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.22 (presentationAddressMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.22 NAME 'presentationAddressMatch' APPLIES presentationAddress )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.20 (telephoneNumberMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.20 NAME 'telephoneNumberMatch' APPLIES ( telephoneNumber $ homePhone $ mobile $ pager ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.17 (octetStringMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.17 NAME 'octetStringMatch' APPLIES ( userPassword $ olcDbCryptKey ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.16 (bitStringMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.16 NAME 'bitStringMatch' APPLIES x500UniqueIdentifier )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.14 (integerMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.14 NAME 'integerMatch' APPLIES ( supportedLDAPVersion $ entryTtl $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcWriteTimeout $ olcSpSessionlog $ olcDbCacheFree $ olcDbCacheSize $ olcDbDNcacheSize $ olcDbIDLcacheSize $ olcDbSearchStack $ olcDbShmKey $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpumber ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.13 (booleanMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.13 NAME 'booleanMatch' APPLIES ( hasSubordinates $ olcAddContentAcl $ olcGentleHUP $ olcHidden $ olcLastMod $ olcMirrorMode $ olcMonitoring $ olcReadOnly $ olcReverseLookup $ olcSpNoPresent $ olcSpReloadHint $ olcDbChecksum $ olcDbNoSync $ olcDbDirtyRead $ olcDbLinearIndex ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.11 (caseIgnoreListMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.11 NAME 'caseIgnoreListMatch' APPLIES ( postalAddress $ registeredAddress $ homePostalAddress ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.8 (numericStringMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.8 NAME 'numericStringMatch' APPLIES ( x121Address $ internationaliSDNNumber ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.7 (caseExactSubstringsMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.7 NAME 'caseExactSubstringsMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.6 (caseExactOrderingMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.6 NAME 'caseExactOrderingMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.5 (caseExactMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.5 NAME 'caseExactMatch' APPLIES ( supportedSASLMechanisms $ vendorName $ vendorVersion $ ref $ name $  $ uid $ labeledURI $ description $ olcConfigFile $ olcConfigDir $ olcAccess $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcBackend $ olcDatabase $ olcDisallows $ olcDitContentRules $ olcInclude $ olcLdapSyntaxes $ olcLimits $ olcLogFile $ olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectClasses $ olcObjectIdentifier $ olcOverlay $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPlugin $ olcPluginLogFile $ olcReferral $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDSE $ olcRootPW $ olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcServerID $ olcSizeLimit $ olcSortVals $ olcSubordinate $ olcSyncrepl $ olcTCPBuffer $ olcTimeLimit $ olcTLSCACertificateFile $ olcT
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.4 (caseIgnoreSubstringsMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.4 NAME 'caseIgnoreSubstringsMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.3 (caseIgnoreOrderingMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.3 NAME 'caseIgnoreOrderingMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.2 (caseIgnoreMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.2 NAME 'caseIgnoreMatch' APPLIES ( supportedSASLMechanisms $ vendorName $ vendorVersion $ ref $ name $  $ uid $ labeledURI $ description $ olcConfigFile $ olcConfigDir $ olcAccess $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcBackend $ olcDatabase $ olcDisallows $ olcDitContentRules $ olcInclude $ olcLdapSyntaxes $ olcLimits $ olcLogFile $ olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectClasses $ olcObjectIdentifier $ olcOverlay $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPlugin $ olcPluginLogFile $ olcReferral $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDSE $ olcRootPW $ olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcServerID $ olcSizeLimit $ olcSortVals $ olcSubordinate $ olcSyncrepl $ olcTCPBuffer $ olcTimeLimit $ olcTLSCACertificateFile $ olc
Jun 14 20:31:29 freebsd slapd[5797]:     1.2.36.79672281.1.13.3 (rdnMatch): 
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.1 (distinguishedNameMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.1 NAME 'distinguishedNameMatch' APPLIES ( creatorsName $ modifiersName $ subschemaSubentry $ entryDN $ namingContexts $ aliasedObjectName $ dynamicSubtrees $ distinguishedName $ seeAlso $ olcDefaultSearchBase $ olcRootDN $ olcSchemaDN $ olcSuffix $ olcUpdateDN $ olcRelay $ member $ owner $ roleOccupant $ manager $ documentAuthor $ secretary $ associatedName $ dITRedirect ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.0 (objectIdentifierMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.0 NAME 'objectIdentifierMatch' APPLIES ( supportedControl $ supportedExtension $ supportedFeatures $ supportedApplicationContext ) )
Jun 14 20:31:29 freebsd slapd[5798]: slapd startup: initiated.
Jun 14 20:31:29 freebsd slapd[5798]: backend_startup_one: starting "=config"
Jun 14 20:31:29 freebsd slapd[5798]: config_back_db_open
Jun 14 20:31:29 freebsd slapd[5798]: config_back_db_open: line 0: warning: cannot assess the validity of the ACL scope within backend naming context
Jun 14 20:31:29 freebsd slapd[5798]: config_build_entry: "=config"
Jun 14 20:31:29 freebsd slapd[5798]: config_build_entry: "=module{0}"
Jun 14 20:31:29 freebsd slapd[5798]: config_build_entry: "=schema"
Jun 14 20:31:29 freebsd slapd[5798]: config_build_entry: "={0}core"
Jun 14 20:31:29 freebsd slapd[5798]: config_build_entry: "={1}cosine"
Jun 14 20:31:29 freebsd slapd[5798]: config_build_entry: "={2}inetorgperson"
Jun 14 20:31:29 freebsd slapd[5798]: config_build_entry: "={3}nis"
Jun 14 20:31:29 freebsd slapd[5798]: config_build_entry: "olcDatabase={-1}frontend"
Jun 14 20:31:29 freebsd slapd[5798]: config_build_entry: "olcDatabase={0}config"
Jun 14 20:31:29 freebsd slapd[5798]: config_build_entry: "olcDatabase={1}bdb"
Jun 14 20:31:29 freebsd slapd[5798]: backend_startup_one: starting "=test,=cz"
Jun 14 20:31:29 freebsd slapd[5798]: bdb_db_open: "=test,=cz"
Jun 14 20:31:29 freebsd slapd[5798]: bdb_db_open: database "=test,=cz": dbenv_open(/var/db/openldap-data).
Jun 14 20:31:29 freebsd slapd[5798]: slapd starting
Jun 14 20:31:29 freebsd slapd[5798]: daemon: added 4r listener=0x0
Jun 14 20:31:29 freebsd slapd[5798]: daemon: added 6r listener=0x8019450c0
Jun 14 20:31:29 freebsd slapd[5798]: daemon: added 7r listener=0x801945180
Jun 14 20:31:29 freebsd slapd[5798]: daemon: select: listen=6 active_threads=0 tvp=NULL
Jun 14 20:31:29 freebsd slapd[5798]: daemon: select: listen=7 active_threads=0 tvp=NULL
Jun 14 20:31:29 freebsd slapd[5798]: daemon: activity on 1 descriptor
Jun 14 20:31:29 freebsd slapd[5798]: daemon: waked
Jun 14 20:31:29 freebsd slapd[5798]: daemon: select: listen=6 active_threads=0 tvp=NULL
Jun 14 20:31:29 freebsd slapd[5798]: daemon: select: listen=7 active_threads=0 tvp=NULL
Log debug je zase přílohou a je to už při pokusu o přihlášení.
auth.log
Jun 14 20:34:03 freebsd sshd[5813]: pam_ldap: error trying to bind as user "uid=root,ou=People,=test,=cz" (Invalid credentials)
Jun 14 20:34:03 freebsd sshd[5811]: Accepted keyboard-interactive/pam for root from 192.168.56.1 port 41477 ssh2
message
Jun 14 20:34:03 freebsd sshd[5813]: pam_ldap: error trying to bind as user "uid=root,ou=People,=test,=cz" (Invalid credentials)
cynic_asshole avatar 14.6.2010 20:53 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Hmm, tak už mě napadá jen jedna věc. A to že jsou špatně nastavená oprávnění. Tudíž bych zkusil zakomentovat ty dva řádky, co jsi zadal a vrátil se zpátky k slapd.conf a zkusil tam dát

access to attrs=userPassword
 	by dn="cn=root,dc=test,dc=cz" write
 	by anonymous auth
 	by self write
 	by * none

access to attrs=uidNumber,gidNumber,uid,homeDirectory
 	by dn="cn=root,dc=test,dc=cz" write
 	by self read
 	by * read

access to *
 	by dn="cn=root,dc=test,dc=cz" write
 	by self write
 	by * read

Ve zkratce. V první sekci se nastavuje, že k userPasswd bude mít R/W práva root a samotný uživatel, anonymous bude mít možnost čtení a ostatní se k němu nedostanou. Atributy uidNumber,gidNumber,uid,homeDirectory budou R/W pro roota, pro uživatele pro čtení a pro ostatní pro čtení. Ostatní atributy budou R/W přístupny pro roota, pro uživatele a pro ostatní jen pro čtení.
Neznáš nějakou linuxovou distribuci pro Windows?
cynic_asshole avatar 14.6.2010 20:55 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
A nakonec… máš povolené přihlášení roota přes SSH?
Neznáš nějakou linuxovou distribuci pro Windows?
cynic_asshole avatar 14.6.2010 20:56 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Odpovím si sám. Máš. :-)
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 21:06 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
JJ povolený mám, protože přes pam se tam přihlásím, jak vůbec zjistím přes co se tam uživatel dostal? Ty poslední kroky jsem vyzkoušel a nic, pořád stejné, už si s tím nevím rady, přece to nějak fungovat musí. Uživatele jsem vytvořil pomoci MigrationTools-47, takže tam ten uživatel root musí být. I jiní uživatelé která v systému jsou a vzal jsem je do LDAP nejedou. :(
cynic_asshole avatar 14.6.2010 21:11 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Bylo by možné zkusit u nějakého uživatele změnit LDAP heslo a pak se znovu přihlásit?
Neznáš nějakou linuxovou distribuci pro Windows?
cynic_asshole avatar 14.6.2010 21:16 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
A zkus ještě změnit loglevel na 384 a restartovat openldap a přihlásit se. A pak zase oblíbené kolečko s logy :-)
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 21:23 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Nechci být za hňupa, ale jak zmenit heslo nějakému uživateli v LDAP, když nemám nainstalované nějaké klikátko :) Jinak log jsem zvedl a je to zajimavé:
debug.log
Jun 14 21:21:33 freebsd slapd[1562]: @(#) $OpenLDAP: slapd 2.4.18 (Sep  9 2009 07:45:36) $ 	root@freebsd.org:/work/a/ports/net/openldap24-server/work/openldap-2.4.18/servers/slapd
Jun 14 21:21:33 freebsd slapd[1563]: config_back_db_open: line 0: warning: cannot assess the validity of the ACL scope within backend naming context
Jun 14 21:21:33 freebsd slapd[1563]: slapd starting
14.6.2010 21:24 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
následně se v logu ukazalo toto:
Jun 14 21:22:08 freebsd slapd[1563]: conn=0 fd=11 ACCEPT from IP=127.0.0.1:36857 (IP=127.0.0.1:389)
Jun 14 21:22:08 freebsd slapd[1563]: conn=0 op=0 BIND dn="cn=root,dc=test,dc=cz" method=128
Jun 14 21:22:08 freebsd slapd[1563]: conn=0 op=0 RESULT tag=97 err=49 text=
Jun 14 21:22:08 freebsd slapd[1563]: conn=0 op=1 UNBIND
Jun 14 21:22:08 freebsd slapd[1563]: conn=0 fd=11 closed
Jun 14 21:22:08 freebsd slapd[1563]: conn=1 op=0 BIND dn="cn=root,dc=test,dc=cz" method=128
Jun 14 21:22:08 freebsd slapd[1563]: conn=1 op=0 RESULT tag=97 err=49 text=
Jun 14 21:22:08 freebsd slapd[1563]: conn=1 fd=12 ACCEPT from IP=127.0.0.1:23152 (IP=127.0.0.1:389)
Jun 14 21:22:08 freebsd slapd[1563]: conn=1 op=1 UNBIND
Jun 14 21:22:08 freebsd slapd[1563]: conn=1 fd=12 closed
cynic_asshole avatar 14.6.2010 21:28 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Nevím, co máš přesně za konzolové nástroje, ale dalo by se to udělat kupříkladu přes Apache Directory Studio (klient pro Win). A nebo zkusit ldapmodify? Nevím, k produkčnímu serveru se teďka nedostanu, a je to dlouho, co jsem něco takového použil.

Pošli zase část logu, když se přihlašuješ. Je tam něco shnilého s ACL.
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 21:34 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
tady je další část logu po přihlášení:
debug.log
Jun 14 21:32:11 freebsd slapd[1723]: conn=0 fd=11 ACCEPT from IP=127.0.0.1:56043 (IP=127.0.0.1:389)
Jun 14 21:32:11 freebsd slapd[1723]: conn=0 op=0 BIND dn="cn=root,dc=test,dc=cz" method=128
Jun 14 21:32:11 freebsd slapd[1723]: conn=0 op=0 RESULT tag=97 err=49 text=
Jun 14 21:32:13 freebsd slapd[1723]: conn=0 op=1 BIND dn="cn=root,dc=test,dc=cz" method=128
Jun 14 21:32:13 freebsd slapd[1723]: conn=0 op=1 RESULT tag=97 err=49 text=
Jun 14 21:32:13 freebsd slapd[1723]: conn=0 fd=11 closed (connection lost)
Jun 14 21:32:13 freebsd slapd[1723]: conn=1 fd=11 ACCEPT from IP=127.0.0.1:25834 (IP=127.0.0.1:389)
Jun 14 21:32:13 freebsd slapd[1723]: conn=1 op=0 BIND dn="cn=root,dc=test,dc=cz" method=128
Jun 14 21:32:13 freebsd slapd[1723]: conn=1 op=0 RESULT tag=97 err=49 text=
Jun 14 21:32:13 freebsd slapd[1723]: conn=1 op=1 UNBIND
Jun 14 21:32:13 freebsd slapd[1723]: conn=1 fd=11 closed
Jun 14 21:32:13 freebsd slapd[1723]: conn=2 fd=11 ACCEPT from IP=127.0.0.1:40514 (IP=127.0.0.1:389)
Jun 14 21:32:13 freebsd slapd[1723]: conn=2 op=0 BIND dn="cn=root,dc=test,dc=cz" method=128
Jun 14 21:32:13 freebsd slapd[1723]: conn=2 op=0 RESULT tag=97 err=49 text=
Jun 14 21:32:13 freebsd slapd[1723]: conn=2 op=1 UNBIND
Jun 14 21:32:13 freebsd slapd[1723]: conn=2 fd=11 closed
auth.log
Jun 14 21:32:11 freebsd sshd[1726]: pam_ldap: error trying to bind (Invalid credentials)
Jun 14 21:32:13 freebsd sshd[1726]: pam_ldap: error trying to bind (Invalid credentials)
Jun 14 21:32:13 freebsd sshd[1724]: Accepted keyboard-interactive/pam for test from 192.168.56.1 port 48165 ssh2
Jun 14 21:32:13 freebsd sshd[1727]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Invalid credentials
Jun 14 21:32:13 freebsd sshd[1727]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Invalid credentials
Jun 14 21:32:13 freebsd sshd[1727]: nss_ldap: could not search LDAP server - Server is unavailable
message
Jun 14 21:32:11 freebsd sshd[1726]: pam_ldap: error trying to bind (Invalid credentials)
Jun 14 21:32:13 freebsd sshd[1726]: pam_ldap: error trying to bind (Invalid credentials)
Jun 14 21:32:13 freebsd sshd[1727]: nss_ldap: could not search LDAP server - Server is unavailable
cynic_asshole avatar 14.6.2010 21:36 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Mohl bys ještě poslat obsah souboru /usr/local/etc/nss_ldap.conf?
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 21:41 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Ten je stejný jako ldap.conf, mám ho z tohoto soubory symlinkovanej.
14.6.2010 21:46 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Příloha:
pokud zadám ldapsearch -D "cn=root,dc=testdc=cz" -W tak mi DB notmálně vyjede, přikládám ji.
14.6.2010 21:52 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Ale pokud zadám ldapsearch -x -H ldap://127.0.0.1 "cn=root,dc=test,dc=cz" -W tak dostanu:
# extended LDIF
#
# LDAPv3
# base <=test,=cz> (default) with scope subtree
# filter: =root,=test,=cz
# requesting: -W 
#

# search result
search: 2
result: 0 Success

# numResponses: 1
nevím zda je ten příkaz správně abych se připojil k LDAP na 127.0.0.1 musel jsem odstranit z výpisu DC a CN znaky tak aby mi tato konference výpis logu vzala-
cynic_asshole avatar 14.6.2010 21:53 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Hm, dobře. Pro dnešek bych to ukončil a pokračoval zítra, nevadilo by? Podívám se zítra na server, jak to tam mám.

Překvapuje mě, že jsou u všech uživatelů stejné hashe hesel. Navíc mi ten typ hashe nic neříká.
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 21:57 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
OK ukončíme to, jen se zeptám, nebyl by na tebe nějaký kontakt, třeba Jabber nebo ICQ, jsem ti moc vděčný za pomoc.
cynic_asshole avatar 14.6.2010 21:58 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Jabber honza@betik.cz
Neznáš nějakou linuxovou distribuci pro Windows?
cynic_asshole avatar 14.6.2010 21:57 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Heslo uživatele by mělo jít změnit pomocí příkazu
ldappasswd -D "cn=root,dc=test,dc=cz" -S -W "uid=UŽIVATEL,ou=SKUPINA,dc=test,dc=cz"
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 22:04 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
heslo jsem změnil pro uživatele "test" ale když se přihlásím tak zase jenom starým heslem a to tím které je v systému. Jseš online?
cynic_asshole avatar 14.6.2010 22:05 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Jj, jsem. Já to vypínám málokdy.
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 22:07 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
přidal jsem si tě ale nevidím tě online :(
cynic_asshole avatar 14.6.2010 22:09 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Tak napiš, nejspíš to bude dělat antispam. A nebo můžeš svoje JID poslat e-mailem na stejnou adresu jako mám jabber.
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 19:41 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Příloha:
A takhle vypadá log po startu LDAP

Založit nové vláknoNahoru

Tiskni Sdílej: Linkuj Jaggni to Vybrali.sme.sk Google Del.icio.us Facebook

ISSN 1214-1267   www.czech-server.cz
© 1999-2015 Nitemedia s. r. o. Všechna práva vyhrazena.