abclinuxu.cz AbcLinuxu.cz itbiz.cz ITBiz.cz HDmag.cz HDmag.cz abcprace.cz AbcPráce.cz
AbcLinuxu hledá autory!
Inzerujte na AbcPráce.cz od 950 Kč
Rozšířené hledání
×
eParkomat, startup z ČR, postoupil mezi finalisty evropského akcelerátoru ChallengeUp!
Robot na pivo mu otevřel dveře k opravdovému byznysu
Internet věcí: Propojený svět? Už se to blíží...
včera 16:24 | Nová verze

Byla vydána Mageia 5.1. Jedná se o první opravné vydání verze 5, jež vyšla v červnu loňského roku (zprávička). Uživatelům verze 5 nepřináší opravné vydání nic nového, samozřejmě pokud pravidelně aktualizují. Vydání obsahuje všechny aktualizace za posledního téměř půldruhého roku. Mageia 5.1 obsahuje LibreOffice 4.4.7, Linux 4.4.32, KDE4 4.14.5 nebo GNOME 3.14.3.

Ladislav Hagara | Komentářů: 0
včera 13:42 | Pozvánky

V Praze probíhá konference Internet a Technologie 16.2, volné pokračování jarní konference sdružení CZ.NIC. Konferenci lze sledovat online na YouTube. K dispozici je také archiv předchozích konferencí.

Ladislav Hagara | Komentářů: 0
2.12. 22:44 | Komunita

Joinup informuje, že Mnichov používá open source groupware Kolab. V srpnu byl dokončen dvouletý přechod na toto řešení. V provozu je asi 60 000 poštovních schránek. Nejenom Kolabu se věnoval Georg Greve ve své přednášce Open Source: the future for the European institutions (SlideShare) na konferenci DIGITEC 2016, jež proběhla v úterý 29. listopadu v Bruselu. Videozáznam přednášek z hlavního sálu je ke zhlédnutí na Livestreamu.

Ladislav Hagara | Komentářů: 18
2.12. 15:30 | Zajímavý projekt

Společnost Jolla oznámila v příspěvku Case study: Sailfish Watch na svém blogu, že naportovala Sailfish OS na chytré hodinky. Využila a inspirovala se otevřeným operačním systémem pro chytré hodinky AsteroidOS. Použita je knihovna libhybris. Ukázka ovládání hodinek na YouTube.

Ladislav Hagara | Komentářů: 8
2.12. 14:15 | Nová verze

Byla vydána verze 7.1.0 skriptovacího jazyka PHP používaného zejména k vývoji dynamických webových stránek. Jedná se o první stabilní verzi nejnovější větvě 7.1. Přehled novinek v dokumentaci. Podrobnosti v ChangeLogu. K dispozici je také příručka pro přechod z PHP 7.0.x na PHP 7.1.x.

Ladislav Hagara | Komentářů: 2
2.12. 12:55 | Nová verze

Google Chrome 55 byl prohlášen za stabilní. Nejnovější stabilní verze 55.0.2883.75 tohoto webového prohlížeče přináší řadu oprav a vylepšení (YouTube). Opraveno bylo také 36 bezpečnostních chyb. Mariusz Mlynski si například vydělal 22 500 dolarů za 3 nahlášené chyby (Universal XSS in Blink).

Ladislav Hagara | Komentářů: 4
2.12. 11:55 | Pozvánky

Máte rádi svobodný software a hardware nebo se o nich chcete něco dozvědět? Přijďte na 135. sraz spolku OpenAlt, který se bude konat ve čtvrtek 8. prosince od 18:00 v Radegastovně Perón (Stroupežnického 20, Praha 5). Sraz bude tentokrát tématický. Bude retro! K vidění budou přístroje jako Psion 5mx nebo Palm Z22. Ze svobodného hardwaru pak Openmoko nebo čtečka WikiReader. Přijďte se i vy pochlubit svými legendami, nebo alespoň na pivo. Moderní hardware má vstup samozřejmě také povolen.

xkucf03 | Komentářů: 0
2.12. 00:10 | Nová verze

Byla vydána verze 3.2 svobodného systému pro detekci a prevenci průniků a monitorování bezpečnosti počítačových sítí Suricata. Z novinek lze zmínit například podporu protokolů DNP3 a CIP/ENIP, vylepšenou podporu TLS a samozřejmě také aktualizovanou dokumentaci.

Ladislav Hagara | Komentářů: 0
1.12. 21:00 | Nová verze

Byla vydána beta verze Linux Mintu 18.1 s kódovým jménem Serena. Na blogu Linux Mintu jsou hned dvě oznámení. První o vydání Linux Mintu s prostředím MATE a druhé o vydání Linux Mintu s prostředím Cinnamon. Stejným způsobem jsou rozděleny také poznámky k vydání (MATE, Cinnamon) a přehled novinek s náhledy (MATE, Cinnamon). Linux Mint 18.1 bude podporován až do roku 2021.

Ladislav Hagara | Komentářů: 0
1.12. 16:42 | Nová verze

Byl vydán Devuan Jessie 1.0 Beta 2. Jedná se o druhou beta verzi forku Debianu bez systemd představeného v listopadu 2014 (zprávička). První beta verze byla vydána v dubnu letošního roku (zprávička). Jedna z posledních přednášek věnovaných Devuanu proběhla v listopadu na konferenci FSCONS 2016 (YouTube, pdf).

Ladislav Hagara | Komentářů: 0
Kolik máte dat ve svém domovském adresáři na svém primárním osobním počítači?
 (32%)
 (24%)
 (29%)
 (7%)
 (5%)
 (3%)
Celkem 767 hlasů
 Komentářů: 50, poslední 29.11. 15:50
Rozcestník
Reklama

Dotaz: FreeBSD OpenLDAP nelze připojit

14.6.2010 13:02 Martin
FreeBSD OpenLDAP nelze připojit
Přečteno: 661×
Dobrý den, snažím se rozjet OpenLDAP server a nedaří se mi. V podstatě jsem postupoval dle tohoto návodu, http://www.root.cz/clanky/poznamky-k-ldap/ Jen podotýkám že je vše postavené na FreeBSD 8.0. Tady jsou mé konfiguráky:
cat /usr/local/etc/openldap/ldap.conf
#
# LDAP Defaults
#

# See ldap.conf(5) for details
# This file should be world readable but not world writable.

BASE	dc=test, dc=cz
URI	ldap://127.0.0.1/ 
#ldap://ldap-master.example.com:666

#SIZELIMIT	12
#TIMELIMIT	15
#DEREF		never
# 
cat /usr/local/etc/openldap/slapd.conf
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include		/usr/local/etc/openldap/schema/core.schema
include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/inetorgperson.schema
include         /usr/local/etc/openldap/schema/nis.schema

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral	ldap://root.openldap.org

#loglevel 255 # pro debugging, do logu se dostane takka ve. Pozdji snite.

pidfile		/var/run/openldap/slapd.pid
argsfile	/var/run/openldap/slapd.args

# Load dynamic backend modules:
modulepath	/usr/local/libexec/openldap
moduleload	back_bdb
# moduleload	back_ldap
# moduleload	back_ldbm
# moduleload	back_passwd
# moduleload	back_shell

# Sample security restrictions
#	Require integrity protection (prevent hijacking)
#	Require 112-bit (3DES or better) encryption for updates
#	Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:
#	Root DSE: allow anyone to read it
#	Subschema (sub)entry DSE: allow anyone to read it
#	Other DSEs:
#		Allow self write access
#		Allow authenticated users read access
#		Allow anonymous users to authenticate
#	Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
#	by self write
#	by users read
#	by anonymous auth
#
# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn.  (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!

#allow bind_v2  
# abyste mohli pouvat LDAP funkce PHP
password-hash {SSHA} 
# nebo njakou jinou; vyberte si z SMD5, SHA, SSHA, CRYPT

#######################################################################
# BDB database definitions
#######################################################################

database	bdb
suffix		"dc=test,dc=cz"
rootdn		"cn=root,dc=test,dc=cz"
# Cleartext passwords, especially for the rootdn, should
# be avoid.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw		{SSHA}GPtyCSYW9X9+Qsx8FKGNehYjFjjQePdt
# The database directory MUST exist prior to running slapd AND 
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory	/var/db/openldap-data
# Indices to maintain
index	objectClass	eq
# 
cat /usr/local/etc/ldap.conf 
suffix  "dc=test, dc=cz"
host 127.0.0.1
#uri ldaps://ldap.test.cz/
pam_password md5

ldap_version 3
bind_policy             soft
pam_filter              objectclass=posixAccount
pam_login_attribute     uid
pam_member_attribute    memberuid

nss_base_passwd ou=People,dc=test,dc=cz
nss_base_shadow ou=People,dc=test,dc=cz
nss_base_group  ou=Group,dc=test,dc=cz

#nss_reconnect_sleeptime
#nss_reconnect_maxsleeptime
#nss_reconnect_maxconntries directives

scope one
cat /etc/pam.d/system 
#%PAM-1.0

auth            required        pam_env.so
auth            sufficient      pam_unix.so likeauth nullok
auth            sufficient      /usr/local/lib/pam_ldap.so use_first_pass
auth            required        pam_deny.so

account         required        pam_unix.so
account         sufficient      /usr/local/lib/pam_ldap.so

password        required        pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
password        sufficient      pam_unix.so nullok md5 shadow use_authtok
password        sufficient      /usr/local/lib/pam_ldap.so use_authtok
password        required        pam_deny.so

session         required        pam_limits.so
session         required        pam_unix.so
session         optional        /usr/local/lib/pam_ldap.so
cat /etc/pam.d/sshd 
#
# $FreeBSD: src/etc/pam.d/sshd,v 1.16.10.1.2.1 2009/10/25 01:10:29 kensmith Exp $
#
# PAM configuration for the "sshd" service
#

# auth
auth		sufficient	pam_opie.so		no_warn no_fake_prompts
auth		requisite	pam_opieaccess.so	no_warn allow_local
#auth		sufficient	pam_krb5.so		no_warn try_first_pass
#auth		sufficient	pam_ssh.so		no_warn try_first_pass
auth 		sufficient 	/usr/local/lib/pam_ldap.so no_warn try_first_pass
auth		required	pam_unix.so		no_warn try_first_pass

# account
account		required	pam_nologin.so
#account 	required	pam_krb5.so
account		required	pam_login_access.so
account sufficient /usr/local/lib/pam_ldap.so
account		required	pam_unix.so

# session
#session 	optional	pam_ssh.so
session sufficient /usr/local/lib/pam_ldap.so
session		required	pam_permit.so

# password
#password	sufficient	pam_krb5.so		no_warn try_first_pass
password sufficient /usr/local/lib/pam_ldap.so
password	required	pam_unix.so		no_warn try_first_pass
cat /etc/nsswitch.conf 
#
# nsswitch.conf(5) - name service switch configuration file
# $FreeBSD: src/etc/nsswitch.conf,v 1.1.10.1.2.1 2009/10/25 01:10:29 kensmith Exp $
#
group: files ldap
group_compat: nis
hosts: files dns
networks: files
passwd: files ldap
passwd_compat: nis
shells: files
services: compat
services_compat: nis
protocols: files
rpc: files
Po nastartování OpenLDAP mi vyhodí do logu:
Jun 14 12:11:49 freebsd sshd[5132]: pam_ldap: ldap_simple_bind Can't contact LDAP server
Jun 14 12:11:49 freebsd sshd[5132]: pam_ldap: reconnecting to LDAP server...
Jun 14 12:11:49 freebsd sshd[5132]: pam_ldap: ldap_simple_bind Can't contact LDAP server
pokud se snažím připojit pomocí ssh tak:
sshd[5132]: in _openpam_check_error_code(): pam_sm_acct_mgmt(): unexpected return value 12
a pokud pomocí su z konzole tak:
su root
su: pam_start: system error
Mohl by mi někdo poradit co dělám špatně? Uživatele mám převedené pomocí scriptů. A pokud zadám ldapsearch -x -D "cn=root,dc=test,dc=cz" -W tak to taky správně vše vypíše.

Odpovědi

cynic_asshole avatar 14.6.2010 19:07 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Odkomentuj řádek loglevel, nastav na 255, spusť openldap server, zkus se přihlásit a pak pošli log.
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 19:33 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Takže log zapnutý, udělal jsem to že se připojuji na pomocí SSH na server jako root.
auth.log
Jun 14 19:28:54 freebsd sshd[5261]: pam_ldap: error trying to bind as user "uid=root,ou=People,dc=test,dc=cz" (Invalid credentials)
Jun 14 19:28:54 freebsd sshd[5259]: Accepted keyboard-interactive/pam for root from 192.168.56.1 port 40699 ssh2
debug.log
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=sshd,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=sshd,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=sshd,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=smmsp,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=smmsp,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=smmsp,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=smmsp,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=smmsp,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=smmsp,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=mailnull,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=mailnull,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=mailnull,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=mailnull,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=mailnull,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=mailnull,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=guest,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=guest,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=guest,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=guest,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=guest,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=guest,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=bind,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=bind,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=bind,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=bind,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=bind,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=bind,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=proxy,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=proxy,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=proxy,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=proxy,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=proxy,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=proxy,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=authpf,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=authpf,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=authpf,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=authpf,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=authpf,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=authpf,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=_pflogd,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=_pflogd,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=_pflogd,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=_pflogd,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=_pflogd,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=_pflogd,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=_dhcp,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=_dhcp,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=_dhcp,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=_dhcp,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=_dhcp,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=_dhcp,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=uucp,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=uucp,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=uucp,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=uucp,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=uucp,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=uucp,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=dialer,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=dialer,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=dialer,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=dialer,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=dialer,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=dialer,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=network,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=network,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=network,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=network,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=network,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=network,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=audit,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=audit,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=audit,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=audit,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=audit,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=audit,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=www,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=www,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=www,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=www,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=www,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=www,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=nogroup,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=nogroup,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=nogroup,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=nogroup,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=nogroup,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=nogroup,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=nobody,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=nobody,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=nobody,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=nobody,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=nobody,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=nobody,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=ldap,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=ldap,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=ldap,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=ldap,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=ldap,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=ldap,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=freeradius,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=freeradius,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=freeradius,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=freeradius,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=freeradius,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=freeradius,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=pheek,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=pheek,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=pheek,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=pheek,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=pheek,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=pheek,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     AND
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter_and
Jun 14 19:30:07 freebsd slapd[5211]: => test_filter
Jun 14 19:30:07 freebsd slapd[5211]:     EQUALITY
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access to "cn=test,ou=Group,dc=test,dc=cz" "objectClass" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default search access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: search access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter_and 6
Jun 14 19:30:07 freebsd slapd[5211]: <= test_filter 6
Jun 14 19:30:07 freebsd slapd[5211]: => send_search_entry: conn 10 dn="cn=test,ou=Group,dc=test,dc=cz"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=test,ou=Group,dc=test,dc=cz" "entry" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=test,ou=Group,dc=test,dc=cz" "cn" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=test,ou=Group,dc=test,dc=cz" "userPassword" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access to "cn=test,ou=Group,dc=test,dc=cz" "gidNumber" requested
Jun 14 19:30:07 freebsd slapd[5211]: => slap_access_allowed: backend default read access granted to "(anonymous)"
Jun 14 19:30:07 freebsd slapd[5211]: => access_allowed: read access granted by read(=rscxd)
Jun 14 19:30:07 freebsd slapd[5211]: <= send_search_entry: conn 10 exit.
Jun 14 19:30:07 freebsd slapd[5211]: send_paged_response: lastid=0x00000000 nentries=33
Jun 14 19:30:07 freebsd slapd[5211]: send_ldap_result: conn=10 op=1 p=3
Jun 14 19:30:07 freebsd slapd[5211]: send_ldap_result: err=0 matched="" text=""
Jun 14 19:30:07 freebsd slapd[5211]: send_ldap_response: msgid=2 tag=101 err=0
Jun 14 19:30:07 freebsd slapd[5211]: daemon: activity on 1 descriptor
Jun 14 19:30:07 freebsd slapd[5211]: daemon: activity on:
Jun 14 19:30:07 freebsd slapd[5211]:  11r
Jun 14 19:30:07 freebsd slapd[5211]: 
Jun 14 19:30:07 freebsd slapd[5211]: daemon: read activity on 11
Jun 14 19:30:07 freebsd slapd[5211]: daemon: select: listen=6 active_threads=0 tvp=NULL
Jun 14 19:30:07 freebsd slapd[5211]: daemon: select: listen=7 active_threads=0 tvp=NULL
Jun 14 19:30:07 freebsd slapd[5211]: connection_get(11)
Jun 14 19:30:07 freebsd slapd[5211]: connection_get(11): got connid=10
Jun 14 19:30:07 freebsd slapd[5211]: connection_read(11): checking for input on id=10
Jun 14 19:30:07 freebsd slapd[5211]: ber_get_next on fd 11 failed errno=0 (Undefined error: 0)
Jun 14 19:30:07 freebsd slapd[5211]: connection_read(11): input error=-2 id=10, closing.
Jun 14 19:30:07 freebsd slapd[5211]: connection_closing: readying conn=10 sd=11 for close
Jun 14 19:30:07 freebsd slapd[5211]: daemon: activity on 1 descriptor
Jun 14 19:30:07 freebsd slapd[5211]: daemon: waked
Jun 14 19:30:07 freebsd slapd[5211]: daemon: select: listen=6 active_threads=0 tvp=NULL
Jun 14 19:30:07 freebsd slapd[5211]: daemon: select: listen=7 active_threads=0 tvp=NULL
Jun 14 19:30:07 freebsd slapd[5211]: connection_close: conn=10 sd=11
Jun 14 19:30:07 freebsd slapd[5211]: daemon: removing 11
messages
Jun 14 19:28:54 freebsd sshd[5261]: pam_ldap: error trying to bind as user "uid=root,ou=People,dc=test,dc=cz" (Invalid credentials)
cynic_asshole avatar 14.6.2010 19:39 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Bylo by možný poslat ten debug log od stejného časového údaje, jaký je uveden u toho chybného přihlášení? Tj. Jun 14 19:28:54 nebo o pár vteřin dřív? Mám určité tušení…
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 19:47 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Příloha:
Posílám.
cynic_asshole avatar 14.6.2010 19:57 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Takže, chybka bude někde tady:

Jun 14 19:28:54 freebsd slapd[5211]: >>> dnPrettyNormal: uid=root,ou=People,dc=test,dc=cz
Jun 14 19:28:54 freebsd slapd[5211]: <<< dnPrettyNormal: uid=root,ou=People,dc=test,dc=cz, uid=root,ou=people,dc=test,dc=cz
Jun 14 19:28:54 freebsd slapd[5211]: do_bind: version=3 dn="uid=root,ou=People,dc=test,dc=cz" method=128
Jun 14 19:28:54 freebsd slapd[5211]: ==> bdb_bind: dn: uid=root,ou=People,dc=test,dc=cz
Jun 14 19:28:54 freebsd slapd[5211]: bdb_dn2entry("uid=root,ou=people,dc=test,dc=cz")
Jun 14 19:28:54 freebsd slapd[5211]: => access_allowed: auth access to "uid=root,ou=People,dc=test,dc=cz" "userPassword" requested
Jun 14 19:28:54 freebsd slapd[5211]: => slap_access_allowed: backend default auth access granted to "(anonymous)"
Jun 14 19:28:54 freebsd slapd[5211]: => access_allowed: auth access granted by read(=rscxd)
Jun 14 19:28:54 freebsd slapd[5211]: send_ldap_result: conn=8 op=3 p=3
Jun 14 19:28:54 freebsd slapd[5211]: send_ldap_result: err=49 matched="" text=""
Jun 14 19:28:54 freebsd slapd[5211]: send_ldap_response: msgid=4 tag=97 err=49

Přesněji řečeno ta chyba 49. Pohledem do dokumentace jsem zjistil, že err=49 znamená LDAP_INVALID_CREDENTIALS, nicméně je to u uživatele, skrze kterého se snažíte připojit k LDAP serveru, nikoliv kterého se snažíte autentifikovat. Mohl byste zaslat ještě konfigurák k tomu ldap PAM modulu?
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 20:00 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Mod děkuji za pomoc, já už vyzkoušel všechno co jsem mohl ale nic nepomohlo, tady je konfigurák:
cat ldap.conf 
host 127.0.0.1
suffix  "dc=test, dc=cz"

uri ldap://127.0.0.1
pam_password md5

ldap_version 3
bind_policy             soft
pam_filter              objectclass=posixAccount
pam_login_attribute     uid
pam_member_attribute    memberuid

nss_base_passwd ou=People,dc=test,dc=cz
nss_base_shadow ou=People,dc=test,dc=cz
nss_base_group  ou=Group,dc=test,dc=cz

scope one
cynic_asshole avatar 14.6.2010 20:06 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Prima. Zkuste do toho souboru dopsat řádky
binddn "cn=root,dc=test,dc=cz"
bindpw {SSHA}GPtyCSYW9X9+Qsx8FKGNehYjFjjQePdt
Pak to bude chtít asi restartovat PAM subsystém.
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 20:22 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Takže jsem přidal, výsledek po restartu je:
debug.log
Jun 14 20:18:37 freebsd slapd[5685]: matchingRuleUse: ( 2.5.13.5 NAME 'caseExactMatch' APPLIES ( supportedSASLMechanisms $ vendorName $ vendorVersion $ ref $ name $ cn $ uid $ labeledURI $ description $ olcConfigFile $ olcConfigDir $ olcAccess $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcBackend $ olcDatabase $ olcDisallows $ olcDitContentRules $ olcInclude $ olcLdapSyntaxes $ olcLimits $ olcLogFile $ olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectClasses $ olcObjectIdentifier $ olcOverlay $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPlugin $ olcPluginLogFile $ olcReferral $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDSE $ olcRootPW $ olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcServerID $ olcSizeLimit $ olcSortVals $ olcSubordinate $ olcSyncrepl $ olcTCPBuffer $ olcTimeLimit $ olcTLSCACertificateFile $ olcT
Jun 14 20:18:37 freebsd slapd[5685]: matchingRuleUse: ( 2.5.13.2 NAME 'caseIgnoreMatch' APPLIES ( supportedSASLMechanisms $ vendorName $ vendorVersion $ ref $ name $ cn $ uid $ labeledURI $ description $ olcConfigFile $ olcConfigDir $ olcAccess $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcBackend $ olcDatabase $ olcDisallows $ olcDitContentRules $ olcInclude $ olcLdapSyntaxes $ olcLimits $ olcLogFile $ olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectClasses $ olcObjectIdentifier $ olcOverlay $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPlugin $ olcPluginLogFile $ olcReferral $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDSE $ olcRootPW $ olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcServerID $ olcSizeLimit $ olcSortVals $ olcSubordinate $ olcSyncrepl $ olcTCPBuffer $ olcTimeLimit $ olcTLSCACertificateFile $ olc
Jun 14 20:20:10 freebsd slapd[5686]: send_ldap_result: err=34 matched="" text="invalid DN"
Jun 14 20:20:10 freebsd slapd[5686]: send_ldap_response: msgid=1 tag=97 err=34
Jun 14 20:20:10 freebsd slapd[5686]: ber_get_next on fd 11 failed errno=0 (Undefined error: 0)
Jun 14 20:20:10 freebsd slapd[5686]: connection_read(11): input error=-2 id=0, closing.
Jun 14 20:20:10 freebsd slapd[5686]: connection_close: deferring conn=0 sd=11
Nevím jak v freebsd restartovat pam, ostatní logy mlčí. Při pokus se přihlásit:
debug.log
Jun 14 20:20:39 freebsd slapd[5686]: send_ldap_result: err=34 matched="" text="invalid DN"
Jun 14 20:20:39 freebsd slapd[5686]: send_ldap_response: msgid=1 tag=97 err=34
Jun 14 20:20:41 freebsd slapd[5686]: send_ldap_result: err=34 matched="" text="invalid DN"
Jun 14 20:20:41 freebsd slapd[5686]: send_ldap_response: msgid=2 tag=97 err=34
Jun 14 20:20:41 freebsd slapd[5686]: ber_get_next on fd 11 failed errno=0 (Undefined error: 0)
Jun 14 20:20:41 freebsd slapd[5686]: connection_read(11): input error=-2 id=1, closing.
Jun 14 20:20:41 freebsd slapd[5686]: send_ldap_result: err=34 matched="" text="invalid DN"
Jun 14 20:20:41 freebsd slapd[5686]: send_ldap_response: msgid=1 tag=97 err=34
auth.log
Jun 14 20:20:39 freebsd sshd[5691]: pam_ldap: error trying to bind (Invalid DN syntax)
Jun 14 20:20:41 freebsd sshd[5691]: pam_ldap: error trying to bind (Invalid DN syntax)
Jun 14 20:20:41 freebsd sshd[5689]: Accepted keyboard-interactive/pam for root from 192.168.56.1 port 60097 ssh2
Jun 14 20:20:41 freebsd sshd[5692]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Invalid DN syntax
message
Jun 14 20:18:37 freebsd slapd[5685]: nss_ldap: could not search LDAP server - Server is unavailable
Jun 14 20:20:39 freebsd sshd[5691]: pam_ldap: error trying to bind (Invalid DN syntax)
Jun 14 20:20:41 freebsd sshd[5691]: pam_ldap: error trying to bind (Invalid DN syntax)
cynic_asshole avatar 14.6.2010 20:28 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Okey, tak zkuste ten binddn zapsat bez uvozovek a taky zkuste to bindpw zadat nezašifrované, tedy v plaintextu (je to to heslo, co máte jako admin do LDAP). Nejsem si právě jist, v jakém tvaru to má být zapsané.
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 20:42 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Příloha:
Bez uvozovek je to o něco lepší ale stále to nefunguje. Zkusil jsme i plaintext ale to je stejné jako když tam dám SSHA Log po restartu:
debug.log
Jun 14 20:31:29 freebsd slapd[5754]: daemon: shutdown requested and initiated.
Jun 14 20:31:29 freebsd slapd[5754]: daemon: closing 6
Jun 14 20:31:29 freebsd slapd[5754]: daemon: closing 7
Jun 14 20:31:29 freebsd slapd[5754]: slapd shutdown: waiting for 0 operations/tasks to finish
Jun 14 20:31:29 freebsd slapd[5754]: slapd shutdown: initiated
Jun 14 20:31:29 freebsd slapd[5754]: ====> bdb_cache_release_all
Jun 14 20:31:29 freebsd slapd[5754]: slapd destroy: freeing system resources.
Jun 14 20:31:29 freebsd slapd[5754]: slapd stopped.
Jun 14 20:31:29 freebsd slapd[5797]: @(#) $OpenLDAP: slapd 2.4.18 (Sep  9 2009 07:45:36) $ 	root@freebsd.org:/work/a/ports/net/openldap24-server/work/openldap-2.4.18/servers/slapd
Jun 14 20:31:29 freebsd slapd[5797]: line 18 (pidfile		/var/run/openldap/slapd.pid)
Jun 14 20:31:29 freebsd slapd[5797]: line 19 (argsfile	/var/run/openldap/slapd.args)
Jun 14 20:31:29 freebsd slapd[5797]: line 22 (modulepath	/usr/local/libexec/openldap)
Jun 14 20:31:29 freebsd slapd[5797]: line 23 (moduleload	back_bdb)
Jun 14 20:31:29 freebsd slapd[5797]: loaded module back_bdb
Jun 14 20:31:29 freebsd slapd[5797]: bdb_back_initialize: initialize BDB backend
Jun 14 20:31:29 freebsd slapd[5797]: bdb_back_initialize: Berkeley DB 4.6.21: (September 27, 2007)
Jun 14 20:31:29 freebsd slapd[5797]: module back_bdb: null module registered
Jun 14 20:31:29 freebsd slapd[5797]: line 53 (password-hash {SSHA})
Jun 14 20:31:29 freebsd slapd[5797]: line 59 (database	bdb)
Jun 14 20:31:29 freebsd slapd[5797]: bdb_db_init: Initializing BDB database
Jun 14 20:31:29 freebsd slapd[5797]: line 60 (suffix		"=test,=cz")
Jun 14 20:31:29 freebsd slapd[5797]: >>> dnPrettyNormal: <=test,=cz>
Jun 14 20:31:29 freebsd slapd[5797]: <<< dnPrettyNormal: <=test,=cz>, <=test,=cz>
Jun 14 20:31:29 freebsd slapd[5797]: line 61 (rootdn		"=root,=test,=cz")
Jun 14 20:31:29 freebsd slapd[5797]: >>> dnPrettyNormal: <=root,=test,=cz>
Jun 14 20:31:29 freebsd slapd[5797]: <<< dnPrettyNormal: <=root,=test,=cz>, <=root,=test,=cz>
Jun 14 20:31:29 freebsd slapd[5797]: line 65 (rootpw ***)
Jun 14 20:31:29 freebsd slapd[5797]: line 69 (directory	/var/db/openldap-data)
Jun 14 20:31:29 freebsd slapd[5797]: line 71 (index	objectClass	eq)
Jun 14 20:31:29 freebsd slapd[5797]: index objectClass 0x0004
Jun 14 20:31:29 freebsd slapd[5797]: >>> dnNormalize: <=Subschema>
Jun 14 20:31:29 freebsd slapd[5797]: <<< dnNormalize: <=subschema>
Jun 14 20:31:29 freebsd slapd[5797]: matching_rule_use_init
Jun 14 20:31:29 freebsd slapd[5797]:     1.2.840.113556.1.4.804 (integerBitOrMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 1.2.840.113556.1.4.804 NAME 'integerBitOrMatch' APPLIES ( supportedLDAPVersion $ entryTtl $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcWriteTimeout $ olcSpSessionlog $ olcDbCacheFree $ olcDbCacheSize $ olcDbDNcacheSize $ olcDbIDLcacheSize $ olcDbSearchStack $ olcDbShmKey $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpumber ) )
Jun 14 20:31:29 freebsd slapd[5797]:     1.2.840.113556.1.4.803 (integerBitAndMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 1.2.840.113556.1.4.803 NAME 'integerBitAndMatch' APPLIES ( supportedLDAPVersion $ entryTtl $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcWriteTimeout $ olcSpSessionlog $ olcDbCacheFree $ olcDbCacheSize $ olcDbDNcacheSize $ olcDbIDLcacheSize $ olcDbSearchStack $ olcDbShmKey $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpumber ) )
Jun 14 20:31:29 freebsd slapd[5797]:     1.3.6.1.4.1.1466.109.114.2 (caseIgnoreIA5Match): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' APPLIES ( altServer $ olcDbConfig $ c $ mail $  $ associatedDomain $ email $ aRecord $ mDRecord $ mXRecord $ nSRecord $ sOARecord $ AMERecord $ janetMailbox $ gecos $ homeDirectory $ loginShell $ memberUid $ memberNisNetgroup $ ipHostNumber $ ipNetworkNumber $ ipNetmaskNumber $ macAddress $ bootFile $ nisMapEntry ) )
Jun 14 20:31:29 freebsd slapd[5797]:     1.3.6.1.4.1.1466.109.114.1 (caseExactIA5Match): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 1.3.6.1.4.1.1466.109.114.1 NAME 'caseExactIA5Match' APPLIES ( altServer $ olcDbConfig $ c $ mail $  $ associatedDomain $ email $ aRecord $ mDRecord $ mXRecord $ nSRecord $ sOARecord $ AMERecord $ janetMailbox $ gecos $ homeDirectory $ loginShell $ memberUid $ memberNisNetgroup $ ipHostNumber $ ipNetworkNumber $ ipNetmaskNumber $ macAddress $ bootFile $ nisMapEntry ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.39 (certificateListMatch): 
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.38 (certificateListExactMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.38 NAME 'certificateListExactMatch' APPLIES ( authorityRevocationList $ certificateRevocationList $ deltaRevocationList ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.35 (certificateMatch): 
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.34 (certificateExactMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.34 NAME 'certificateExactMatch' APPLIES ( userCertificate $ cACertificate ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.30 (objectIdentifierFirstComponentMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.30 NAME 'objectIdentifierFirstComponentMatch' APPLIES ( supportedControl $ supportedExtension $ supportedFeatures $ ldapSyntaxes $ supportedApplicationContext ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.29 (integerFirstComponentMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.29 NAME 'integerFirstComponentMatch' APPLIES ( supportedLDAPVersion $ entryTtl $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcWriteTimeout $ olcSpSessionlog $ olcDbCacheFree $ olcDbCacheSize $ olcDbDNcacheSize $ olcDbIDLcacheSize $ olcDbSearchStack $ olcDbShmKey $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpumber ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.27 (generalizedTimeMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.27 NAME 'generalizedTimeMatch' APPLIES ( createTimestamp $ modifyTimestamp ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.24 (protocolInformationMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.24 NAME 'protocolInformationMatch' APPLIES protocolInformation )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.23 (uniqueMemberMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.23 NAME 'uniqueMemberMatch' APPLIES uniqueMember )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.22 (presentationAddressMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.22 NAME 'presentationAddressMatch' APPLIES presentationAddress )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.20 (telephoneNumberMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.20 NAME 'telephoneNumberMatch' APPLIES ( telephoneNumber $ homePhone $ mobile $ pager ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.17 (octetStringMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.17 NAME 'octetStringMatch' APPLIES ( userPassword $ olcDbCryptKey ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.16 (bitStringMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.16 NAME 'bitStringMatch' APPLIES x500UniqueIdentifier )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.14 (integerMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.14 NAME 'integerMatch' APPLIES ( supportedLDAPVersion $ entryTtl $ uidNumber $ gidNumber $ olcConcurrency $ olcConnMaxPending $ olcConnMaxPendingAuth $ olcIdleTimeout $ olcIndexSubstrIfMinLen $ olcIndexSubstrIfMaxLen $ olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ olcLocalSSF $ olcMaxDerefDepth $ olcReplicationInterval $ olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcThreads $ olcToolThreads $ olcWriteTimeout $ olcSpSessionlog $ olcDbCacheFree $ olcDbCacheSize $ olcDbDNcacheSize $ olcDbIDLcacheSize $ olcDbSearchStack $ olcDbShmKey $ mailPreferenceOption $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag $ ipServicePort $ ipProtocolNumber $ oncRpumber ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.13 (booleanMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.13 NAME 'booleanMatch' APPLIES ( hasSubordinates $ olcAddContentAcl $ olcGentleHUP $ olcHidden $ olcLastMod $ olcMirrorMode $ olcMonitoring $ olcReadOnly $ olcReverseLookup $ olcSpNoPresent $ olcSpReloadHint $ olcDbChecksum $ olcDbNoSync $ olcDbDirtyRead $ olcDbLinearIndex ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.11 (caseIgnoreListMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.11 NAME 'caseIgnoreListMatch' APPLIES ( postalAddress $ registeredAddress $ homePostalAddress ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.8 (numericStringMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.8 NAME 'numericStringMatch' APPLIES ( x121Address $ internationaliSDNNumber ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.7 (caseExactSubstringsMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.7 NAME 'caseExactSubstringsMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.6 (caseExactOrderingMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.6 NAME 'caseExactOrderingMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.5 (caseExactMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.5 NAME 'caseExactMatch' APPLIES ( supportedSASLMechanisms $ vendorName $ vendorVersion $ ref $ name $  $ uid $ labeledURI $ description $ olcConfigFile $ olcConfigDir $ olcAccess $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcBackend $ olcDatabase $ olcDisallows $ olcDitContentRules $ olcInclude $ olcLdapSyntaxes $ olcLimits $ olcLogFile $ olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectClasses $ olcObjectIdentifier $ olcOverlay $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPlugin $ olcPluginLogFile $ olcReferral $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDSE $ olcRootPW $ olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcServerID $ olcSizeLimit $ olcSortVals $ olcSubordinate $ olcSyncrepl $ olcTCPBuffer $ olcTimeLimit $ olcTLSCACertificateFile $ olcT
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.4 (caseIgnoreSubstringsMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.4 NAME 'caseIgnoreSubstringsMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.3 (caseIgnoreOrderingMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.3 NAME 'caseIgnoreOrderingMatch' APPLIES ( serialNumber $ destinationIndicator $ dnQualifier ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.2 (caseIgnoreMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.2 NAME 'caseIgnoreMatch' APPLIES ( supportedSASLMechanisms $ vendorName $ vendorVersion $ ref $ name $  $ uid $ labeledURI $ description $ olcConfigFile $ olcConfigDir $ olcAccess $ olcAllows $ olcArgsFile $ olcAttributeOptions $ olcAttributeTypes $ olcAuthIDRewrite $ olcAuthzPolicy $ olcAuthzRegexp $ olcBackend $ olcDatabase $ olcDisallows $ olcDitContentRules $ olcInclude $ olcLdapSyntaxes $ olcLimits $ olcLogFile $ olcLogLevel $ olcModuleLoad $ olcModulePath $ olcObjectClasses $ olcObjectIdentifier $ olcOverlay $ olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ olcPlugin $ olcPluginLogFile $ olcReferral $ olcReplica $ olcReplicaArgsFile $ olcReplicaPidFile $ olcReplogFile $ olcRequires $ olcRestrict $ olcRootDSE $ olcRootPW $ olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ olcSecurity $ olcServerID $ olcSizeLimit $ olcSortVals $ olcSubordinate $ olcSyncrepl $ olcTCPBuffer $ olcTimeLimit $ olcTLSCACertificateFile $ olc
Jun 14 20:31:29 freebsd slapd[5797]:     1.2.36.79672281.1.13.3 (rdnMatch): 
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.1 (distinguishedNameMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.1 NAME 'distinguishedNameMatch' APPLIES ( creatorsName $ modifiersName $ subschemaSubentry $ entryDN $ namingContexts $ aliasedObjectName $ dynamicSubtrees $ distinguishedName $ seeAlso $ olcDefaultSearchBase $ olcRootDN $ olcSchemaDN $ olcSuffix $ olcUpdateDN $ olcRelay $ member $ owner $ roleOccupant $ manager $ documentAuthor $ secretary $ associatedName $ dITRedirect ) )
Jun 14 20:31:29 freebsd slapd[5797]:     2.5.13.0 (objectIdentifierMatch): 
Jun 14 20:31:29 freebsd slapd[5797]: matchingRuleUse: ( 2.5.13.0 NAME 'objectIdentifierMatch' APPLIES ( supportedControl $ supportedExtension $ supportedFeatures $ supportedApplicationContext ) )
Jun 14 20:31:29 freebsd slapd[5798]: slapd startup: initiated.
Jun 14 20:31:29 freebsd slapd[5798]: backend_startup_one: starting "=config"
Jun 14 20:31:29 freebsd slapd[5798]: config_back_db_open
Jun 14 20:31:29 freebsd slapd[5798]: config_back_db_open: line 0: warning: cannot assess the validity of the ACL scope within backend naming context
Jun 14 20:31:29 freebsd slapd[5798]: config_build_entry: "=config"
Jun 14 20:31:29 freebsd slapd[5798]: config_build_entry: "=module{0}"
Jun 14 20:31:29 freebsd slapd[5798]: config_build_entry: "=schema"
Jun 14 20:31:29 freebsd slapd[5798]: config_build_entry: "={0}core"
Jun 14 20:31:29 freebsd slapd[5798]: config_build_entry: "={1}cosine"
Jun 14 20:31:29 freebsd slapd[5798]: config_build_entry: "={2}inetorgperson"
Jun 14 20:31:29 freebsd slapd[5798]: config_build_entry: "={3}nis"
Jun 14 20:31:29 freebsd slapd[5798]: config_build_entry: "olcDatabase={-1}frontend"
Jun 14 20:31:29 freebsd slapd[5798]: config_build_entry: "olcDatabase={0}config"
Jun 14 20:31:29 freebsd slapd[5798]: config_build_entry: "olcDatabase={1}bdb"
Jun 14 20:31:29 freebsd slapd[5798]: backend_startup_one: starting "=test,=cz"
Jun 14 20:31:29 freebsd slapd[5798]: bdb_db_open: "=test,=cz"
Jun 14 20:31:29 freebsd slapd[5798]: bdb_db_open: database "=test,=cz": dbenv_open(/var/db/openldap-data).
Jun 14 20:31:29 freebsd slapd[5798]: slapd starting
Jun 14 20:31:29 freebsd slapd[5798]: daemon: added 4r listener=0x0
Jun 14 20:31:29 freebsd slapd[5798]: daemon: added 6r listener=0x8019450c0
Jun 14 20:31:29 freebsd slapd[5798]: daemon: added 7r listener=0x801945180
Jun 14 20:31:29 freebsd slapd[5798]: daemon: select: listen=6 active_threads=0 tvp=NULL
Jun 14 20:31:29 freebsd slapd[5798]: daemon: select: listen=7 active_threads=0 tvp=NULL
Jun 14 20:31:29 freebsd slapd[5798]: daemon: activity on 1 descriptor
Jun 14 20:31:29 freebsd slapd[5798]: daemon: waked
Jun 14 20:31:29 freebsd slapd[5798]: daemon: select: listen=6 active_threads=0 tvp=NULL
Jun 14 20:31:29 freebsd slapd[5798]: daemon: select: listen=7 active_threads=0 tvp=NULL
Log debug je zase přílohou a je to už při pokusu o přihlášení.
auth.log
Jun 14 20:34:03 freebsd sshd[5813]: pam_ldap: error trying to bind as user "uid=root,ou=People,=test,=cz" (Invalid credentials)
Jun 14 20:34:03 freebsd sshd[5811]: Accepted keyboard-interactive/pam for root from 192.168.56.1 port 41477 ssh2
message
Jun 14 20:34:03 freebsd sshd[5813]: pam_ldap: error trying to bind as user "uid=root,ou=People,=test,=cz" (Invalid credentials)
cynic_asshole avatar 14.6.2010 20:53 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Hmm, tak už mě napadá jen jedna věc. A to že jsou špatně nastavená oprávnění. Tudíž bych zkusil zakomentovat ty dva řádky, co jsi zadal a vrátil se zpátky k slapd.conf a zkusil tam dát

access to attrs=userPassword
 	by dn="cn=root,dc=test,dc=cz" write
 	by anonymous auth
 	by self write
 	by * none

access to attrs=uidNumber,gidNumber,uid,homeDirectory
 	by dn="cn=root,dc=test,dc=cz" write
 	by self read
 	by * read

access to *
 	by dn="cn=root,dc=test,dc=cz" write
 	by self write
 	by * read

Ve zkratce. V první sekci se nastavuje, že k userPasswd bude mít R/W práva root a samotný uživatel, anonymous bude mít možnost čtení a ostatní se k němu nedostanou. Atributy uidNumber,gidNumber,uid,homeDirectory budou R/W pro roota, pro uživatele pro čtení a pro ostatní pro čtení. Ostatní atributy budou R/W přístupny pro roota, pro uživatele a pro ostatní jen pro čtení.
Neznáš nějakou linuxovou distribuci pro Windows?
cynic_asshole avatar 14.6.2010 20:55 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
A nakonec… máš povolené přihlášení roota přes SSH?
Neznáš nějakou linuxovou distribuci pro Windows?
cynic_asshole avatar 14.6.2010 20:56 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Odpovím si sám. Máš. :-)
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 21:06 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
JJ povolený mám, protože přes pam se tam přihlásím, jak vůbec zjistím přes co se tam uživatel dostal? Ty poslední kroky jsem vyzkoušel a nic, pořád stejné, už si s tím nevím rady, přece to nějak fungovat musí. Uživatele jsem vytvořil pomoci MigrationTools-47, takže tam ten uživatel root musí být. I jiní uživatelé která v systému jsou a vzal jsem je do LDAP nejedou. :(
cynic_asshole avatar 14.6.2010 21:11 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Bylo by možné zkusit u nějakého uživatele změnit LDAP heslo a pak se znovu přihlásit?
Neznáš nějakou linuxovou distribuci pro Windows?
cynic_asshole avatar 14.6.2010 21:16 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
A zkus ještě změnit loglevel na 384 a restartovat openldap a přihlásit se. A pak zase oblíbené kolečko s logy :-)
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 21:23 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Nechci být za hňupa, ale jak zmenit heslo nějakému uživateli v LDAP, když nemám nainstalované nějaké klikátko :) Jinak log jsem zvedl a je to zajimavé:
debug.log
Jun 14 21:21:33 freebsd slapd[1562]: @(#) $OpenLDAP: slapd 2.4.18 (Sep  9 2009 07:45:36) $ 	root@freebsd.org:/work/a/ports/net/openldap24-server/work/openldap-2.4.18/servers/slapd
Jun 14 21:21:33 freebsd slapd[1563]: config_back_db_open: line 0: warning: cannot assess the validity of the ACL scope within backend naming context
Jun 14 21:21:33 freebsd slapd[1563]: slapd starting
14.6.2010 21:24 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
následně se v logu ukazalo toto:
Jun 14 21:22:08 freebsd slapd[1563]: conn=0 fd=11 ACCEPT from IP=127.0.0.1:36857 (IP=127.0.0.1:389)
Jun 14 21:22:08 freebsd slapd[1563]: conn=0 op=0 BIND dn="cn=root,dc=test,dc=cz" method=128
Jun 14 21:22:08 freebsd slapd[1563]: conn=0 op=0 RESULT tag=97 err=49 text=
Jun 14 21:22:08 freebsd slapd[1563]: conn=0 op=1 UNBIND
Jun 14 21:22:08 freebsd slapd[1563]: conn=0 fd=11 closed
Jun 14 21:22:08 freebsd slapd[1563]: conn=1 op=0 BIND dn="cn=root,dc=test,dc=cz" method=128
Jun 14 21:22:08 freebsd slapd[1563]: conn=1 op=0 RESULT tag=97 err=49 text=
Jun 14 21:22:08 freebsd slapd[1563]: conn=1 fd=12 ACCEPT from IP=127.0.0.1:23152 (IP=127.0.0.1:389)
Jun 14 21:22:08 freebsd slapd[1563]: conn=1 op=1 UNBIND
Jun 14 21:22:08 freebsd slapd[1563]: conn=1 fd=12 closed
cynic_asshole avatar 14.6.2010 21:28 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Nevím, co máš přesně za konzolové nástroje, ale dalo by se to udělat kupříkladu přes Apache Directory Studio (klient pro Win). A nebo zkusit ldapmodify? Nevím, k produkčnímu serveru se teďka nedostanu, a je to dlouho, co jsem něco takového použil.

Pošli zase část logu, když se přihlašuješ. Je tam něco shnilého s ACL.
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 21:34 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
tady je další část logu po přihlášení:
debug.log
Jun 14 21:32:11 freebsd slapd[1723]: conn=0 fd=11 ACCEPT from IP=127.0.0.1:56043 (IP=127.0.0.1:389)
Jun 14 21:32:11 freebsd slapd[1723]: conn=0 op=0 BIND dn="cn=root,dc=test,dc=cz" method=128
Jun 14 21:32:11 freebsd slapd[1723]: conn=0 op=0 RESULT tag=97 err=49 text=
Jun 14 21:32:13 freebsd slapd[1723]: conn=0 op=1 BIND dn="cn=root,dc=test,dc=cz" method=128
Jun 14 21:32:13 freebsd slapd[1723]: conn=0 op=1 RESULT tag=97 err=49 text=
Jun 14 21:32:13 freebsd slapd[1723]: conn=0 fd=11 closed (connection lost)
Jun 14 21:32:13 freebsd slapd[1723]: conn=1 fd=11 ACCEPT from IP=127.0.0.1:25834 (IP=127.0.0.1:389)
Jun 14 21:32:13 freebsd slapd[1723]: conn=1 op=0 BIND dn="cn=root,dc=test,dc=cz" method=128
Jun 14 21:32:13 freebsd slapd[1723]: conn=1 op=0 RESULT tag=97 err=49 text=
Jun 14 21:32:13 freebsd slapd[1723]: conn=1 op=1 UNBIND
Jun 14 21:32:13 freebsd slapd[1723]: conn=1 fd=11 closed
Jun 14 21:32:13 freebsd slapd[1723]: conn=2 fd=11 ACCEPT from IP=127.0.0.1:40514 (IP=127.0.0.1:389)
Jun 14 21:32:13 freebsd slapd[1723]: conn=2 op=0 BIND dn="cn=root,dc=test,dc=cz" method=128
Jun 14 21:32:13 freebsd slapd[1723]: conn=2 op=0 RESULT tag=97 err=49 text=
Jun 14 21:32:13 freebsd slapd[1723]: conn=2 op=1 UNBIND
Jun 14 21:32:13 freebsd slapd[1723]: conn=2 fd=11 closed
auth.log
Jun 14 21:32:11 freebsd sshd[1726]: pam_ldap: error trying to bind (Invalid credentials)
Jun 14 21:32:13 freebsd sshd[1726]: pam_ldap: error trying to bind (Invalid credentials)
Jun 14 21:32:13 freebsd sshd[1724]: Accepted keyboard-interactive/pam for test from 192.168.56.1 port 48165 ssh2
Jun 14 21:32:13 freebsd sshd[1727]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Invalid credentials
Jun 14 21:32:13 freebsd sshd[1727]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Invalid credentials
Jun 14 21:32:13 freebsd sshd[1727]: nss_ldap: could not search LDAP server - Server is unavailable
message
Jun 14 21:32:11 freebsd sshd[1726]: pam_ldap: error trying to bind (Invalid credentials)
Jun 14 21:32:13 freebsd sshd[1726]: pam_ldap: error trying to bind (Invalid credentials)
Jun 14 21:32:13 freebsd sshd[1727]: nss_ldap: could not search LDAP server - Server is unavailable
cynic_asshole avatar 14.6.2010 21:36 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Mohl bys ještě poslat obsah souboru /usr/local/etc/nss_ldap.conf?
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 21:41 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Ten je stejný jako ldap.conf, mám ho z tohoto soubory symlinkovanej.
14.6.2010 21:46 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Příloha:
pokud zadám ldapsearch -D "cn=root,dc=testdc=cz" -W tak mi DB notmálně vyjede, přikládám ji.
14.6.2010 21:52 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Ale pokud zadám ldapsearch -x -H ldap://127.0.0.1 "cn=root,dc=test,dc=cz" -W tak dostanu:
# extended LDIF
#
# LDAPv3
# base <=test,=cz> (default) with scope subtree
# filter: =root,=test,=cz
# requesting: -W 
#

# search result
search: 2
result: 0 Success

# numResponses: 1
nevím zda je ten příkaz správně abych se připojil k LDAP na 127.0.0.1 musel jsem odstranit z výpisu DC a CN znaky tak aby mi tato konference výpis logu vzala-
cynic_asshole avatar 14.6.2010 21:53 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Hm, dobře. Pro dnešek bych to ukončil a pokračoval zítra, nevadilo by? Podívám se zítra na server, jak to tam mám.

Překvapuje mě, že jsou u všech uživatelů stejné hashe hesel. Navíc mi ten typ hashe nic neříká.
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 21:57 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
OK ukončíme to, jen se zeptám, nebyl by na tebe nějaký kontakt, třeba Jabber nebo ICQ, jsem ti moc vděčný za pomoc.
cynic_asshole avatar 14.6.2010 21:58 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Jabber honza@betik.cz
Neznáš nějakou linuxovou distribuci pro Windows?
cynic_asshole avatar 14.6.2010 21:57 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Heslo uživatele by mělo jít změnit pomocí příkazu
ldappasswd -D "cn=root,dc=test,dc=cz" -S -W "uid=UŽIVATEL,ou=SKUPINA,dc=test,dc=cz"
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 22:04 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
heslo jsem změnil pro uživatele "test" ale když se přihlásím tak zase jenom starým heslem a to tím které je v systému. Jseš online?
cynic_asshole avatar 14.6.2010 22:05 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Jj, jsem. Já to vypínám málokdy.
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 22:07 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
přidal jsem si tě ale nevidím tě online :(
cynic_asshole avatar 14.6.2010 22:09 cynic_asshole | skóre: 28
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Tak napiš, nejspíš to bude dělat antispam. A nebo můžeš svoje JID poslat e-mailem na stejnou adresu jako mám jabber.
Neznáš nějakou linuxovou distribuci pro Windows?
14.6.2010 19:41 Martin
Rozbalit Rozbalit vše Re: FreeBSD OpenLDAP nelze připojit
Příloha:
A takhle vypadá log po startu LDAP

Založit nové vláknoNahoru

Tiskni Sdílej: Linkuj Jaggni to Vybrali.sme.sk Google Del.icio.us Facebook

ISSN 1214-1267   www.czech-server.cz
© 1999-2015 Nitemedia s. r. o. Všechna práva vyhrazena.