Difference between revisions of "HowTos/Using OpenLDAP for password management"
From Scalix Wiki
(→Password management with OpenLDAP) |
|||
| Line 33: | Line 33: | ||
pdxsrv01:/var/opt/scalix/sys/pam.d # | pdxsrv01:/var/opt/scalix/sys/pam.d # | ||
</pre> | </pre> | ||
| + | |||
| + | |||
| + | == Common issues with SSL == | ||
| + | |||
| + | If your LDAP server is not SSL enabled, you will see entries similar to this one in the log: | ||
| + | |||
| + | <pre> | ||
| + | Oct 2 11:00:21 pdxsrv slapd[23666]: conn=55 fd=11 ACCEPT from IP=10.0.0.7:45643 (IP=0.0.0.0:389) | ||
| + | Oct 2 11:00:21 pdxsrv slapd[23666]: conn=55 fd=11 closed | ||
| + | </pre> | ||
| + | |||
| + | No LDAP communication is happening here. A "good" log looks like this: | ||
| + | |||
| + | <pre> | ||
| + | Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 fd=11 ACCEPT from IP=10.0.0.7:40201 (IP=0.0.0.0:389) | ||
| + | Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=0 BIND dn="cn=Manager,dc=scalix,dc=com" method=128 | ||
| + | Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=0 BIND dn="cn=Manager,dc=scalix,dc=com" mech=SIMPLE ssf=0 | ||
| + | Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=0 RESULT tag=97 err=0 text= | ||
| + | Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=1 SRCH base="dc=scalix,dc=com" scope=2 deref=0 filter="(uid=hkohl)" | ||
| + | Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= | ||
| + | Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=2 BIND anonymous mech=implicit ssf=0 | ||
| + | Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=2 BIND dn="uid=hkohl,ou=people,dc=scalix,dc=com" method=128 | ||
| + | Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=2 BIND dn="uid=hkohl,ou=people,dc=scalix,dc=com" mech=SIMPLE ssf=0 | ||
| + | Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=2 RESULT tag=97 err=0 text= | ||
| + | Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=3 BIND anonymous mech=implicit ssf=0 | ||
| + | Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=3 BIND dn="cn=Manager,dc=scalix,dc=com" method=128 | ||
| + | Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=3 BIND dn="cn=Manager,dc=scalix,dc=com" mech=SIMPLE ssf=0 | ||
| + | Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=3 RESULT tag=97 err=0 text= | ||
| + | Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=4 UNBIND | ||
| + | Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 fd=11 closed | ||
| + | </pre> | ||
| + | == Headline text == | ||
Revision as of 19:18, 2 October 2006
Contents
Headline text
OpenLDAP integration w
Password management with OpenLDAP
OpenLDAP installation
At the end of the How-To, this is what you want to see:
pdxsrv01:/var/opt/scalix/sys/pam.d # sxpamauth -vvv kohl
pam_start_om("pamcheck", "kohl")
pam_authenticate()
Password:
pam_acct_mgmt()
Authenticated
pdxsrv01:/var/opt/scalix/sys/pam.d # sxpampasswd -vvv kohl
pam_start_om("pamcheck", "kohl")
pam_chauthtok()
AUTHTOK not set
OLDAUTHTOK not set
Enter login(LDAP) password:
AUTHTOK not set
OLDAUTHTOK set
New password:
AUTHTOK not set
OLDAUTHTOK set
Re-enter new password:
AUTHTOK not set
OLDAUTHTOK set
LDAP password information changed for hkohl
Password changed
pdxsrv01:/var/opt/scalix/sys/pam.d #
Common issues with SSL
If your LDAP server is not SSL enabled, you will see entries similar to this one in the log:
Oct 2 11:00:21 pdxsrv slapd[23666]: conn=55 fd=11 ACCEPT from IP=10.0.0.7:45643 (IP=0.0.0.0:389) Oct 2 11:00:21 pdxsrv slapd[23666]: conn=55 fd=11 closed
No LDAP communication is happening here. A "good" log looks like this:
Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 fd=11 ACCEPT from IP=10.0.0.7:40201 (IP=0.0.0.0:389) Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=0 BIND dn="cn=Manager,dc=scalix,dc=com" method=128 Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=0 BIND dn="cn=Manager,dc=scalix,dc=com" mech=SIMPLE ssf=0 Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=0 RESULT tag=97 err=0 text= Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=1 SRCH base="dc=scalix,dc=com" scope=2 deref=0 filter="(uid=hkohl)" Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=2 BIND anonymous mech=implicit ssf=0 Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=2 BIND dn="uid=hkohl,ou=people,dc=scalix,dc=com" method=128 Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=2 BIND dn="uid=hkohl,ou=people,dc=scalix,dc=com" mech=SIMPLE ssf=0 Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=2 RESULT tag=97 err=0 text= Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=3 BIND anonymous mech=implicit ssf=0 Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=3 BIND dn="cn=Manager,dc=scalix,dc=com" method=128 Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=3 BIND dn="cn=Manager,dc=scalix,dc=com" mech=SIMPLE ssf=0 Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=3 RESULT tag=97 err=0 text= Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 op=4 UNBIND Oct 2 11:04:09 pdxsrv slapd[23666]: conn=59 fd=11 closed
