User authentication using LDAP

hi · n00b Joined: 21 Jan 2004 Posts: 3 Location: Oslo, Norway

Hi there,

I'm trying to setup LDAP as a NIS replacement. The first step is to make it work on the server itself and I am experiencing some strange behaviour/errors.

I'm following the Gentoo LDAP HOWTO exactly, but I was forced to apply the sed script in https://bugs.gentoo.org/show_bug.cgi?id=46387 to add /etc/passwd into the ldap database.

Now (I think) it works, but not as it should.

hugin root # getent passwd | grep 0:0
root:x:0:0:root:/root:/bin/bash
root:x:0:0:root:/root:/bin/bash

hugin root # ldapsearch "(uid=hi)" cn
# extended LDIF
#
# LDAPv3
# base <> with scope sub
# filter: (uid=hi)
# requesting: cn
#

# hi, People, hartmann.no
dn: uid=hi,ou=People,dc=hartmann,dc=no
cn: hi

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

But both of these comands take more than 5 seconds to generate output. Or more precisely the first output line in the getent command comes immediately, the second takes seconds.

I have emerged directory administrator but it fails when trying to contact the server, "Can't contact LDAP server" dialog box. Not easy to find out what goes wrong. I have tried many different config options without any success.

I have emerged diradm and after some work on the conf file I made it work. I was able to add a user and delete him afterwards. But in both cases it seems that there is some timer that has to expire before execution.

Can anyone tell me how I should test my LDAP setup to really see if it works OK ?
_________________
Harald

indros · Tux's lil' helper Joined: 27 Sep 2002 Posts: 139

This is just a guess, but it sounds like it's taking a while to resolve hostnames. Are you using hostnames in your ldap.conf? If so try changing the uri so that it points to an IP.
_________________
Visit TheZees!