View previous topic :: View next topic |
Author |
Message |
ruddy32 n00b
Joined: 07 May 2014 Posts: 40 Location: France
|
Posted: Sat Aug 30, 2014 12:43 pm Post subject: [openldap] nss_ldap failed to bind to LDAP (solved) |
|
|
Hi,
While booting the system, /var/log/messages shows folling error :
Code: | ...
avahi-daemon[4731]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
...
dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
...
systemd[1]: Failed to register match for Disconnected message: Connection timed out
... |
It seems that local openldap service do not start.
I do not use ldap but some packges require it.
In the current situation, it's not possible to logon into the system.
How can I fix it?
Thanks _________________ ruddy32
Last edited by ruddy32 on Tue Sep 02, 2014 8:34 am; edited 1 time in total |
|
Back to top |
|
|
hdcg Tux's lil' helper
Joined: 07 Apr 2013 Posts: 120
|
Posted: Sat Aug 30, 2014 3:29 pm Post subject: |
|
|
Hi,
openldap and nss_ldap two different packages. openldap contains server and client parts. Hence as soon a package supports ldap access, the openldap package will be installed.
nss_ldap is a different story. If you do not use user information from ldap then you should not enable nss_ldap. It should be even possible to unmerge it in this case.
To start check your /etc/nsswitch.conf file.
The log message indicates that nss_ldap is configured as name service there.
As this is not the default, someone (you?) changed this intentionally.
If ldap is really not used as a name service you can simply remove the ldap entries and the messages will be gone.
If the ldap entry is there by intention, the problem may be caused by the fact that openldap (slapd) is only started after avahi and the like. Hence the messages.
To resolve this situation you need to add some rc_use entries in /etc/conf.d and blacklist some system users in nss-ldap.conf.
Either way root login should be possible in any case. The nss_ldap issue will only prevent ldap based users from login in.
Best Regards,
Holger |
|
Back to top |
|
|
ruddy32 n00b
Joined: 07 May 2014 Posts: 40 Location: France
|
Posted: Sat Aug 30, 2014 10:01 pm Post subject: |
|
|
The system is based on systemd. I boot using SystemRescueCD and chroot the system. I cannot check ldap service status.
Normal boot do not let me connect with root account because gdm service try to create new session.
There is no nss_ldap.conf file on the system. _________________ ruddy32 |
|
Back to top |
|
|
ruddy32 n00b
Joined: 07 May 2014 Posts: 40 Location: France
|
Posted: Mon Sep 01, 2014 9:15 am Post subject: |
|
|
Running this commande line
Code: | slaptest -v -d 1 -f /etc/openldap/slapd.conf |
provide following result
Code: | 54042815 hdb_db_open: database "dc=domain,dc=com": db_open(/var/lib/openldap-data/id2entry.bdb) failed: No such file or directory (2). |
I have already check perimissions. _________________ ruddy32 |
|
Back to top |
|
|
ruddy32 n00b
Joined: 07 May 2014 Posts: 40 Location: France
|
Posted: Mon Sep 01, 2014 10:12 am Post subject: |
|
|
Running openldap by hand using following command solve slaptest error.
Code: |
/usr/lib/openldap/slapd -f /etc/openldap/slapd.conf -d 255
|
I still have error messages at boot. Systemd does not seem to launch slap.service.
May be a bad configuration? _________________ ruddy32 |
|
Back to top |
|
|
ruddy32 n00b
Joined: 07 May 2014 Posts: 40 Location: France
|
Posted: Tue Sep 02, 2014 8:33 am Post subject: |
|
|
Finally, I remove ldap from /etc/nsswitch.conf and all works fine. _________________ ruddy32 |
|
Back to top |
|
|
|