Ich beschäftige mich nun seit mehreren Wochen mit einem sehr merkwürdigem Problem. Ich habe in einer Jail einen Openldap2.3 rennen, gebacken aus den Ports.
Ich möchte nun meinen Kommilitonen einen Zugang zu diversen Diensten ermöglichen. Später soll dies vlt. erweitert werden. Die imho beste Wahl war openldap.
Leider funktioniert es nicht, wie gewünscht. (getestet mit openldap2.3.* und 2.4.* aus den ports)
Hier die /usr/local/etc/openldap/slapd.conf:
ldap.conf && nss_ldap.conf (nss_ldap.conf symlink auf ldap.conf)
/etc/pam.d/su:
und hier die /var/log/debug.log
Wenn ich jetzt su -l test (user test ist im ldap vorhanden) eingebe erhalte ich nur "su: unknown login: test".
In der Log Datei ist mir etwas aufgefallen:
ber_get_next on fd 10 failed errno=0 (Undefined error: 0)
connection_read(10): input error=-2 id=13, closing.
Ich kann aber damit nicht viel anfangen
Bitte um Hilfe!
Ich möchte nun meinen Kommilitonen einen Zugang zu diversen Diensten ermöglichen. Später soll dies vlt. erweitert werden. Die imho beste Wahl war openldap.
Leider funktioniert es nicht, wie gewünscht. (getestet mit openldap2.3.* und 2.4.* aus den ports)
Hier die /usr/local/etc/openldap/slapd.conf:
Code:
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
include /usr/local/etc/openldap/schema/nis.schema
loglevel -1
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
modulepath /usr/local/libexec/openldap
moduleload back_bdb
ssl off
security ssf=0
access to attrs=userPassword by self write
by anonymous auth
access to * by self write
by users read
by anonymous read
database bdb
suffix "dc=ldap,dc=local"
rootdn "cn=root,dc=ldap,dc=local"
rootpw secret
directory /var/db/openldap-data
index objectClass eq
index uid,memberUid,cn,sn eq,sub
ldap.conf && nss_ldap.conf (nss_ldap.conf symlink auf ldap.conf)
Code:
base dc=ldap,dc=local
uri ldap://ldap.local/
ldap_version 3
rootbinddn cn=root,dc=ldap,dc=local
pam_filter objectclass=posixAccount
pam_login_attribute uid
pam_member_attribute uniquemember
pam_min_uid 1000
pam_password ssha
nss_base_passwd ou=users,dc=ldap,dc=local?one
nss_base_shadow ou=users,dc=ldap,dc=local?one
nss_base_group ou=groups,dc=ldap,dc=local?one
timelimit 10
bind_timelimit 10
/etc/pam.d/su:
Code:
#
# $FreeBSD: src/etc/pam.d/su,v 1.16.32.1.2.1 2009/10/25 01:10:29 kensmith Exp $
#
# PAM configuration for the "su" service
#
# auth
#auth sufficient pam_rootok.so no_warn
#auth sufficient pam_self.so no_warn
#auth requisite pam_group.so no_warn group=wheel root_only fail_safe
auth sufficient /usr/local/lib/pam_ldap.so no_warn
#auth include system
# account
#account include system
#account sufficient /usr/local/lib/pam_ldap.so no_warn
account required /usr/local/lib/pam_ldap.so no_warn ignore_authinfo_unavail ignore_unknown_user
# session
#session required pam_permit.so
session sufficient /usr/local/lib/pam_ldap.so no_warn
und hier die /var/log/debug.log
Code:
Nov 29 23:40:52 ldap slapd[46624]: daemon: activity on 1 descriptor
Nov 29 23:40:52 ldap slapd[46624]: >>> slap_listener(ldap:///)
Nov 29 23:40:52 ldap slapd[46624]: daemon: listen=6, new connection on 10
Nov 29 23:40:52 ldap slapd[46624]: daemon: added 10r (active) listener=0x0
Nov 29 23:40:52 ldap slapd[46624]: conn=13 fd=10 ACCEPT from IP=192.168.1.9:47306 (IP=0.0.0.0:389)
Nov 29 23:40:52 ldap slapd[46624]: daemon: select: listen=6 active_threads=0 tvp=NULL
Nov 29 23:40:52 ldap slapd[46624]: daemon: activity on 1 descriptor
Nov 29 23:40:52 ldap slapd[46624]: daemon: activity on:
Nov 29 23:40:52 ldap slapd[46624]: 10r
Nov 29 23:40:52 ldap slapd[46624]:
Nov 29 23:40:52 ldap slapd[46624]: daemon: read activity on 10
Nov 29 23:40:52 ldap slapd[46624]: connection_get(10)
Nov 29 23:40:52 ldap slapd[46624]: connection_get(10): got connid=13
Nov 29 23:40:52 ldap slapd[46624]: connection_read(10): checking for input on id=13
Nov 29 23:40:52 ldap slapd[46624]: daemon: select: listen=6 active_threads=0 tvp=NULL
Nov 29 23:40:52 ldap slapd[46624]: do_bind
Nov 29 23:40:52 ldap slapd[46624]: >>> dnPrettyNormal: <>
Nov 29 23:40:52 ldap slapd[46624]: <<< dnPrettyNormal: <>, <>
Nov 29 23:40:52 ldap slapd[46624]: do_bind: version=3 dn="" method=128
Nov 29 23:40:52 ldap slapd[46624]: conn=13 op=0 BIND dn="" method=128
Nov 29 23:40:52 ldap slapd[46624]: send_ldap_result: conn=13 op=0 p=3
Nov 29 23:40:52 ldap slapd[46624]: send_ldap_result: err=0 matched="" text=""
Nov 29 23:40:52 ldap slapd[46624]: send_ldap_response: msgid=1 tag=97 err=0
Nov 29 23:40:52 ldap slapd[46624]: conn=13 op=0 RESULT tag=97 err=0 text=
Nov 29 23:40:52 ldap slapd[46624]: do_bind: v3 anonymous bind
Nov 29 23:40:52 ldap slapd[46624]: daemon: activity on 1 descriptor
Nov 29 23:40:52 ldap slapd[46624]: daemon: activity on:
Nov 29 23:40:52 ldap slapd[46624]: 10r
Nov 29 23:40:52 ldap slapd[46624]:
Nov 29 23:40:52 ldap slapd[46624]: daemon: read activity on 10
Nov 29 23:40:52 ldap slapd[46624]: connection_get(10)
Nov 29 23:40:52 ldap slapd[46624]: connection_get(10): got connid=13
Nov 29 23:40:52 ldap slapd[46624]: connection_read(10): checking for input on id=13
Nov 29 23:40:52 ldap slapd[46624]: do_search
Nov 29 23:40:52 ldap slapd[46624]: daemon: select: listen=6 active_threads=0 tvp=NULL
Nov 29 23:40:52 ldap slapd[46624]: >>> dnPrettyNormal: <ou=users,dc=ldap,dc=local>
Nov 29 23:40:52 ldap slapd[46624]: <<< dnPrettyNormal: <ou=users,dc=ldap,dc=local>, <ou=users,dc=ldap,dc=local>
Nov 29 23:40:52 ldap slapd[46624]: SRCH "ou=users,dc=ldap,dc=local" 1 0
Nov 29 23:40:52 ldap slapd[46624]: 1 10 0
Nov 29 23:40:52 ldap slapd[46624]: begin get_filter
Nov 29 23:40:52 ldap slapd[46624]: AND
Nov 29 23:40:52 ldap slapd[46624]: begin get_filter_list
Nov 29 23:40:52 ldap slapd[46624]: begin get_filter
Nov 29 23:40:52 ldap slapd[46624]: EQUALITY
Nov 29 23:40:52 ldap slapd[46624]: end get_filter 0
Nov 29 23:40:52 ldap slapd[46624]: begin get_filter
Nov 29 23:40:52 ldap slapd[46624]: EQUALITY
Nov 29 23:40:52 ldap slapd[46624]: end get_filter 0
Nov 29 23:40:52 ldap slapd[46624]: end get_filter_list
Nov 29 23:40:52 ldap slapd[46624]: end get_filter 0
Nov 29 23:40:52 ldap slapd[46624]: filter: (&(objectClass=posixAccount)(uid=test))
Nov 29 23:40:52 ldap slapd[46624]: attrs:
Nov 29 23:40:52 ldap slapd[46624]: host
Nov 29 23:40:52 ldap slapd[46624]: authorizedService
Nov 29 23:40:52 ldap slapd[46624]: shadowExpire
Nov 29 23:40:52 ldap slapd[46624]: shadowFlag
Nov 29 23:40:52 ldap slapd[46624]: shadowInactive
Nov 29 23:40:52 ldap slapd[46624]: shadowLastChange
Nov 29 23:40:52 ldap slapd[46624]: shadowMax
Nov 29 23:40:52 ldap slapd[46624]: shadowMin
Nov 29 23:40:52 ldap slapd[46624]: shadowWarning
Nov 29 23:40:52 ldap slapd[46624]: uidNumber
Nov 29 23:40:52 ldap slapd[46624]:
Nov 29 23:40:52 ldap slapd[46624]: conn=13 op=1 SRCH base="ou=users,dc=ldap,dc=local" scope=1 deref=0 filter="(&(objectClass=posixAccount)(uid=test))"
Nov 29 23:40:52 ldap slapd[46624]: conn=13 op=1 SRCH attr=host authorizedService shadowExpire shadowFlag shadowInactive shadowLastChange shadowMax shadowMin shadowWarning uidNumber
Nov 29 23:40:52 ldap slapd[46624]: ==> limits_get: conn=13 op=1 dn="[anonymous]"
Nov 29 23:40:52 ldap slapd[46624]: => bdb_search
Nov 29 23:40:52 ldap slapd[46624]: bdb_dn2entry("ou=users,dc=ldap,dc=local")
Nov 29 23:40:52 ldap slapd[46624]: search_candidates: base="ou=users,dc=ldap,dc=local" (0x00000003) scope=1
Nov 29 23:40:52 ldap slapd[46624]: => bdb_dn2idl("ou=users,dc=ldap,dc=local")
Nov 29 23:40:52 ldap slapd[46624]: bdb_idl_fetch_key: %ou=users,dc=ldap,dc=local
Nov 29 23:40:52 ldap slapd[46624]: <= bdb_dn2idl: id=1 first=6 last=6
Nov 29 23:40:52 ldap slapd[46624]: => bdb_filter_candidates
Nov 29 23:40:52 ldap slapd[46624]: AND
Nov 29 23:40:52 ldap slapd[46624]: => bdb_list_candidates 0xa0
Nov 29 23:40:52 ldap slapd[46624]: => bdb_filter_candidates
Nov 29 23:40:52 ldap slapd[46624]: OR
Nov 29 23:40:52 ldap slapd[46624]: => bdb_list_candidates 0xa1
Nov 29 23:40:52 ldap slapd[46624]: => bdb_filter_candidates
Nov 29 23:40:52 ldap slapd[46624]: EQUALITY
Nov 29 23:40:52 ldap slapd[46624]: => bdb_equality_candidates (objectClass)
Nov 29 23:40:52 ldap slapd[46624]: => key_read
Nov 29 23:40:52 ldap slapd[46624]: bdb_idl_fetch_key: [b49d1940]
Nov 29 23:40:52 ldap slapd[46624]: <= bdb_index_read: failed (-30989)
Nov 29 23:40:52 ldap slapd[46624]: <= bdb_equality_candidates: id=0, first=0, last=0
Nov 29 23:40:52 ldap slapd[46624]: <= bdb_filter_candidates: id=0 first=0 last=0
Nov 29 23:40:52 ldap slapd[46624]: => bdb_filter_candidates
Nov 29 23:40:52 ldap slapd[46624]: AND
Nov 29 23:40:52 ldap slapd[46624]: => bdb_list_candidates 0xa0
Nov 29 23:40:52 ldap slapd[46624]: => bdb_filter_candidates
Nov 29 23:40:52 ldap slapd[46624]: EQUALITY
Nov 29 23:40:52 ldap slapd[46624]: => bdb_equality_candidates (objectClass)
Nov 29 23:40:52 ldap slapd[46624]: => key_read
Nov 29 23:40:52 ldap slapd[46624]: bdb_idl_fetch_key: [5941c014]
Nov 29 23:40:52 ldap slapd[46624]: <= bdb_index_read 1 candidates
Nov 29 23:40:52 ldap slapd[46624]: <= bdb_equality_candidates: id=1, first=6, last=6
Nov 29 23:40:52 ldap slapd[46624]: <= bdb_filter_candidates: id=1 first=6 last=6
Nov 29 23:40:52 ldap slapd[46624]: => bdb_filter_candidates
Nov 29 23:40:52 ldap slapd[46624]: EQUALITY
Nov 29 23:40:52 ldap slapd[46624]: => bdb_equality_candidates (uid)
Nov 29 23:40:52 ldap slapd[46624]: => key_read
Nov 29 23:40:52 ldap slapd[46624]: bdb_idl_fetch_key: [3d87580c]
Nov 29 23:40:52 ldap slapd[46624]: <= bdb_index_read 1 candidates
Nov 29 23:40:52 ldap slapd[46624]: <= bdb_equality_candidates: id=1, first=6, last=6
Nov 29 23:40:52 ldap slapd[46624]: <= bdb_filter_candidates: id=1 first=6 last=6
Nov 29 23:40:52 ldap slapd[46624]: <= bdb_list_candidates: id=1 first=6 last=6
Nov 29 23:40:52 ldap slapd[46624]: <= bdb_filter_candidates: id=1 first=6 last=6
Nov 29 23:40:52 ldap slapd[46624]: <= bdb_list_candidates: id=1 first=6 last=6
Nov 29 23:40:52 ldap slapd[46624]: <= bdb_filter_candidates: id=1 first=6 last=6
Nov 29 23:40:52 ldap slapd[46624]: <= bdb_list_candidates: id=1 first=6 last=6
Nov 29 23:40:52 ldap slapd[46624]: <= bdb_filter_candidates: id=1 first=6 last=6
Nov 29 23:40:52 ldap slapd[46624]: bdb_search_candidates: id=1 first=6 last=6
Nov 29 23:40:52 ldap slapd[46624]: => test_filter
Nov 29 23:40:52 ldap slapd[46624]: AND
Nov 29 23:40:52 ldap slapd[46624]: => test_filter_and
Nov 29 23:40:52 ldap slapd[46624]: => test_filter
Nov 29 23:40:52 ldap slapd[46624]: EQUALITY
Nov 29 23:40:52 ldap slapd[46624]: => access_allowed: search access to "uid=test,ou=users,dc=ldap,dc=local" "objectClass" requested
Nov 29 23:40:52 ldap slapd[46624]: => acl_get: [2] attr objectClass
Nov 29 23:40:52 ldap slapd[46624]: => acl_mask: access to entry "uid=test,ou=users,dc=ldap,dc=local", attr "objectClass" requested
Nov 29 23:40:52 ldap slapd[46624]: => acl_mask: to value by "", (=0)
Nov 29 23:40:52 ldap slapd[46624]: <= check a_dn_pat: self
Nov 29 23:40:52 ldap slapd[46624]: <= check a_dn_pat: users
Nov 29 23:40:52 ldap slapd[46624]: <= check a_dn_pat: anonymous
Nov 29 23:40:52 ldap slapd[46624]: <= acl_mask: [3] applying read(=rscxd) (stop)
Nov 29 23:40:52 ldap slapd[46624]: <= acl_mask: [3] mask: read(=rscxd)
Nov 29 23:40:52 ldap slapd[46624]: => access_allowed: search access granted by read(=rscxd)
Nov 29 23:40:52 ldap slapd[46624]: <= test_filter 6
Nov 29 23:40:52 ldap slapd[46624]: => test_filter
Nov 29 23:40:52 ldap slapd[46624]: EQUALITY
Nov 29 23:40:52 ldap slapd[46624]: => access_allowed: search access to "uid=test,ou=users,dc=ldap,dc=local" "uid" requested
Nov 29 23:40:52 ldap slapd[46624]: => acl_get: [2] attr uid
Nov 29 23:40:52 ldap slapd[46624]: => acl_mask: access to entry "uid=test,ou=users,dc=ldap,dc=local", attr "uid" requested
Nov 29 23:40:52 ldap slapd[46624]: => acl_mask: to value by "", (=0)
Nov 29 23:40:52 ldap slapd[46624]: <= check a_dn_pat: self
Nov 29 23:40:52 ldap slapd[46624]: <= check a_dn_pat: users
Nov 29 23:40:52 ldap slapd[46624]: <= check a_dn_pat: anonymous
Nov 29 23:40:52 ldap slapd[46624]: <= acl_mask: [3] applying read(=rscxd) (stop)
Nov 29 23:40:52 ldap slapd[46624]: <= acl_mask: [3] mask: read(=rscxd)
Nov 29 23:40:52 ldap slapd[46624]: => access_allowed: search access granted by read(=rscxd)
Nov 29 23:40:52 ldap slapd[46624]: <= test_filter 6
Nov 29 23:40:52 ldap slapd[46624]: <= test_filter_and 6
Nov 29 23:40:52 ldap slapd[46624]: <= test_filter 6
Nov 29 23:40:52 ldap slapd[46624]: => send_search_entry: conn 13 dn="uid=test,ou=users,dc=ldap,dc=local"
Nov 29 23:40:52 ldap slapd[46624]: => access_allowed: read access to "uid=test,ou=users,dc=ldap,dc=local" "entry" requested
Nov 29 23:40:52 ldap slapd[46624]: => acl_get: [2] attr entry
Nov 29 23:40:52 ldap slapd[46624]: => acl_mask: access to entry "uid=test,ou=users,dc=ldap,dc=local", attr "entry" requested
Nov 29 23:40:52 ldap slapd[46624]: => acl_mask: to all values by "", (=0)
Nov 29 23:40:52 ldap slapd[46624]: <= check a_dn_pat: self
Nov 29 23:40:52 ldap slapd[46624]: <= check a_dn_pat: users
Nov 29 23:40:52 ldap slapd[46624]: <= check a_dn_pat: anonymous
Nov 29 23:40:52 ldap slapd[46624]: <= acl_mask: [3] applying read(=rscxd) (stop)
Nov 29 23:40:52 ldap slapd[46624]: <= acl_mask: [3] mask: read(=rscxd)
Nov 29 23:40:52 ldap slapd[46624]: => access_allowed: read access granted by read(=rscxd)
Nov 29 23:40:52 ldap slapd[46624]: => access_allowed: read access to "uid=test,ou=users,dc=ldap,dc=local" "uidNumber" requested
Nov 29 23:40:52 ldap slapd[46624]: => acl_get: [2] attr uidNumber
Nov 29 23:40:52 ldap slapd[46624]: access_allowed: no res from state (uidNumber)
Nov 29 23:40:52 ldap slapd[46624]: => acl_mask: access to entry "uid=test,ou=users,dc=ldap,dc=local", attr "uidNumber" requested
Nov 29 23:40:52 ldap slapd[46624]: => acl_mask: to value by "", (=0)
Nov 29 23:40:52 ldap slapd[46624]: <= check a_dn_pat: self
Nov 29 23:40:52 ldap slapd[46624]: <= check a_dn_pat: users
Nov 29 23:40:52 ldap slapd[46624]: <= check a_dn_pat: anonymous
Nov 29 23:40:52 ldap slapd[46624]: <= acl_mask: [3] applying read(=rscxd) (stop)
Nov 29 23:40:52 ldap slapd[46624]: <= acl_mask: [3] mask: read(=rscxd)
Nov 29 23:40:52 ldap slapd[46624]: => access_allowed: read access granted by read(=rscxd)
Nov 29 23:40:52 ldap slapd[46624]: conn=13 op=1 ENTRY dn="uid=test,ou=users,dc=ldap,dc=local"
Nov 29 23:40:52 ldap slapd[46624]: <= send_search_entry: conn 13 exit.
Nov 29 23:40:52 ldap slapd[46624]: send_ldap_result: conn=13 op=1 p=3
Nov 29 23:40:52 ldap slapd[46624]: send_ldap_result: err=0 matched="" text=""
Nov 29 23:40:52 ldap slapd[46624]: send_ldap_response: msgid=2 tag=101 err=0
Nov 29 23:40:52 ldap slapd[46624]: conn=13 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
Nov 29 23:40:52 ldap slapd[46624]: daemon: activity on 1 descriptor
Nov 29 23:40:52 ldap slapd[46624]: daemon: activity on:
Nov 29 23:40:52 ldap slapd[46624]: 10r
Nov 29 23:40:52 ldap slapd[46624]:
Nov 29 23:40:52 ldap slapd[46624]: daemon: read activity on 10
Nov 29 23:40:52 ldap slapd[46624]: connection_get(10)
Nov 29 23:40:52 ldap slapd[46624]: connection_get(10): got connid=13
Nov 29 23:40:52 ldap slapd[46624]: connection_read(10): checking for input on id=13
Nov 29 23:40:52 ldap slapd[46624]: do_bind
Nov 29 23:40:52 ldap slapd[46624]: daemon: select: listen=6 active_threads=0 tvp=NULL
Nov 29 23:40:52 ldap slapd[46624]: >>> dnPrettyNormal: <uid=test,ou=users,dc=ldap,dc=local>
Nov 29 23:40:52 ldap slapd[46624]: <<< dnPrettyNormal: <uid=test,ou=users,dc=ldap,dc=local>, <uid=test,ou=users,dc=ldap,dc=local>
Nov 29 23:40:52 ldap slapd[46624]: do_bind: version=3 dn="uid=test,ou=users,dc=ldap,dc=local" method=128
Nov 29 23:40:52 ldap slapd[46624]: conn=13 op=2 BIND dn="uid=test,ou=users,dc=ldap,dc=local" method=128
Nov 29 23:40:52 ldap slapd[46624]: ==> bdb_bind: dn: uid=test,ou=users,dc=ldap,dc=local
Nov 29 23:40:52 ldap slapd[46624]: bdb_dn2entry("uid=test,ou=users,dc=ldap,dc=local")
Nov 29 23:40:52 ldap slapd[46624]: => access_allowed: auth access to "uid=test,ou=users,dc=ldap,dc=local" "userPassword" requested
Nov 29 23:40:52 ldap slapd[46624]: => acl_get: [1] attr userPassword
Nov 29 23:40:52 ldap slapd[46624]: access_allowed: no res from state (userPassword)
Nov 29 23:40:52 ldap slapd[46624]: => acl_mask: access to entry "uid=test,ou=users,dc=ldap,dc=local", attr "userPassword" requested
Nov 29 23:40:52 ldap slapd[46624]: => acl_mask: to value by "", (=0)
Nov 29 23:40:52 ldap slapd[46624]: <= check a_dn_pat: self
Nov 29 23:40:52 ldap slapd[46624]: <= check a_dn_pat: anonymous
Nov 29 23:40:52 ldap slapd[46624]: <= acl_mask: [2] applying auth(=xd) (stop)
Nov 29 23:40:52 ldap slapd[46624]: <= acl_mask: [2] mask: auth(=xd)
Nov 29 23:40:52 ldap slapd[46624]: => access_allowed: auth access granted by auth(=xd)
Nov 29 23:40:52 ldap slapd[46624]: conn=13 op=2 BIND dn="uid=test,ou=users,dc=ldap,dc=local" mech=SIMPLE ssf=0
Nov 29 23:40:52 ldap slapd[46624]: do_bind: v3 bind: "uid=test,ou=users,dc=ldap,dc=local" to "uid=test,ou=users,dc=ldap,dc=local"
Nov 29 23:40:52 ldap slapd[46624]: send_ldap_result: conn=13 op=2 p=3
Nov 29 23:40:52 ldap slapd[46624]: send_ldap_result: err=0 matched="" text=""
Nov 29 23:40:52 ldap slapd[46624]: send_ldap_response: msgid=3 tag=97 err=0
Nov 29 23:40:52 ldap slapd[46624]: conn=13 op=2 RESULT tag=97 err=0 text=
Nov 29 23:40:52 ldap slapd[46624]: daemon: activity on 1 descriptor
Nov 29 23:40:52 ldap slapd[46624]: daemon: activity on:
Nov 29 23:40:52 ldap slapd[46624]: 10r
Nov 29 23:40:52 ldap slapd[46624]:
Nov 29 23:40:52 ldap slapd[46624]: daemon: read activity on 10
Nov 29 23:40:52 ldap slapd[46624]: connection_get(10)
Nov 29 23:40:52 ldap slapd[46624]: connection_get(10): got connid=13
Nov 29 23:40:52 ldap slapd[46624]: connection_read(10): checking for input on id=13
Nov 29 23:40:52 ldap slapd[46624]: do_bind
Nov 29 23:40:52 ldap slapd[46624]: conn=13 op=3 BIND anonymous mech=implicit ssf=0
Nov 29 23:40:52 ldap slapd[46624]: daemon: select: listen=6 active_threads=0 tvp=NULL
Nov 29 23:40:52 ldap slapd[46624]: >>> dnPrettyNormal: <>
Nov 29 23:40:52 ldap slapd[46624]: <<< dnPrettyNormal: <>, <>
Nov 29 23:40:52 ldap slapd[46624]: do_bind: version=3 dn="" method=128
Nov 29 23:40:52 ldap slapd[46624]: conn=13 op=3 BIND dn="" method=128
Nov 29 23:40:52 ldap slapd[46624]: send_ldap_result: conn=13 op=3 p=3
Nov 29 23:40:52 ldap slapd[46624]: send_ldap_result: err=0 matched="" text=""
Nov 29 23:40:52 ldap slapd[46624]: send_ldap_response: msgid=4 tag=97 err=0
Nov 29 23:40:52 ldap slapd[46624]: conn=13 op=3 RESULT tag=97 err=0 text=
Nov 29 23:40:52 ldap slapd[46624]: do_bind: v3 anonymous bind
Nov 29 23:40:52 ldap slapd[46624]: daemon: activity on 1 descriptor
Nov 29 23:40:52 ldap slapd[46624]: daemon: activity on:
Nov 29 23:40:52 ldap slapd[46624]: 10r
Nov 29 23:40:52 ldap slapd[46624]:
Nov 29 23:40:52 ldap slapd[46624]: daemon: read activity on 10
Nov 29 23:40:52 ldap slapd[46624]: connection_get(10)
Nov 29 23:40:52 ldap slapd[46624]: connection_get(10): got connid=13
Nov 29 23:40:52 ldap slapd[46624]: connection_read(10): checking for input on id=13
[COLOR="Red"][B]Nov 29 23:40:52 ldap slapd[46624]: ber_get_next on fd 10 failed errno=0 (Undefined error: 0)
Nov 29 23:40:52 ldap slapd[46624]: connection_read(10): input error=-2 id=13, closing.[/B][/COLOR]
Nov 29 23:40:52 ldap slapd[46624]: connection_closing: readying conn=13 sd=10 for close
Nov 29 23:40:52 ldap slapd[46624]: connection_close: conn=13 sd=-1
Nov 29 23:40:52 ldap slapd[46624]: daemon: removing 10
Nov 29 23:40:52 ldap slapd[46624]: conn=13 fd=10 closed (connection lost)
Nov 29 23:40:52 ldap slapd[46624]: daemon: select: listen=6 active_threads=0 tvp=NULL
Nov 29 23:40:52 ldap slapd[46624]: daemon: activity on 1 descriptor
Nov 29 23:40:52 ldap slapd[46624]: daemon: waked
Nov 29 23:40:52 ldap slapd[46624]: daemon: select: listen=6 active_threads=0 tvp=NULL
Wenn ich jetzt su -l test (user test ist im ldap vorhanden) eingebe erhalte ich nur "su: unknown login: test".
In der Log Datei ist mir etwas aufgefallen:
ber_get_next on fd 10 failed errno=0 (Undefined error: 0)
connection_read(10): input error=-2 id=13, closing.
Ich kann aber damit nicht viel anfangen

Bitte um Hilfe!
