OpenLDAP and Fedora 17

[Mike1974]

Has anybody managed to get ldap auth working properly on Fedora 17.

After several hours I have OpenLDAP server working, I can't seem to get the OS to use it to auth though, I have always managed this on previous versions of Fedora but 17 has me stumped.

Also, I have tried every which way to create a working TLS cert but have given up and deleted the lot so could do with a known/working method for this.

Please could someone point me in the right direction, all the guides posted that I have found so far are not relevanent to Fedora 17 and the one I did find which looked good broke it so badly it would no longer boot. I have no wish to remove pam-nss-ldapd and replace it with pam_ldap again!

If someone has a link to a good step-by-step I would really appreciate it, every one I have tried so far makes wrong assumptions or is just plain broken!

Many thanks for reading, I hope someone can help.

[smr54]

Do you mean as a client? As a client, it's working for me following the steps in my own tutorial, at http://home.roadrunner.com/~computertaijutsu/ldap.html. I set it up with system-config-auth-tui as described there.

[Mike1974]

Thank you for the pointer. I have had another go and read through the relevent bits of your linked page.

Interestingly, having created a folder and chowned it to an ldap user and group it lists the correct details for the ldap user.

To test I am attempting to log in using ssh and using the credentials for my testuser, I get 'Permission denied, please try again.'

ldap server reported Jun 24 22:07:46 [server name removed] slapd[4405]: conn=1000 fd=12 closed (TLS negotiation failure)

Any clues?

Correction, it seems to work intermittantly, I created a further user and the same test with chowning a directory failed.

[smr54]

About the only other hint I can offer is the very old linuxhomenetworking article that I link to on that page.

Unfortunately, it frequently changes and the documentation is usually difficult, at least for me, to find. agneto

[Mike1974]

Thank you very much for your assistance, I am really going mad trying to get this working!

I used the linuxhomenetworking stuff to get a system working using FC14, it works well, FC17 is a different ballgame though, completely different.

I am eager to get my new FC17 server to provide home directories for my FC17 PC, I am failing miserably. I normally muddle through and get there in the end, not this time though!

[smr54]

On the server side, I have no idea, I'm sorry. I do, in my more cynical moments, think that all people involved in coding and documenting LDAP are paid by MS to encourage people to use AD. (Obviously frustration on my part, not to be taken seriously.)

At one point, a few years ago, I had to implement LDAP for several things, and it literally took weeks, solely because documentation was so hard to find--that was when I made that page, with the hope of saving others.