[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: using ldap as heimdal backend
On Tue, 2004-04-06 at 09:25, GĂ©mes GĂ©za wrote:
> With proper access control lists defined in ldap configuration the risk
> is minimal. The LDAP connection is realized over a UNIX domain socket,
> so Heimdal and LDAP server must run on the same host.
> Recomended reading:
> http://www.padl.com/Research/Heimdal.html
>
This is the document I am trying to use and having problems. Any
attempts to connect result in "Can't contact LDAP server". Thought I
would check here that what I have setup is correct:
esmtp# ps -ax|grep ldap
14242 ?? Ss 3:44.68 /usr/local/libexec/slapd -h
ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://0.0.0.0:389/
ldaps://0.0.0.0:636/ -u ldap
esmtp# ldapsearch -H 'ldapi://localhost/' -x
ldap_bind: Can't contact LDAP server (81)
Can I test connectivity this way? I get the same error when trying to
init a realm in Heimdal. A simple 'ldapsearch -x' works fine. Am I doing
this right? I have this in slapd.conf and have tried other combination
suggested here or on the OpenLDAP list, like ':
access to *
by sockurl="^ldapi:///$" write
by dn="cn=Robert Fitzpatrick,ou=People,dc=webtent,dc=net" write
by self write
by * read
--
Robert