From: bijayant kumar <bijayant4u@yahoo.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] openldap: taking too much of time to authenticate
Date: Mon, 28 Aug 2006 11:47:18 +0100 (BST) [thread overview]
Message-ID: <20060828104718.67124.qmail@web32702.mail.mud.yahoo.com> (raw)
In-Reply-To: <44F2B96D.90608@tu-braunschweig.de>
[-- Attachment #1: Type: text/plain, Size: 3126 bytes --]
Marc,
I tried it also, but no luck this time also. Also i want to show you my /var/log/syslog also, which may be useful to rectify my problem :-
Aug 28 16:18:01 bijayant slapd[8302]: conn=145 fd=16 ACCEPT from IP=127.0.0.1:49850 (IP=0.0.0.0:389)
Aug 28 16:18:01 bijayant slapd[8302]: conn=145 op=0 BIND dn="cn=Manager,dc=kavach,dc=blr" method=128
Aug 28 16:18:01 bijayant slapd[8302]: conn=145 op=0 RESULT tag=97 err=49 text=
Aug 28 16:18:01 bijayant slapd[8302]: conn=146 fd=17 ACCEPT from IP=127.0.0.1:49851 (IP=0.0.0.0:389)
Aug 28 16:18:01 bijayant slapd[8302]: conn=145 op=1 UNBIND
Aug 28 16:18:01 bijayant slapd[8302]: conn=145 fd=16 closed
Aug 28 16:18:01 bijayant slapd[8302]: conn=146 op=0 BIND dn="cn=Manager,dc=kavach,dc=blr" method=128
Aug 28 16:18:01 bijayant slapd[8302]: conn=146 op=0 RESULT tag=97 err=49 text=
Aug 28 16:18:01 bijayant slapd[8302]: conn=147 fd=16 ACCEPT from IP=127.0.0.1:49852 (IP=0.0.0.0:389)
Aug 28 16:18:01 bijayant slapd[8302]: conn=146 op=1 UNBIND
Aug 28 16:18:01 bijayant slapd[8302]: conn=146 fd=17 closed
Aug 28 16:18:01 bijayant slapd[8302]: conn=147 op=0 BIND dn="cn=Manager,dc=kavach,dc=blr" method=128
Aug 28 16:18:01 bijayant slapd[8302]: conn=147 op=0 RESULT tag=97 err=49 text=
Aug 28 16:18:01 bijayant slapd[8302]: conn=147 op=1 UNBIND
Aug 28 16:18:01 bijayant slapd[8302]: conn=147 fd=16 closed
Aug 28 16:18:05 bijayant slapd[8302]: conn=148 fd=16 ACCEPT from IP=127.0.0.1:49853 (IP=0.0.0.0:389)
Aug 28 16:18:05 bijayant slapd[8302]: conn=148 op=0 BIND dn="cn=Manager,dc=kavach,dc=blr" method=128
Aug 28 16:18:05 bijayant slapd[8302]: conn=148 op=0 RESULT tag=97 err=49 text=
Aug 28 16:18:05 bijayant slapd[8302]: conn=149 fd=17 ACCEPT from IP=127.0.0.1:49854 (IP=0.0.0.0:389)
Aug 28 16:18:05 bijayant slapd[8302]: conn=148 op=1 UNBIND
Aug 28 16:18:05 bijayant slapd[8302]: conn=148 fd=16 closed
Marc Blumentritt <M.Blumentritt@tu-braunschweig.de> wrote:15-20 seconds is to long. I only authentificate ldap-users via
Samba-login with windows machines, and this works fast without any delay.
For the authentification issue: if your user is in the local user data
base, it is authentificated against it (depending on your nsswitch and
pam settings), if he is in ldap, he is authentificated against ldap. You
should't have users in both, local and ldap.
I looked again at your access rules in slapd.conf: try out these rules:
-----
access to attrs=userPassword,gecos,description,loginShell
by dn="uid=root,ou=people,dc=kavach,dc=blr" write
by anonymous auth
by self write
by * none
access to *
by dn="uid=root,ou=people,dc=kavach,dc=blr" write
by users read
-----
The first rule allows root to and self to change the attributes
"userPassword,gecos,description,loginShell", anonymous to authentificate
(=login!) and * nothing.
The second rule allows root to change all other attributes and
authentificated users to read all other attributes.
Regards,
Marc
--
gentoo-user@gentoo.org mailing list
Send instant messages to your online friends http://uk.messenger.yahoo.com
Send instant messages to your online friends http://uk.messenger.yahoo.com
[-- Attachment #2: Type: text/html, Size: 3543 bytes --]
next prev parent reply other threads:[~2006-08-28 10:52 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <6OKm9-6IA-35@gated-at.bofh.it>
[not found] ` <6OKYL-874-15@gated-at.bofh.it>
2006-08-28 9:37 ` [gentoo-user] openldap: taking too much of time to authenticate Marc Blumentritt
2006-08-28 10:47 ` bijayant kumar [this message]
[not found] <6OLLb-1fV-9@gated-at.bofh.it>
[not found] ` <6OMQW-3gQ-31@gated-at.bofh.it>
2006-08-28 13:14 ` Marc Blumentritt
[not found] <6O59c-3tf-19@gated-at.bofh.it>
2006-08-28 7:50 ` Marc Blumentritt
2006-08-28 8:39 ` bijayant kumar
2006-08-26 12:06 bijayant kumar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20060828104718.67124.qmail@web32702.mail.mud.yahoo.com \
--to=bijayant4u@yahoo.com \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox