Hi,
I'm kind of a new'ish user and I apologize if this is a silly and/or obvious solution. I have purchased this Synology NAS box that provides an OpenLDAP server for authentication. I have several iMac machines that i have joined to it no problem. I am able to telnet to LDAP ports from my Linux box, ping, and in all other ways to communicate. My issue seems to be there are a lot of conflicting and older instructions online to join Debian to LDAP for authentication. But none of them seem to work for Debian 12. I have tried several different ways. Currently I did the following:
1. sudo apt install libnss-ldap libpam-ldap ldap-utils nscd
2. updated nsswitch.conf
3. made sure all my /pam.d files were configured and include the ldap entries
But when I use getent passwd I do not see any of my LDAP users nor can I log into the Linux Machine with any LDAP users, only local.
I've been wracking my brain for a few weeks now. I've broken PAM a few times and had to go into single user mode to fix with default PAM files.
I've verified the password being used is the same one that is used to join other devices to the LDAP server. I currently have it in a secret file, but I've tried passing it in the clear as well and it still gives the same error. It seems that it is trying to use the local user that I ssh in as or login as (if I'm sitting in front of the Linux box) to try to authorize the connection. I have even created a user on the LDAP server with the correct username and credentials.
Does anyone have a proven method for joining Debian 12 to an OpenLDAP type server, or a Synology box in particular?
I'm kind of a new'ish user and I apologize if this is a silly and/or obvious solution. I have purchased this Synology NAS box that provides an OpenLDAP server for authentication. I have several iMac machines that i have joined to it no problem. I am able to telnet to LDAP ports from my Linux box, ping, and in all other ways to communicate. My issue seems to be there are a lot of conflicting and older instructions online to join Debian to LDAP for authentication. But none of them seem to work for Debian 12. I have tried several different ways. Currently I did the following:
1. sudo apt install libnss-ldap libpam-ldap ldap-utils nscd
2. updated nsswitch.conf
3. made sure all my /pam.d files were configured and include the ldap entries
But when I use getent passwd I do not see any of my LDAP users nor can I log into the Linux Machine with any LDAP users, only local.
I've been wracking my brain for a few weeks now. I've broken PAM a few times and had to go into single user mode to fix with default PAM files.
Code:
● nslcd.service - LSB: LDAP connection daemon Loaded: loaded (/etc/init.d/nslcd; generated) Active: active (running) since Wed 2024-07-17 15:26:10 PDT; 40s ago Docs: man:systemd-sysv-generator(8) Process: 88386 ExecStart=/etc/init.d/nslcd start (code=exited, status=0/SUCCESS) Tasks: 6 (limit: 9295) Memory: 7.1M CPU: 47ms CGroup: /system.slice/nslcd.service └─88398 /usr/sbin/nslcdCode:
Jul 17 15:26:10 (Servername) systemd[1]: Starting nslcd.service - LSB: LDAP connection daemon...Jul 17 15:26:10 (Servername) nslcd[88398]: version 0.9.12 startingJul 17 15:26:10 (Servername) nslcd[88398]: accepting connectionsJul 17 15:26:10 (Servername) nslcd[88386]: Starting LDAP connection daemon: nslcd.Jul 17 15:26:10 (Servername) systemd[1]: Started nslcd.service - LSB: LDAP connection daemon.Jul 17 15:26:33 (Servername) nslcd[88398]: [8b4567] <passwd(all)> failed to bind to LDAP server ldap://(IP of LDAP server): Invalid credentialsJul 17 15:26:33 (Servername) nslcd[88398]: [8b4567] <passwd(all)> no available LDAP server found: Invalid credentialsJul 17 15:26:50 (Servername) nslcd[88398]: [7b23c6] <authz="toor"> failed to bind to LDAP server ldap://(IP of LDAP server): Invalid credentialsJul 17 15:26:50 (Servername) nslcd[88398]: [7b23c6] <authz="toor"> no available LDAP server found: Invalid credentialsDoes anyone have a proven method for joining Debian 12 to an OpenLDAP type server, or a Synology box in particular?
Statistics: Posted by tds95376 — 2024-07-17 22:47 — Replies 1 — Views 33