Problems validate users with OpenLDAP

Issues related to applications and software problems
Post Reply
Dilor
Posts: 1
Joined: 2020/03/21 04:46:00

Problems validate users with OpenLDAP

Post by Dilor » 2020/03/21 05:40:46

Hi,

I have installed CentOS 7 with OpenLDAP 2.4.44. I have OpenLDAP all configured (I think) but I can't login with the user of application (installed on Windows Server 2019).
The Windows app requires the following to be configured:

- Host Address: IP CentOS server
- Connection Security: Yes
- Port Number: 389
- Connect DN: cn=ldapadm,dc=dilornet,dc=net
- Configure Connect Password: ldapadm user pass
- User DN: ou=users,dc=dilornet, dc=net
- User Object Class: inetOrgPerson,posixAccount,shadowAccount
- User Name Attribute: uid

Also, I installed the following certificates in Win Server (from CentOS) both on Trusted Root Certification Authorities:
ca.cert.pem
srvcentos.dilornet.net

In CentOS I have the following:

ldap.conf
BASE dc=dilornet,dc=net
URI ldap://srvcentos.dilornet.net
SSL ON
TLS_CACERT /etc/openldap/certs/ca.cert.pem
TLS_REQCERT demand
SASL_NOCANON ON


cn=config.ldif
# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
# CRC32 32242df8
dn: cn=config
objectClass: olcGlobal
cn: config
olcArgsFile: /var/run/openldap/slapd.args
olcPidFile: /var/run/openldap/slapd.pid
olcTLSCACertificatePath: /etc/openldap/certs
structuralObjectClass: olcGlobal
entryUUID: 9576bbf6-e36a-1039-8da7-71e3010e30a8
creatorsName: cn=config
createTimestamp: 20200214114046Z
olcTLSCertificateFile: /etc/openldap/certs/srvcentos.dilornet.net.crt
olcTLSCertificateKeyFile: /etc/openldap/certs/srvcentos.dilornet.net.key
olcTLSCACertificateFile: /etc/openldap/cacerts/ca.cert.pem
entryCSN: 20200224033755.179734Z#000000#000#000000
modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
modifyTimestamp: 20200224033755Z

olcDatabase={2}hdb.ldif
# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
# CRC32 fbfa11a9
dn: olcDatabase={2}hdb
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {2}hdb
olcDbDirectory: /var/lib/ldap
olcDbIndex: objectClass eq,pres
olcDbIndex: ou,cn,mail,surname,givenname eq,pres,sub
structuralObjectClass: olcHdbConfig
entryUUID: 95773efa-e36a-1039-8dad-71e3010e30a8
creatorsName: cn=config
createTimestamp: 20200214114046Z
olcSuffix: dc=dilornet,dc=net
olcRootDN: cn=ldapadm,dc=dilornet,dc=net
olcRootPW:: e1NTSEF9cWV6Y3NxQjZDQkpMRWM0VmhjWDBKN0huNzI3M0JKT0Y=
entryCSN: 20200314045022.283303Z#000000#000#000000
modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
modifyTimestamp: 20200314045022Z


dn: uid=winuser,ou=users,dc=dilornet,dc=net
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
uid: winuser
cn: Windows
sn: User
userPassword: *************
loginShell: /bin/bash
uidNumber: 1500
gidNumber: 1000
homeDirectory: /home/winuser

dn: cn=test,ou=group,dc=dilornet,dc=net
objectClass: posixGroup
cn: Test
gidNumber: 1000
memberUid: winuser


But when I tried to connect, this appear in slapd status:
Mar 20 00:01:11 srvcentos slapd[62140]: conn=1005 fd=20 ACCEPT from IP=192.168.0.50:54712 (IP=0.0.0.0:389)
Mar 20 00:01:11 srvcentos slapd[62140]: conn=1005 fd=20 closed (connection lost)

Can anyone help me?

Thank you so much.
Regards.

Post Reply