On Tue, 2006-04-11 at 09:50 -0600, Andrew wrote: > Craig White wrote: > > On Tue, 2006-04-11 at 08:36 -0600, Andrew wrote: > > > >> Craig White wrote: > >> > >>> On Mon, 2006-04-10 at 16:21 -0600, Andrew wrote: > >>> > >>> > >>>> Craig White wrote: > >>>> > >>>> > >>>>> On Mon, 2006-04-10 at 15:17 -0600, Andrew wrote: > >>>>> > >>>>> > >>>>> > >>>>>> Hello everyone, > >>>>>> > >>>>>> I have a ldap server running on another distro and I use it for a lot of > >>>>>> different things (such as users, passwords, and hosts) and it all works > >>>>>> fine on that distro. I'm also trying to get all of this to work in FC5 > >>>>>> and so far I have gotten users and passwords to work but the hosts is > >>>>>> giving me problems. If I type getent hosts I see the complete list of > >>>>>> hosts as it should be but if I try to ping one of the hosts it just > >>>>>> hangs. If I try to ping the ip address everything works fine. I should > >>>>>> also note that I can't ping domain's either (such as yahoo.com) again it > >>>>>> just hangs but if I use a browser I can browse to them. On another > >>>>>> note, when I type getent hosts in the ldap console i can see the query > >>>>>> but when I try to ping a single domain I see nothing in the ldap > >>>>>> console, not even an attempt. > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>> ---- > >>>>> you need to confirm padl tools setup... > >>>>> > >>>>> what's output of ??? > >>>>> > >>>>> grep host /etc/nsswitch > >>>>> > >>>>> grep host /etc/ldap.conf > >>>>> > >>>>> Craig > >>>>> > >>>>> > >>>>> > >>>>> > >>>> padl tools setup? > >>>> > >>>> the hosts line from my ldap config > >>>> nss_base_hosts ou=Hosts,dc=example,dc=org > >>>> > >>>> > >>> ---- > >>> wouldn't it make sense to make the above line something that could > >>> possibly be meaningful from ldap? > >>> > >>> how about ldapsearch? can you get hosts by querying via ldapsearch? > >>> > >>> if so, the answer to what you need in the line above should be obvious. > >>> > >>> > >>> > >>>> from nsswitch.conf > >>>> #hosts: db files nisplus nis dns > >>>> hosts: files dns ldap > >>>> > >>>> Note: ldap was before dns but by moving it back i was able to ping > >>>> yahoo.com. But I still can't ping hosts in the hosts list. > >>>> > >>>> > >>> ---- > >>> probably should be running local dns for this but ldap.conf above is the > >>> reason why it's not working for you. > >>> > >>> Craig > >>> > >>> > >>> > >> Actually I was thinking about putting up a DNS server, I'm just not > >> excited about having another service to run and maintain but. The Hosts > >> line is actually not what i put i just didn't want to post my domain > >> name here however you could probably tell by my email. But the dn is > >> correct i a sure you. > >> > > ---- > > how about ldapsearch? > > > > does > > > > ldapsearch -x -h localhost -D 'YOUR_ROOTBIND_DN' -W '(ou=Host*)' > > > > return anything useful? > > > > Craig > > > > > This is on a different host but this is what it returns. > > # extended LDIF > # > # LDAPv3 > # base <> with scope sub > # filter: (ou=Host*) > # requesting: ALL > # > > # Hosts, secure.tolboe.org > dn: ou=Hosts,dc=example,dc=org > ou: Hosts > objectClass: top > objectClass: organizationalUnit > > # search result > search: 2 > result: 0 Success > > # numResponses: 2 > # numEntries: 1 > ---- OK - then assuming that you adjust for your specific needs... ldapsearch -x -h ldapserver.example.com -D 'YOUR_ROOTBIND_DN' \ -b 'ou=Hosts,dc=example,dc=com' -W '(cn=*)' You should get a list of hosts in the container as indicated by the '-b' option which also matches the 'hosts' configuration in /etc/ldap.conf right? Craig Craig
