From owner-FreeBSD-users-jp@jp.FreeBSD.org Mon Apr  6 21:12:55 2009
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) id n36CCtn39904;
	Mon, 6 Apr 2009 21:12:55 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from rb00.wakhok.net (rb00.wakhok.net [219.117.233.234])
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) with SMTP/inet id n36CCtR39899
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Mon, 6 Apr 2009 21:12:55 +0900 (JST)
	(envelope-from seichan-ml@wakhok.ne.jp)
Received: (qmail 28102 invoked from network); 6 Apr 2009 21:12:54 +0900
Received: from rb00.wakhok.local (HELO ?127.0.0.1?) (192.168.241.1)
  by rb00.wakhok.local with SMTP; 6 Apr 2009 21:12:54 +0900
Received: from rb00.wakhok.local (HELO [127.0.0.1]) (192.168.241.1)
  by rb00.wakhok.local (antibadmail 1.38) with SMTP; Apr  6 21:12:54 JST 2009
From: Hiroyuki Seino <seichan-ml@wakhok.ne.jp>
To: FreeBSD-users-jp@jp.FreeBSD.org
In-Reply-To: <20090406154413.CAD2.NOMURA@ir-alt.co.jp>
References: <20090406141731.CACF.NOMURA@ir-alt.co.jp> <20090406154413.CAD2.NOMURA@ir-alt.co.jp>
Message-Id: <20090406205855.29E9.D4AF24AB@wakhok.ne.jp>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-2022-JP"
Content-Transfer-Encoding: 7bit
X-Mailer: Becky! ver. 2.48.02 [ja]
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
Date: Mon, 06 Apr 2009 21:12:58 +0900
X-Sequence: FreeBSD-users-jp 92214
Subject: [FreeBSD-users-jp 92214] Re: ldap =?ISO-2022-JP?B?GyRCJE4bKEI=?=
 =?ISO-2022-JP?B?GyRCRjNGfhsoQg==?= 
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: seichan-ml@wakhok.ne.jp
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+060209

$B@6Ln$H?=$7$^$9!%(B

/etc/nsswitch.conf $B$G$9$,!$(B

> passwd: files
> passwd_compat: nis ldap

$B$H$7$?>l9g!$(Bpasswd $B%U%!%$%k$r0J2<$NMM$K=$@5$9$kI,MW$,$"$j$^$9!%(B

www:*:80:80::0:0:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/usr/sbin/nologin
+:*::::::::
ldap:*:389:389::0:0:OpenLDAP Server:/nonexistent:/sbin/nologin

$B$3$&$$$C$?5sF0$+$i!$(B_compat $BIU$-$O!$:#$^$G(B NIS $B$r;H$C$?;~$N$h$&$J(B
$B46$8$G1?MQ$9$kJ*$@$H8D?ME*$K$O;W$C$F$$$^$9!%(B
# man $B$K$b6a$$$h$&$J;v$,=q$+$l$F$$$?$N$G!$Bg$-$/30$7$F$$$J$$$H(B
# $B;W$$$^$9!%(B

$B$H8@$&;v$G!$(BLDAP $B;2>H$K9T$C$F$$$J$$$+$i(B id $B$G0z$1$J$$$@$1$+$H(B
$B;W$$$^$9!%(B


nss_ldap $B$N(B Couldn't search LDAP [server name] is unavailable $B$G$9$,!$(B
$B<+J,$b2r7h$7$?$$$H;W$C$FM'?M$K?'!9D4$Y$F$b$i$C$F$$$?$N$G$9$,!$(B
nss_ldap $B$H$$$&$h$j(B libldap $B$,JV$7$F$$$k$h$&$G$9!%(B

$B$H$O$$$(!$(Bnss_ldap $B$,Mm$`ItJ,0J30$K$3$N%a%C%;!<%8$,=P$k;v$bL5$$$N$G!$(B
nss_ldap $B$N5sF0$,2x$7$$$N$G$O(B? $B$H;W$&$N$G$9$,!D(B

nss_ldap.conf $B$K(B nss_connecy_policy oneshot $B$rF~$l$k;v$G7Z8:$O=PMh$?(B
$B$N$G$9$,!$40A4$KDY$;$F$O$$$J$$>uBV$G$9!%(B


$B%a%C%;!<%8$O=P$F$b<B32$O=P$F$$$J$$$N$GL5;k$9$k;v$K$7$F$$$k$N$G$9$,!$(B
$B$3$NJU$j$N2r7h$,=PMh$F$$$kJ}$,$$$i$C$7$c$C$?$i!$=u$1$FD:$1$l$P!D(B
$B$H!$JX>h$7$?$$$H;W$$$^$9!%(B


On Mon, 06 Apr 2009 15:59:30 +0900
$BLnB<(B <nomura@ir-alt.co.jp> wrote:

> $BLnB<$H?=$7$^$9!#(B
> 
> $B!V(Bnss_ldap Couldn't search LDAP$B!!(Bserver.Server is unavailable$B!W(B
> $B$H$$$&%a%C%;!<%8$O(B/etc$B$N(Bnsswitch.conf$B$K(Bldap$B$N%(%s%H%j$rDI2C$7$F(B
> $B$+$i$G$k$h$&$K$J$C$?$h$&$G$9!#(B
> 
> #
> # nsswitch.conf(5) - name service switch configuration file
> # $FreeBSD: src/etc/nsswitch.conf,v 1.1 2006/05/03 15:14:47 ume Exp $
> #
> group: files ldap
> group_compat: nis
> hosts: files dns ldap
> networks: files
> passwd: files ldap
> passwd_compat: nis
> shells: files
> services: compat
> services_compat: nis
> protocols: files
> rpc: files
> 
> $B>e5-$N(B
> passwd: files ldap
> passwd_compat: nis
> $B$r(B
> passwd: files
> passwd_compat: nis ldap
> $B$H$9$k$H(Bnss-ldap$B$N%a%C%;!<%8$O$G$J$/$J$j$^$9$,!":#EY$O(B"id test3"
> $BEy$H$7$F!"(Bldap$B$GDI2C$7$?%f!<%6$r%F%9%H$7$?;~$K(B"id: test3: no such
> user"$B$H$$$o$l$F$7$^$$$^$9!#(B
> 
> $B$^$?!"(Btest3$B%f!<%6$G%m%0%$%s$7$h$&$H$7$?;~$K!"%Q%9%o!<%I$NF~NO$r$7$F(B
> $B$b<u$1IU$1$F$/$l$^$;$s!#%f!<%6$O(Bphpldapadmin$B$G:n$C$F$$$k$N$G$9$,!"(B
> $B2?$,0-$$$N$G$7$g$&$+!)(B
> 
> $B$h$m$7$/$*4j$$$7$^$9!#(B
> 
> On Mon, 06 Apr 2009 14:19:51 +0900
> $BLnB<(B <nomura@ir-alt.co.jp> wrote:
> 
> > $BJV?.$"$j$,$H$&$4$6$$$^$9!#(B
> > 
> > $B$=$l$>$l2<5-$N$h$&$K$J$C$F$*$j$^$9!#(B
> > 
> > ###nss-ldap.conf###
> > host hagi.hoge
> > base dc=hoge
> > uri ldap://hagi.hoge/
> > port 389
> > bind_policy soft
> > nss_connect_policy oneshot
> > 
> > ###ldap.conf###
> > BASE    dc=hoge
> > URI     ldap://hagi.hoge 389
> > 
> > SIZELIMIT       12
> > TIMELIMIT       15
> > DEREF           never
> > 
> > ###slapd.conf
> > include         /usr/local/etc/openldap/schema/core.schema
> > include         /usr/local/etc/openldap/schema/corba.schema
> > include         /usr/local/etc/openldap/schema/cosine.schema
> > include         /usr/local/etc/openldap/schema/inetorgperson.schema
> > include         /usr/local/etc/openldap/schema/nis.schema
> > include         /usr/local/etc/openldap/schema/openldap.schema
> > 
> > pidfile         /var/run/openldap/slapd.pid
> > argsfile        /var/run/openldap/slapd.args
> > 
> > modulepath      /usr/local/libexec/openldap
> > moduleload      back_bdb
> > 
> > access to attrs=userPassword
> >         by self write
> >         by users read
> >         by anonymous auth
> > 
> > access to *
> >         by self write
> >         by users read
> >         by anonymous read
> > 
> > database        bdb
> > suffix          "dc=hoge"
> > rootdn          "cn=ldaproot,dc=hoge"
> > rootpw          {SSHA}password
> > 
> > directory       /var/db/openldap-data
> > 
> > index   objectClass     eq
> > 
> > $BJV;v$,$*$/$l$F$9$$$^$;$s!#$h$m$7$/$*4j$$$7$^$9!#(B
> > 
> > On Fri, 3 Apr 2009 22:53:21 +0900
> > Kouichiro Iwao <meta@club.kyutech.ac.jp> wrote:
> > 
> > > $B4dCK$G$9!#(B
> > > 
> > > On Fri, Apr 03, 2009 at 05:23:44PM +0900, $BLnB<(B wrote:
> > > > $BLnB<$H?=$7$^$9!#(B
> > > > 
> > > > ldap$B$rF3F~$7$h$&$H$7$F$k$N$G$9$,!"(Bslapd $B$r5/F0$9$k;~$K!V(Bnss_ldap
> > > > Couldn't search LDAP server.Server is unavailable$B!W$H=P$F$7$^$$!":$$C$F(B
> > > > $B$*$j$^$9!#(B
> > > 
> > > $B$R$H$^$:!"(B
> > > /usr/local/etc/{nss_ldap.conf,ldap.conf,}
> > > /usr/local/etc/openldap/slapd.conf
> > > 
> > > $B$N@_DjFbMF$rL@$+$7$F$/$@$5$$!#(B


