Menu
▾
▴
Re: [naviserver-devel] nsldap: Installation and setup
|
From: Gustaf N. <ne...@wu...> - 2018-05-16 12:51:30
|
i am probably not the best person to ask, since we do not use here ldap.
however, my guess is that you have most likely a configuration problem:
under "host" you specify "ldap://....", when i look into the source i see:
Ns_DStringPrintf(&ds, "ldap://%s:%d", handlePtr->host, handlePtr->port );
so , i would think that "host " is really what it implies, and not a
ldap URL.
-gn
On 14.05.18 17:56, Iuri Sampaio wrote:
> Hello Gustaf and all,
>
> So far, I’ve installed and configured all code required to run LDAP
> together with Naviserver. Plus, I’ve added and amended all necessary
> parameters in order to enable LDAP authentication.
>
> However, I still haven’t figured out what is blocking the connection
> to the server. However parametrization seems fine, I believe the error
> is because I've assigned wrong formats to the parameter within
> config.tcl.
>
> LDAP and NS instances are running in the same server. I have tried
> localhost, w/ and w/o declaring ports explicitly.
>
>
> ns_section ns/ldap/pool/ldap
> ns_param user “cn=web,dc=ldap,dc=litli,dc=net"
> ns_param password “*****"
> ns_param host "ldap://ldap.litli.net <http://litli.net>"
> ns_param connections 1
> ns_param verbose On
>
>
>
> Bellow you can see the logs of a successful boot up of NS.
>
> [14/May/2018:10:44:25][22834.7f4be4abf700][-main-] Notice: modload:
> loading module nsldap from file /usr/local/ns/bin/nsldap.so
> [14/May/2018:10:44:25][22834.7f4be4abf700][-main-] Debug: nsldap:
> allowing * -> pool ldap
> [14/May/2018:10:44:25][22834.7f4be4abf700][-main-] Debug: nsldap:
> adding pool ldap to the list of allowed pools
> [14/May/2018:10:44:25][22834.7f4be4abf700][-main-] Debug: nsldap:
> Registering LDAPCheckPools (600)
> [14/May/2018:10:44:25][22834.7f4be4abf700][-main-] Notice: nsldap:
> version 0.9 loaded
> ...
> [14/May/2018:10:44:36][22834.7f4be4abf700][-main-] Notice: Loading
> packages/auth-ldap/tcl/auth-ldap-procs.tcl...
> [14/May/2018:10:44:36][22834.7f4be4abf700][-main-] Notice: Loaded
> packages/auth-ldap/tcl/auth-ldap-procs.tcl.
> ...
>
>
>
> Plus, LDAP instance is running just fine at http://ldap.litli.net.
> Login is successful trough http and directly through command line:
>
> 1)
> ldapsearch -n -x -H ldap://ldap.litli.net -D
> “cn=web,dc=ldap,dc=litli,dc=net" "uid=iuri" -w ****
> # extended LDIF
> #
> # LDAPv3
> # base <dc=ldap,dc=litli,dc=net> (default) with scope subtree
> # filter: uid=iuri
> # requesting: ALL
> #
>
>
> 2)
> ldapsearch -x -W -D ‘cn=web,dc=ldap,dc=litli,dc=net' -b "" -s base
> Enter LDAP Password:
> # extended LDIF
> #
> # LDAPv3
> # base <> with scope baseObject
> # filter: (objectclass=*)
> # requesting: ALL
> #
>
> #
> dn:
> objectClass: top
> objectClass: OpenLDAProotDSE
>
> # search result
> search: 2
> result: 0 Success
>
> # numResponses: 2
> # numEntries: 1
>
>
> ##############
>
>
> However, the connection failed in attempt to allocate handle from ldap
> pool, when I run the following TCL command:
>
> setlh[ns_ldap gethandle "ldap"]
>
>
> See logs:
>
>
> ###
> # NS ERROR logs: /log/error.log
> ###
>
> ...
>
> [14/May/2018:10:50:04][22834.7f4bd89ce700][-conn:caltek:0:1-] Error:
> could not allocate 1 handle from pool "ldap"
> while executing
> "ns_ldapgethandle "ldap""
> ("uplevel" body line 2)
> invoked from within
> "uplevel {
> set lh [ns_ldapgethandle "ldap"]
> doc_return 200 text/html "[ns_ldaphost $lh]"
>
>
> }"
>
>
> …
> [14/May/2018:11:37:17][23479.7f1653d03700][-conn:caltek:1:0-] Debug:
> nsldap: getting a handle for thread 0x7f1653d03700
> [14/May/2018:11:37:17][23479.7f1653d03700][-conn:caltek:1:0-] Debug:
> nsldap: connecting handle from pool ldap
> [14/May/2018:11:37:17][23479.7f1653d03700][-conn:caltek:1:0-] Error:
> nsldap: could not open connection to server ldap://ldap.litli.net on
> port 389: No such file or directory
|
