RHCSA Series: Setting Up LDAP-based Authentication in RHEL 7 – Part 14

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Use our Linode referral link if you plan to buy VPS (it starts at only $10/month).
  4. Support us via PayPal donate - Make a Donation
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Gabriel Cánepa

Gabriel Cánepa is a GNU/Linux sysadmin and web developer from Villa Mercedes, San Luis, Argentina. He works for a worldwide leading consumer product company and takes great pleasure in using FOSS tools to increase productivity in all areas of his daily work.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

21 Responses

  1. Andhika Rama says:

    hi,
    i am having problem in point 6 when load as follow.

    [root@dika ~]# ldapmodify -H ldapi:/// -f ldapdomain.ldif
    SASL/EXTERNAL authentication started
    SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
    SASL SSF: 0
    ldapmodify: invalid format (line 5) entry: “olcDatabase={1}monitor,cn=config”

    i am following the script, excep for password and domain component / dc=

    im stuck in that point.

    by the way, it was a great tutorial for me to learn before facing exam.

    thanks a lot and very apreciate for your response.

  2. Chris says:

    Having problems with step 5 on a Linux server that is using LDAP already for user authentication. I have installed openLDAP as a local authentication provider for an application but can not configure it:

    ldap_sasl_interactive_bind_s: Local error (-2)
    additional info: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (SPNEGO cannot find mechanisms to negotiate)

  3. Anand says:

    how to migrate “389 directory server” from one machine to another?

    • Gabriel A. Cánepa says:

      @Anand,
      That is out of the scope of the exam so we did not cover it in this article. We offer professional support services to help our readers in requirements like this if you’re interested.

  4. JUAN says:

    Hi Everyone, in step 4 to create a LDIF file ( ldaprootpasswd.ldif ) these files created under that directory ?

  5. Ryan Mullett says:

    I am having the same issue as several others in the comments are. I have to use “-Y EXTERNAL” in order for any of the commands with ldapadd or ldapmodify to work. That being said, I get stuck on step 7, when running that command it asks for a password. I input the password I used to generate the hashed string and I get “Invalid credentials (49)” every time. I have tried changing the -x to -Y EXTERNAL but it still has issue on that command. I do have everything you recommend installing and I have dug around and installed some extra packages that people elsewhere citing similar bugs mention possibly needing but to no avail, still stuck on step 7.

  6. Olga says:

    Hi! Your article is very useful, thanx. But I have a problem with my client. After adding ldapuser I try to login by ldapuser and there is a promt where I should type a password for him. But I haven’t set it. In your ldif file there is userPassword: {SSHA}fiN0YqzbDuDI0Fpqq9UudWmjZQY28S3M. So what password should I type? Or how can I login without password and then set it?

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *

Join Over 300K+ Linux Users
  1. 202,035
  2. 9,267
  3. 38,621

Are you subscribed?