OpenBMC LDAP server configuration assistance

Gerhart, Donnie Donnie.Gerhart at dell.com
Thu Sep 10 02:32:51 AEST 2020


Hello OpenBMC Community\SMEs,

We are investigating LDAP functionality on the 2.8 ‘top of tree’ build; however, we are having some issues I believe you can help with straight away.  Some of the many real failures we’ve encountered are:

  *   Bricked system due to locking out all users
  *   Ladap_result() failed:  Can’t contact LDAP server
     *   Believe we’ve fixed this one
  *   Logins are restricted to the group priv-admin of but user ‘testuser’ is not a member
  *   Pam_authenticate() failed, rc=7, Authentication failure
  *   Bad PAM password attempt for ‘testuser’ from: <LDAP server IP>

Some of these issues we’ve worked through; however, some are still dogging us.  To that end, can someone possibly list\post a basic LDAP server LDIF file with a single user, privilege role and group mapping that you’ve successfully used with OpenBMC?  We assume we are stuck on some trivial LDAP server topology anomaly that is completely escaping us at the moment.

As an fyi we have looked at:

  1.  Gone through everything obviously ‘ldap’ in the mailing lists:  https://lists.ozlabs.org/pipermail/openbmc/
  2.  Looked at OpenBMC learning series:  https://github.com/openbmc/openbmc/wiki/Presentations
  3.  Gone through the documents here:  https://github.com/openbmc/docs/blob/master/architecture/user-management.md
  4.  Looked at ldap tests and server:  https://github.com/openbmc/openbmc-test-automation
  5.  Spent more time tweaking Linux files and creating ldap server configs that I care to admit 😊

BIG thanks in advance!

Best,
Donnie

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20200909/b52441ba/attachment-0001.htm>


More information about the openbmc mailing list