Servers:Hood
CONFIGURATION NOTES:
Hood runs OpenLDAP, containing usernames and passwords, for authentication: desktop/workstation logins, and various research services.
Hood is our WINS server.
From any windows computer, using ipconfig, you should see wins server = 209.87.56.238 (hood)
Machine info: Xeon 2.6GHz, 1GB, GigE, 3ware 7000-2, 2x 40GB RAID1
Into service July 2003
- Testing LDAP:
When any question arises about LDAP and contacting the LDAP server, it's a good idea to start on Hood and check that things are running properly. The first command uses the plain-text port 389, while the second example uses SSL and port 636:
hood ~ # ldapsearch -H ldap://209.87.56.238 -b'dc=iat,dc=sfu,dc=ca' -D 'cn=Reader,dc=iat,dc=sfu,dc=ca' -s sub -x -W Enter LDAP Password: <supersecret>
hood ~ # ldapsearch -h ldaps://209.87.56.238 -p 636 -b'dc=iat,dc=sfu,dc=ca' -D 'cn=Reader,dc=iat,dc=sfu,dc=ca' -s sub -x -W Enter LDAP Password: <supersecret>
A successful query will produce over 500 records in both cases.
Next, go to the client-machine, and check both ports 389 and 636 again; sometimes the syntax will vary a bit (-h versus -H for example), and you may also find it helpful to increase debug-verbosity with something like -d 1. Again, you should see over 500 records:
root@eprints:~# LDAPTLS_REQCERT=never ldapsearch -H ldaps://hood.iat.sfu.ca 636 -b'dc=iat,dc=sfu,dc=ca' -D 'cn=Reader,dc=iat,dc=sfu,dc=ca' -s sub -x -W
gordp@sr-mig:/home/users/gordp-> ldapsearch -H ldap://209.87.56.238 -b'dc=iat,dc=sfu,dc=ca' -D 'cn=Reader,dc=iat,dc=sfu,dc=ca' -s sub -W Enter LDAP Password: <supersecret>