Servers:Hood

From Research
Revision as of 16:59, 28 September 2012 by Gordp (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

CONFIGURATION NOTES:

Hood runs OpenLDAP, containing usernames and passwords, for authentication: desktop/workstation logins, and various research services.

Hood is our WINS server.

From any windows computer, using ipconfig, you should see wins server = 209.87.56.238 (hood)


Machine info: Xeon 2.6GHz, 1GB, GigE, 3ware 7000-2, 2x 40GB RAID1 Into service July 2003


  • Testing LDAP:

When any question arises about LDAP and contacting the LDAP server, it's a good idea to start on Hood and check that things are running properly. The first command uses the plain-text port 389, while the second example uses SSL and port 636:

hood ~ # ldapsearch -H ldap://209.87.56.238 -b'dc=iat,dc=sfu,dc=ca' -D 'cn=Reader,dc=iat,dc=sfu,dc=ca' -s sub -x -W
Enter LDAP Password: <supersecret>
hood ~ # ldapsearch -h ldaps://209.87.56.238 -p 636 -b'dc=iat,dc=sfu,dc=ca' -D 'cn=Reader,dc=iat,dc=sfu,dc=ca' -s sub -x -W
Enter LDAP Password: <supersecret>

A successful query will produce over 500 records in both cases.
Next, go to the client-machine, and check both ports 389 and 636 again; sometimes the syntax will vary a bit (-h versus -H for example), and you may also find it helpful to increase debug-verbosity with something like -d 1. Again, you should see over 500 records:

root@eprints:~# LDAPTLS_REQCERT=never ldapsearch -H ldaps://hood.iat.sfu.ca 636 -b'dc=iat,dc=sfu,dc=ca' -D 'cn=Reader,dc=iat,dc=sfu,dc=ca' -s sub -x -W
gordp@sr-mig:/home/users/gordp->  ldapsearch -H ldap://209.87.56.238 -b'dc=iat,dc=sfu,dc=ca' -D 'cn=Reader,dc=iat,dc=sfu,dc=ca' -s sub -W
Enter LDAP Password: <supersecret>