I'm working on setting up LDAP with multi master replication for virtualmin failover. I got to a point where replication is functional, and was putting the final touches on getting webmin to talk to LDAP before moving to Virtualmin specific steps. First, Webmin won't move 'LDAP Users and Groups' from Unused. It's working and configured. Second issue is that System->LDAP client was working and accessible across three servers. After going into the module configuration for it and clicking save, two servers now say "The NSS-LDAP configuration file was not found on your system." The third I didn't dare go into module settings.
What info can I give you to help you diagnose? I'm a bit new to the LDAP config - mostly puzzled pieced together from various sources, but two out of three servers are to the point where getent at least returns an LDAP user.
Comments
Submitted by JamieCameron on Fri, 03/30/2018 - 00:31 Comment #1
I think those are three symptoms of the same problem. In the LDAP Client module, if you click on the Module Config link (the gear), is the "NSS-LDAP configuration file" set correctly?
Submitted by zignut on Fri, 03/30/2018 - 08:02 Pro Licensee Comment #2
All options in that menu are left at "From config file" on all three servers. If I define all the options explicitly, there is no change.
Submitted by JamieCameron on Sat, 03/31/2018 - 00:33 Comment #3
What about the "LDAP client configuration file" field?
Submitted by zignut on Sun, 04/01/2018 - 12:03 Pro Licensee Comment #4
There is no option for that(see attached screenshot)
Submitted by JamieCameron on Sun, 04/01/2018 - 17:27 Comment #5
That's odd ... can you post the contents of your
/etc/webmin/ldap-client/config
file?It should contain a line starting with
auth_ldap=
that refers to the location of the LDAP client config file.Submitted by zignut on Thu, 04/12/2018 - 11:20 Pro Licensee Comment #6
Sorry for the delay. On the boxes where it does not work, all options in
/etc/webmin/ldap-client/config
have no values. On the the boxes where the module does work, it's as below.auth_ldap=/etc/nslcd.conf
secret=/etc/ldap.secret
init_name=nslcd
What's odd is that
/etc/ldap.secret
is missing on both boxes.Submitted by JamieCameron on Fri, 04/13/2018 - 00:30 Comment #7
If all systems are running the same OS, you could fix this by just copying
/etc/webmin/ldap-client/config
from a working system.