Centos 6, Virtualmin & LDAP

Hello,

I'm still having issues getting my server to work with CentOS 6 and LDAP. Please can you confirm whether this is a supported configuration. If so, is there any documentation that would help me configure my system? Should i be using SSSD?

If i Re-Check my configuration it says Virtualmin is configured correctly. I can use the LDAP client and LDAP Users & Group module to browse my ldap server, but when i try to create a new domain i get the error message, 'Failed to create virtual server : Critical feature Administration user was not properly created - Virtual server creation halted.'

This is very frustrating as i've got 2 CentOS 5 servers working perfectly.

Status: 
Active

Comments

It sounds like the system isn't setup to by a client of the LDAP server.

If you go to Webmin -> System -> LDAP Client and click the "Validate Configuration" button, does it report any errors?

Have you found a solution to this problem. I'm also getting the same error.

Creating administration group domain.net .. .. administration group was created but does not exist! Failed to create virtual server : Critical feature Administration user was not properly created - Virtual server creation halted.

Cento OS 6.3

Virtualmin 3.97.gpl GPL

OpenLDAP 2.4.23

Edit:

I found that my LDAP Users and Groups module is listed under unused modules.

I added a group using the LDAP Users and Groups module in webmin to my LDAP server and tried using virtualmin to add a new Virtual Host matching the group i created. Of course it complained about the group already existing but then it went on to delete the group that I had previously created.

I think what is happening is virtualmin is creating the group correctly and then it goes on and deletes the newly created group then checks to see if it exists and errors out because it just deleted it.

Edit:

Finally got it working!

I needed to install nss-pam-ldapd

first i installed pam-ldap and nscd using yum

It wouldn't install nss-pam-ldap via yum so i had to use an rpm ftp://ftp.muug.mb.ca/mirror/centos/6.3/os/x86_64/Packages/nss-pam-ldapd-...

followed the following to configure pam_ldap.conf and nslcd.conf https://www.centos.org/modules/newbb/viewtopic.php?topic_id=38442

configured nsswitch.conf http://wiki.debian.org/LDAP/NSS

made sure the nscd and nslcd services were running

now i can create a new virtual host and the user and group gets created in ldap.

Yes, that would explain it. Without NSS-LDAP integration, your system won't see new Unix users created in LDAP.

This was actually a little difficult to setup. I think I spent about 1-2 weeks trying to get this to work. It was all because of that error. Might help if virtualmin gave us some hints on missing services.

I'm also curious why my LDAP Users and Groups module in Webmin is being listed as an unused module.

I like the idea of using LDAP for authentication. I had the domain i was testing with setup already before i started using LDAP and had my email clients setup. I deleted the domain from the server before starting and once LDAP was working, no changes were needed after the switch.

I'm actually going to try to set this up on another one of my servers but have it store the data in mysql since i already have 3 servers clustered.