Hello,
I'm still having issues getting my server to work with CentOS 6 and LDAP. Please can you confirm whether this is a supported configuration. If so, is there any documentation that would help me configure my system? Should i be using SSSD?
If i Re-Check my configuration it says Virtualmin is configured correctly. I can use the LDAP client and LDAP Users & Group module to browse my ldap server, but when i try to create a new domain i get the error message, 'Failed to create virtual server : Critical feature Administration user was not properly created - Virtual server creation halted.'
This is very frustrating as i've got 2 CentOS 5 servers working perfectly.
Status:
Active
Comments
Submitted by JamieCameron on Tue, 12/18/2012 - 14:45 Comment #1
It sounds like the system isn't setup to by a client of the LDAP server.
If you go to Webmin -> System -> LDAP Client and click the "Validate Configuration" button, does it report any errors?
Submitted by steve.h on Thu, 01/31/2013 - 21:34 Comment #2
Have you found a solution to this problem. I'm also getting the same error.
Creating administration group domain.net .. .. administration group was created but does not exist! Failed to create virtual server : Critical feature Administration user was not properly created - Virtual server creation halted.
Cento OS 6.3
Virtualmin 3.97.gpl GPL
OpenLDAP 2.4.23
Edit:
I found that my LDAP Users and Groups module is listed under unused modules.
I added a group using the LDAP Users and Groups module in webmin to my LDAP server and tried using virtualmin to add a new Virtual Host matching the group i created. Of course it complained about the group already existing but then it went on to delete the group that I had previously created.
I think what is happening is virtualmin is creating the group correctly and then it goes on and deletes the newly created group then checks to see if it exists and errors out because it just deleted it.
Edit:
Finally got it working!
I needed to install nss-pam-ldapd
first i installed pam-ldap and nscd using yum
It wouldn't install nss-pam-ldap via yum so i had to use an rpm ftp://ftp.muug.mb.ca/mirror/centos/6.3/os/x86_64/Packages/nss-pam-ldapd-...
followed the following to configure pam_ldap.conf and nslcd.conf https://www.centos.org/modules/newbb/viewtopic.php?topic_id=38442
configured nsswitch.conf http://wiki.debian.org/LDAP/NSS
made sure the nscd and nslcd services were running
now i can create a new virtual host and the user and group gets created in ldap.
Submitted by JamieCameron on Thu, 01/31/2013 - 23:37 Comment #3
Yes, that would explain it. Without NSS-LDAP integration, your system won't see new Unix users created in LDAP.
Submitted by steve.h on Fri, 02/01/2013 - 01:24 Comment #4
This was actually a little difficult to setup. I think I spent about 1-2 weeks trying to get this to work. It was all because of that error. Might help if virtualmin gave us some hints on missing services.
I'm also curious why my LDAP Users and Groups module in Webmin is being listed as an unused module.
I like the idea of using LDAP for authentication. I had the domain i was testing with setup already before i started using LDAP and had my email clients setup. I deleted the domain from the server before starting and once LDAP was working, no changes were needed after the switch.
I'm actually going to try to set this up on another one of my servers but have it store the data in mysql since i already have 3 servers clustered.
Submitted by JamieCameron on Fri, 02/01/2013 - 11:01 Comment #5
There is some docs on this at : http://www.virtualmin.com/documentation/id,combining_virtualmin_and_ldap/
Was the
nss_ldappackage mentioned there not enough to get this working?