In troubleshooting LDAP connections I find it useful to turn on LDAP
debugging by adding 'debug 7' to my nss_ldap configuration file. In CNS this
file is called /opt/symas/etc/cns.conf. Yours is probably somewhere else-
maybe /etc/ldap.conf.
This flag will cause LDAP trace output to be sent to stderr. For example,
when you have debugging turned on and type the 'id' command, you will see a
stream of LDAP debug output. You can then use that to determine the problem
with the LDAP connection. All of this assumes you're using an LDAP library,
such as OpenLDAP's, that supports debug output.
I hope this helps...
Matthew Hardin
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
http://www.symas.com> -----Original Message-----
> From:
owner-pamldap@... [mailto:
owner-pamldap@...] On Behalf Of
> tarjei
> Sent: Monday, February 12, 2007 10:01 AM
> To:
pamldap@...
> Subject: [pamldap] whislist: configtest
>
> Hi, one utility I wish you had was a simple utility to test and offer
> debug information when trying to set up nss/pam-ldap.
>
> I know I can use getent passwd ++ to test nss, but a utility that made
> it possible to pinpoint the problem in ldapconnections would be a great
> help when setting up nssldap and pamldap.
>
> If such a utility exists then please tell me about it.
>
> Kind regards,
> Tarjei
