Differences

This shows you the differences between two versions of the page.

--- aix:user_adldap [2021/11/16 17:02]
manu [Connection to Active Directory (unsecure)]
+++ aix:user_adldap [2022/08/22 09:24] (current)
manu [User password is expired]
@@ Line 290: / Line 290: @@
 Configure LDAP client with SSL certificate
 <cli prompt='#'>
-[root@aix001]/root> mksecldap -c -h ldap_srv.xxx.lu -n 636 -k /etc/security/ldap/ldap.kdb -w "password" -j SSL -c -a "CN=user1,OU=Grp-Users,DC=ad,DC=myorg,DC=mydom,DC=lu" -p xxxxxxxxxx -h ad.mydom.lu -d "DC=ad,DC=myorg,DC=mydom,DC=lu" -A ldap_auth -u NONE
+[root@aix001]/root# mksecldap -c -h ldap_srv.xxx.lu -n 636 -k /etc/security/ldap/ldap.kdb -w "password" -j SSL -c -a "CN=user1,OU=Grp-Users,DC=ad,DC=myorg,DC=mydom,DC=lu" -p xxxxxxxxxx -h ad.mydom.lu -d "DC=ad,DC=myorg,DC=mydom,DC=lu" -A ldap_auth -u NONE
 </cli>
 ===== Errors =====
+==== LDAP in debug mode ====
+Add rotation for the debug file
+<cli prompt='#'>
+# cat /etc/logrotate.d/system.conf
+/var/log/syslog/ldap.debug {
+    copytruncate
+    rotate 3
+    size=100M
+}
+</cli>
+Create the debug file
+<cli prompt='#'>
+# touch /var/log/syslog/ldap.debug
+</cli>
+Restart the LDAP daemon in debug mode
+<cli prompt='#'>
+[root@aix01]/root# export LDAP_DEBUG=65535
+[root@aix01]/root# export LDAP_DEBUG_FILE=/var/log/syslog/ldap.debug
+[root@aix01]/root# stop-secldapclntd
+The secldapclntd daemon is successfully terminated.
+[root@aix01]/root# start-secldapclntd
+Starting the secldapclntd daemon.
+The secldapclntd daemon started successfully.
+</cli>
 ==== User password is expired ====

wiki

User Tools

Site Tools

Differences

Page Tools