Understanding LDAP config

I’m new to LDAP and having trouble understanding how to set up an LDAP domain. I have setup Nethserver as a local LDAP provider and created some users.

the first thing I would like to accomplish is to have my nethserver users pulled into a freenas server for sharing of NFS directories.

I don’t know what to enter in freenas to bind to my Nethserver instance. Nethserver Domain account shows a bunch of information but is this just and example? There is a bind password there that was auto generated, is this an actual password or an example of what one should look like? What does directory dump do? What should I enter in freenas to have it load users and groups?

1 Like

These are real information.
You can test this with the command account-provider-test dump for more information.
Maybe it’s better to give the IP instead of the FQDN in hostname => no DNS required.
Good luck.

IIRC LDAP connections are allowed from green networks only (LAN)

Anonymous binds are allowed to browse the whole LDAP tree. However if authentication is required (i.e. user logs in with his credentials), connections must be secured by STARTTLS or SSL (ldaps://).

I’m on the green network, Ive tried every combination of settings I can think of. Where should I look in the nethserver logs to see where the attempt is being made and at what point it fails?

Please refer to

http://docs.nethserver.org/projects/nethserver-devel/en/v7/nethserver-directory.html#logging

I’ve made some progress. It looks like freenas is pulling users from nethserver now however I’m now getting “up : mount.nfs: requested NFS version or transport protocol is not supported”

success! The version tansport protocol problem went away with a reboot and then the only thing missing was I had to include /mnt/ in the path. So FQDN in the host and /mnt/Backup under share.

1 Like

I’m happy you succeeded!

It would be a great contribution to write down a NethServer + FreeNas #howto

/cc @docs_team

1 Like

My next task is to join a windows 7 machine to the NethServer LDAP domain and control access to freenas shares ldap. (If I’m running LDAP and not Active Directroy is it still considered a domain?). I followed the windows 7 modifications near the bottom of this page https://ubuntuforums.org/showthread.php?t=1330637 but when I try to join I get an error that it cant find the domain controller. It’s looking for _ldap._tcp.dc._msdcs.domain.com or something to that effect, I tried adding that as an alias to my totally pingable server but NethServer doesn’t like it for some reason.

There is also some nethserver documentation about going to accounts provider -> advanced to adjust some settings however there is only an uninstall button on my accounts provider page.

No, they are completely different things. However an Active Directory domain has also LDAP based services.

How do I get windows to use ldap users and groups then if I can’t “join domain”. Im confused.

A windows system can join an AD domain only.

Uninstall LDAP local accounts provider and choose Active Directory.

So I’ve installed active directory and it looks like it creates a container with it’s own IP address. I cannot ping this address and freenas cant find my ldap server anymore. When I try to join freenas to the ad domain it says it cant find LDAP server which is also on this unpingable address.

Is NethServer running on a virtual machine?

In this case the the host network interface must be running in promiscuous mode. See also

http://docs.nethserver.org/en/v7/accounts.html#installing-on-a-virtual-machine