I created a dummy user, test1, on the ldap server. I then exported the /etc/passwd file to an ldif file. I can’t find my old notes showing the command I used, but here is what the ldif file looked like (after I deleted all the other accounts):
dn: uid=test1,ou=edg,dc=ibmprint,dc=uchicago,dc=edu
uid: test1
cn: test1
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword: {crypt}bunch of characters
shadowLastChange: 13350
loginShell: /bin/bash
uidNumber: 100
gidNumber: 100
homeDirectory: /home/test1
I now want to add this account to my currently running ldap server. From the book, here’s the command I should use:
ldapmodify -D “cn=test1,dc=ibmprint,dc=uchicago,dc=edu” -w secret > -x -a -f /tmp/passwd.ldif
I get this error: ldap_sasl_interactive_bind_s: Confidentiality required (13)
additional info: confidentiality required
I think this has to do with the pam stuff that is supposed to keep everything encrypted. So, now I’ll look into that.
I have the package nss_ldap installed. This package contains nss_ldap and pam_ldap, so I think I have everything that I need installed.