En supprimant sss ça va déjà mieux, openLDAP est maintenant contacté. Mais, l'authentification LDAP ne fonctionne toujours pas. Lors de la recherche du user, j'ai l'erreur 32 (no such object, si je me souviens bien).
Voici le log LDAP pour une connection:
Mar 25 13:47:31 vmintt slapd[5240]: conn=1043 op=2 SRCH base="ou=Users,dc=inttest,dc=isidor,dc=arg" scope=1 deref=0 filter="(&(objectClass=shadowAccount)(uid=user2))"
Mar 25 13:47:31 vmintt slapd[5240]: conn=1043 op=2 SRCH attr=uid userPassword shadowLastChange shadowMax shadowMin shadowWarning shadowInactive shadowExpire shadowFlag
Mar 25 13:47:31 vmintt slapd[5240]: ==> limits_get: conn=1043 op=2 self="[anonymous]" this="ou=users,dc=inttest,dc=isidor,dc=arg"
Mar 25 13:47:31 vmintt slapd[5240]: => bdb_search
Mar 25 13:47:31 vmintt slapd[5240]: bdb_dn2entry("ou=users,dc=inttest,dc=isidor,dc=arg")
Mar 25 13:47:31 vmintt slapd[5240]: => access_allowed: search access to "ou=Users,dc=inttest,dc=isidor,dc=arg" "entry" requested
Mar 25 13:47:31 vmintt slapd[5240]: => dnpat: [1] (.+,)?ou=addressbook,(uid=[^,]+,ou=Users,dc=inttest,dc=isidor,dc=arg) nsub: 2
Mar 25 13:47:31 vmintt slapd[5240]: => dn: [2] ou=users,dc=inttest,dc=isidor,dc=arg
Mar 25 13:47:31 vmintt slapd[5240]: => dn: [3] ou=admins,dc=inttest,dc=isidor,dc=arg
Mar 25 13:47:31 vmintt slapd[5240]: => dn: [4] ou=computers,dc=inttest,dc=isidor,dc=arg
Mar 25 13:47:31 vmintt slapd[5240]: => dn: [5] ou=group,dc=inttest,dc=isidor,dc=arg
Mar 25 13:47:31 vmintt slapd[5240]: => dn: [6] ou=addressbook,dc=inttest,dc=isidor,dc=arg
Mar 25 13:47:31 vmintt slapd[5240]: => acl_get: [7] attr entry
Mar 25 13:47:31 vmintt slapd[5240]: => acl_mask: access to entry "ou=Users,dc=inttest,dc=isidor,dc=arg", attr "entry" requested
Mar 25 13:47:31 vmintt slapd[5240]: => acl_mask: to all values by "", (=0)
Mar 25 13:47:31 vmintt slapd[5240]: daemon: activity on 1 descriptor
Mar 25 13:47:31 vmintt slapd[5240]: daemon: activity on:
Mar 25 13:47:31 vmintt slapd[5240]:
Mar 25 13:47:31 vmintt slapd[5240]: daemon: epoll: listen=7 active_threads=0 tvp=zero
Mar 25 13:47:31 vmintt slapd[5240]: daemon: epoll: listen=8 active_threads=0 tvp=zero
Mar 25 13:47:31 vmintt slapd[5240]: <= check a_dn_pat: self
Mar 25 13:47:31 vmintt slapd[5240]: <= check a_dn_pat: *
Mar 25 13:47:31 vmintt slapd[5240]: <= acl_mask: [2] applying none(=0) (stop)
Mar 25 13:47:31 vmintt slapd[5240]: <= acl_mask: [2] mask: none(=0)
Mar 25 13:47:31 vmintt slapd[5240]: => slap_access_allowed: search access denied by none(=0)
Mar 25 13:47:31 vmintt slapd[5240]: => access_allowed: no more rules
Mar 25 13:47:31 vmintt slapd[5240]: send_ldap_result: conn=1043 op=2 p=3
Mar 25 13:47:31 vmintt slapd[5240]: send_ldap_result: err=32 matched="" text=""
Mar 25 13:47:31 vmintt slapd[5240]: send_ldap_response: msgid=3 tag=101 err=32
Mar 25 13:47:31 vmintt slapd[5240]: conn=1043 op=2 SEARCH RESULT tag=101 err=32 nentries=0 text=
Mar 25 13:47:31 vmintt slapd[5240]: daemon: activity on 1 descriptor
Mar 25 13:47:31 vmintt slapd[5240]: daemon: activity on:
Mar 25 13:47:31 vmintt slapd[5240]: 17r
Je ne comprends pas pourquoi ldap ne s'arrête pas sur la règle "ou=users,dc=inttest,dc=isidor,dc=arg". J'ai aussi utiliser ldapsearch pour tempter de voir toutes les entrées qui contiennent l'objectClass posixAccount, mais rien ne m'est retourné.
Je constate, de plus, que le système essaie d'effectuer toute une série d'autres authentification comme par exemple une authentification via uid=root (qui n'est pas dans la db pour le moment).