AMI says ldapsearch not found / user home directories not populated

[pquery]

Your project seems interesting, however I've tried both your AMI based in sydney and when following the Install instructions the ldapsearch command is not found

I've also tried to download the binarys but the instructions are unclear on how to expand the files.

Once I've extracted (both to tmp and then to the root directory, and even run the script from the install script - although I didn't see the necessity of removing all the ssh keys and then wiping your history of doing so) it still could never find the ldapsearch command.

I even tried echo $PATH and ldap search never appeared there or in /bin

I did get it to ldapsearch to work after installing openldap-clients vi yum

then changed to the instance ip and saw my IAM usernames populated. on the screen.

I then went to the /home but only saw the ec2 user directory.

I went into the sshd config and allowed for passwords and with my test user whom I saw come down on the list tried to log in with via ssh but was denied.

I'd like to help you get the bugs worked out of this project, but java isn't my best language.

[denismo]

Hello,

1. ldapsearch is not part of the project. it's just a tool that you can use to verify whether the server works. You can install it manually - exectly how you did.2. Don't run the install scripts - they are for the packer. Running them would certainly kill you instance.3. Since the IAM usernames are in LDAP, everything seems to be working fine so at least you got the first step working4. The project simply provides an LDAP server.  The users are authenticated via PAM, which needs to be connected to LDAP. The next step is to follow the PAM-LDAP configuration how-to and configure you linux to authenticate users via LDAP. The how-to for CentOS/Amazon Linux: LDAP authentication using pam_ldap and nss_ldap or nss-pam-ldapd: how to set up LDAP authentication . There may be more on the internet. Denis

|   | |   |   |   |   |   | | LDAP authentication using pam_ldap and nss_ldap2.2.2. Client side | | | | View on www.tldp.org | Preview by Yahoo | | | |   |

|   | |   |   |   |   |   | | nss-pam-ldapd: how to set up LDAP authenticationLDAP authentication with nss-pam-ldapd This document describes how users and groups that are defined in an LDAPserver can log in to your system. | | | | View on arthurdejong.org | Preview by Yahoo | | | |   |

  From: pquery [email protected] To: denismo/aws-iam-ldap-bridge [email protected] Sent: Wednesday, 10 December 2014, 12:46 Subject: [aws-iam-ldap-bridge] AMI says ldapsearch not found / user home directories not populated (#15)

Your project seems interesting, however I've tried both your AMI based in sydney and when following the Install instructions the ldapsearch command is not found I've also tried to download the binarys but the instructions are unclear on how to expand the files. Once I've extracted (both to tmp and then to the root directory, and even run the script from the install script - although I didn't see the necessity of removing all the ssh keys and then wiping your history of doing so) it still could never find the ldapsearch command. I even tried echo $PATH and ldap search never appeared there or in /bin I did get it to ldapsearch to work after installing openldap-clients vi yum then changed to the instance ip and saw my IAM usernames populated. on the screen. I then went to the /home but only saw the ec2 user directory. I went into the sshd config and allowed for passwords and with my test user whom I saw come down on the list tried to log in with via ssh but was denied. I'd like to help you get the bugs worked out of this project, but java isn't my best language. — Reply to this email directly or view it on GitHub.