There are two LDAP servers, cuboid and bursa, with CNAMES ldap1.biostr.washington.edu and ldap2.biostr.washington.edu. Login should work if either is up. You may need to restart nscd (the Name Service Caching Daemon).
Simple LDAP check, run ldapsearch -vvv -xLLL '(uid=joshuadf)'
If no one can log in to the LDAP server itself, you need to boot in Single User mode.
Run /etc/init.d/ldap start and check for error messages. If the database is corrupted from a crash, restore the whole /var/lib/ldap/ directory from a recent backup.
Client Setup
The LDAP client setup is done at installation time with the following commands, see KickStart for more details:
authconfig --enableshadow --enablemd5 \ --enableldap --ldapserver=ldaps://ldap1.biostr.washington.edu \ --ldapbasedn="dc=sig,dc=biostr,dc=washington,dc=edu" --enableldapauth \ --enableldaptls --enablecache --disablenis --kickstart mv /etc/ldap.conf /etc/ldap.conf.orig cat > /etc/ldap.conf << EOF uri ldaps://ldap1.biostr.washington.edu ldaps://ldap2.biostr.washington.edu ssl on tls_cacertfile /usr/share/rhn/UW-CA-CERT tls_checkpeer yes ldap_version 3 scope one rootbinddn cn=admin,dc=sig,dc=biostr,dc=washington,dc=edu base dc=sig,dc=biostr,dc=washington,dc=edu nss_base_passwd ou=People,dc=sig,dc=biostr,dc=washington,dc=edu nss_base_shadow ou=People,dc=sig,dc=biostr,dc=washington,dc=edu nss_base_group ou=Group,dc=sig,dc=biostr,dc=washington,dc=edu pam_password exop EOF mv /etc/openldap/ldap.conf /etc/openldap/ldap.conf.orig cat > /etc/openldap/ldap.conf << EOF URI ldaps://ldap1.biostr.washington.edu ldaps://ldap2.biostr.washington.edu BASE dc=sig,dc=biostr,dc=washington,dc=edu TLS_CACERT /usr/share/rhn/UW-CA-CERT TLS hard TLS_REQCERT demand EOF /etc/init.d/nscd restart /etc/init.d/autofs restart /etc/init.d/portmap restart
By the way, here are some common LDAP abbreviation codes:
Key Attribute CN Common Name DC Domain Component DN Distinguish Name L Locality Name ST State or Province Name O Organization Name OU Organizational Unit Name C Country Name STREET Street Address
