Talk:LDAP authentication

From ArchWiki
Jump to: navigation, search

Poor writing

This article needs to include more explanatory information rather than an example of one user's configuration (which may or may not work?). -- pointone 11:41, 17 January 2011 (EST)


Following this guide and the other one out of the box I get the following error when trying to import (ldapadd) or search (ldapsearch)

slapd[20458]: fd=12 DENIED from unknown (

And yes I do have slapd in the hosts.allow

Add to /etc/hosts.allow:
Peleki 11:14, 21 August 2010 (EDT)


If you want hdb as backend, you have to adjust the PKGBUILD to --enable-hdb and rebuild the package

To disable the IPV6 error, add -4 to the slapd init script at line 14 (/usr/sbin/slapd -4 $SLAPD_OPTIONS)

To disable the " openldap configure monitor database to enable" add "database monitor" in /etc/openldap/slapd.conf BEFORE any database backend type (hdb or bdb)

--mvinnicius 19:55, 14 February 2011 (EST)

For the record, it's probably better to add -4 to the SLAPD_OPTIONS variable in /etc/conf.d/slapd than to modify the rc-script. --DJPohly 21:09, 14 February 2011 (EST)


I started editing the page with the goal of merging it with the LDAP Authentication one and also with the main OpenLDAP article. I rewrote the introduction and added some explanations for the client side like NSS and PAM. I'm gooing to remove the pam_ldap and nss_ldap bit and use nss_pam_ldapd from AUR which is the most uptodate (and robust) version. If anyone has any objections feel free to say so.


I think the client configuration section should clarify that you would want to choose between ldap or sssd (with sssd being the more robust of the two).

Also, in the sssd section, there's a handy note pointing out that sudo is not compiled with sssd support. I created a sudo-sssd package in the aur. Perhaps it would be beneficial to link to it?

Niq000 (talk) 06:36, 9 July 2015 (UTC)