diff options
| author | Thomas Fitzsimmons <fitzsim@fitzsim.org> | 2015-04-22 22:07:17 -0400 |
|---|---|---|
| committer | Thomas Fitzsimmons <fitzsim@fitzsim.org> | 2015-04-22 22:17:56 -0400 |
| commit | 557c7d6fc6a6520a7ca92d2d006299fae0978aa3 (patch) | |
| tree | 1d5102082a508576c5420c9ca72da09617ee7b4b | |
| parent | 7128b0de899111c97749e3b7cddfb2935a7f0a9a (diff) | |
Improve EUDC manual
* eudc.texi (Troubleshooting): New LDAP troubleshooting subsection.
| -rw-r--r-- | doc/misc/eudc.texi | 32 |
1 files changed, 25 insertions, 7 deletions
diff --git a/doc/misc/eudc.texi b/doc/misc/eudc.texi index 4d6e6addc3..064f570577 100644 --- a/doc/misc/eudc.texi +++ b/doc/misc/eudc.texi @@ -248,7 +248,7 @@ Pass any required extra options to @command{ldapsearch} using @end itemize The following examples use a base of -@code{ou=people,dc=example,dc=com} and the host name +@code{ou=people,dc=gnu,dc=org} and the host name @code{ldap.gnu.org}, a server that supports LDAP-over-SSL (the @code{ldaps} protocol, with default port @code{636}) and which requires authentication by the user @code{emacsuser} with password @@ -274,6 +274,7 @@ the wildcard character to the end of the last word. @menu * Emacs-only Configuration:: Configure with @file{.emacs} * External Configuration:: Configure with @file{/etc/openldap/ldap.conf} +* Troubleshooting:: Debug @command{ldapsearch} failures @end menu @node Emacs-only Configuration @@ -305,8 +306,8 @@ LDAP: ("ldaps://ldap.gnu.org" . ldap))) (customize-set-variable 'ldap-host-parameters-alist '(("ldaps://ldap.gnu.org" - base "ou=people,dc=example,dc=com" - binddn "example\\emacsuser" + base "ou=people,dc=gnu,dc=org" + binddn "gnu\\emacsuser" passwd ldap-password-read))) @end lisp @@ -330,7 +331,7 @@ Your system may already be configured for a default LDAP server. For example, @file{/etc/openldap/ldap.conf} might contain: @example -BASE ou=people,dc=example,dc=com +BASE ou=people,dc=gnu,dc=org URI ldaps://ldap.gnu.org TLS_CACERTDIR /etc/openldap/certs @end example @@ -339,11 +340,11 @@ TLS_CACERTDIR /etc/openldap/certs @cindex binddn Authentication requires a password, and a @dfn{bind distinguished name (binddn)} representing the user, in this case, -@code{example\emacsuser}. These can be specified in +@code{gnu\emacsuser}. These can be specified in @file{~/.authinfo.gpg} with the following line: @example -machine ldaps://ldap.gnu.org binddn example\emacsuser password s3cr3t +machine ldaps://ldap.gnu.org binddn gnu\emacsuser password s3cr3t @end example Then in the @file{.emacs} init file, these expressions suffice to @@ -372,7 +373,7 @@ case @command{ldapsearch} defaults to the host name in The @file{~/.authinfo.gpg} line becomes: @example -binddn example\emacsuser password s3cr3t +binddn gnu\emacsuser password s3cr3t @end example @noindent @@ -391,6 +392,23 @@ and the @file{.emacs} expressions become: '(("" auth-source t))) @end lisp +@node Troubleshooting +@subsection Troubleshooting + +If @command{ldapsearch} exits with an error, you'll see a message like +this in the @code{*Messages*} buffer (all on one line): + +@example +ldap-search-internal: Failed ldapsearch invocation: + ldapsearch "-Hldaps://ldap.gnu.org" "-bou=people,dc=gnu,dc=org" + "-Dgnu\emacsuser" "-W" "-LL" "-tt" "(&(mail=name*))" + "givenname" "sn" "mail" +@end example + +The @command{ldapsearch} command is formatted such that it can be +copied and pasted into a terminal. Set the @command{ldapsearch} debug +level to 5 by appending @code{-d 5} to the command line. + @node Usage @chapter Usage |