# Current news item: /etc/ldap.conf missing

## EasterParade

https://wiki.gentoo.org/wiki/SSH/LDAP_migration

What am I missing? See title: /etc/ldap.conf does not exist.

----------

## khayyam

 *transsib wrote:*   

> What am I missing? See title: /etc/ldap.conf does not exist.

 

transsib ... that file is provided by sys-auth/nss_ldap. You should have this package if you're planning authenticating local logins via ldap (though I'm not sure openldap pulls it in).

best ... khay

----------

## fedeliallalinea

 *Quote:*   

> 2018-08-07-openssh-ldap-migration
> 
>   Title                     Migration required for OpenSSH with LDAP
> 
>   Author                    Thomas Deutschmann <whissi@gentoo.org>
> ...

 

----------

## EasterParade

@fedeliallalinea

I got that (see my posting above), compiled the wrapper; I now see I do not have the ldap.conf file.

@khayyam

thanks, sys-auth/nss_ldap is not on the system; compiling now.

/etc/ldap.conf is present now, continuing but

```
ssh-ldap-pubkey list

Traceback (most recent call last):

  File "/usr/lib/python-exec/python3.6/ssh-ldap-pubkey", line 144, in <module>

    main(**kwargs)

  File "/usr/lib/python-exec/python3.6/ssh-ldap-pubkey", line 126, in main

    keys = ldapssh.find_pubkeys(login)

  File "/usr/lib64/python3.6/site-packages/ssh_ldap_pubkey/__init__.py", line 209, in find_pubkeys

    return self._find_pubkeys(self.find_dn_by_login(login))

  File "/usr/lib64/python3.6/site-packages/ssh_ldap_pubkey/__init__.py", line 225, in find_dn_by_login

    result = self._conn.search_s(conf.base, conf.scope, filter_s, ['dn'])

  File "/usr/lib64/python3.6/site-packages/ldap/ldapobject.py", line 802, in search_s

    return self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout)

  File "/usr/lib64/python3.6/site-packages/ldap/ldapobject.py", line 795, in search_ext_s

    msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)

  File "/usr/lib64/python3.6/site-packages/ldap/ldapobject.py", line 791, in search_ext

    timeout,sizelimit,

  File "/usr/lib64/python3.6/site-packages/ldap/ldapobject.py", line 294, in _ldap_call

    result = func(*args,**kwargs)

ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server", 'errno': 107, 'info': 'Transport endpoint is not connected'}

```

full stop now

----------

## kurly

 *transsib wrote:*   

> @fedeliallalinea
> 
> I got that (see my posting above), compiled the wrapper; I now see I do not have the ldap.conf file.
> 
> 

 I think you missed the point: there is nothing to migrate if you don't use it.

----------

## jhon987

 *transsib wrote:*   

> @fedeliallalinea
> 
> I got that (see my posting above), compiled the wrapper; I now see I do not have the ldap.conf file.
> 
> @khayyam
> ...

 

you need to issue the command with the word python at the beginning like so:

```
python ssh-ldap-pubkey list
```

Since ssh-ldap-pubkey is a python script, your terminal doesn't automatically recognize you're running a python script, therefore you must "tell" terminal to use python in order to run script file

----------

## EasterParade

 *Quote:*   

> I think you missed the point: there is nothing to migrate if you don't use it.

 

In this case I can remove the new packages and just ignore the news item.

jhon987, the wiki does not mention it. My system does not seem to need migrating.

clueless ....   :Wink: 

----------

## jhon987

 *transsib wrote:*   

> 
> 
> [...]
> 
> jhon987, the wiki does not mention it. [...]
> ...

 

Yeah, I know it doesn't but I wrote it still because that's what one needs to do when they encounter errors such as you did. (So it might be useful to you in the future, or for someone else who would come across this thread)

I guess the person who wrote the wiki article has his terminal automatically assume python script or something...

----------

## Hu

If the system did not recognize it as a Python script, how did he get a Python3.6 traceback telling him that the LDAP server is unreachable?

----------

## jhon987

 *Hu wrote:*   

> If the system did not recognize it as a Python script, how did he get a Python3.6 traceback telling him that the LDAP server is unreachable?

 

I don't think it's a python traceback but a bash traceback. The ssh-ldap-pubkey script is found inside the python directory:  /usr/lib/python-exec/python3.6/ssh-ldap-pubkey

and so the the functions inside that script are pointing to: /usr/lib64/python3.6/site-packages/ldap/ldapobject.py

however since the python interpreter (binary) isn't being utilized, that eventually leads to the errors he's getting.

Basically since the shebang: #!/usr/bin/env python is stated at the beginning of the file - terminal should recognize it's a python script, perhaps terminal defaults to the python interpreter version 2(.7) (maybe it is a python traceback) and so the script isn't functioning, perhaps the shebang should be changed to #!/usr/bin/env python3

I'm saying this from my own experience as well, I used same command and got same errors, yet once I used python before the command - suddenly I got meaningful output.

----------

## Hu

Bash does not produce tracebacks like that.  It seems unlikely to be a Python version problem, since the error message specifically states that it failed to contact the LDAP server.

----------

