LDAP client auth almost working, need help.

---

• From: Jim Canfield <jcanfield@xxxxxxxxxxx>
• Date: Tue, 31 Oct 2006 09:23:58 -0600 (CST)

---

Greetings,

I'm a former gentooer and this is my first post to the ubuntu list.  So far, I'm very impressed with ubuntu!  Great works guys!

...Anyway,  looks like the nss-ldap intigration is not quite what it should be.  I looked at the Doc for LDAP clinet auth (https://help.ubuntu.com/community/LDAPClientAuthentication) and it's not correct for edgy.  Here's where I am.

Problem 1:

dpackage acts like it's configuring a libnss-ldap.conf  (or some type of ldap.conf) but it never changes.  I had to manually go in and change the ldap server settings.   After that `getent` seemed to be fine.

Problem 2:

FOOBAR BOOT!  For some ungodly reason udevd trys to connect to an ldap server before devices have been created.  My hunch is that it looking for a group name that doesn't exist locally and trying to use ldap to resolve it.  I've seen a few post on the debian list regarding this looking for the ''nogroup"  or  "nobody"...however ubuntu has these groups.  I'm confused.

Problem 3: 

Can't authticate via gdm.  I can "su ldapuser" fine and even switch to a virtual console and login, but login through gdm fails miserably.

Any help would be greatly appreciated...

Jim

Configs:

common-account

    account sufficient      pam_ldap.so
    account required        pam_unix.so

common-auth:

    auth    sufficient      pam_ldap.so
    auth    required        pam_unix.so nullok_secure use_first_pass

common-password:

password        sufficient      pam_ldap.so
password        required        pam_unix.so nullok obscure min=4 max=8 md5

common-session:

session optional        pam_unix.so
session required        pam_mkhomedir.so skel=/etc/skel/
session optional        pam_ldap.so
session optional        pam_foreground.so










--
ubuntu-users mailing list
ubuntu-users@xxxxxxxxxxxxxxxx
https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

---

• Follow-Ups:
  • Re: LDAP client auth almost working, need help.
    • From: Zach

• Prev by Date: Re: php5 source and apache2 package install bolloxed
• Next by Date: Re: php5 source and apache2 package install bolloxed
• Previous by thread: Gaim
• Next by thread: Re: LDAP client auth almost working, need help.
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: LDAP client auth almost working, need help. ... I'm a former gentooer and this is my first post to the ubuntu list. ... ldap server settings. ... (Ubuntu) PAM problem root login ... I use winbind to authenticate against an Active Directory (Windows 2003 ... If I try to login as a user of the domain then it works great - I can login, ... But if I try to login as root - it is not possible! ... @include common-account ... (alt.os.linux)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint

linux.derkeiler.com  > Mailing-Lists  > Ubuntu  > 2006-10