[Fedora-directory-users] Ubuntu 8.04 authentication
Ryan Braun [ADS]
ryan.braun at ec.gc.ca
Fri Mar 13 16:10:56 UTC 2009
On Wednesday 11 March 2009 10:10:08 Diwakoe wrote:
> Dear all,
>
> I want to configure ubuntu 8.04 authentication using FDS still can not
> get user from server, another workstation using fedora 7 can
> authenticate well.
>
> Already using this doc:
> https://help.ubuntu.com/community/FedoraDirectoryServerClientHowto,
> but still no luck.
>
I find that starting small and working forward is the best way to go.
First off, disable all encryption (for now). in pam_ldap.conf and libnss-
ldap.conf. I've found that running wireshark while learning/setting up the
clients helps a ton. You can see the ldap calls over tcpip and can also see
all the username and passwords. Which should inspire you to turn encryption
back on when done :)
Next configure nss lookups. Make sure libnss-ldap is installed, And again
minimally, setup libnss-ldap.conf. Add ldap to your nsswitch.conf file and
try a getent (passwd|group). If nothing happens, check your sniffer and fds
logs to see if it was able to try and connect to your ldap server.
Then move onto your pam config. Same as above, start minimally then add
configs/features later. But remember, FDS will not accept passwd changes from
the command line unless over TLs/SSL. But it will authenticate just fine.
But like I said initially, for myself, watching wireshark helped a ton.
Ryan
More information about the Fedora-directory-users
mailing list