[K12OSN] ltsp client authentication with separate k12ltsp and

cliebow at downeast.net cliebow at downeast.net
Wed Jan 12 22:04:02 UTC 2005

when you log in you are logging in as if you are sitting at the
server..Should just work..Can you watch the logs and get an idea where
things fail..btw what dm are you using..gdm??chuck

> We got a Samba/LDAP server and a separate K12LTSP box up and running.
> We ran 'authconfig' on the K12LTSP box, and we configured it to
> authenticate to our Samba/LDAP server.
> Our test user was "art".
> We could log into a Windows client as "art".
> We could ssh into the Samba/LDAP server as "art".
> We could ssh into the K12LTSP server as "art".
> We could log into a K12LTSP client as "root".
> We COULD NOT log into a K12LTSP client as "art".
> FYI, we did the NFS mount of /home, though of course that doesn't have
> anything to do with authentication.
> Just now, I set up an identical test network here at home and I got the
> same results.  I've poked around Google a bit but I haven't found
> anything that helps with exactly this problem.  (I've found some
> how-tos on setting up LDAP clients in general but they primarily say
> "run authconfig", and the extra steps they prescribe actually break ssh
> access/authentication to the K12LTSP server, so THAT can't be
> right.)
> Does anyone here have any advice?  It looks like everything is up and
> running fine, except that the LTSP clients themselves aren't
> authenticating to LDAP even though the K12LTSP server is.
> If I create a regular Unix user on the K12LTSP server that user can log
> into an LTSP client without a problem (and that's how root is able to
> log into a k12ltsp client).
> I don't yet have a clear understanding of how users of the LTSP clients
> authenticate at all, so I'm sure that's contributing to my confusion. 
> It looks to me as if they authenticate using the UNIX passwd/shadow
> file of the k12ltsp server, and I'm not sure how to point the LTSP
> clients to the LDAP server instead.  I tried messing with settings in
> /opt/ltsp/i386/etc/nsswitch.conf, but it didn't seem to make any
> difference...
> (I copied /etc/nsswitch.conf to /opt/ltsp/i386/etc/ and rebooted a
> client - but to no avail.)
> My next thought was that I need an LDAP client installed in
> /opt/ltsp/i386/ for the LTSP clients - but nobody else has mentioned
> needing to do that, so there *must* be another answer...
> We will appreciate any advice you can provide!
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>

This message was sent from Downeast.Net.

More information about the K12OSN mailing list