[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: newbie question



Thanks for the pointer. I do have an ldap entry in the nsswitch.conf file. Now that I look at it it looks like pam_nss is not getting called at all. Will getent work at all if I don't have pam_nss installed?

Bill


--On Friday, February 15, 2002 5:47 PM -0500 Chris McCulloh <dci@webquill.com> wrote:


Bill --

Check your /etc/nsswitch.conf file and make sure that the lines for passwd
and groups have "ldap" in addition to files and whatever else may  be
there (nis, nisplus, etc).  Then try the getent passwd and it should work
properly.

Also, you might want to also read up on the pam module pam_mkhomedir.so.
Automatically creates a user's home directory upon login if it does not
already exist.  It's included with standard Linux-PAM.

chris

On Fri, 15 Feb 2002 14:29:14 -0800
PAM Shared IMAP Folder <post+pam@macallister.grass-valley.ca.us> wrote:

Hello,

I am trying to get pam_ldap and nss_ldap working on my Redhat 7.1
system.
From what I can tell I have done what is required, but obviously I am
unclear on what that is since it only sort of works.  I would apreciate
any
suggestions.

Here is what I have done so far:

  * Set up group and user entries in OpenLDAP
  * Run authconfig.  This looks to be a Redhat utility that set entries
    in /etc/pam.d/system-auth.
  * I also manually made entries in /etc/pam.d/ftp and /etc/pam.d/sshd.
    These entries were made before I new about authconfig.

What I see is that I can connect using ftp, but it doesn't really know
who
I am.  I am left at the root.  Anonymous FTP is off and if I give a bad
password the ftp login fails.  If I remove the manual entries from the
FTP
file it doesn't work a all. Also, when I watch the OpenLDAP log I never

see a query for any group or user information. So, this looks like I am

missing the trick to turn on nss_ldap. This really is confirmed when I
do
a getent passwd and just see the password file.

-- Chris McCulloh MediaChron, Inc.

  e: chris@mediachron.com
  t: 203.229.2451
  f: 203.750.1002
  w: http://www.mediachron.com
  a: 509 Westport Ave., Norwalk, CT 06851, USA
pgp: http://www.mediachron.com/chris.pub




+------------------------------------------------ | Bill MacAllister | PRIDE Industries | Roseville, CA





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []