On 7/31/07, Greg Hetrick <greg.hetrick(a)gmail.com> wrote:
I am having a problem with sudo when I am running in a TSL/SSL
connection, I
am able to ssh into the client and verified that the connection is secure,
but once logged in to the client machine I am unable to use sudo.
I am seeing multiple re-tries in the access logs that appear to close,:
When I do the same thing without a TLS/SSL connection sudo works fine.
and eventually, I get
sudo: uid 1000 does not exist in the passwd file!
Based on the symptoms and logs, this sounds more like a client problem
than a problem with FDS. What OS / distro are you running? What does
your /etc/ldap.conf look like? Recent versions of Fedora, for
example, are fairly strict in how /etc/ldap.conf is configured. The
following configuration works for me, although it could probably be
improved:
uri
ldaps://ldap1.example.com/ ldaps://ldap2.example.com/
ssl on
tls_cacertfile /etc/pki/tls/certs/ca-localauthority.crt
host
ldap1.example.com ldap2.example.com
Josh Kelley