ldap authentication problems
David L
idht4n at gmail.com
Thu May 6 21:59:59 UTC 2010
I'm trying to authenticate with ldap on f13 using the same ldap.conf I'm using
successfully on f12. But it doesn't like my password and I see a message like
this in /var/log/secure:
May 6 14:37:22 empire su: pam_sss(su:auth): received for user foo: 10
(User not known to the underlying authentication module)
Any ideas what the problem might be? My /etc/ldap.conf looks something
like this:
uri ldap://192.168.116.243
base dc=mydomain,dc=mycompany,dc=com
binddn cn=ldap,cn=users,dc=mydomain,dc=mycompany,dc=com
bindpw theBindPw
timelimit 120
bind_timelimit 120
bind_policy soft
idle_timelimit 3600
pam_filter objectclass=user
nss_base_passwd ou=People,dc=mydomain,dc=mycompany,dc=com?one
nss_base_shadow ou=People,dc=mydomain,dc=mycompany,dc=com?one
nss_base_group ou=SecurityGroups,dc=mydomain,dc=mycompany,dc=com?one
nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon
nss_map_objectclass posixAccount User
nss_map_objectclass shadowAccount User
nss_map_attribute uid sAMAccountName
nss_map_attribute uidNumber msSFU30UidNumber
nss_map_attribute gidNumber msSFU30GidNumber
nss_map_attribute loginShell msSFU30LoginShell
nss_map_attribute gecos name
nss_map_attribute userPassword msSFU30Password
nss_map_attribute homeDirectory msSFU30HomeDirectory
nss_map_objectclass posixGroup Group
nss_map_attribute memberUid msSFU30MemberUid
nss_map_attribute cn cn
pam_login_attribute sAMAccountName
pam_member_attribute msSFU30PosixMember
pam_filter objectclass=User
pam_password ad
ssl no
tls_cacertdir /etc/openldap/cacerts
Thanks,
David
More information about the test
mailing list