LDAP client authentication on Fedora 16/17
Amit Karpe
amitkarpe at gmail.com
Mon Feb 25 06:02:25 UTC 2013
Following changes & restarting LDAP server help me.
On Server
#service dirsrv restart
On Client
/etc/nsswitch.conf
passwd: files ldap
shadow: files ldap
group: files ldap
netgroup: files ldap
hosts: files dns
/etc/sysconfig/authconfig
USELDAPAUTH=yes
FORCELEGACY=yes
/etc/nss_ldap.conf
bind_policy soft
/etc/pam_ldap.conf
bind_policy soft
Thanks a lot.
On Fri, Feb 22, 2013 at 8:59 PM, Amit Karpe <amitkarpe at gmail.com> wrote:
>
>
> On Fri, Feb 22, 2013 at 8:18 PM, Pavel Lisy <pali at tmapy.cz> wrote:
>
>> Amit Karpe píše v Pá 22. 02. 2013 v 14:40 +0800:
>> > Hi,
>> > While configuring LDAP client authentication on Fedora 16/17, I am
>> > testing this on Fedora 16 & 17. I have install openldap-clients
>> > nss_ldap . I am facing following problem.
>> > I have done configuration by following this url [1]
>> >
>> > Just to test I have fired following commands with success:
>> > $ldapsearch -x -b 'dc=eos,dc=ntu,dc=edu,dc=sg' 'objectclass=*'
>> > $getent passwd csyong
>> >
>> >
>> > Even I can use #su - csyong with success.
>> >
>> > But still have problem while logging by GDM
>> >
>> > Feb 22 08:16:35 localhost gdm-password][1434]:
>> > pam_unix(gdm-password:auth): authentication failure; logname= uid=0
>> > euid=0 tty=:0 ruser= rhost= user=csyong
>> > Feb 22 08:16:52 localhost gdm-password][1689]:
>> > pam_unix(gdm-password:auth): authentication failure; logname= uid=0
>> > euid=0 tty=:0 ruser= rhost= user=csyong
>>
>> Compare files in /etc/pam.d/:
>> gdm-password vs. system-auth (or system-auth-ac)
>>
>
> There is no file as /etc/pam.d/gdm-password, but there is file by name
> /etc/pam.d/gdm.
> I have maintain same content in /etc/pam.d/password-auth
> and /etc/pam.d/system-auth.
> Some given link [2] says both should be same.
> [2]:
> http://geek.co.il/wp/2012/02/16/ldap-authentication-on-fedora-16-and-why-it-sucks
>
>
>
>> You will need add lines for ldap to gdm-password probably
>>
>> Pavel
>>
>> --
>> Pavel Lisy <pali at tmapy.cz>
>>
>> --
>> users mailing list
>> users at lists.fedoraproject.org
>> To unsubscribe or change subscription options:
>> https://admin.fedoraproject.org/mailman/listinfo/users
>> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
>> Have a question? Ask away: http://ask.fedoraproject.org
>>
>
>
>
> --
> Regards
> Amit Karpe.
> http://www.amitkarpe.com/
> http://news.karpe.net.in/
>
--
Regards
Amit Karpe.
http://www.amitkarpe.com/
http://news.karpe.net.in/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20130225/66b4f7b6/attachment.html>
More information about the users
mailing list