LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
Reload this Page Centralized Authentication using LDAP,SAMBA & LAM
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 07-17-2007, 03:44 PM   #1
metallica1973
Senior Member
Contributing Member
 
Registered: Feb 2003
Location: Washington D.C
Posts: 2,190

Rep: Reputation: 60
Centralized Authentication using LDAP,SAMBA & LAM

I have finally finished setting up LDAP, LAM and SAMBA and have added machines to my network using TLS and asymetric authentication. At this point the only authentication that is happening is only from the accounts that I specify in LAM/LDAP. The problem I am having issues with is trying to centralize my authentications through one source which in this case is LDAP and SAMBA using LAM(LDAP Account Manager). Whenever I try and use fedora authentication program to try and point everything to LDAP for authentication is freezes the whole system and then I have to use disk 1 and go into recovery mode to remove the entries in nsswitch.conf. Here are is /etc/LDAP.conf

PHP Code:
#host 127.0.0.1
uri ldaps://Test.Example.com/
base dc=Example,dc=com
pam_password md5
tls_checkpeer yes
tls_cacert /etc/openldap/cacerts/cacert.pem
#binddn cn=Manager,dc=Example,dc=com
#bindpw {SSHA}XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 


ssl start_tls
TLS_CACERTDIR /etc/openldap/cacerts
URI ldaps://Test.Example.com/
BASE dc=Example,dc=com 
My /etc/openldap/slapd.conf

PHP Code:
include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/samba3.schema

pidfile         /var/run/openldap/slapd.pid
argsfile        /var/run/openldap/slapd.args

access to dn.base=""
                by self write
                by auth

access to attrs=userPassword
                by self write
                by auth

access to attrs=shadowLastChange
                by self write
                by read

access to *
                by read
                by anonymous auth


TLSCACertificateFile /etc/openldap/cacerts/cacert.pem
TLSCertificateFile /etc/openldap/cacerts/slapdcert.pem
TLSCertificateKeyFile /etc/openldap/cacerts/slapdkey.pem




database        bdb

suffix          "dc=Example,dc=com"
rootdn          "cn=Manager,dc=Example,dc=com"

# rootpw = not24get
rootpw  {SSHA}XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

directory       /var/lib/ldap

#index objectClass                       eq,pres
#index ou,cn,mail,surname,givenname      eq,pres,sub
#index uidNumber,gidNumber,loginShell    eq,pres
#index uid,memberUid                     eq,pres,sub
#index nisMapName,nisMapEntry            eq,pres,sub

 Indices to maintain
index objectClass           eq
index cn                    pres,sub,eq
index sn                    pres,sub,eq
index uid                   pres,sub,eq
index displayName           pres,sub,eq
index uidNumber             eq
index gidNumber             eq
index memberUID             eq
index sambaSID              eq
index sambaPrimaryGroupSID  eq
index sambaDomainName       eq
index default               sub 
My /etc/nsswitch.conf

PHP Code:

passwd:     files
shadow:     files
group:      files

#hosts:     db files nisplus nis dns
hosts:      files dns

# Example - obey only what nisplus tells us...
#services:   nisplus [NOTFOUND=return] files
#networks:   nisplus [NOTFOUND=return] files
#protocols:  nisplus [NOTFOUND=return] files
#rpc:        nisplus [NOTFOUND=return] files
#ethers:     nisplus [NOTFOUND=return] files
#netmasks:   nisplus [NOTFOUND=return] files     

bootparamsnisplus [NOTFOUND=return] files

ethers:     files
netmasks:   files
networks:   files
protocols:  files
rpc:        files
services:   files

netgroup:   files

publickey:  nisplus

automount:  files
aliases:    files nisplus 
What do I need to do to get this system to authenticate everything from LDAP including the local system this it resides on? I want a central point of authentication!
Last edited by metallica1973; 07-17-2007 at 03:46 PM.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SAMBA, LDAP and LAM metallica1973 Linux - Server 6 07-17-2007 03:19 PM
Samba LDAP and LAM metallica1973 Linux - Networking 2 03-10-2007 09:30 AM
SAMBA PDC + LDAP Authentication problem gokulnath Linux - Networking 2 02-17-2007 10:06 AM
Samba, LDAP, LAM & SMBLDAP-TOOL Understanding metallica1973 Linux - Networking 0 12-15-2006 03:14 PM
Roaming Profiles via LDAP, Samba, Lam ... Help! Elijah Linux - Networking 16 10-25-2005 11:30 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 04:37 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration