LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices



Reply
 
Search this Thread
Old 01-26-2002, 10:02 PM   #1
td3201
Member
 
Registered: Jan 2002
Location: Omaha, NE US
Distribution: Red Hat/CentOS
Posts: 224

Rep: Reputation: 30
ldap auth - nsswitch - pam_ldap


Hi folks. This is my first post to the forums, and it's a tough one.

I am successfully authenticating users out of my ldap server (openldap). I want to take this a step further and eliminate the need of having these users in my local /etc files. I am using padl.com's nss_ldap and pam_ldap libraries to do this. I have this all set up and I can do a "getent group" and it pulls the group information from the ldap server just fine. If I do a "getent passwd". I only get my local users and no ldap user information.

Here are my configs.
ldap.conf:

host ldap
base dc=birddog,dc=com
rootbinddn cn=root,dc=birddog,dc=com
pam_member_attribute memberUid
nss_base_passwd ou=People,dc=birddog,dc=com?one
nss_base_group ou=Groups,dc=birddog,dc=com?one

nsswitch.conf:

passwd: files ldap
shadow: files ldap
group: files ldap
hosts: files dns ldap
services: files ldap [NOTFOUND=return]
networks: files ldap [NOTFOUND=return]
protocols: files ldap [NOTFOUND=return]
rpc: files ldap [NOTFOUND=return]
ethers: files ldap [NOTFOUND=return]
bootparams, publickey yet.
netmasks: files
bootparams: files
publickey: files
automount: files
aliases: files
sendmailvars: files
netgroup: files nis


I have heard rumors of using pam_filter in the ldap.conf file helps for this situation but I have not seen anything solid about this. Is anyone doing this setup? I am really frustrated and would appreciate some help here.

Thank you!
 
Old 01-27-2002, 11:13 PM   #2
td3201
Member
 
Registered: Jan 2002
Location: Omaha, NE US
Distribution: Red Hat/CentOS
Posts: 224

Original Poster
Rep: Reputation: 30
I have narrowed the problem down to nss_ldap module but "getent group" works, which confuses me. Is anyone using this type of setup at all?

Thank you,
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LDAP & NSSwitch.conf matarodi Debian 0 09-11-2005 04:10 AM
Active Directory, Kerberos, LDAP, PAM, and nsswitch PenguinPwrdBox Linux - Security 1 06-04-2005 10:56 PM
Auth via LDAP on eDirectory jtweaker Linux - Networking 1 12-28-2004 09:18 AM
Ldap + smb auth PcHammer Linux - Software 0 02-17-2003 04:19 AM
Cyrus, pam_ldap, ldap postfix installation mayankjohri Linux - Software 0 07-18-2002 07:09 AM


All times are GMT -5. The time now is 07:20 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration