Trouble with ldap auth on linux. nss_ldap, padl, ...
Been banging my head over this for 24 hours now, so i have to come to the forums :). I've done several implementations of ldap auth with different directories, but this one is a little "special".
Hosts / Clients:
SuSE 9, 10
Some others as well.
Connecting to Active Directory on win2k3. This does NOT have the R2 schema. I'll spare the details as to why, but for now I need to use some non-standard attributes.
Current problem i have right now, is that i can see the shadow entries, but i can't see the passwd entries.
ie: getent shadow works, but getent passwd doesn't show my ldap users.
I used tcpdump, and I found that when i run getent passwd there is a filter added to the query that i wasn't expecting.
Where is this "sAMAccountName=pcap" coming from?
ldap.conf posted below.
binddn cn=My Name,OU=IT_Users,OU=IT,DC=testlic,DC=testcorp,DC=companyname,DC=ets
nss_map_objectclass posixAccount user
nss_map_objectclass shadowAccount user
nss_map_attribute uid sAMAccountName
nss_map_attribute homeDirectory division
nss_map_attribute shadowLastChange pwdLastSet
nss_map_objectclass posixGroup group
nss_map_attribute uniqueMember member
nss_map_attribute userPassword authPassword
was looking in the wrong place.
After carefully reading the output from tcpdump, I realized i forgot to map loginShell, and more importantly uidNumber.
All is well now.
|All times are GMT -5. The time now is 11:44 PM.|