Hi,
I have an OpenLDAP-Server running and now am trying to authenticate clients against it. The clients are running Debian Lenny.
Executing "id USERNAME" or "getent passwd" works, but I just cannot log in, even though "su - USERNAME" works as well.
These are the config files I think are important for the authentication:
/etc/pam.d/common-account
Code:
account sufficient pam_unix.so
account sufficient pam_ldap.so
account required pam_deny.so
/etc/pam.d/common-auth
Code:
auth sufficient pam_ldap.so
auth sufficient pam_unix.so shadow use_first_pass
auth required pam_deny.so
/etc/pam.d/common-session
Code:
session sufficient pam_ldap.so
session required pam_unix.so
/etc/pam.d/common-password
Code:
password sufficient pam_ldap.so type=network use_authtok first_pass
password sufficient pam_unix.so type=machine use_authtok md5
password required pam_deny.so
/etc/pam_ldap.conf
Code:
host ldap.samba.local
base dc=samba,dc=local
ldap_version 3
binddn cn=Replicator,ou=Users,dc=samba,dc=local
pam_filter &(objectclass=posixAccount)(!(uidNumber=0))
pam_password exop
/etc/nsswitch.conf
Code:
passwd: compat ldap
group: compat ldap
shadow: compat ldap
/etc/libnss-ldap.conf
Code:
host 10.0.10.10
uri ldap://ldap.samba.local
base dc=samba,dc=local
Thanks,
Toby