Ubuntu 10.04 LDAP authentication, can't login to gui
I'm having an odd problem with ubuntu 10.04.
I've got openldap running on the server (CentOS), and I can authenticate with any of my users from any of the desktops (running Ubuntu) from the command line. The users don't show up in the login window, and when you login via the "other" selection, the user authenticates, and is booted out to the login screen immediately. Any ideas how I can get this going? |
I can't answer your question; I can only make a suggestion.
Point your browser at www.google.com/linux, search for "ubuntu openldap login". There are many articles/threads on the subject. On the first page of returns, I found a couple of how-to's for setting up the server and clients. One of them might help you solve your problem. |
Quote:
Yes, I know there are tutorials, I've read many of them trying to get this to work __before posting here__. Most of those cover server configuration, not client. There is very little information specific to configuring ubuntu clients in those, and what there is is often for very old versions. This may very well be a GDM specific issue, and not an ubuntu one, I'm not sure. Hopefully someone who knows something about the subject will have some ideas? --Kyle |
I don't know if this will help you or not, but here is how I configure LDAP client on Ubuntu.
Please note, I have had problems with 10.04, which I *did not* have in 9.10, so be aware that if it doesn't work, it's not necessarily your fault. 1) sudo apt-get install libpam-ldap nscd Libpam-ldap allows you to use LDAP for logins. Enter your LDAP base DN and server hostname/IP address when it asks. Set LDAP version 3, say No to "make local root database admin", and No to "Does the LDAP database require login". 2) edit your /etc/nsswitch.conf file and change the following entries, so ldap is after files: passwd: files ldap shadow: files ldap group: files ldap hosts: files dns ldap ethers: files ldap 3) Reboot (I sometimes find it necessary, for unknown reason!) I would normally log in using a local user, then do "id username" to test whether it can look up LDAP usernames. Once it does, you can log in at the graphical login screen. 4) I also set up pam to make a home directory if there isn't one already. You can do this by editing /etc/pam.d/common-session and add this line: # and here are more per-package modules (the "Additional" block) session required pam_mkhomedir.so skel=/etc/skel Best o'luck. |
All times are GMT -5. The time now is 08:57 PM. |