Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm trying to set up LDAP server & client operating between two VMs. All seems to have gone OK and ldapsearches work but I still can't ssh into the client machine using a uid defined on the server.
I'm guessing that user has no ssh access on the client, and it probably has nothing to do with LDAP at all. Take a look here:https://help.ubuntu.com/9.04/serverg...sh-server.html, you might find something interesting.
It's not ssh that's stopping me - as I'm also trying to login from the console and that fails too.
And yes, I have actually set up the server as a client but I realise that my test was overly complex. Subsequent test to ssh to testuser@client from client still prove unsuccsessful.
However, I have now noticed some error messages in /va/rlog/secure.
It seems the logins are being rejected by PAM! How do I get PAM to interface with LDAP or vice-versa?
Irishbite, I'm running RHEL5.
Hexahost, I did use system-config-authentication to configure both clients.
Actually I managed to get it working now. The breakthrough was finding this link below, ironically while looking for PAM info, but the PAM errors were a red herring, and the key was following the syntax carefully in the LDIF files included in this guy's openldap section:
I had been trying to use Posix parameters in the LDIF to identify my test user but ldapadd had been moaning about schemas which I thought were OK.
I think the key parameter was the following:
objectClass: posixAccount
That seems to allow the gidNumber and uidNumber parms to stick.
The PADL.com website also had some useful migration tools which take users from your passwd file and create LDIFs for you, although I was only setting this up to test so didn't use the tools.
I also think that forgetting the Group construct from my LDIF file probably didn't help either.
I'm glad I can move on now. I think I've learned way more about LDAP than I needed to, and I know I've only just scratched the surface!
Yup, LDAP is incredibly powerful, great tool for managing user data on a website for example. As a basis for a directory server, it's excellent. I struggled with this a couple of years ago setting up an OpenLDAP authentication server. Great fun!
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.