Ubuntu Lucid LDAP not authenticating via NX
To start of with, I am a sort of newbee so play nice. We have a Ubuntu Lucid box and I am trying to do central authentication. This is a test box but I want to install LDAP on one box to administer accounts and users must be able to log in on any other machine using the LDAP server account I created for the.
I only have this one box to test with so I installed LDAP on the box, created a dummy account called fsmit on it using phpldapadmin. I then installed the ldap client(sudo apt-get install libpam-ldap libnss-ldap nss-updatedb libnss-db nscd ldap-utils) on the same server and tried my best to configure it. I connected via Putty from my Windows7 machine to the Ubuntu box and can log in with the fsmit account. I get simple stuff like cannot change to /home/uesrs/fsmit because the directory does not exist but I see this a a minor change. My question, how will I get authentication to work if I want to connect to this box with NXClient? I have FreeNX installed on this box and I can connect using the NXClient if I use an account local to that box. Below is the NXClient log: NX> 203 NXSSH running with pid: 1128 NX> 285 Enabling check on switch command NX> 285 Enabling skip of SSH config files NX> 285 Setting the preferred NX options NX> 200 Connected to address: 216.46.48.241 on port: 17622 NX> 202 Authenticating user: nx NX> 208 Using auth method: publickey HELLO NXSERVER - Version 3.2.0-74-SVN OS (GPL, using backend: 3.5.0) NX> 105 hello NXCLIENT - Version 3.2.0 NX> 134 Accepted protocol: 3.2.0 NX> 105 SET SHELL_MODE SHELL NX> 105 SET AUTH_MODE PASSWORD NX> 105 login NX> 101 User: fsmit NX> 102 Password: NX> 103 Welcome to: sfcdevlnxtst1 user: fsmit NX> 105 listsession --user="fsmit" --status="suspended,running" --geometry="1920x1080x32+render" --type="unix-gnome" NX> 127 Sessions list of user 'fsmit' for reconnect: Display Type Session ID Options Depth Screen Status Session Name ------- ---------------- -------------------------------- -------- ----- -------------- ----------- ------------------------------ NX> 148 Server capacity: not reached for user: fsmit NX> 105 startsession --link="wan" --backingstore="1" --encryption="1" --cache="16M" --images="64M" --shmem="1" --shpix="1" --strict="0" --composite="1" --media="0" --session="LNXTst" --type="unix-gnome" --geometry="1914x990" --client="winnt" --keyboard="pc102/en_US" --screeninfo="1914x990x32+render" NX> 1000 NXNODE - Version 3.2.0-74-SVN OS (GPL, using backend: 3.5.0) NX> 705 Session display: 2001 NX> 703 Session type: unix-gnome NX> 701 Proxy cookie: 881444d393c946888b98c532818318b2 NX> 702 Proxy IP: 10.30.34.33 NX> 706 Agent cookie: 881444d393c946888b98c532818318b2 NX> 704 Session cache: unix-gnome NX> 707 SSL tunneling: 1 NX> 1009 Session status: starting NX> 105 NX> 596 Session startup failed. NX> 1004 Error: NX Agent exited with exit status 1. To troubleshoot set SESSION_LOG_CLEAN=0 in node.conf and investigate "/home/users/fsmit/.nx/F-C-sfcdevlnxtst1-2001-6251E2D7E2ED95E3B99261BC126F51D6/session". You might also want to try: ssh -X myserver; /usr/lib/nx/nxnode --agent to test the basic functionality. Session log follows: Can't open /var/lib/nxserver/db/running/sessionId{6251E2D7E2ED95E3B99261BC126F51D6}: No such file or directory. mv: cannot stat `/var/lib/nxserver/db/running/sessionId{6251E2D7E2ED95E3B99261BC126F51D6}': No such file or directory NX> 1006 Session status: closed NX> 1009 Session status: starting NX> 280 Exiting on signal: 15 |
One step at a time.
With PAM-LDAP enabled, can you login at the keyboard? If so, then you should be able to ssh in. Try to test each layer. A word of caution about using LDAP, first spot of trouble in your openldap stack, you STILL need auth to keep running. I love it, but know that you better have it running in some kind of high-availability way on real n+1 type hardware with real disk storage. (shared raid, iscsi cluster, fibrechannel, etc) Openldap doesn't need much horsepower, so even an older enterprise-ish stack should do fine. I like HP's SCSI MSA cluster. Used is a bargain! |
This machine is actually a VM at our server farm. Using my account that was created when they built the VM I can SSH and connect using NXClient(all from my desk running Windows7) I installed LDAP and the LDAP client software and created a user called fsmit in phpldapadmin so this user does not exist in the local users group....
I can log in via ssh as fsmit but I cannot log in using NXClient using fsmit. |
All times are GMT -5. The time now is 10:19 AM. |