Slackware 13.37 + NSS_LDAP; i can getent and su to user from root,but not usr 2 usr?
Hi everybody, i have a Slackware LDAP server working fine, i can connect to it with a redhat client just fine. I also have a Slackware client that i want to get working, it is a fresh install of 13.37 with a nss_ldap package installed, i have the /etc/ldap.conf configured correctly and nsswitch.conf with ldap before files on the passwd,shadow,and group. I can su to my 2 ldap test users when i am root, but i cant switch from user to user, i get Authentication Failed....any ideas? thanks alot.
---------- Post added 07-28-11 at 11:26 AM ---------- sorry, i forgot to mention that getent passwd retrieves the 2 ldap users information correctly. |
Did you follow a particular guide when configuring your client? I have never used slackware as a client, because I thought the lack of pam in slack would need a little touch of good old know how to install.
|
Hi, thanks for the reply, no i didnt follow a particular tutorial just took something from every tutorial i read. Im whondering now if it is impossible to login to a LDAP user without pam?
|
According to Alien Bob it's not necessary to use pam with ldap, however, the tutorial he is refering to, is no longer existing. But there might be others laying around.
Also, this was for slackware 9.0, things might have changed, but I guess the principle will still work. |
Hi, thanks for the reply Dinithon!, the nss_ldap package i installed was by alien. If anyone knows what i am missing i would really appreciate it, Thanks everyone!
|
The FAQ entry AlienBOB is referring to is below.
Code:
How can I authenticate a Slackware client against an LDAP server without PAM? |
Nyte Owl thanks alot man!, im about to go fishing right now but i will try it when i get back, thanks for your input , very informative!
|
PAM is definitely not needed. But beware of running the LDAP server and nss_ldap on the same machine, as this could make udev to fail when booting (see http://www.linuxquestions.org/questi...nymore-817791/).
Personally I switched from nss_ldap to nss-pam-ldapd a while ago, because it has some advantages over nss_ldap (see http://arthurdejong.org/nss-pam-ldapd/) and I highly recommmend to give it a try. Although the name suggests it, it doesn't require PAM. There's no package availabe, but a simple "./configure --disable-pam --mandir=/usr/man;make;make install" will do. Mike |
Ok thanks Mike, ill try that in the morning, im currently working on Active Directory scenario for class :/. Thanks!
|
All times are GMT -5. The time now is 02:01 PM. |