LDAP Client Configuration problem
Ιωάννης Βαρθακούρης
jackal at pathfinder.gr
Wed Apr 21 16:19:49 EEST 2004
Μπορεί κάποιος να μου πεί τί κάνουμε λάθος ?
---------------------------------------------
ldap.conf :
host 10.0.2.252
# The distinguished name of the search base.
base dc=solaris,dc=epp
#scope one
pam_check_host_attr yes
pam_filter objectclass=posixAccount
pam_login_attribute uid
pam_member_attribute memberuid
pam_template_login_attribute uid
pam_crypt local
ldap_version 3
port 389
#nss_base_passwd ou=People,dc=solaris,dc=epp?one
#nss_base_shadow ou=People,dc=solaris,dc=epp?one
#nss_base_group ou=Group,dc=solaris,dc=epp?one
#nss_base_hosts ou=Hosts,dc=solaris,dc=epp?one
nsswitch.conf:
#ident $Id: nsswitch.ldap,v 2.4 2003/10/02 02:36:25 lukeh Exp $
#
# An example file that could be copied over to /etc/nsswitch.conf; it
# uses LDAP conjunction with files.
#
# "hosts:" and "services:" in this file are used only if the
# /etc/netconfig file has a "-" for nametoaddr_libs of "inet" transports.
passwd: files ldap
group: files ldap
# consult DNS first, we will need it to resolve the LDAP host. (If we
# can't resolve it, we're in infinite recursion, because libldap calls
# gethostbyname(). Careful!)
hosts: dns ldap
# LDAP is nominally authoritative for the following maps.
services: ldap [NOTFOUND=return] files
networks: ldap [NOTFOUND=return] files
protocols: ldap [NOTFOUND=return] files
rpc: ldap [NOTFOUND=return] files
ethers: ldap [NOTFOUND=return] files
# no support for netmasks, bootparams, publickey yet.
netmasks: files
bootparams: files
publickey: files
automount: files
# I'm pretty sure nsswitch.conf is consulted directly by sendmail,
# here, so we can't do much here. Instead, use bbense's LDAP
# rules ofr sendmail.
aliases: files
sendmailvars: files
# Note: there is no support for netgroups on Solaris (yet)
netgroup: ldap [NOTFOUND=return] files
pam.d files :
cron file:
account required pam_unix.so
auth required pam_unix.so nullok
auth required pam_env.so
session required pam_unix.so
ftp file:
auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
auth required pam_shells.so
auth sufficient pam_ldap.so
auth required pam_unix.so
account sufficient pam_ldap.so
account required pam_unix.so
session required pam_unix.so
session required pam_mkhomedir.so skel=/etc/skel/ umask=0077
login file:
auth sufficient pam_ldap.so
auth sufficient pam_unix.so use_first_pass
account sufficient pam_localuser.so
account [default=bad success=ok user_unknown=ignore service_err=ignore system_err=ignore] pam_ldap.so
session required pam_unix.so
session required pam_mkhomedir.so skel=/etc/skel/ umask=0077
password required pam_deny.so
passwd file:
password required pam_unix.so nullok obscure md5
su file:
auth sufficient pam_rootok.so
#ldap auth
auth sufficient pam_ldap.so
# Local user auth
auth required pam_unix.so try_first_pass
account sufficient pam_ldap.so
account required pam_unix.so
session sufficient pam_ldap.so
session required pam_unix.so
---------------------------------------------------------------------
Έχουμε ένα solaris server με Directory Services 5.2. Με τον jxplorer το ldap ανταποκρίνεται κανονικά. Χρησιμοποιώντας τα αρχεία πιο πάνω σε linux client Mandrake 10 δεν βλέπει καθόλου τη βάση και δεν μπορεί να κάνει και login, ούτε local ούτε απομακρυσμένα.
Firewall δεν υπάρχει στη μέση ....
Καμία πρόταση ????????
______________________________________________________________________________________
http://mobile.pathfinder.gr - Pathfinder Mobile logos & Ringtones!
http://www.pathfinder.gr - Δωρεάν mail από τον Pathfinder!
More information about the Linux-greek-users
mailing list