Re: needed, PAM && LDAP help
> I was following the thread on using LDAP to handle authentication of clients,
> and I am having a lot of trouble getting things to work.
>
> First I created a new testing account
>
> # adduser testing
>
> Second, I downloaded the conversion tools, turned off shadowpasswords, and
That was not necessary ^^^^^^^^^^^^^^^^^^^^^^^^^^
> updated my LDAP database.
>
> Using ldapsearch, I verified that all the accounts had been transfered over. I
> then downloaded the pam_ldap modules, and changed /etc/pam.d/other to:
>
> auth sufficient pam_ldap.so
> auth required pam_unix_auth.so try_first_pass
> account required pam_unix_acct.so
> password required pam_unix_passwd.so shadow
> session required pam_unix_session.so
>
> Note: there is not an /etc/pam.d/login file.
That means you havn't installed the login that actually uses pam. The
packade is pam-apps
> Then I deleted the test account from /etc/password, /etc/shadow etc.
> But I was not able to login with the test account.
Well, besides authenticating a user, you also need other information, like
uid, home dir, shell. pam_ldap does not provide this. You also need
libnss-ldap to get this info.
After you install libnss-ldap and pam-apps and try again, you should look
into your /var/log/syslog file where slapd will report all requests. This
will help determine the problems.
Sergey.
Reply to: