NSS and LDAP for Single-sign-on (Sarge)
Hi,
I'm having trouble configuring NSS and LDAP on Debian Sarge. I have
set up the system and migrated the profiles to the LDAP tree, and I can
query LDAP with ldapsearch and get the right information. I.e.
ldapsearch -x -h localhost -b "ou=People,dc=company,dc=com"
and that returns all the users correctly. But from a remote client
using JXPlorer LDAP client and entering the IP address it only lets me
login anonymously - is that correct (I'm assuming it isn't).
I want LDAP to authenticate all users accross all machines (SSO) but
being able to get the encrypted passwords anonymously is not desirable.
I'm assuming its a mis-configuration of NSS: which if I understand
correctly queries LDAP and checks users are OK.
I don't think I'm too far off as "getent passwd me" works. Are there
any common mistakes I could have made? Anything missing from the
install that I need to add?
Once it's configured how can I test its working (to some level)?
Thanks,
John
Reply to: