On Wed, Feb 10, 2010 at 11:07:05AM -0500, John A. Sullivan III wrote: > Hello, all. We have just started to explore Debian Lenny as a platform > and have been delightfully impressed however we're hitting a problem > using LDAP authentication that we have not experienced in RedHat or > Ubuntu. We do not allow anonymous LDAP queries but rather > configure /etc/pam_ldap.conf with a binddn and bindpw. > > Our LDAP queries are failing and, when we look at the access logs on our > CentOS Directory Server 8.1, we see the binddn is empty: > Hi on my debian system I have a couple of packages installed to handle ldap userid db. pam handles one side of it but you need the nss stuff as well. There are 2 sets of packages, the one I use (I like it better - works how I like it to work and seems to be getting active maintenance). nslcd and with this you will need libnss-ldapd & libpam-ldapd they both need config files in /etc [snip] > > pam_ldap.conf looks like this: > [snip] you need to look at the nss config file as well > We could very likely have a missing package. This is a vserver and they > install a very skeleton base system. For example, the system initially > did not query at all until we realized we needed to install passwd. > This is an X2Go print server (hopefully many desktops to come > immediately after!) so we have installed: [snip] maybe you are missing stuff, like the nss ldap package. getent passwd should show you all your users work from there and then getent group > did we do wrong? Any help would be greatly appreciated as I've lost days > tracking this down with no answer. Thanks - John > > >
Attachment:
signature.asc
Description: Digital signature