NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Mandrake Linux> 2003-q4

Re: [discuss] NSS not talking to LDAP

From: Buchan Milne (bgmilnecae.co.za)
Date: Wed Nov 19 2003 - 15:08:01 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

John Coonrod wrote:
> I've followed Vincent's instructions auth-ldap2 on my Mandrake 9.2
> server, yet it doesn't seem to work. I've put a bunch of users into my
> ldap database using directory_administrator - I can confirm that they
> are there and work properly with apache authentication - but they don't
> create users on the system, and they don't show up when I do:
>
> getent shadow
>
> Thus, all the security features, like expiration of passwords, aren't
> working.

Do they show up with 'getent passwd'? getent shadow isn't necessary to
expire passwords (if you are going to be authenticating via pam, which
is more secure than nss and getent shadow IMHO).

Also, if you are running nscd, have you restarted it?

>
> How can I figure out what is wrong? Here is my nsswitch.conf file:
>
> #
> # /etc/nsswitch.conf
> #
> passwd: files ldap
> shadow: files ldap
> group: files ldap
> hosts: files ldap dns
>
> ethers: files
> netmasks: files
> networks: files
> protocols: files
> rpc: files
> services: files
>
> netgroup: nisplus
>
> publickey: nisplus
>
> automount: files nisplus
> aliases: files nisplus

We would need to see your /etc/ldap.conf too (or a sanitized version of it).

Regards,
Buchan

- --
|--------------Another happy Mandrake Club member--------------|
Buchan Milne Mechanical Engineer, Network Manager
Cellphone * Work +27 82 472 2231 * +27 21 8828820x202
Stellenbosch Automotive Engineering http://www.cae.co.za
GPG Key http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE/u9uxrJK6UGDSBKcRAkySAKCQICUHknCMo9rQhFKGQO8SZ+LtfgCeKN3v
J4bkXWJffjEuLWmNOaEAi+U=
=arl3
-----END PGP SIGNATURE-----

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]