PAM authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Thomas Mathiesen wrote:

>Hi all!
>
>I am happy to see that the communty have got a good-looking directory server.
>Soon, I hope I can throw away our M$ active directory, and run fedora
>directory instead, but I am having some issue, authenticating linux desktops.
>
>So, here's what I have:
>Fedora Directory installed on CentOS 4.0 (redhat EL clone)
>Ran the typical install (after reading redhat directory install manual)
>
>I can successfully login to the web-admin interface, and add users (after
>binding as Directory Manager).
>
>Due to a java error, I cannot use the console, but I rather use GQ (a gnome
>LDAP tool). I can bind (as Directory Manager), and add/remove stuff.
>
>So, here's what I continued doing:
>Added a user (using the webinterface).
>Added objectclass posixAccount to this user (using GQ)
>
>Turning to my desktop, running Ubuntu Hoary and Openldap, I set it up using
>this ldap config:
>host ldap.mydomain.com
>base dc=mydomain,dc=com
>ldap_version 3
>timelimit 30
>pam_filter objectclass=posixAccount
>pam_login_attribute uid
>ssl no
>#ssl start_tls
>#tls_checkpeer no
>pam_password ssha
>
>I've tried to use ssl (and tls_checkpeer no), and no ssl.... nothing works.
>
>In my log on the fedora directory server, I see the connection, and it first
>tries to find the posixAccount, and returns no error. Then it looks for
>shadowAccount, and returns no error (after I added that objectclass as well).
>
>The client worked fine, authenticating with my previous openldap server... and
>I can't see why I doesn't authenticate with my new fedora server.
>  
>
Hi Thomas,

What ldap requests are your clients posting to the fedora directory 
server for authentication?  Could you cut and paste the corresponding 
access log entries from the fedora directory server?

Thanks,
--
toto

>Help would be highly appreciated :)
>
>/Thomas
>
>--
>Fedora-directory-users mailing list
>Fedora-directory-users at redhat.com
>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>  
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3166 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20050607/9d65895d/attachment.bin
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux