Re: Setting up a test server

[Arpit Tolani <arpittolani@xxxxxxxxx>]

On Wed, Apr 10, 2013 at 11:58 PM, <harry.devine@xxxxxxx> wrote:

????  I have no idea.  Do you mean secure shell?  I guess I don't understand the question, sorry.

Have you resolved this issue,

In RHEL6 Ldap client side configuration can be done either using nslcd (provided by nss-pam-ldapd) or using SSSD(recommended).

nss-pam-ldapd

The nss-pam-ldapd provides the nss-pam-ldapd daemon (nslcd) which uses a directory server to look up name service information on behalf of a lightweight nsswitch module. The authentication part is handled by pam_ldap from http://www.padl.com/OSS/nss_ldap.html. Currently nss-pam-ldapd's own pam_ldap is disabled.

nslcd uses configuration information from /etc/nslcd.conf file and pam_ldap uses /etc/pam_ldap.conf file(If authconfig is used, both the files are updated automatically).

SSSD

The System Security Services Daemon (SSSD) is a service which provides access to different identity and authentication providers. You can configure SSSD to use a native LDAP domain (that is, an LDAP identity provider with LDAP authentication), or an LDAP identity provider with Kerberos authentication. It provides an NSS and PAM interface to the system, and a pluggable back-end system to connect to multiple different account sources.

Which one are you using ? Can you see user in id output

# id <username>

What does ldapsearch logs says when you tries to search for user ? You client side configuration file will be helpful.

 

Thanks,
Harry

Harry Devine
Common ARTS Software Development
AJM-245
(609)485-4218
Harry.Devine@xxxxxxx

From:	Grzegorz Dwornicki <gd1100@xxxxxxxxx>
To:	"General discussion list for the 389 Directory server project." <389-users@xxxxxxxxxxxxxxxxxxxxxxx>
Date:	04/10/2013 02:24 PM
Subject:	Re: Setting up a test server
Sent by:	389-users-bounces@xxxxxxxxxxxxxxxxxxxxxxx

---

Are you using Sssd or nscld?

10 kwi 2013 19:51, <harry.devine@xxxxxxx> napisał(a):

I am trying to implement a "Forgot Password" web page for our organization and I am at the point where I want to update the user's account with the temporary password.  Since I don't want to have any issues on the production servers, I have installed a virtual machine with CentOS 6.4 and have installed 389-ds on it.  The server seems to be running (i.e. I can do an ldapsearch command and see the test users that I have), but I can't seem to be able to log in as any of those users.

I have used the Authentication GUI to set the log in method to LDAP and have put in the required information, but if I try to "su" over as one of those users, or log out and try to enter one of the test user names, I get an error saying that the user was not found.

So, how can I configure CentOS 6.4 to allow access to the test 389-ds server?

Thanks,
Harry

Harry Devine
Common ARTS Software Development
AJM-245
(609)485-4218
Harry.Devine@xxxxxxx
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx

https://admin.fedoraproject.org/mailman/listinfo/389-users--

389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx

https://admin.fedoraproject.org/mailman/listinfo/389-users

--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users

--
Thanks & Regards
Arpit Tolani

--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users