Re: Howto for LDAP authentication with replication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



not really, have you run system-config-authentication ? That also
configures pam & nss which are necessary items.

Yes, I have and unfortunately when the 'ldap' tags are added to /etc/nsswitch.conf the system won't allow me to authenticate, su or sudo at all!


If each user shows only once AND they are in /etc/passwd and LDAP, then
it would be a clear indication that the underlying system isn't
configured to find users/groups/passwords in LDAP at all. If each user
has been removed from /etc/passwd, then it may very well be working.

I'm hesitant to remove users from /etc/passwd and rely on LDAP for authentication before I'm sure it is working. Can you not have the system attempt first to authenticate users via LDAP, then fall back to pam_unix if that doesn't work?

Configuring Webmin's LDAP Users and Groups is only possible when you
have configured the underlying system first, can actually do command
line add/remove/delete ldap users and can authenticate as an LDAP user
to various systems such as ssh. At that point, Webmin's configuration
becomes obvious. It is not reasonable to expect Webmin to supply the
understanding of LDAP that the administrator cannot accomplish without
Webmin.

This is where I'm stuck. As soon as I try to turn on the system authentication by editing /etc/pam.d/system_auth and /etc/nsswitch.conf the system becomes unusable. Try to run "su -" and it just sits there and hangs. I know it's my own fault for not configuring it right, I just wish the available documentation gave some detailed examples. There is so much incorrect and incomplete information out there on the web that I'm not sure what to try.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux