I'm trying to set up a Solaris 10 client with FDS (all my linux clients are working beautifully), but authentication is acting very strange. Monitoring the net traffic, I can see the Solaris system bind, search for info about the username, get a normal response, but then it just unbinds. It never asks to authenticate a password. My configuration is below. Any help would be much appreciated. ldap_client_file: NS_LDAP_FILE_VERSION= 2.0 NS_LDAP_SERVERS= fds1.wherever.com NS_LDAP_SEARCH_BASEDN= dc=wherever,dc=com NS_LDAP_AUTH= simple NS_LDAP_SEARCH_REF= TRUE NS_LDAP_SEARCH_SCOPE= one NS_LDAP_SEARCH_TIME= 30 NS_LDAP_CACHETTL= 43200 NS_LDAP_PROFILE= default NS_LDAP_CREDENTIAL_LEVEL= proxy NS_LDAP_SERVICE_SEARCH_DESC= passwd: ou=People,dc=wherever,dc=com?one NS_LDAP_SERVICE_SEARCH_DESC= group: ou=group,dc=wherever,dc=com?one NS_LDAP_SERVICE_SEARCH_DESC= shadow: ou=People,dc=wherever,dc=com?one NS_LDAP_SERVICE_SEARCH_DESC= netgroup: ou=netgroup,dc=wherever,dc=com?one NS_LDAP_BIND_TIME= 2 /etc/nsswitch.conf (note, I pulled ldap from networks, etc, since not all of that is configured on ldap as yet): # the following two lines obviate the "+" entry in /etc/passwd and /etc/group. passwd: files ldap group: files ldap shadow: files ldap # consult /etc "files" only if ldap is down. hosts: dns files ldap # Note that IPv4 addresses are searched for in all of the ipnodes databases # before searching the hosts databases. ipnodes: files networks: files protocols: files rpc: files ethers: files netmasks: files bootparams: files publickey: files netgroup: ldap automount: files ldap aliases: files ldap # for efficient getservbyname() avoid ldap services: files ldap printers: user files ldap auth_attr: files ldap prof_attr: files ldap project: files ldap tnrhtp: files ldap tnrhdb: files ldap /etc/pam.conf: # login service (explicit because of pam_dial_auth) # login auth required pam_ldap.so.1 login auth requisite pam_authtok_get.so.1 login auth required pam_dhkeys.so.1 login auth required pam_unix_cred.so.1 login auth required pam_unix_auth.so.1 login auth required pam_dial_auth.so.1 # # rlogin service (explicit because of pam_rhost_auth) # rlogin auth sufficient pam_ldap.so.1 rlogin auth sufficient pam_rhosts_auth.so.1 rlogin auth requisite pam_authtok_get.so.1 rlogin auth required pam_dhkeys.so.1 rlogin auth required pam_unix_cred.so.1 rlogin auth required pam_unix_auth.so.1 # Default definitions for Authentication management # Used when service name is not explicitly mentioned for authentication # other auth sufficient pam_ldap.so.1 other auth requisite pam_authtok_get.so.1 other auth required pam_dhkeys.so.1 other auth required pam_unix_cred.so.1 other auth required pam_unix_auth.so.1 # # passwd command (explicit because of a different authentication module) # passwd auth sufficient pam_ldap.so.1 passwd auth required pam_passwd_auth.so.1 # # cron service (explicit because of non-usage of pam_roles.so.1) # cron account required pam_unix_account.so.1 # # Default definition for Account management # Used when service name is not explicitly mentioned for account management # other account sufficient pam_ldap.so.1 other account requisite pam_roles.so.1 other account required pam_unix_account.so.1 # # Default definition for Session management # Used when service name is not explicitly mentioned for session management # other session sufficient pam_ldap.so.1 other session required pam_unix_session.so.1 # # Default definition for Password management # Used when service name is not explicitly mentioned for password management # other password required pam_dhkeys.so.1 other password requisite pam_authtok_get.so.1 other password requisite pam_authtok_check.so.1 other password required pam_authtok_store.so.1 -- Jeremiah Coleman Systems Administrator C & C Technologies 337-261-0660 x3421 jay.coleman@xxxxxxxxxxxxx -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
