On [Thu, 14.01.2010 10:17], Ajeet S Raina wrote:
have been stucked with the following points: 1. Authenticating Linux Client with ldaps://
Please read the already mentioned HowTo to setup SSL. Everything is described there in great detail. Again the link: http://directory.fedoraproject.org/wiki/Howto:SSL A short summary: You have to either setup a new CA or use an already existing CA. Create a certificate request for your server. Send this request(csr-file) to the CA and let the CA sign the request. Import the signed certificate (crt-file) into your DS. Make also the CA certificate available to the client, either via certutil or the console. Both certificates (from the server and the CA) should be visible with certutil -d /etc/dirsrv/slapd-instancename -L) and/or via the console. If this is not the case, don't move on, search the problem until you see both certificates. Make sure the trust flags were set correctly.
Next step is to configure the client. Run system-config-authentication to provide the necessary information to NSS and PAM. Specifiy a location where the CA certificate can be found. After that, try to search the DS with "ldapsearch -ZZ". If this is not working, don't move on, search the problem until ldapsearch returns ldap objects from your DS. The logs files with the error codes are always a good start point to troubleshoot problems.
If this is working, try to authenticate as a ldap user. If this works, great, if not, check the logs, re-check the HOWTO. Try again. If it is still not working, ask again.
2. Auto create home directory ( I will look into what you sent)
man pam_mkhomedir
3. Auto-Increment UserID
http://directory.fedoraproject.org/wiki/DNA_Plugin hth. Happy Day. Thorsten -- "Eternity is a very long time, especially towards the end." — Stephen Hawking
<<attachment: smime.p7s>>
-- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
