Well ... I tried following what I thought were the correct instructions for getting ubuntu to authenticate against my existing ldap server (which is based on RHEL 5). After installing auth-config and ldap-auth-config, answering all of the questions, specifying the existing ldap server using an IP address ... etc. I couldn't use su - someuser to become that user. The error was simply "user not found" .. So, I located http://mcwhirter.com.au/node/25 which also mentioned nsswitch.conf modifications. On my CentOS LTSP servers, the changes mentioned exist, so I added the changes on this ubuntu server. And ... I could then su - someuser and I was logged in as that user in the correct (nfs-mounted) home directory.
I then logged out and tried to log in at the console as that user. It doesn't work. So ... I ssh'ed into the server as that user which did work. But, the biggest issue is that prior to all this, I had enabled root login (by giving the root account a passwd) just in case. This also was working. I could either su - root or login as root. Now, after the changes, I can't log in as root. I also cannot even su - root from any account. So, what did I miss? Why can't a valid user log in at the console? And why can't I get a root session? Sincerely, Dave Hopkins On Wed, Jan 20, 2010 at 1:43 PM, Jordan Erickson < [email protected]> wrote: > ...aaand, we're getting somewhere potentially. Sounds like we just need > to say hi to the right people and we can start working toward something > tangible. > > > https://launchpad.net/~ubuntu-389-directory-server<https://launchpad.net/%7Eubuntu-389-directory-server>(see > below IRC snippet) > > > ----- > * Now talking on #ubuntu-server > > * Topic for #ubuntu-server is: Ubuntu Server discussion and support | > For general (not server specific) support visit #ubuntu | Get involved: > https://wiki.ubuntu.com/ServerTeam/GettingInvolved | Guide to asking > questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html | > http://www.catb.org/~esr/faqs/smart-questions.html<http://www.catb.org/%7Eesr/faqs/smart-questions.html>| > Be patient. Don't > ask to ask, just ask. | Doc and resources: > http://tinyurl.com/ubuntuserverdoc | https://wiki.ubuntu.com/ServerTeam > * Topic for #ubuntu-server set by soren at Thu Nov 26 13:55:32 2009 > -ChanServ- [#ubuntu-server] Ubuntu Server Discussions (development and > support) > > Lns Hi everyone > > Lns I'm coming from the Edubuntu / LTSP community here, decided to add > #ubuntu-server to my idle chan list ;) > > au :) > > unit3 heya > > Lns Sounds like it'd be a good idea since most LTSP and a lot of > Edubuntu installs are multi-user and require some heavy lifting (not to > mention some good tools for admin) > > unit3 makes sense. > > * robbiew is now known as robbiew-afk > > Lns Has anyone got any opinion on a good LDAP setup/admin GUI? > > Lns We've been struggling to come up with something for the longest time. > > unit3 389 (was fedora) directory server looks nice, but the Ubuntu > packaging seems to have stalled, so you'd probably have to run it on > CentOS or Fedora. > > unit3 alternatively (and better in the long run) would be to poke at the > 389 packaging team > (https://launchpad.net/~ubuntu-389-directory-server<https://launchpad.net/%7Eubuntu-389-directory-server> > ) > > unit3 and get them to update their packages. > > unit3 ;) > > unit3 hell, help them out. I'm sure it's just a matter of manpower, really. > ----- > > So it's #ubuntu-server on freenode... and > https://lists.ubuntu.com/mailman/listinfo/ubuntu-server to subscribe to > their listserv. > > Cheers, > Jordan > > > > Jordan Erickson wrote: > > Scott Balneaves wrote: > >> On Wed, Jan 20, 2010 at 09:03:43AM -0800, Jordan Erickson wrote: > >>> David Hopkins wrote: > >>> *snip* > >>>> As for questions to the server team ... which > >>>> list would that be? > >>> /me thinks the server team would probably get a lot of good ideas from > >>> the LTSP+Edubuntu communities... > >> Been there, done that, diiiiiiiiidn't get a whole lot of response. > > > > Marketing law states that you must expose XYZ to a potential at *least* > > 3 times before they will even read it.. I propose we attempt to build an > > inter-community relationship with the server community.. It couldn't > > hurt to try, and we have nothing but good people/ideas to gain.. > > > > https://wiki.ubuntu.com/ServerTeam/GettingInvolved > > > > > >> If I might proffer an opinion.... > >> > >> LDAP's a "hard" subject. It's: > >> > >> 1) Non-trivial to set up > >> 2) Infinitely customizable > >> 3) Lacking any discernable standard as to how you should lay out your > database > >> for authentication. > >> > >> So the problem is, every time you poke your head up and say: "Hey guys, > lets do > >> X!" you're greeted by a chorus of "Yeah, but what about....", an which > point > >> everybody stares at their shoes, goes "Hmmmm, interesting problem <deep > >> thought>" and the problem disappears off into the sunset for another few > >> months. > >> > >> I'm not blaming them. LDAP *is* the single largest PITA to > configure/setup/get > >> working, and it's deucedly difficult to try to make the "perfect" tool. > >> > >> Both RedHat and SkoleLinux solved the problem by saying "You'll do it > our way > >> and *like it*!!!!", with the end result that they have something that > works, > >> but God help you if you want/need to do something different. Debian, > and by > >> extention Ubuntu, is still waiting for the perfect, infinitely > customizable yet > >> easy-to-use LDAP tool to come along. > > > > IMVHO, There is no such thing. Having a rock-solid, infinitively > > customizable, yet easy to set up+configure XYZ is a paradoxical dream. > > What we might be able to discuss is a generic "school type auth" LDAP > > setup, which as you said, even Redhat seems to have to do... If you > > want/need customization, you can learn the shell tools. It's not > > confining this way, because you have an absolute choice of either one. > > We'd just be making it a bit easier for people who don't need elaborate > > setups. > > > > > > > > Cheers, > > Jordan > > > > > > -- > edubuntu-users mailing list > [email protected] > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/edubuntu-users >
-- edubuntu-users mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
