Hi All,

Below is my configuration files. Can somebody give any
comment about it! I can not SSH using my LDAP account
Really appreciate your help..

Port Installed:
openldap-2.1.26.tgz
pam_ldap-167.tar.gz
nss_ldap-204.tar.gz
openssh-3.6.1.tgz

PUTTY:
login as: testuser
Sent username "testuser"
[EMAIL PROTECTED]'s password:
Access denied
[EMAIL PROTECTED]'s password:


/etc/nsswitch.conf:
---begin---
passwd: files ldap
group: files ldap
---end---

/usr/etc/ldap.conf & /etc/ldap.conf &
/usr/etc/nss_ldap.conf & /etc/nss_ldap.conf:
---begin---
host 127.0.0.1  
uri ldapi://%2fvar%2frun%2fopenldap%2fldapi/
base dc=domain,dc=com
binddn cn=proxyuser,dc=domain,dc=com
bindpw ldapadmin
pam_password SHHA 
nss_base_passwd ou=People,dc=domain,dc=com?one
nss_base_passwd ou=Computers,dc=domain,dc=com?one
nss_base_shadow ou=People,dc=domain,dc=com?one
nss_base_group ou=Groups,dc=domain,dc=com?one
---end---

/usr/local/etc/openldap/ldap.conf:
---begin---
BASE dc=domain,dc=com 
URI ldapi://%2fvar%2frun%2fopenldap%2fldapi/
---end---

# /usr/local/etc/openldap/slapd.conf:
---begin---
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/nis.schema
include
/usr/local/etc/openldap/schema/inetorgperson.schema
include /usr/local/etc/openldap/schema/samba.schema
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
TLSCACertificateFile
/usr/local/etc/openldap/cacert.pem
TLSCertificateFile
/usr/local/etc/openldap/servercrt.pem
TLSCertificateKeyFile
/usr/local/etc/openldap/serverkey.pem
allow bind_v2
password-hash {SSHA}
database bdb
suffix "dc=domain,dc=com"
rootdn "cn=Manager,dc=domain,dc=com"
rootpw {SSHA}JUdEYmEb9wdq9ro4gAkQ1H4vKGqBr6+7
directory /var/db/domain.com
index   objectClass eq
index   cn,sn,uid,memberUid,mail        pres,eq
index   uidNumber,gidNumber     eq
index   displayName     pres,eq
index   sambaSID,sambaPrimaryGroupSID,sambaDomainName   eq
access to *
        by * read
---end---

/etc/pam.d/sshd:
---begin---
# auth
auth            required        pam_nologin.so        
 no_warn
auth            sufficient      pam_opie.so           
 no_warn no_fake_prompts
auth            requisite       pam_opieaccess.so     
 no_warn allow_local
auth            sufficient     
/usr/local/lib/pam_ldap.so no_warn try_first_pass
auth            required        pam_unix.so           
 no_warn try_first_pass

# account
#account        required        pam_krb5.so
account         sufficient     
/usr/local/lib/pam_ldap.so
account         required        pam_login_access.so
account         required        pam_unix.so

# session
#session        optional        pam_ssh.so
session         required        pam_permit.so

# password
#password       sufficient      pam_krb5.so           
 no_warn try_first_pass
password        required        pam_unix.so           
 no_warn try_first_pass
---end---

regards,
onlyme

----------------------------------------------------------------------------

Hi All,

Have any body manage to configure ssh with openldap on
FreeBSD 5.2

I manage to configure openldap on FreeBSD 5.2. Beside
that I also manage to make it work with Samba 3.0.
However the problem is I can not make it work with
ssh.

I have google around and found this minihowto
http://www.cultdeadsheep.org/FreeBSD/docs/Quick_and_dirty_FreeBSD_5_x_and_nss_ldap_mini-HOWTO.html
but fail also to make it work

Can some body advise me...:)

Regards,
onlyme

________________________________________________________________________
Yahoo! Messenger - Communicate instantly..."Ping" 
your friends today! Download Messenger Now 
http://uk.messenger.yahoo.com/download/index.html
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to