Hi, all

I'm attempting to set up LDAP auth (against IPA server 4.10) from a OSX 10.10.5 (Yosemite) client


Using the excellent instructions at http://linsec.ca/Using_FreeIPA_for_User_Authentication#Mac_OS_X_10.7.2F10.8%20%22Linsec.ca%20tutorial%20for%20connecting%20Mac%20OS%2010.7%20to%20IPA%20Server, I've populated the specified files, d/l'd the cert, am able to configure Users and Groups objects/attribs and browse both from within OSX's Directory Utility. ldapsearch similarly returns the expected results.

In spite of this, i'm unable to authenticate as any IPA-LDAP user on this system

dirsrv log on the ipa master shows no apparent errors - remote auth attempts exit with "RESULT err=0 tag=101 nentries=1 etime=0", but tell the truth, there so much stuff there and being rather inexperienced with LDAP diags i might easily be missing something in the details

The linsec.ca instructions were written in the 10.7-10.8 era so something may have changed since. Having said that, we've had no problems authenticating against our existing OpenLDAP server (which IPA is slated to replace) right up to 10.10.5 with no zero to our Directory Utility setup.

Hoping someone here has some contemporary experience with OSX and IPA and for whom this issue rings a bell?

many thanks

Cal Sawyer | Systems Engineer | BlueBolt Ltd
15-16 Margaret Street | London W1W 8RW
+44 (0)20 7637 5575 | www.blue-bolt.com
        

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to