Thanks Martin. You've been very helpful. Jeff
-----Original Message----- From: Martin Kreiner [mailto:[email protected]] Sent: Tuesday, July 20, 2010 5:29 PM To: [email protected] Subject: Re: [openthinclient-user] More on LDAP > Active Directory integration hi jeff, to handle more than 1000 entries (which is the AD-default) you need paging capabilities for the LDAP clients (Paged LDAP Search Results). the openthinclient manager can handle this but AFAIK at the client side, this still has to be implemented. but as a workaround you could increase the "MaxPageSize" value for your Active Directory LDAP policy: http://support.microsoft.com/?scid=kb%3Ben-us%3B315071&x=10&y=14 regards, martin Am 21.07.2010 02:14, schrieb Jeff Sears: > Hi Martin, > > Are there any limits as to how many user accounts will load into OTC from > Active Directory? > > Jeff > -----Original Message----- > From: Martin Kreiner [mailto:[email protected]] > Sent: Tuesday, July 20, 2010 4:16 PM > To: [email protected] > Subject: Re: [openthinclient-user] More on LDAP> Active Directory > integration > > hi jeff, > > Nice! Love to hear this ;-). > > > have fun, > martin > > > Am 21.07.2010 01:07, schrieb Jeff Sears: >> Martin, >> >> I have been working for days and days to get AD authentication to work >> with no luck. Now all of a sudden it is authenticating just fine. I'm >> not sure what, if anything, is different but I am happy about it. >> >> Jeff >> >> -----Original Message----- >> From: Martin Kreiner [mailto:[email protected]] >> Sent: Tuesday, July 20, 2010 3:29 PM >> To: [email protected] >> Subject: Re: [openthinclient-user] More on LDAP> Active Directory >> integration >> >> hi jeff, >> >> i'm sorry, but this is probably hardcoded to a german keyboard layout. >> try: >> >> <SHIFT><7> for "/" >> <SHIFT></> for "_" >> >> as an alternative you could try to login (without switching to console) >> as: >> user: tcos >> password: tcos >> >> and open a x-terminal via<CTRL><ALT><SHIFT><x> >> >> >> martin >> >> Am 21.07.2010 00:18, schrieb Jeff Sears: >>> Martin, >>> >>> It looks like when I switch to console, I may have a different keyboard >>> layout. I can't get the "/" key, and other keys are different. I have >>> the manager setting for a US keyboard, but perhaps that doesn't affect >> the >>> console? >>> >>> Jeff >>> >>> -----Original Message----- >>> From: Martin Kreiner [mailto:[email protected]] >>> Sent: Tuesday, July 20, 2010 12:57 PM >>> To: [email protected] >>> Subject: Re: [openthinclient-user] More on LDAP> Active Directory >>> integration >>> >>> hi jeff, >>> >>> would you please gather some information for me: >>> >>> - if a configured thin client displays login screen, switch to console >> via >>> <CTRL><ALT><F1> >>> - login as user "root", password "foobar" >>> - enter the following command: "cat /etc/pam_ldap.conf" and paste the >>> output as reply >>> >>> >>> thanks, >>> martin >>> >>> Am 20.07.2010 21:28, schrieb Jeff Sears: >>>> Thanks Martin. I am indeed using that syntax. The interesting thing >> is >>>> that I'm getting a user and group list from my AD, but it won't >>>> authenticate. I'm not sure if it's not binding with the read only >>>> principal, and the server log file is not helpful. >>>> >>>> Jeff >>>> >>>> -----Original Message----- >>>> From: Martin Kreiner [mailto:[email protected]] >>>> Sent: Tuesday, July 20, 2010 11:32 AM >>>> To: [email protected] >>>> Subject: Re: [openthinclient-user] More on LDAP> Active Directory >>>> integration >>>> >>>> hi jeff, >>>> >>>> Please make sure you are using the following syntax for the "Read only >>>> principal": >>>> >>>> usern...@domainname >>>> >>>> FullUserDN or DomainName\UserName as "Read only principal" could cause >>>> trouble >>>> on client side. >>>> >>>> >>>> cheers, >>>> martin >>>> >>>> Am 15.07.2010 19:04, schrieb Jeff Sears: >>>>> Ok, so here's the deal. If I use an LDAP browser (in this case >>> Softerra >>>>> LDAP Browser 2.6), I can connect just fine to my Active Directory and >>>>> browse all users and groups just fine. If I put the same information >> in >>>>> the LDAP secondary directory settings for OTC, the user and group > list >>>>> populates just fine. If I try to log in from a thin client, it fails, >>>>> and the server log displays: >>>>> >>>>> pam_ldap: ldap_search_s Operations error >>>>> >>>>> ERROR [syslog.daemon] gdm[8008]: Couldn't authenticate user >>>>> >>>>> I am using the server's IP address as recommended in the OTC >>>>> documentation. Any ideas? >>>>> >>>>> *Jeff Sears* >>>>> Information Technology >>>>> San Joaquin Delta College >>>>> >>>>> 209-954-5300 Main >>>>> 209-954-5795 Direct >>>>> 209-954-3730 Fax >>>>> >>>>> >>>>> >>>>> >>>> >>> >> > -------------------------------------------------------------------------- >>>> ---- >>>>> This SF.net email is sponsored by Sprint >>>>> What will you do first with EVO, the first 4G phone? >>>>> Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first >>>>> >>>>> >>>>> >>>>> _______________________________________________ >>>>> The Open Source Thin Client Solution http://openthinclient.org >>>>> [email protected] >>>>> https://lists.sourceforge.net/lists/listinfo/openthinclient-user >>>> >>>> >>>> >>> >> > -------------------------------------------------------------------------- >>>> ---- >>>> This SF.net email is sponsored by Sprint >>>> What will you do first with EVO, the first 4G phone? >>>> Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first >>>> _______________________________________________ >>>> The Open Source Thin Client Solution http://openthinclient.org >>>> [email protected] >>>> https://lists.sourceforge.net/lists/listinfo/openthinclient-user >>>> >>>> >>> >> > -------------------------------------------------------------------------- >>> ---- >>>> This SF.net email is sponsored by Sprint >>>> What will you do first with EVO, the first 4G phone? >>>> Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first >>>> _______________________________________________ >>>> The Open Source Thin Client Solution http://openthinclient.org >>>> [email protected] >>>> https://lists.sourceforge.net/lists/listinfo/openthinclient-user >>> >>> >>> >> > -------------------------------------------------------------------------- >>> ---- >>> This SF.net email is sponsored by Sprint >>> What will you do first with EVO, the first 4G phone? >>> Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first >>> _______________________________________________ >>> The Open Source Thin Client Solution http://openthinclient.org >>> [email protected] >>> https://lists.sourceforge.net/lists/listinfo/openthinclient-user >>> >>> >> > -------------------------------------------------------------------------- >> ---- >>> This SF.net email is sponsored by Sprint >>> What will you do first with EVO, the first 4G phone? >>> Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first >>> _______________________________________________ >>> The Open Source Thin Client Solution http://openthinclient.org >>> [email protected] >>> https://lists.sourceforge.net/lists/listinfo/openthinclient-user >>> >> >> >> > -------------------------------------------------------------------------- >> ---- >> This SF.net email is sponsored by Sprint >> What will you do first with EVO, the first 4G phone? >> Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first >> _______________________________________________ >> The Open Source Thin Client Solution http://openthinclient.org >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/openthinclient-user >> >> > -------------------------------------------------------------------------- > ---- >> This SF.net email is sponsored by Sprint >> What will you do first with EVO, the first 4G phone? >> Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first >> _______________________________________________ >> The Open Source Thin Client Solution http://openthinclient.org >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/openthinclient-user > > > -------------------------------------------------------------------------- > ---- > This SF.net email is sponsored by Sprint > What will you do first with EVO, the first 4G phone? > Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first > _______________________________________________ > The Open Source Thin Client Solution http://openthinclient.org > [email protected] > https://lists.sourceforge.net/lists/listinfo/openthinclient-user > > -------------------------------------------------------------------------- ---- > This SF.net email is sponsored by Sprint > What will you do first with EVO, the first 4G phone? > Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first > _______________________________________________ > The Open Source Thin Client Solution http://openthinclient.org > [email protected] > https://lists.sourceforge.net/lists/listinfo/openthinclient-user -------------------------------------------------------------------------- ---- This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first _______________________________________________ The Open Source Thin Client Solution http://openthinclient.org [email protected] https://lists.sourceforge.net/lists/listinfo/openthinclient-user ------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first _______________________________________________ The Open Source Thin Client Solution http://openthinclient.org [email protected] https://lists.sourceforge.net/lists/listinfo/openthinclient-user
