On Wed, Sep 05, 2001 at 11:46:42PM +0800, Orlando Andico wrote (wyy sez):
> On Wed, 5 Sep 2001, Federico Sevilla III wrote:
> ..
> > On Wed, 5 Sep 2001 at 23:16, Orlando Andico wrote:
> > > ldapsearch -D "cn=root,dc=fubar,dc=org" -x -W -h 127.0.0.1 "uid=jijo"
> >
> > This shows everything (including the password since root is allowed to see
> > that). Running ldapsearch plainly as in "ldapsearch -x" shows all my users
> > and all the data (excludign the userPassword field).
>
> it did not just filter for "jijo" ? you should get all the stuff of jijo
> but no other users. i hope this is what you mean..
>
> ..
> > > you can get nss_ldap to work fairly easily (assuming you can connect
> > > and query), see the /etc/ldap.conf file for nss_ldap
> >
> > No need for pam_ldap?
>
> you need pam_ldap too, but i couldn't get 'em to work so well. i copied
> the entire pam_ldap directory from nss_ldap and changed my /etc/pam.d to
> /etc/pam.d.old; LukeH is not completely in sync with RH7.1
>
got mine to work. i am using ldap authentication for imap kasi. so the
/etc/pam.d/imap loads the proper pamldap modules. of course, the pam
ldap modules use the settings definied in /etc/ldap.conf in the case of
redhat. i think other distros use /etc/openldap/ldap.conf. sa case ko,
just to be sure. i symlinked the two na lang.
> on solaris just copy LukeH's pam.conf over /etc/pam.conf and you're all
> set. i have a solaris box sitting here configured that way.
>
> p.s. Linux as an LDAP client is MUCH better behaved than $%*&^(# Solaris.
> Grr...
>
hehehe. i could not get my LDAP stuff to compile on a sparc 5 i have
here. conondrum..... drop the thing and replaced it with a linux box....
--------------------------------------
William Emmanuel S. Yu
Ateneo Cervini-Eliazo Networks (ACENT)
email : [EMAIL PROTECTED]
web : http://cersa.admu.edu.ph
phone : 63(2)4266001-5925/5904
GPG : http://sysads.ateneo.net/wyu/wyy.pgp
But scientists, who ought to know
Assure us that it must be so.
Oh, let us never, never doubt
What nobody is sure about.
-- Hilaire Belloc
PGP signature
