yes, linux distros require nss_ldap and pam_ldap to authenticate linux
shell accounts against ldap. if you are using fedora/centos you can use
authconfig and select ldap and put in the required info. and you'll
need to add ldap to the passwd: shadow: and group: entries in
/etc/nsswitch.conf
authconfig will configure /etc/ldap.conf and edd the required ldap
attributes to /etc/pam.d/system-auth
not sure about freebsd but it shouldn't be too different. (famous last
words!)
to convert your existing /etc/passwd users to ldap, you can use the PADL
migration tools.
Andrew Richey wrote:
Well, it looks like I would have to use pam_ldap and nss_ldap to make
this work. Or so I think... Wondering if all the Linux distros
require these too, to authenticate off of ldap.
Andrew Richey wrote:
Hey guys,
I've gotten my samba + openldap running quite well, minus one problem
(that I know about). I've read over plenty of documentation, the
official and other wiki's and such. I believe I have winbind working
correctly, so I assume I won't have to use external scripts to add
groups/users/etc..
But isn't there something one must do in order for their OS (in my
case FreeBSD 6.2) to use my ldap server instead of /etc/passwd and
/etc/group files? I'm unable to change the Administrator users
password because I have no Unix account for it, and I assume it's
looking for that in /etc/passwd. On the same token, I can add
another user who already exists in my /etc/password (the local user
I added during the installation of FreeBSD). And it shows up
sucsessfully in my ldap server.
At first I was thinking that the ...
ldapsam:trusted= yes
ldapsam:editposix= yes
..handled this issue, via winbind. But that might be a
misunderstanding on my part. Anyone have any ideas?
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
