Hi All,
Below is my configuration files. Can somebody give any
comment about it! I can not SSH using my LDAP account
Really appreciate your help..
Port Installed:
openldap-2.1.26.tgz
pam_ldap-167.tar.gz
nss_ldap-204.tar.gz
openssh-3.6.1.tgz
PUTTY:
login as: testuser
Sent username testuser
[EMAIL PROTECTED]'s password:
Access denied
[EMAIL PROTECTED]'s password:
/etc/nsswitch.conf:
---begin---
passwd: files ldap
group: files ldap
---end---
/usr/etc/ldap.conf /etc/ldap.conf
/usr/etc/nss_ldap.conf /etc/nss_ldap.conf:
---begin---
host 127.0.0.1
uri ldapi://%2fvar%2frun%2fopenldap%2fldapi/
base dc=domain,dc=com
binddn cn=proxyuser,dc=domain,dc=com
bindpw ldapadmin
pam_password SHHA
nss_base_passwd ou=People,dc=domain,dc=com?one
nss_base_passwd ou=Computers,dc=domain,dc=com?one
nss_base_shadow ou=People,dc=domain,dc=com?one
nss_base_group ou=Groups,dc=domain,dc=com?one
---end---
/usr/local/etc/openldap/ldap.conf:
---begin---
BASE dc=domain,dc=com
URI ldapi://%2fvar%2frun%2fopenldap%2fldapi/
---end---
# /usr/local/etc/openldap/slapd.conf:
---begin---
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/nis.schema
include
/usr/local/etc/openldap/schema/inetorgperson.schema
include /usr/local/etc/openldap/schema/samba.schema
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
TLSCACertificateFile
/usr/local/etc/openldap/cacert.pem
TLSCertificateFile
/usr/local/etc/openldap/servercrt.pem
TLSCertificateKeyFile
/usr/local/etc/openldap/serverkey.pem
allow bind_v2
password-hash {SSHA}
database bdb
suffix dc=domain,dc=com
rootdn cn=Manager,dc=domain,dc=com
rootpw {SSHA}JUdEYmEb9wdq9ro4gAkQ1H4vKGqBr6+7
directory /var/db/domain.com
index objectClass eq
index cn,sn,uid,memberUid,mailpres,eq
index uidNumber,gidNumber eq
index displayName pres,eq
index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq
access to *
by * read
---end---
/etc/pam.d/sshd:
---begin---
# auth
authrequiredpam_nologin.so
no_warn
authsufficient pam_opie.so
no_warn no_fake_prompts
authrequisite pam_opieaccess.so
no_warn allow_local
authsufficient
/usr/local/lib/pam_ldap.so no_warn try_first_pass
authrequiredpam_unix.so
no_warn try_first_pass
# account
#accountrequiredpam_krb5.so
account sufficient
/usr/local/lib/pam_ldap.so
account requiredpam_login_access.so
account requiredpam_unix.so
# session
#sessionoptionalpam_ssh.so
session requiredpam_permit.so
# password
#password sufficient pam_krb5.so
no_warn try_first_pass
passwordrequiredpam_unix.so
no_warn try_first_pass
---end---
regards,
onlyme
Hi All,
Have any body manage to configure ssh with openldap on
FreeBSD 5.2
I manage to configure openldap on FreeBSD 5.2. Beside
that I also manage to make it work with Samba 3.0.
However the problem is I can not make it work with
ssh.
I have google around and found this minihowto
http://www.cultdeadsheep.org/FreeBSD/docs/Quick_and_dirty_FreeBSD_5_x_and_nss_ldap_mini-HOWTO.html
but fail also to make it work
Can some body advise me...:)
Regards,
onlyme
Yahoo! Messenger - Communicate instantly...Ping
your friends today! Download Messenger Now
http://uk.messenger.yahoo.com/download/index.html
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]