On Mon, Apr 6, 2009 at 11:33 PM, David Dana <[email protected]> wrote:
> Thanks for your reply, Adam. The draft version of the documentation is > certainly much better, and I noticed a few updates which solved problems > I had. I am kind of surprised though that there is a separate draft copy > - I think a wiki would work much, much better. > Sorry, I should have explained doc.ubuntu.com better. That version of the documentation is created from the development branch for the next Ubuntu release. It is on the web mostly to ease review of new content. Because these docs are for the development release not all instructions may apply to a stable release of Ubuntu. In the case of OpenLDAP section they happen to apply nicely to Intrepid as well as Jaunty, but that may not be the case in the future. It may help to check the development instructions if the released docs don't have an answer, but I highly recommend using the released version first. > 3: Copy Config > cp /etc/ldap.conf /etc/ldap/ldap.conf > Not sure why you would do this since these are seperate config files and have different options? /etc/ldap/ldap.conf is part of the libldap package which totally separate from libnss-ldap which supplies the /etc/ldap.conf file. > 6: Enable cached credentials: > apt-get install nss-updatedb libnss-db libpam-ccreds > nss_updatedb ldap > nano /etc/nsswitch.conf > > (edit the passwd and group entries to the following) > > passwd: files ldap [NOTFOUND=return] db > group: files ldap [NOTFOUND=return] db > > (create a cron job to update the db daily) > > echo '#!/bin/sh' | sudo tee /etc/cron.daily/upd-local-nss-db > echo `which nss_updatedb` ldap | sudo tee -a > /etc/cron.daily/upd-local-nss-db > sudo chmod +x /etc/cron.daily/upd-local-nss-db > > > nano /etc/pam.d/common-auth > > (replace with the following text) > > auth [success=done default=ignore] pam_unix.so nullok_secure > try_first_pass > # If LDAP is unavailable, go to next line. If authentication via > LDAP is successful, skip 1 line. > # If LDAP is available, but authentication is NOT successful, skip 2 > lines. > auth [authinfo_unavail=ignore success=1 default=2] pam_ldap.so > use_first_pass > auth [default=done] pam_ccreds.so action=validate use_first_pass > auth [default=done] pam_ccreds.so action=store > auth [default=bad] pam_ccreds.so action=update > Cached credentials are a good idea, I'll be sure to add that to the Karmic docs. -- Party On, Adam -- OpenLDAP doc page is horrible https://bugs.launchpad.net/bugs/355400 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
