SOLVED in Ubuntu Lucid: use 'libnss-ldapd' and 'libpam-ldapd' (note the 'd' at the end of the packages) together with with the 'nslcd' package (note the 'l' in the middle)
This allows to set the user and group with which the 'nslcd' daemon runs in '/etc/nslcd.conf'. I set the group from 'nslcd' to 'ssl-cert' and made sure that the key file can be read for that group. my '/etc/nslcd.conf' reads as follows: # /etc/nslcd.conf # nslcd configuration file. See nslcd.conf(5) # for details. # The user and group nslcd should run as. uid nslcd gid ssl-cert # The location at which the LDAP server(s) should be reachable. uri ldap://<put server address here> # The search base that will be used for all queries. base <put LDAP base here> # The LDAP protocol version to use. ldap_version 3 # SSL options ssl start_tls tls_reqcert demand tls_cacertfile /etc/ssl/certs/ca-local.cert.pem tls_cert /etc/ssl/certs/client.cert.pem tls_key /etc/ssl/private/client.key.pem -- Unable to unlock screen when using ldap https://bugs.launchpad.net/bugs/64301 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
