[NCLUG] Setting up RH8-9 as LDAP client?
Christopher J. Keist
CJ.Keist at engr.colostate.edu
Wed May 21 08:34:41 MDT 2003
Hello,
Looking to see if anyone has setup RH linux as an LDAP client to
authenticate users? I have a test LDAP server (running iPlanet 5.1
from Sun) and have had only success configuring other Solaris 9
workstations. I been trying to get RH8 and RH9 to use LDAP but with
out any luck so far.
My LDAP server is setup for both simple and TLS authentication with
a proxy user. Here is how I have setup the /etc/ldap.conf file:
host 129.82.xxx.xxx
base dc=engr,dc=colostate,dc=edu
ssl no
pam_password md5
binddn cn=proxy,dc=engr,dc=colostate,dc=edu
bindpw password
rootbinddn cn=directory manager,dc=engr,dc=colostate,dc=edu (password
is in /etc/ldap.secret)
port 389
pam_filter objectclass=posixAccount
pam_login_attribute uid
I run the /usr/bin/authconfig-gtk which takes care of modifying
/etc/nsswitch.conf and /etc/pam.d/system-auth for LDAP. The above conf
doesn't look to be even trying to connect to my LDAP server. But if I
change it to use TLS/SSL port 636, I do show connection attempts on the
LDAP server, but not able to get user info. One thing is that I'm
using my own signed certificate on the LDAP server, and have copied my
cert7.db (Which I have setup to accept my certificate for ever) to the
/etc/ssl/certs directory.
Any ideas on this?
------------------------------------------------------------------------
---------------------------
C. J. Keist Email: cj.keist at engr.colostate.edu
UNIX/Network Manager Phone: 970-491-0630
Engineering Network Services Fax: 970-491-5569
College of Engineering, CSU
Ft. Collins, CO 80523-1301
All I want is a chance to prove 'Money can't buy happiness'"
More information about the NCLUG
mailing list