[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: authentication with ldap

To: OpenLDAP <openldap-software@OpenLDAP.org>
Subject: Re: authentication with ldap
From: John Beamon <jbeamon@franklinamerican.com>
Date: Tue, 02 Dec 2003 10:41:50 -0600
In-reply-to: <20031202150926.C6CB82881A2@mail.nlcom.nl>
References: <20031202150926.C6CB82881A2@mail.nlcom.nl>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20031013 Thunderbird/0.3

Geert Reijnders wrote:

Hi All I'm just a newbie in the whole ldap story and I hope that any one could help me. I have installed pam_ldap and nss_ldap to make it possible for users to authenticate

> with their username and password which I created in the openldap-server. But how are > things synchronized because when I look at my passwd file there are no users added > which I created in my ldap database

when I try the command "getent passwd" it does contact my ldap server and show all

> of the users I created in the ldap database and the users that are in the passwd file.

And of course I can't login with the users I created in my ldap database. Does any one know what to do or what I'm missing? Thanks greetz Geert

The accounts are not "synchronized" at all. Your accounts would be stored directly in LDAP instead of on /etc/passwd. getent would search through PAM to PAM's user info backend, which is in this case LDAP. Before answering questions on how to set up login authentication against ldap, we would need to know a few more details. What OS are you running, and which release of that OS? Have you already used your OS/distro native tools for setting up authentication and info through LDAP? Red Hat Linux's "authconfig" sets up your authentication quite easily (despite some disdain for it from our more seasoned admins).

Let me recommend a few of my favorite online resources for this. The volume of material available through Google for basic introduction is just huge. It is possible to retrieve just username and password from LDAP and the rest of the information elsewhere, or vice versa. Get an idea of what can be done, especially from the Frisch article, and we can help more easily with more specific questions.

http://www.linux-mag.com/2002-01/guru_01.html "Exploring LDAP", a three-part article by AEleen Frisch http://www.linux-mag.com/2002-01/guru_02.html http://www.linux-mag.com/2002-01/guru_03.html

http://www.tldp.org/HOWTO/LDAP-HOWTO/index.html "LDAP Linux HOWTO"

http://www.imaginator.com/~simon/ldap/ "Authenticating with LDAP using Openldap and PAM"

http://www.openldap.org/lists/openldap-software/200107/msg00467.html "Re: autofs and OpenLDAP integration", mailing list thread on successful setup of automount map retrieval from openldap-2.0.11

--

John Beamon
Systems Administrator
Franklin American Mortgage
eml: jbeamon@franklinamerican.com
web: www.franklinamerican.com

References:
- authentication with ldap
  - From: Geert Reijnders <reijnders@nlcom.nl>

Prev by Date: Re: authentication with ldap
Next by Date: Re: [openldap 2.1.12 + BerkeleyDb 4.1.24] db_checkpoint pb
Index(es):
- Chronological
- Thread