Hi!
I have a sarge install which I'm using to test some things. One of those things is LDAP authentication against Active Directory.
This works just fine on a bunch of SUSE 9.2 boxes but I can't make it work on the Debian Sarge box.
If I just alter nsswitch.conf to change "passwd" and "group" to "files
ldap", nothing seems to happen ("finger user" returns nothing, for
instance).This is my /etc/ldap.conf, which is basically the same I use in the SUSE
boxes (the only difference is the domain, because I'm using a different
domain to test it out) and exactly the same as I'm using in another test box using CentOS 4:
# # ldap.conf - Active Directory authentication #
ldap_version 3
host ldapserver # in /etc/hosts ssl no
# Active Directory doesn't allow anonymous access: binddn cn=ldap,cn=Users,dc=sandbox,dc=intranet,dc=pt bindpw xxxxxx
base cn=Users,dc=sandbox,dc=intranet,dc=pt scope sub
nss_base_passwd cn=Users,dc=sandbox,dc=intranet,dc=pt?sub nss_base_shadow cn=Users,dc=sandbox,dc=intranet,dc=pt?sub nss_base_group cn=Users,dc=sandbox,dc=intranet,dc=pt?sub
pam_password ad
pam_login_attribute sAMAccountName pam_member_attribute msSFU30PosixMember
# only members of this group can access this server: pam_groupdn cn=Domain Users,dc=sandbox,dc=intranet,dc=pt
pam_filter (objectclass=user)
nss_map_objectclass posixAccount user nss_map_objectclass shadowAccount user nss_map_objectclass posixGroup Group
nss_map_attribute uid sAMAccountName nss_map_attribute uidNumber msSFU30UidNumber nss_map_attribute gidNumber msSFU30GidNumber nss_map_attribute loginShell msSFU30LoginShell nss_map_attribute gecos msSFU30Gecos nss_map_attribute userPassword msSFU30Password nss_map_attribute homeDirectory msSFU30HomeDirectory nss_map_attribute uniqueMember msSFU30PosixMember
# EOF - ldap.conf
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
