Besides ldap.conf, you also need to configure pam:
Actually pam isn't required just to get user information, which is what I'm trying to do.
But anyway, I found the problem. It was pretty supid actually... it should be "/etc/libnss-ldap.conf" and not "/etc/ldap.conf" (like in SUSE and Red Hat/CentOS).
But anyway, thanks for the info. I wasn't sure how to configure pam_ldap also (but haven't gotten there yet).
Carlos Rodrigues
apt-get install libpam-ldap -y apt-get install libnss-ldap -y apt-get install libpam-cracklib -y
Note: libpam-cracklib is not required for LDAP (it just enforces strong passwords)
The following config files work, but you can change them to suit your needs:
/etc/pam.d/common-auth: auth sufficient pam_ldap.so auth required pam_unix.so use_first_pass
/etc/pam.d/common-account: account sufficient pam_ldap.so account required pam_unix.so
/etc/pam.d/common-password: password required pam_cracklib.so retry=3 minlen=6 difok=3 password sufficient pam_ldap.so use_authtok try_first_pass password required pam_unix.so use_authtok try_first_pass md5
Also, if you intend to change user passwords with passwd via libpam-ldap, you will need to patch pam_ldap.so: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=284104
Good luck!
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
