Le samedi 8 mars 2014, 14:20:23 Matthew Weigel a écrit : > On 03/08/2014 12:16 PM, Stéphane Guedon wrote: > >> I am looking through logs and config since the beginning of the > >> day... Actually, asking help on forums or mailing lists is always > >> my last step in solving problems... > > We try to help. > > But... giving detailed descriptions of the problem, and showing > relevant configs and logs the first time, goes a long way to > helping people help you. > > Reading manuals helps too. Among others, ypldap(8), ypldap.conf(5), > login.conf(5), login_ldap(8) from ports, and whatever manuals for > OpenLDAP. > > But why can't I authenticate (using ssh or login) on the system ? > > Do I really have to go through ypldap ? Sounds not efficient to > > have an intermediate ! > > There are two separate mechanisms: how user information is looked > up, and how users are authenticated. You provide zero details on > how ypldap or login_ldap are configured, so it's hard to guess > whether you have some configuration wrong. I can say it works for > me.
Because when beginning, I just tried to auth with ldap alone ! Now that I try with ldap + ypldap, it works. Thanks Guys ! I solved it... > > The user lookup is configured (via +:: entries in /etc/passwd and > /etc/group) to use YP routines. Thus the user is looked up in ypldap > when they attempt to login, which is configured to identify the > user's login class as ldap. The ldap login class is configured in > login.conf to authenticate via login_ldap talking to the LDAP > server, which is configured to have the appropriate users. > > This is what I meant by "that's a lot more moving parts than just > passwords in LDAP." [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
