Just to update on that : I have received this RedHat update notification last night :
Synopsis openldap bug fix and enhancement update updated : 06/12/11 Subject Updated openldap packages that fix number of bugs and add various enhancements are now available for Red Hat Enterprise Linux 6. Description ... https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.2_Technical_Notes/openldap.html#RHBA-2011-1514 I updated and the loginShell variable is now properly used over authentication ( with no change on my initial configuration). I also see that many TLS issues that I have faced in the passed seem to have been fixed : I'm going to check that. Best, --- olivier On Thu, Dec 1, 2011 at 3:00 PM, Olivier <[email protected]> wrote: > > Hello, > > I have configured nss/pam on a REDHAT6 box to authenticate users > against an ldap : it works but I have a problem with getting my favorite > user shell when I log in. > > The "loginShell" shell attribute sounds to not been used to provide users > with their favorite shell when they log in : may be I misunderstood the > usage of this "posixAccount" attribute ? > > Thanks for your help, see below for additional indications : > > $ ssh [email protected] > [email protected]'s password: < MY LDAP PASSWORD> > > RHN Satellite kickstart on 2011-06-16 > > ##################### > # redhatbox.example.fr # > # # > # Hello # > ##################### > > > sh-4.1$ grep olivier /etc/passwd > <returns nothing (no local entry for olivier)> > > -sh-4.1$ pwd > > /home/olivier (my home directory found in ldap) > > -sh-4.1$ env | grep -i shell > SHELL=/bin/sh ( my shell user environnment is not picked in ldap) > > sh-4.1$ ldapsearch -D uid=olivier,ou=staff,ou=people,dc=example,dc=fr > -W uid=olivier > > Enter LDAP Password: < MY LDAP PASSWORD> > > # olivier, staff, people, example.fr > dn: uid=olivier,ou=staff,ou=people,dc=example,dc=fr > cn: Olivier G > gidNumber: 18000 > homeDirectory: /home/olivier > objectClass: top > objectClass: person > objectClass: organizationalPerson > objectClass: inetOrgPerson > objectClass: posixAccount > objectClass: shadowAccount > sn: olivier > uid: olivier > uidNumber: 1000 > shadowLastChange: 15282 > loginShell: /bin/tcsh > givenName: Olivier > mail: [email protected] > userPassword:: xxxxxxxxxxxxxxxxxxxxxxx > > -sh-4.1$ cat /etc/shells > /bin/sh > /bin/bash > /sbin/nologin > /bin/tcsh (my favorite shell is allowed) > /bin/csh > > ANY HELP ??? > > > Thanks > > --- > Olivier
