Hello, On 2014-09-24.Wed, Dan White wrote: > On 09/24/14 14:30 +0200, Ivaylo Ganchev wrote: > >Hello, > > > >I am installing openldap in my cathedra and am running into a strange > >problem. > > >- When I use libnss_ldapd and libpam_ldapd, the communication is OK, but > >it seems that the client is not asking for the userPassword agrument and > >so, there is no way to login (it only asks for "loginShell cn gidNumber > >uidNumber objectClass homeDirectory gecos uid" and then in another > >request "shadowExpire shadowInactive shadowFlag shadowWarning > >shadowLastChange uid shadowMin shadowMax" > > See: > > http://arthurdejong.org/nss-pam-ldapd/setup
I followed this setup when configuring. Will re-read it. I think I miss some further comprehension. > and its troubleshooting steps, namely, getent passwd, getent shadow, and > debug mode. > > In default configuration, you will not directly expose the userPassword > attribute to the client - a successful bind will authenticate the client's > credentials. thanks for pointing me these hints. -- Ivaylo
