sentinel said:
> Actually I had setup my ldap.conf however it was missing the
> nss_base_passwd ,the nss_base_group and uri. I'm seeing a new message pop
> up now.
>
> ******
> ssh -l user_name ip_address
>
> user_name@ip_address password:
> Permission denied, please try again.
> ******
>
> I'm wondering if I'm hitting the ldap server at all. Looking through the
> netscape server logs. Not sure what I'm looking for. Thoughts?
I believe the log for this on redhat would be /var/log/secure that should
show info about SSH, I bet your probably getting a cannot login to server
error. My setup is possibly non-standard, since I use the binddn and
bindpw directives, take those out if you don't use a 3rd party account
to authenticate with the database(I do it so anonymous users cannot query
the database).
it also could be misconfigured, what password format are you using? my
OpenLDAP server uses {MD5}, you may need to add another option if your
using another format, also netscape ldap may need yet another option as
well..
from my old ldap.conf:
# Hash password locally; required for University of
# Michigan LDAP server, and works with Netscape
# Directory Server if you're using the UNIX-Crypt
# hash mechanism and not using the NT Synchronization
# service.
#pam_password crypt
# Netscape SDK LDAPS
#ssl on
# Netscape SDK SSL options
#sslpath /etc/ssl/certs/cert7.db
I'm not sure if you need them or not, I haven't tried authenticating
off a Netscape ldap server yet.
good luck!
nate
--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list
