Ok, problem solved.
I turned out that my nsswitch.conf was in error:
passwd: files ldap
group: files ldap
shadow: compat
snip...
is not going to do it, but
passwd: files ldap
group: files ldap
shadow: files ldap
snip...
is! And I can now return
Thanks to Mark for the debug hint.
I did the debug thing for two users, one local to both
client and server, and one in ldap.
For the local user a few lines from the logs look
like:
Authorized to test1, krb5 principal [EMAIL PROTECTED]
(krb5_kuserok)
debug3: PAM: do_pam_account pam_acct_mgmt = 0
David Parutki wrote:
I have a working installation with account information
in ldap, workstations accessing account information
via libnss-ldap and nscd. Further, a kerberos kdc with
principals matcing users in ldap. All machines have a
krb5.keytab. Home directories are currently served via
nfs fro
I have a working installation with account information
in ldap, workstations accessing account information
via libnss-ldap and nscd. Further, a kerberos kdc with
principals matcing users in ldap. All machines have a
krb5.keytab. Home directories are currently served via
nfs from one server to the w
4 matches
Mail list logo
