Hello everyone, Having a bit of difficulty. In our environment we use kerberos (heimdal) for user authentication, afs for home dirs, with user information being stored in ldap (ver 3, no tsl/ssl for it). On linux clients /etc/passwd is still used however. Trying out SUSE 9.3, and I want to set it to use the above setup, minus using /etc/passwd (I want it grab that info from ldap instead, and limit passwd's usage to system accounts, root, etc.). I can get kerberos tickets, have my home dir be in afs, however I've been unsuccessful with regards to the ldap integration, that is it only seems to be working if the user account is specified in /etc/passwd. We did some debugging to make sure that the SUSE client was in fact talking to the ldap server, it was, but it still wasn't working. One problem was that it was looking for POSIX as being the objectclass. I changed that, however still no go even in setting the object class correctly. One very bad thing I did see however was that SUSE was sending out the account password over the net (in plain text of all things...) Again, I want kerberos to be taking care of that side, ldap for account info such as home dir, uid, etc. I'm thinking the solution to the problem lies somewhere in pam_unix2.conf or something, but the documentation is a bit on the sparse side. Any one have success in trying something along these lines? Thanks, D'Arcy MacIsaac
participants (1)
-
D'Arcy A MacIsaac