OpenLDAP pam_ldap SuSE 8.2
Dear fellows, I've just upgraded a working SuSE 7.3 to a 8.2 (I've reformated the HD, installed 8.2 from scratch and started configuring). My OpenLDAP is working fine (including TLS, replica, etc) and I can perform a successful "ldapsearch -x 'uid=edgar'" anytime but if I try a 'getent passwd edgar' it returns nothing. I've double-checked /etc/openldap/ldap.conf, /etc/openldap/slapd.conf, /etc/nsswitch and /etc/pam.d/*, I've also tried to use lines like "auth required pam_unix2.so" (seems new to SuSE8.2) or "auth required pam_ldap.so" (the lines I was using in SuSE 7.3) for some services without success: #%PAM-1.0 auth required pam_unix2.so account required pam_unix2.so #password required pam_pwcheck.so nullok #password required pam_unix2.so nullok use_first_pass use_authtok session required pam_unix2.so OR #%PAM-1.0 auth required pam_ldap.so account required pam_ldap.so #password required pam_pwcheck.so nullok #password required pam_unix2.so nullok use_first_pass use_authtok session required pam_ldap.so It's clear to me that there are more conf files involved in SuSE 8.2 than: /etc/openldap/*, /etc/nsswitch and /etc/pam.d/* but I don't have a clue which files. I've followed SuSE 8.2 docs and edited /etc/security/pam_unix2.conf like sugested in "To use the pam_ldap module, you need to do the following: If you use the default SuSE Linux PAM configuration, you only need to edit /etc/security/pam_unix2.conf and add the "use_ldap" option for account, auth and password management. If you configure LDAP with YaST2, YaST2 will do this for you. Else edit all the /etc/pam.d configurations file to use the pam_ldap module. Look in /usr/share/doc/packages/pam_ldap for examples." I've tried both methods above without sucess (the first seems to be system wide and the second, service specific). I've also tried to use YAST-LDAP-client-configurator and it worked just fine till the next reestart!!! - I've tried YAST again after the first reestart but it didn't work anymore. Could anyone point me some SuSE 8.2 especific documentations (other than /usr/share/doc) and/or all the file names (and their locations) involved. Thanks in advance, José Carlos Stevenson.
participants (1)
-
José Carlos Stevenson