-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 8/16/07, Neil Marjoram wrote:

I have setup my OpenSuse 10.2 client to authenticate against an OpenLdap server using the Yast configuration. All seems well and the users can login to the terminal without an issue, however when logging into an X session, they receive an Xsession error "Login for user XXX is disabled". One of the reasons for this error can be an incorrect shell that has not been entered into /etc/shells. On investigation it turns out that the users shell is not being selected from the LDAP database and the field is left blank. getent passwd shows no shell for any LDAP users.

I am familiar with LDAP and have manually checked the configuration files but cannot find anything wrong. Can anyone shed any light on this matter?

It's definitely important that the user has a valid shell. I'm surprised they can log in via terminal, actually. On my Linux machines here, I actually have to symlink /bin/bash to /usr/bin/bash. We have mostly Solaris servers here and the shell for all the user accounts in LDAP is /usr/bin/bash. After the symlink is created it works fine, I don't even need to add /usr/bin/bash to the /etc/shells file. - -- Andy Harrison public key: 0x67518262 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) Comment: http://firegpg.tuxfamily.org iD8DBQFGxIfJNTm8fWdRgmIRAqCcAJ4gMqtQd8cTsAc3gNbvCtWaafVyHACfXS74 0SRDPHzDSFniiP5LFekLfR0= =CJrs -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org