nss_ldap on FreeBSD 5.3
Robert Fitzpatrick
robert at webtent.com
Mon Nov 21 17:49:46 GMT 2005
On Mon, 2005-11-21 at 10:49 -0500, Nathan Vidican wrote:
> Robert Fitzpatrick wrote:
> > I find several docs on setting this up, but none pertaining to linux
> > compat. Can anyone point me to some instructions for setting this up
> > properly?
> Um... actually VERY easy...
>
> Step 1: install nss_ldap & pam_ldap
> 2: edit /usr/local/etc/nss_ldap.conf
> edit /usr/local/etc/ldap.conf
> edit /usr/local/etc/ldap.secret
> 3: edit /etc/nssswitch.conf, change from 'files' to 'files ldap' for 'group',
> and 'passwd' (optionally) 'hosts' too.
> 4: do a quick 'ldapsearch -x' to make sure you are connecting/searching the
> correct ldap tree...
> 5: edit /etc/pam.d/<service> file(s) for which types of accounts you want to
> authenticate. ie: system, login, ftp, ssh, other, etc... should have to add a
> line like:
>
> auth sufficient /usr/local/lib/pam_ldap.so try_first_pass
>
Thanks, that was easy, I was just missing the part about nss_ldap.conf,
I didn't realize there was a separate file for nss. I have the logins
working with gnome well, but I noticed once I login as an LDAP user, I
cannot su to root in terminal session...
robert at felipa$ su
Password:
su: Sorry
robert at felipa$
Can someone point out why this happens?
--
Robert
More information about the freebsd-questions
mailing list