Regarding client configs
Nas Abdulla
naseef.ibrahim at gmail.com
Thu May 15 09:00:46 UTC 2008
Hi,
I followed the guide at
http://www.cultdeadsheep.org/FreeBSD/docs/Quick_and_dirty_FreeBSD_5_x_and_nss_ldap_mini-HOWTO.html
to the T, except that I didnot slappasswd my rootpw or any other
password. The output of the finger command is
root at rule40# finger nabdulla
Login: nabdulla Name: TestUser
Directory: /home/test Shell: /bin/csh
Never logged in.
No Mail.
No Plan.
root at rule40# id nabdulla
uid=1000(nabdulla) gid=1000 groups=1000
the when I try to login
root at rule40# ssh nabdulla at rule115.caia.swin.edu.au
Password:
Password:
Password:
Permission denied (publickey,keyboard-interactive).
The following are the contents of nss_ldap.conf
host rule115.caia.swin.edu.au
uri ldap://rule115.caia.swin.edu.au
ldap_version 3
binddn cn=admin,dc=rule115,dc=caia,dc=swin,dc=edu,dc=au
bindpw secret
port 389
pam_password clear
nss_base_passwd
ou=people,dc=rule115,dc=caia,dc=swin,dc=edu,dc=au?one
nss_base_group ou=group,dc=rule115,dc=caia,dc=swin,dc=edu,dc=au?one
In the pam.d/sshd ,I have added the following lines
auth sufficient /usr/local/lib/pam_ldap.so no_warn
try_first_pass
auth required pam_unix.so no_warn
try_first_pass
password sufficient /usr/local/lib/pam_ldap.so no_warn
try_first_pass
password required pam_unix.so no_warn
try_first_pass
Why can't I login to the server if I can excecute id and finger with
results?
--------------------------------------------
FreeBSD rule40.caia.swin.edu.au 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Fri
Nov 5 04:19:18 UTC 2004
root at harlow.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
More information about the freebsd-questions
mailing list