#1
  1. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2003
    Location
    Mumbai, India
    Posts
    2
    Rep Power
    0

    LDAP Authentication. Please Help .......


    Hi,

    I am Dipu from Indian Institute of Technology, Bombay, India.

    Here we are trying to configure aLDAP server for authentication.We are using OpenLDAP for the purpose.

    For testing we are using RedHat9 for both client and server and we are trying to login to the client with an account which is present only in the server avoiding all the system users.

    We followed the steps given in the following link,

    http://www.xenos.net/library/ldapauth.html#intro

    Now the problem is,

    1- We are not at all able to login to the client even as
    'root' if the server is down.I
    2 - If server is up I can login to the client with existing
    users but not with the account which is there in
    server.

    If you have any piece of information regarding this that will be very much helpful for me.

    Also if any realtime( with example ) tutorial or link regarding this please let me know about that.

    Thanking you in anticipation,

    Dipu Kumar M
    Affordable Solutions Lab
    KReSIT, IIT Bombay
    Powai, Mumbai
    India - 400076
    Ph : 91-22-25764988
  2. #2
  3. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2003
    Posts
    2
    Rep Power
    0
    The first problem you mention is an annoying one. You need to add this line in your system-auth in the /etc/pam.d dir.

    account sufficient /lib/security/pam_localuser.so

    This should come after the line :-

    account required /lib/security/pam_unix.so

    This will then reenable system accounts while auhenticating with ldap.

    As for your other problem... is there more information ??
  4. #3
  5. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2003
    Location
    Mumbai, India
    Posts
    2
    Rep Power
    0

    Question LDAP Authentication


    Thank You very much MSiddall,

    The 1st problem which I said is over now but still worried with the second one.

    Let me explain about it.

    I am in the first phace and so only a single machine is acting as client.

    The domain name which I am using is

    dc=it,dc=iitb,dc=ac,dc=in

    And in the client side I configued the authentication part for LDAP based authentication.
    ( ie LDAP server as 10.129.50.37 -which is the ip of my server

    Base dn as dc=it,dc=iitb,dc=ac,dc=in
    )

    Using the migration tool, I migrated the accouts from the client to server and it is comimg under ou=People subtree in the LDAP tree.

    Then I deleted all other accounts( root, postgres etc. ) from the LDAP tree and only one guest account of the client I kept there.

    Then I removed the guest user from the client and tried to login to that with the assumption that I can login through the LDAP.

    But it is not allowing me for that and the usual invalid username or password mesaage is what I am getting.

    So friends,

    Is there anything wrong in what I am doing ?

    or Is there something more I have to do ?

    Thanking you in anticipation,

    Dipu Kumar M
    IIT, Bombay
  6. #4
  7. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2003
    Posts
    2
    Rep Power
    0
    Hmm...

    Looking at the documentation you have used it glosses over the use on PAM_LDAP. This module allows authentication to a LDAP server. I can't remember if this module is incuded in RH9 but, im sure that I installed it. avalible at www.padl.com once you have compiled this module It should work. The only other suggestion is to NOT use TLS until you have the authentication working, this just adds extra problems when trying to set this up.

    Martin

IMN logo majestic logo threadwatch logo seochat tools logo