Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

Authenticating from OS X server 10.3
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
stang7423
n00b
n00b


Joined: 07 Apr 2004
Posts: 2
PostPosted: Wed Apr 07, 2004 11:14 pm    Post subject: Authenticating from OS X server 10.3 Reply with quote
I'm trying (unsucessfully so far) to authenticate my gentoo box from my OS X server. Since open directory is built around LDAPv3 I'm assuming this is possible. So far I've tired the HOWTO from tldp.org and a couple other sites around, but I'm still getting errors. I think I have pam and nss configured correctly, but I'm not sure the relavant files are below. Here is the the error I get when a user tries to auth.
Code:

Apr  7 18:01:10 harold groupmod: pam_ldap: error trying to bind (Server is unwilling to perform)


Here are my config files, if there are any errors let me know, I'm new to LDAP.

/etc/nsswitch.conf
Code:

passwd:         files   ldap
group:          files   ldap
shadow:         files   ldap


/etc/ldap.conf
Code:

HOST 192.168.0.2
BASE dc=internal,dc=troystanger,dc=com
LDAP_VERSION 3

PORT 389

binddn uid=root,ou=users,dc=internal,dc=troystanger,dc=com
#bindpw secret
#crypt md5

nss_base_passwd cn=users,dc=internal,dc=troystanger,dc=com
nss_base_shadow cn=users,dc=internal,dc=troystanger,dc=com
nss_base_group  cn=groups,dc=internal,dc=troystanger,dc=com
nss_base_hosts  cn=computers,dc=internal,dc=troystanger,dc=com

scope one


/etc/pam.d/system-auth
Code:

#%PAM-1.0

auth       required     /lib/security/pam_env.so
auth       sufficient   /lib/security/pam_unix.so likeauth nullok
auth       required     /lib/security/pam_deny.so
auth       sufficient   /lib/security/pam_ldap.so use_first_pass

account    required     /lib/security/pam_unix.so
account    sufficient   /lib/security/pam_ldap.so

password   required     /lib/security/pam_cracklib.so retry=3
password   sufficient   /lib/security/pam_unix.so nullok md5 shadow use_authtok
password   required     /lib/security/pam_deny.so
password   required     /lib/security/pam_ldap.so use_authtok

session    required     /lib/security/pam_limits.so
session    required     /lib/security/pam_unix.so
session    required     /lib/security/pam_mkhomedir.so skel=/etc/skel/ umask=0
session    optional     /lib/security/pam_ldap.so


Thanks.
Back to top
View user's profile Send private message
asv
Tux's lil' helper
Tux's lil' helper


Joined: 25 Jul 2003
Posts: 138
Location: State College, PA United States
PostPosted: Thu Apr 08, 2004 12:57 am    Post subject: question on os x Reply with quote
Doesn't OS X server use Kerberos as its default network authentication method?
Back to top
View user's profile Send private message
stang7423
n00b
n00b


Joined: 07 Apr 2004
Posts: 2
PostPosted: Fri Apr 09, 2004 4:02 pm    Post subject: Kerberos Reply with quote
I do not have KDC running on my OS X server, so I would be doing my authentication through SASL. Kerberized auth is in my future plans, but I started with basic auth just to get the system up and running. Would doing the auth through Krb5 be easier to setup?
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy