2005/8/4, John Wright <[EMAIL PROTECTED]>:
> On Thu, Aug 04, 2005 at 10:47:00AM +0200, Alexander Farber wrote:
> > # base <o=bonmp.XXX.com> with scope sub
>
> Maybe the scope? If I'm reading the code correctly the default is onelevel
> (or "-s one" on the ldapsearch command line) but the default for ldapsearch
> is subtree.
>
Ahh, that was it. Thank you, now I can login
blowfish# tail /etc/login.conf
ldap:\
:auth=-ldap:\
:x-ldap-server=172.25.93.242:\
:x-ldap-basedn=o=bonmp.XXX.com:\
:x-ldap-uscope=subtree:\
:x-ldap-filter=(uid=%u):
blowfish# /usr/local/libexec/auth/login_-ldap -d afarber ldap
Password:
uri = ldap://172.25.93.242:389/
filter = (uid=afarber)
search result 0x0
authorize
Now my problem is, that for every user there needs to be an entry
in /etc/passwd (is it needed for setting the login class to "ldap"?).
And we have 200-300 users at our site (and much more globally).
I wonder, how do the others handle this case of many users?
Regards
Alex
