One more problem I have with login_ldap is that after I lock KDE with the blue
lock-applet (kdesktop_lock), then I can't login anymore. The /var/log/authlog:
Aug 8 13:52:43 blowfish kcheckpass[7059]: Authentication failure for
afarber (invoked by uid 25323)
I've searched around and one workaround mentioned is to make kcheckpass setuid.
But this is actually the case with the stock 3.7 KDE-package, so this
doesn't help
24 -rwsr-xr-x 1 root bin 11108 Mar 18 10:55 /usr/local/bin/kcheckpass
Regards
Alex
2005/8/4, Alexander Farber <[EMAIL PROTECTED]>:
> blowfish# tail /etc/login.conf
> ldap:\
> :auth=-ldap:\
> :x-ldap-server=172.25.93.242:\
> :x-ldap-basedn=o=bonmp.XXX.com:\
> :x-ldap-uscope=subtree:\
> :x-ldap-filter=(uid=%u):
>
> blowfish# /usr/local/libexec/auth/login_-ldap -d afarber ldap
> Password:
> uri = ldap://172.25.93.242:389/
> filter = (uid=afarber)
> search result 0x0
> authorize
>
> Now my problem is, that for every user there needs to be an entry
> in /etc/passwd (is it needed for setting the login class to "ldap"?).
> And we have 200-300 users at our site (and much more globally).
>
> I wonder, how do the others handle this case of many users?
