Hi,
if you look at the message of the linux base port, you will see that this part
is discussed there.
FreeBSD does not come with ldap by default, so does the linux base port. So far
nobody complained loudly about the lack of a nss ldap port for the linuxulator,
and nobody felt the pressure to
On 02/10/2009 10:08 PM, Arjun Singh wrote:
> Thanks for the advice. I tried to see if I could get nscd to solve anything,
> but it seems to just hide the problem, and not completely. With nscd
> enabled, the first login fails. After that, it's fine..
>
> I get the following in auth.log correspondi
Thanks for the advice. I tried to see if I could get nscd to solve anything,
but it seems to just hide the problem, and not completely. With nscd
enabled, the first login fails. After that, it's fine..
I get the following in auth.log corresponding with the failed first login
(with the correct pw):
Arjun Singh wrote:
> I'm trying to set up an ldap server on FreeBSD 7.1-RELEASE.
>
> I installed all of the latest versions of openldap24-server,
> openldap24-client, nss_ldap, and pam_ldap.
>
> When I do any sort of ldapsearch or 'getent passwd' or anything, everything
> works perfectly. The onl
On Wed, Mar 5, 2008 at 9:51 AM, Eddie C <[EMAIL PROTECTED]> wrote:
> Jason,
>
> I was willing to settle for openldap 23. Im my case however the
> problem is nscd daemon. new to 7.0 not in 6.3 We want to role this out
> across hundreds of servers and fear that without caching looks to a
> halt.
On Tue, Mar 4, 2008 at 8:18 PM, Jason Garrett <[EMAIL PROTECTED]> wrote:
> This is most likely a dumb question, but how do I tell ports to build
> nss_ldap against openldap-2.4.8?
WANT_OPENLDAP_VER=24
worked in /etc/make.conf
>
>
>
___
freebsd-ques
On Tuesday 13 March 2007 14:21, Gerhard Schmidt wrote:
> On Tue, Mar 13, 2007 at 11:13:00AM +0200, Jonathan McKeown wrote:
> > On Tuesday 13 March 2007 10:26, Gerhard Schmidt wrote:
[setting group: files ldap in nsswitch.conf]
> > It looks as though you can instruct nss_ldap to unconditionally re
On Tue, Mar 13, 2007 at 11:13:00AM +0200, Jonathan McKeown wrote:
> On Tuesday 13 March 2007 10:26, Gerhard Schmidt wrote:
>
> > > It's a well-known problem rather than a bug, and it arises when looking
> > > up group information for a user. The system needs a list of all the
> > > groups the user
On Tuesday 13 March 2007 10:26, Gerhard Schmidt wrote:
> > It's a well-known problem rather than a bug, and it arises when looking
> > up group information for a user. The system needs a list of all the
> > groups the user is a member of. Since it's a list, not a single answer,
> > you can't short
On Tue, Mar 13, 2007 at 09:08:34AM +0100, Joerg Pulz wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
> On Tue, 13 Mar 2007, Gerhard Schmidt wrote:
>
> >On Tue, Mar 13, 2007 at 12:07:15AM +0100, Pietro Cerutti wrote:
> >>On 3/12/07, Gerhard Schmidt <[EMAIL PROTECTED]> wrote:
> >>>Hi,
On Tue, Mar 13, 2007 at 10:01:09AM +0200, Jonathan McKeown wrote:
> On Tuesday 13 March 2007 09:16, Gerhard Schmidt wrote:
> > On Tue, Mar 13, 2007 at 12:07:15AM +0100, Pietro Cerutti wrote:
> > > On 3/12/07, Gerhard Schmidt <[EMAIL PROTECTED]> wrote:
> > > >Hi,
> > >
> > > Hello,
> > >
> > > >As I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, 13 Mar 2007, Gerhard Schmidt wrote:
On Tue, Mar 13, 2007 at 12:07:15AM +0100, Pietro Cerutti wrote:
On 3/12/07, Gerhard Schmidt <[EMAIL PROTECTED]> wrote:
Hi,
Hello,
As I see it, nss asks all sources even if the frist one allready know
On 3/13/07, Jonathan McKeown <[EMAIL PROTECTED]> wrote:
The only ``workaround'' I've seen suggested is the parameter introduced
recently in nss_ldap:
nss_initgroups_ignoreusers
Right, now I remember that once I had this problem too...
Another workaround would be to have two different nsswitch
On Tuesday 13 March 2007 09:16, Gerhard Schmidt wrote:
> On Tue, Mar 13, 2007 at 12:07:15AM +0100, Pietro Cerutti wrote:
> > On 3/12/07, Gerhard Schmidt <[EMAIL PROTECTED]> wrote:
> > >Hi,
> >
> > Hello,
> >
> > >As I see it, nss asks all sources even if the frist one allready knows
> > > the answe
On Tue, Mar 13, 2007 at 07:58:05AM +0900, Daniel Marsh wrote:
>
> I've run into this very same problem... but the way I got around it was
> putting OpenLDAP in a jail all by its lonesome and making sure that jail
> would start before anything on the host system would start that may need
> LDAP...
On Tue, Mar 13, 2007 at 12:07:15AM +0100, Pietro Cerutti wrote:
> On 3/12/07, Gerhard Schmidt <[EMAIL PROTECTED]> wrote:
> >Hi,
> Hello,
>
> >As I see it, nss asks all sources even if the frist one allready knows the
> >answer. Is there a way to change this.
>
> man nsswitch.conf(5)
> Look for St
On 3/12/07, Gerhard Schmidt <[EMAIL PROTECTED]> wrote:
Hi,
Hello,
As I see it, nss asks all sources even if the frist one allready knows the
answer. Is there a way to change this.
man nsswitch.conf(5)
Look for Status codes and Actions
Bye
Bye
Estartu
-
On 3/12/07, Gerhard Schmidt <[EMAIL PROTECTED]> wrote:
Hi,
I have a small problem. On my central server we run an openldap server
that
contains the userdata for some systems. An the server uses this ldap
server for authentication and nss. The problem is that when the server is
booting slapd tak
Ansar Mohammed wrote:
One of the more "undocumented" things here is to make sure that in your
/usr/local/etc/nss_ldap.conf to make sure that your bind_polcy is soft.
If not, you will have no end of problems if you ldap server goes down.
Basically if you have in your nsswitch.conf:
Passwd: f
One of the more "undocumented" things here is to make sure that in your
/usr/local/etc/nss_ldap.conf to make sure that your bind_polcy is soft.
If not, you will have no end of problems if you ldap server goes down.
Basically if you have in your nsswitch.conf:
Passwd: files ldap
Group: files ld
On Mon, 2005-11-21 at 13:05 -0500, Nathan Vidican wrote:
> Two things to check, first off, user must be in group 'wheel' (gid 0), in
> order
> to su, and also check settings in "/etc/pam.d/su", (su has seperate settings).
>
wheel, duh! sorry for asking such stupid questions. I hope this one is
Two things to check, first off, user must be in group 'wheel' (gid 0), in order
to su, and also check settings in "/etc/pam.d/su", (su has seperate settings).
--
Nathan Vidican
[EMAIL PROTECTED]
Windsor Match Plate & Tool Ltd.
http://www.wmptl.com/
Robert Fitzpatrick wrote:
On Mon, 2005-11-21
On Mon, 2005-11-21 at 10:49 -0500, Nathan Vidican wrote:
> Robert Fitzpatrick wrote:
> > I find several docs on setting this up, but none pertaining to linux
> > compat. Can anyone point me to some instructions for setting this up
> > properly?
> Um... actually VERY easy...
>
> Step 1: install n
Robert Fitzpatrick wrote:
I find several docs on setting this up, but none pertaining to linux
compat. Can anyone point me to some instructions for setting this up
properly?
--
Robert
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd
In the last episode (Jan 25), Serge Kestens said:
> i'm trying to use pam_ldap and nss_ldap on a freebsd 5.3 box. This is
> my first try to use ldap for sshd logins. When the user exists in the
> files i can connect without problem. I created the same user in ldap
> with a different password and i
In the last episode (Oct 27), Matt Schwartz said:
> I am stumped. I am trying to build nss_ldap and I get an error that
> says cannot locate file when I know it exists and I know the
> exact directory it is located in and specify it. Here is the command
> line I am using:
>
> ./configure -inclu
On Saturday 13 March 2004 18:25, Per olof Ljungmark wrote:
> If you have a similar setup working I am very interested in how it was
> accomplished.
Allright, so here is my setup if it can help you;
note that I'm using ldap over SSL with key files.
server:
# /usr/local/etc/ldap.conf
uri ldapi://%2
Antoine Jacoutot wrote:
The ultimate goal is to create a Samba PDC, but seems far away ay the
moment...
I have this kind of setup working perfectly. Tell me what you need.
I need to figure out the interaction between OpenLDAP and the PAM
system. LDAP is working fine, Samba is fine.
/usr/local/etc/
Selon Per olof Ljungmark <[EMAIL PROTECTED]>:
> FBSD 5.2.1, nss_ldap/pam_ldap, no joy.
> Have really tried to read available documents, man pages etc., but no avail.
> If I could increase the debug level with pam perhaps it would take me
> further, could somebody please give a hint on how to?
> Th
On Tue, 3 Feb 2004, Andrea Venturoli wrote:
> Hello. I've installed the above on FreeBSD 5.1 and it's more or less
> working; however when i do ls -l I don't see user names, but uid
> numbers. Any fix?
You need to run 5.2-RELEASE. In 5.1 the binaries in /bin and /sbin are
still statically linked
On Tue, 2004-02-03 at 17:10 -0500, Andrea Venturoli wrote:
> I've installed the above on FreeBSD 5.1 and it's more or less working; however when
> i do ls -l I don't see user names,
> but uid numbers.
> Any fix?
5.1 does not have dynamically linked libraries for ls and other sysutils
in order to
On Sun, Jan 25, 2004 at 02:09:29PM -0500, Andrea Venturoli wrote:
> Hello.
> I've built a mailserver with FreeBSD 5.1, which uses nss_ldap for the
> user database, and sendmail-ldap from the port collection. Everything
> works fine except forward files. I've arranged sendmail to keep them
> all in
> But when I try to change a pass for a LDAP user I get :
> passwd: Sorry, `passwd' can only change passwords for local or NIS
> users.
That's actually strange.
>From /usr/src/usr.bin/passwd/passwd.c :
/* check where the user's from */
switch (pwd->pw_fields & _PWF_SOURCE) {
L PROTECTED]>
> Cc: [EMAIL PROTECTED]
> Subject: Re: nss_ldap in -CURRENT
>
> 9. configure /etc/nsswitch
^^ => /etc/nsswitch.conf
-bash-2.05b# cat /etc/nsswitch.conf
passwd: files ldap
groups: files ldap
___
[
On Thu, 7 Aug 2003 00:43:12 +0200
[EMAIL PROTECTED] (Thomas Deniau) wrote:
> Hi !
Hi,
> I'm trying to use nss_ldap, to implement ldap authentication, in
> 5.1-current.
> The LDAP server works perfectly. I've installed the nss_ldap and
> pam_ldap ports, edited /usr/local/etc/ldap.conf. put "passwd
> So, is it safe to comment out the errx and recompile passwd ?
OK, if anyone has the same problems :
I've commented out the errx, cc -lpam -o passwd
/usr/src/usr.bin/passwd/passwd.c
Now the passwd works for LDAP too ;)
--
Thomas Deniau
"Unix is user friendly. It's just selective when choosing
If someone wants to add/correct something.
Begin forwarded message:
Date: Thu, 7 Aug 2003 01:14:50 +0200
From: Clement Laforet <[EMAIL PROTECTED]>
To: Kerberus <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED]
Subject: Re: nss_ldap in -CURRENT
On 06 Aug 2003 18:03:30 -0500
Kerberus <[
> 10. id to test
OK, things work up to this step. "su" works too. Thank you !
(the symlink thing was missing)
Now I'm trying to implement password changes
I've put
passwordsufficient /usr/local/lib/pam_ldap.so
passwordrequiredpam_unix.so no_warn
try
In the last episode (Feb 04), Frank Bonnet said:
> Does anyone has compiled nss_ldap ( from padl.com ) at FreeBSD 5.0 ?
FreeBSD's NSS does not support loadable modules. pam_ldap works great,
though.
--
Dan Nelson
[EMAIL PROTECTED]
To Unsubscribe: send mail to [EMAIL PROTECTED]
39 matches
Mail list logo
