Skip to main content

Thread: ldap server

-

hi

user ubuntu 12.04 lts server.i use ldap+pam user authentication , nfs mounting home directory. clients ldaptop 11.04 .initially wireless issue there , seems ok.now facing 2 issues.

1,i use autofs mount homedir,confgiruation show below.i not mout home dir using wild cards.do need on server mount?


$ cat /etc/auto.master+auto.master/nfs/home /etc/auto.home --timeout=120 --ghost$ cat /etc/auto.home* -fstype=nfs,soft,intr,rsize=8192,wsize=8192,nosuid, tcp 192.168.5.250:/export/users/&
share -fstype=nfs,soft,intr,rsize=8192,wsize=8192,nosuid, tcp 192.168.5.250:/export/users/share


2,my gdm hangs whenever network gets disconnected.as wifi disconnection happens sometime.

below configuration files

/etc/pam.d/common-session

#
# /etc/pam.d/common-session - session-related modules common services
#
# file included other service-specific pam config files,
# , should contain list of modules define tasks performed
# @ start , end of sessions of *any* kind (both interactive and
# non-interactive).
#
# of pam 1.0.1-6, file managed pam-auth-update default.
# take advantage of this, recommended configure any
# local modules either before or after default block, , use
# pam-auth-update manage selection of other modules. see
# pam-auth-update(8) details.


# here per-package modules (the "primary" block)
session [default=1] pam_permit.so
# here's fallback if no module succeeds
session requisite pam_deny.so
# prime stack positive return value if there isn't 1 already;
# avoids returning error because nothing sets success code
# since modules above each jump around
session required pam_permit.so
# , here more per-package modules (the "additional" block)
session required pam_unix.so
session required pam_mkhomedir.so skel=/etc/skel/
session optional pam_ldap.so
session optional pam_ecryptfs.so unwrap
session optional pam_ck_connector.so nox11
# end of pam-auth-update config
#session optional pam_mkhomedir.so skel=/etc/skel umask=077



/etc/nsswitch.conf
#
# example configuration of gnu name service switch functionality.
# if have `glibc-doc-reference' , `info' packages installed, try:
# `info libc "name service switch"' information file.


#passwd: compat
#group: compat
#shadow: compat


passwd: compat ldap [notfound=return] db
group: compat ldap [notfound=return] db
shadow: compat ldap


hosts: files dns
networks: files


protocols: db files
services: db files
ethers: db files
rpc: db files


netgroup: nis

/etc/pam.d/common-account


#
# /etc/pam.d/common-account - authorization settings common services
#
# file included other service-specific pam config files,
# , should contain list of authorization modules define
# central access policy use on system. default to
# deny service users accounts expired in /etc/shadow.
#
# of pam 1.0.1-6, file managed pam-auth-update default.
# take advantage of this, recommended configure any
# local modules either before or after default block, , use
# pam-auth-update manage selection of other modules. see
# pam-auth-update(8) details.
#


# here per-package modules (the "primary" block)
account [success=2 new_authtok_reqd=done default=ignore] pam_unix.so
account [success=1 authinfo_unavail=1 default=ignore] pam_ldap.so
# here's fallback if no module succeeds
account requisite pam_deny.so
# prime stack positive return value if there isn't 1 already;
# avoids returning error because nothing sets success code
# since modules above each jump around
account required pam_permit.so
# , here more per-package modules (the "additional" block)
# end of pam-auth-update config






/etc/pam.d/common-auth


#
# /etc/pam.d/common-auth - authentication settings common services
#
# file included other service-specific pam config files,
# , should contain list of authentication modules define
# central authentication scheme use on system
# (e.g., /etc/shadow, ldap, kerberos, etc.). default use the
# traditional unix authentication mechanisms.
#
# of pam 1.0.1-6, file managed pam-auth-update default.
# take advantage of this, recommended configure any
# local modules either before or after default block, , use
# pam-auth-update manage selection of other modules. see
# pam-auth-update(8) details.


# here per-package modules (the "primary" block)
auth [success=4 default=ignore] pam_unix.so nullok_secure
auth [success=1 authinfo_unavail=ignore default=2] pam_ldap.so use_first_pass
auth [success=2 default=1] pam_ccreds.so action=validate use_first_pass
auth [default=1] pam_ccreds.so action=store
# here's fallback if no module succeeds
auth requisite pam_deny.so
# prime stack positive return value if there isn't 1 already;
# avoids returning error because nothing sets success code
# since modules above each jump around
auth required pam_permit.so
# , here more per-package modules (the "additional" block)
auth optional pam_ccreds.so minimum_uid=1000 action=store
auth optional pam_ecryptfs.so unwrap
# end of pam-auth-update config



Forum The Ubuntu Forum Community Ubuntu Specialised Support Ubuntu Servers, Cloud and Juju Server Platforms [ubuntu] ldap server


Ubuntu

Comments

Post a Comment

Popular posts from this blog

Some mp4 files not displaying correctly (CS6)

-
Image
a week ago in premiere pro cs6 world. one day updated windows, next day few .mp4 video files opened in premiere pro, played fine well, except fact display has green (sometimes multicolour, solid green block) bars in lower third of screen. see screenshot below.   these same files open/display fine in after effects, photoshop , vlc- , quicktime players. i'd read fromyears ago windows updates causing this, removed 1 of therecent kb's no avail. i did install adobemediaencodertrial_64-6.0.3-mul-adobeupdate and dynamiclinkmediaserverretail-1.0.1-mul-adobeupdate and reverted quicktime 7.6 but nothing makes difference.   in end, formatted c:\, reinstalled windows 7 ultimate 64bit , downloaded/installed 260 updates , reinstalled cs6 (and aforementioned ame , dlms updates , qt7.6) it's still same problem.   also tried exporting (part of) 1 of these files, see if wasn't display problem: exported file same properties original has green bars.   what else can do?   thanks in advanc
Read more

Thread: Samba is not authenticating with LDAP

-
hello everyone. i've setup hp proliant server running ubuntu precise 64bit. have server running precise has openldap server running on it. i'm trying samba server authenticate ldap server users able log samba using ldap credentials. followed directions on site: http://raerek.blogspot.com/2012/05/s...sing-ldap.html http://raerek.blogspot.com/2012/05/s...g-ldap_28.html i'm using mac running mountain lion connected samba share when message: "check server name or ip address, , try again. if continue have problems, contact system administrator." when go /var/log/samba/log.workstation [2013/04/02 21:56:33.187358, 0] auth/check_samsec.c:491(check_sam_security) check_sam_security: make_server_info_sam() failed 'nt_status_unsuccessful' $ testparm load smb config files /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) minimum windows limit (16384) processing section "[oh-fileshare]&qu
Read more