Two things to check, first off, user must be in group 'wheel' (gid 0), in order
to su, and also check settings in "/etc/pam.d/su", (su has seperate settings).
--
Nathan Vidican
[EMAIL PROTECTED]
Windsor Match Plate & Tool Ltd.
http://www.wmptl.com/
Robert Fitzpatrick wrote:
On Mon, 2005-11-21 at 10:49 -0500, Nathan Vidican wrote:
Robert Fitzpatrick wrote:
I find several docs on setting this up, but none pertaining to linux
compat. Can anyone point me to some instructions for setting this up
properly?
Um... actually VERY easy...
Step 1: install nss_ldap & pam_ldap
2: edit /usr/local/etc/nss_ldap.conf
edit /usr/local/etc/ldap.conf
edit /usr/local/etc/ldap.secret
3: edit /etc/nssswitch.conf, change from 'files' to 'files ldap' for 'group',
and 'passwd' (optionally) 'hosts' too.
4: do a quick 'ldapsearch -x' to make sure you are connecting/searching the
correct ldap tree...
5: edit /etc/pam.d/<service> file(s) for which types of accounts you want to
authenticate. ie: system, login, ftp, ssh, other, etc... should have to add a
line like:
auth sufficient /usr/local/lib/pam_ldap.so try_first_pass
Thanks, that was easy, I was just missing the part about nss_ldap.conf,
I didn't realize there was a separate file for nss. I have the logins
working with gnome well, but I noticed once I login as an LDAP user, I
cannot su to root in terminal session...
[EMAIL PROTECTED] su
Password:
su: Sorry
[EMAIL PROTECTED]
Can someone point out why this happens?
--
Robert
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"