Hi, all
I'm attempting to set up LDAP auth (against IPA server 4.10) from a OSX
10.10.5 (Yosemite) client
Using the excellent instructions at
http://linsec.ca/Using_FreeIPA_for_User_Authentication#Mac_OS_X_10.7.2F10.8%20%22Linsec.ca%20tutorial%20for%20connecting%20Mac%20OS%2010.7%20to%20IPA%20Server,
I've populated the specified files, d/l'd the cert, am able to configure
Users and Groups objects/attribs and browse both from within OSX's
Directory Utility. ldapsearch similarly returns the expected results.
In spite of this, i'm unable to authenticate as any IPA-LDAP user on
this system
dirsrv log on the ipa master shows no apparent errors - remote auth
attempts exit with "RESULT err=0 tag=101 nentries=1 etime=0", but tell
the truth, there so much stuff there and being rather inexperienced with
LDAP diags i might easily be missing something in the details
The linsec.ca instructions were written in the 10.7-10.8 era so
something may have changed since. Having said that, we've had no
problems authenticating against our existing OpenLDAP server (which IPA
is slated to replace) right up to 10.10.5 with no zero to our Directory
Utility setup.
Hoping someone here has some contemporary experience with OSX and IPA
and for whom this issue rings a bell?
many thanks
Cal Sawyer | Systems Engineer | BlueBolt Ltd
15-16 Margaret Street | London W1W 8RW
+44 (0)20 7637 5575 | www.blue-bolt.com
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project