I already posted this to the sunray mailing list, but I thought I'd ask here, as well. I'm pretty sure there's a larger reader base and I'm hoping that somebody might have a bit of experience with this:
---------------------------------------- I struggled for some time trying to get LDAP and PAM to work together well enough to be able to authenticate successfully on a couple of ubuntu machines here. Now that it's working successfully we want to move our OpenSuSE Linux server cluster to be utilizing LDAP; that was the SunRays that they serve can be much more centrally administrated... Doing password and other various user changes across the entire array of Linux machines has been a nightmare. Anyway, now that I'm starting to know LDAP fairly well, I just dropped the working PAM configuration files into /etc/pam.d on one of the machines in our server cluster. Well, all of the standard linux services (su, sshd, login, chsh, EVERYTHING) worked just fine relying only on the LDAP directory for authentication (this is OpenLDAP, btw, not one of sun's directory services which I've only been able to get working with the Calendar suite for its own data). Unfortunately, gdm and the SunRay services refuse to authenticate with that data. I had to restore /etc/pam.d from backup in order to get the SunRays to let anyone authenticate. Does anybody out there have a SunRay/SRSS system set up that is using OpenLDAP? I started looking through the various files in pam.d that SRSS seems to rely heavily on and I see that they're full of libraries which appear to be (big surprise) nonstandard and Sun proprietary. I'd really like to have this system working, or at least be able to find documentation about it. Unfortunately my google-fu seems to be lacking. I would really appreciate any information that anyone out there could give or even a few pointers to resources that I haven't been able to turn up on my own. Thank you for your time & help. <a href="http://www.zoominfo.com/people/*Getsman*_*Damon*_-214241.aspx";> Damon Getsman Linux/Solaris System Administrator </a> --- You are currently subscribed to ldap@umich.edu as: [EMAIL PROTECTED] To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the SUBJECT of the message.
