On 2014-12-28, Ivan Mincik wrote: > I am using LTSP in Fat client mode, with LDAP authentication [1]. I > see, that LDM is still using SSH tunnel for authentication. > > I am wondering how hard is to authenticate directly with LDAP server > without using SSH tunnel and optionally replace LDM with LightDM. > I am using Ubuntu 12.04.
The Debian-Edu project implemented LDAP authentication like this running KDM on LTSP clients a while back; I'm not sure if they're still using it. If you've already got the LDAP infrastructure in place, it's probably not terribly hard to get working... presuming you know how to do it for a "regular" disked machine, there would only be a few additional steps for an LTSP fat client. You'll need to configure some lts.conf settings: # allow lightdm to be started KEEP_SYSTEM_SERVICES=lightdm # disable the default of SCREEN_07=ldm when no SCREEN_XX is set, by # starting a debug shell on tty2. SCREEN_02=shell You'll probably want to create a no-op screen script to run with SCREEN_02 instead of always having a root shell, but the debugging shell should work for a proof-of-concept and proably will be useful for troubleshooting. You'll also probably need to figure out how to mount the user's homedir. LTSP typically does this using sshfs through LDM hooks. You could use NFS or some other remote filesystem protocol. And then you'll need to do the typical changes to /etc/pam.d/lightdm* or /etc/pam.d/common* for LDAP authentication... and possibly make other changes, depending on your LDAP implementation. The only thing LTSP specific here is that you might want to implement these using init-ltsp.d hooks, or edit the files directly and rebuild your NBD image after making changes. So, there are no step-by-step guides that I'm aware of, but maybe those pointers will give you a decent starting place. live well, vagrant
signature.asc
Description: PGP signature
------------------------------------------------------------------------------ Dive into the World of Parallel Programming! The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net
_____________________________________________________________________
Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto:
https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help, try #ltsp channel on irc.freenode.net
