-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 8/16/07, Neil Marjoram  wrote:
> I have setup my OpenSuse 10.2 client to authenticate against an OpenLdap
> server using the Yast configuration. All seems well and the users can
> login to the terminal without an issue, however when logging into an X
> session, they receive an Xsession error "Login for user XXX is
> disabled". One of the  reasons for this error can be an incorrect shell
> that has not been entered into /etc/shells. On investigation it turns
> out that the users shell is not being selected from the LDAP database
> and the field is left blank. getent passwd shows no shell for any LDAP
> users.
>
> I am familiar with LDAP and have manually checked the configuration
> files but cannot find anything wrong. Can anyone shed any light on this
> matter?


It's definitely important that the user has a valid shell.  I'm
surprised they can log in via terminal, actually.  On my Linux
machines here, I actually have to symlink /bin/bash to /usr/bin/bash.
We have mostly Solaris servers here and the shell for all the user
accounts in LDAP is /usr/bin/bash.  After the symlink is created it
works fine, I don't even need to add /usr/bin/bash to the /etc/shells
file.

- --
Andy Harrison
public key: 0x67518262
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4-svn0 (GNU/Linux)
Comment: http://firegpg.tuxfamily.org

iD8DBQFGxIfJNTm8fWdRgmIRAqCcAJ4gMqtQd8cTsAc3gNbvCtWaafVyHACfXS74
0SRDPHzDSFniiP5LFekLfR0=
=CJrs
-----END PGP SIGNATURE-----
-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to