> OK, so if you 'ls -l /home', are the uids resolved to names via LDAP?
> If you don't have anything in /home, just log in as root, touch a file > in /tmp, and chown it to a user that exists in LDAP, but not > /etc/passwd. If it works, then you're binding properly to the > directory. Ok. I have it working now. The problem was my sshd_config wasn't setup to authenticate using PAM modules. Seems it's turned off by default (I'f I'm reading this correctly). [snip] > Shouldn't be a problem. The way I understand pam authentication against > LDAP, the module actually connects to the directory and attempts to bind > as the user. In that case, the directory server is doing the > authentication, and should work with SSHA. The client system doesn't > have to know anything about the password hash in use. Hmmm... I wonder if that's why my new problem has popped up. When I authenticate against LDAP It says the user's home directory doesn't exist. I've been reading through the RedHat PAM-LIST archives and learned I need to include pam_mkhomedir.so. Here is the new line added to system-auth session optional /lib/security/pam_mkhomedir.so skel=/etc/skel umask=0022 When I login now I see a message reporting it's creating the users home directory however no directory is created. If I chmod 777 /home then the directory is created (obviously I don't want to do this). I wonder if setting a bind user/password would resolve the problem. Currently I connect anonymously to the LDAP server (for testing purposes only) Thoughts? LDAP is most impressive. I see great potential for it in our environment. Regards -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
