Re: [SSSD] [PATCHES 1/2] Separate the common libraries into their own repository

On Wed, Aug 18, 2010 at 12:29:42PM -0400, Stephen Gallagher wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 08/13/2010 04:19 PM, Stephen Gallagher wrote: > > The attached patches are applied atop the repository resulting after the > > following command is run: > > > > git filter-b

Re: [SSSD] [PATCHES 1/2] Separate the common libraries into their own repository

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 08/13/2010 04:19 PM, Stephen Gallagher wrote: > The attached patches are applied atop the repository resulting after the > following command is run: > > git filter-branch --subdirectory-filter common > > This causes the common directory to become

Re: [SSSD] Questions about installation & configuration ?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 08/18/2010 09:21 AM, Andy Kannberg wrote: > > Hi again, > > > > I've commented out the ldap.so lines in system-auth and changed the line > > 'ldap_tls_reqcert = demand' to 'ldap_tls_reqcert = never' in > > /etc/sssd/sssd.conf > > > > But now, I can

Re: [SSSD] Questions about installation & configuration ?

On Wed, Aug 18, 2010 at 02:37:10PM +0200, Andy Kannberg wrote: > Stephen, > > Below is the log. I see messages with 'principal' and 'ssl'. Is that the > Kerberos principal which is referred to ? Yes, but but the reason for the error is that your client cannot verify the SSL certificate of the ser

Re: [SSSD] Questions about installation & configuration ?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 08/18/2010 08:37 AM, Andy Kannberg wrote: (Wed Aug 18 14:29:11 2010) [sssd[be[LDAP]]] [sdap_connect_done] (3): ldap_install_tls failed: [Connect error] [error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed] This is you

Re: [SSSD] Questions about installation & configuration ?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 08/18/2010 07:53 AM, Andy Kannberg wrote: > user=nxp21358 > Aug 18 13:52:12 hpdw0001 sshd[8774]: pam_sss(sshd:auth): received for > user nxp21358: 4 (System error) Hmm, System error seems to imply a bug. Can

Re: [SSSD] Questions about installation & configuration ?

Hi, mapping the posixAccount to the custom objectClass NxpUserAuxClass seems to work, I can login now... However, I still see some messages in the /var/log/secure: Aug 18 13:52:12 hpdw0001 sshd[8774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=acc3044.

Re: [SSSD] Questions about installation & configuration ?

On Wed, Aug 18, 2010 at 10:08:12AM +0200, Andy Kannberg wrote: > Goodmorning, > > I did some digging, and this is the situation: > Upfront I must say that I do not know yet if Novell eDirectory is RFC2307 > compliant, but a Novell Engineer is available today so I can ask him > straight away. > >

Re: [SSSD] Questions about installation & configuration ?

- "Andy Kannberg" wrote: > Goodmorning, > > I did some digging, and this is the situation: > Upfront I must say that I do not know yet if Novell eDirectory is > RFC2307 > compliant, but a Novell Engineer is available today so I can ask him > straight away. > > Anyway, this is what i've foun

Re: [SSSD] Questions about installation & configuration ?

Goodmorning, I did some digging, and this is the situation: Upfront I must say that I do not know yet if Novell eDirectory is RFC2307 compliant, but a Novell Engineer is available today so I can ask him straight away. Anyway, this is what i've found out: the objectclass 'posixAccount' does exist