[Fedora-directory-users] Using FDS with Mac clients
by Darcy Kroeker
Has anyone used Fedora Directory Server with Mac OS X clients?
I have set up FDS on a RH9 machine and I can successfully authenticate
FC3 clients. Furthermore, I can successfully search the directory from
the macs using ldapsearch. But the macs (OS 10.3) do not seem to want
to authenticate no matter what I do.
Does anybody have this working?
Thanks,
Darcy
18 years, 10 months
[Fedora-directory-users] pam_ldap and password policy
by Jeff Falgout
Has anyone been able to get pam_ldap to honor the password policy set in
fedora-ds?
I've tried RHEL3 and RHEL4 clients, and both just ignore settings such as
"User must change password after reset". Is it a misconfiguration on my
part, or is that the appropriate behavior of pam_ldap.
Thanks
Jeff
18 years, 10 months
[Fedora-directory-users] other former netscape servers
by Christopher Blizzard
I need to make this a FAQ.
Yes, we received a lot of code from the Netscape purchase. This
included the directory server, cert server, mail server and calendar
server. Right now we're concentrating on building a community around
the directory server. We're evaluating the source code for those other
components to figure out if and when we can open source them. If we do
decide to build projects around the other parts, you'll hear about it
when we're ready.
--Chris
18 years, 10 months
[Fedora-directory-users] Red Hat Certificate System to be open source?
by Mark Franklin
I apologize if this post is off-topic for this mailing list. I'm not
sure where else to make this query.
Does anyone know of RedHat plans to make the Red Hat Certificate System
open source? If so, any idea when?
I'm very happy to see the Directory Server is now open source and
hopeful that the Certificate System will follow suit soon.
Thanks!
Mark
18 years, 10 months
[Fedora-directory-users] pam + pam_ccreds
by Thomas Mathiesen
(This is a bit offtopic, but I have only a few resources to turn to)
I have pam_ldap working fine, but when I install pam_ccreds and insert
ccreds's example config, it no longer works:
CCRED's example:
#--------------------------------------------------------------------------------------
other auth [user_unknown=ignore default=done] \
/lib/security/pam_unix.so
other auth [authinfo_unavail=ignore success=1 default=2] \
/lib/security/pam_ldap.so try_first_pass
other auth [default=done] /lib/security/pam_ccreds.so action=validate
use_first_pass
other auth [default=done] /lib/security/pam_ccreds.so action=store
other auth [default=done] /lib/security/pam_ccreds.so action=update
other account [user_unknown=ignore default=done]
/lib/security/pam_unix.so
other account [authinfo_unavail=ignore default=done]
/lib/security/pam_ldap.so
other account [default=done]
/lib/security/pam_permit.so
other session required /lib/security/pam_unix.so
other password required /lib/security/pam_ldap.so
#--------------------------------------------------------------------------------------
Ubuntu uses /etc/pam.d/common-auth/password/account/session
The default format is for example
auth required pam_ldap.so
So, ccred's example is not in the correct format?
Connecting with ldap without these (ccreds) changes works fine.
Error message I see after trying to "tweak" the example:
Jun 15 14:54:53 localhost login[4747]: (pam_unix) check pass; user unknown
Jun 15 14:54:53 localhost login[4747]: (pam_unix) authentication failure;
logname=LOGIN uid=0 euid=0 tty=tty1 ruser= rhost=
Jun 15 14:54:55 localhost login[4747]: FAILED LOGIN (1) on `tty1' FOR `frans',
Authentication service cannot retrieve authentication info.
Jun 15 14:55:31 localhost login[4747]: (pam_unix) check pass; user unknown
Jun 15 14:55:34 localhost login[4747]: FAILED LOGIN (2) on `tty1' FOR `frans',
Authentication service cannot retrieve authentication info.
Jun 15 14:56:29 localhost login[4756]: Authentication service cannot retrieve
authentication info.
Anyone?
18 years, 10 months