I'm afraid I don't know. There are extended attributes available for unixHomeDirectory and unixUserPassword (both blank). Additionally, 'Identity Management for Unix' is not installed, which is seems fine, as this apparently allows Windows machines to authenticate against NIS, which I'm definitely not trying to do here.

On Tue, Feb 17, 2015 at 6:10 PM, James Clendenan <james.clendenan@gmail.com> wrote:

Are you using a unix extended attributes directory or just an out of box directory?

James

--
Sent from my phone.

> On Feb 17, 2015, at 4:42 PM, Cory Ringdahl <cory.ringdahl@gmail.com> wrote:
>
> Hi,
>
> I'm trying to set Cobbler 2.6 up with LDAP authentication against our AD environment. Using the standard LD config per example works fine, but we need to allow only certain CNs access to log in.
>
> We were able to get this to work with authn_passthru and Apache with our existing Cobbler 1.6 (I know, I know), but my tests with this and Cobbler 2.x have failed in the past. I've even tried authn_pam with Winbind, but this seems to fail in some nebulous space somewhere in Winbind during the auth process (though various winbind tools do communicate with AD properly).
>
> Note that authz_ownership is not a tenable solution for us, as we have multiple departments with overlapping responsibilities, and multiple Cobbler environments with targeted uses (eg customer equipment, internal prod, internal dev, etc)
>
> Any help would be very much appreciated!
>
> Thanks,
>
> Cory.

> _______________________________________________
> cobbler mailing list
> cobbler@lists.fedorahosted.org
> https://lists.fedorahosted.org/mailman/listinfo/cobbler
_______________________________________________
cobbler mailing list
cobbler@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/cobbler