Hi
I have a LDAP server on FreeBSD 9 connecting to an Active Directory server and it can see AD perfectly. I also have krb5 on my LDAP server which seems to be working fine, using kinit. pam_ldap, nss_ldap and pam_krb5 are also installed.
Now that I want to su alex, and alex is in active directory, I have error below:
I know that it is because of the first try for binding maybe to LDAP server. I have been looking everywhere for it, I realized that pam_ldap is using the same ldap.conf file, here is my ldap.conf file:
as pam_ldap is trying to connect to LDAP (I guess) the ip address in host 10.0.5.38 can not work for it (should it?? am I right??). People talk about a file named pam_ldap.conf, I don't have it on my system, on FreeBSD 9. I created one in /etc, it didn't work.
Can you please give me some detail info about connecting pam_ldap to use LDAP and connect to active directory? I have read every manual I have found but I can not find anything useful.
Thanks
I have a LDAP server on FreeBSD 9 connecting to an Active Directory server and it can see AD perfectly. I also have krb5 on my LDAP server which seems to be working fine, using kinit. pam_ldap, nss_ldap and pam_krb5 are also installed.
Now that I want to su alex, and alex is in active directory, I have error below:
Code:
Aug 30 11:06:32 ldap su: pam_ldap: error trying to bind (Invalid credentials)
Aug 30 11:06:32 ldap su: in _openpam_check_error_code(): pam_sm_acct_mgmt(): unexpected return value 11I know that it is because of the first try for binding maybe to LDAP server. I have been looking everywhere for it, I realized that pam_ldap is using the same ldap.conf file, here is my ldap.conf file:
Code:
host 10.0.5.38 #this is the IP of Active directory server
uri ldap://ldap.seth.local/
base dc=seth,dc=local
binddn cn=ldap,cn=users,dc=seth,dc=local
bindpw *******
scope sub
ssl no
pam_password ad
pam_groupdn DC=seth,DC=local?sub
pam_member_attribute uniquemember
nss_base_passwd dc=seth,dc=local?sub
nss_base_shadow dc=seth,dc=local?sub
nss_base_group dc=seth,dc=local?sub
nss_map_objectclass posixAccount user
nss_map_objectclass shadowAccount user
nss_map_objectclass posixGroup group
pam_login_attribute sAMAccountName
pam_filter objectclass=User
nss_map_attribute uid sAMAccountName
nss_map_attribute uidNumber msSFU30UidNumber
nss_map_attribute gidNumber msSFU30GidNumber
nss_map_attribute loginShell msSFU30LoginShell
nss_map_attribute gecos name
nss_map_attribute userPassword msSFU30Password
nss_map_attribute homeDirectory msSFU30HomeDirectory
nss_map_attribute uniqueMember msSFU30PosixMember
nss_map_attribute cn cnCan you please give me some detail info about connecting pam_ldap to use LDAP and connect to active directory? I have read every manual I have found but I can not find anything useful.
Thanks