Fedora Linux Support Community & Resources Center
Old 15th July 2010, 09:35 PM
bkedelen Offline
Registered User
Join Date: Jun 2005
Posts: 10
Need help with setting up LDAP authentication in F13

In the past, to authenticate my users against an AD server, I have copied my working ldap.conf to a newly built server, added ldap to the shadow line of my nsswitch.conf file, and then quickly checked "Enable LDAP Authentication" in system-config-authentication to enable ldap authentication for local users with UID >=500. I just installed F13 on a test server and am surprised to see that system-config-authentication is very different. It appears to require you to enable LDAP user accounting before allowing for LDAP authentication. It also appears to require an ldaps or tls connection to an LDAP authority when attempting LDAP authentication. I have two questions. First I need a way to get ldap authentication set up quickly, and without tls or ssl. I am sure there is a legacy command I can run to get this enabled (I tried, for example, authconfig --enableldapauth --update). Second if anyone has a good link with a site that gives a crash course in sssd so that I can become familiar with the "right" way to set up LDAP authentication given the new paradigm, that would also be helpful.

Update: I am playing with using the new system-config-authentication and ldaps://. I then removed sss from the passwd and group lines in nsswitch and just left it for shadow. I am not having a lot of luck with this and /var/log/secure is not helping a lot. It looks like it fails unix_chkpwd, which makes me wonder if it is trying to auth through sss at all.

---------- Post added at 02:35 PM CDT ---------- Previous post was at 08:50 AM CDT ----------

Ok I discovered my problem. For posterity here is how I got it working:
Configure /etc/ldap.conf with your AD server information
Configure /etc/nsswitch.conf to use "shadow: files ldap"
run authconfig --enableldapauth --disablesssd --disablesssdauth --update
double-check the settings in BOTH /etc/pam.d/system-auth and /etc/pam.d/password-auth

I had never seen the password-auth file before and it was messing me up.

Last edited by bkedelen; 15th July 2010 at 04:06 PM.
Reply With Quote
Old 23rd August 2010, 08:25 PM
Andrew James Offline
Registered User
Join Date: Jun 2006
Posts: 68
Re: Need help with setting up LDAP authentication in F13


You couldn't post those files could you? I've been trying to get this working for a while and am getting no where. I dont have the tab to enable ldap for one, so I figured if I could see what the files should look like I can work back from there.


Reply With Quote

authentication, f13, ldap, setting

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Current GMT-time: 12:23 (Thursday, 21-09-2017)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat