Thread: Howto: Sled 10 Auth To Windows Server 2003 R2 Ad
View Single Post
  #20 (permalink)  
Old 10-Apr-2007, 15:09
Shannon VanWagner
Guest
  
Posts: n/a
Default
Ghys,

Please modify your ldap.conf file to be like the example below.
For Testing I suggest that you backup your current file and then
edit your ldap.conf file to ONLY include the lines below.

The example below assumes the following:
Where the "set" command on the windows 2003 dc produces:
USERDNSDOMAIN=COOLCOMPANY.COM
USERDOMAIN=COOL

And
Windows 2003 DC computer
hostname = w2k3-dc
IP Addr = 10.10.10.5

And
Windows special LDAP query user information
username = cool-ldap-user
password = somepassword
member of (primary group) = domain guests
USERDOMAIN = COOL
USERDNSDOMAIN = COOLCOMPANY.COM

################################################## #############
##ldap.conf
################################################## #############
host 10.10.10.5
base dc=coolcompany,dc=com
uri ldap://w2k3-dc.coolcompany.com/
binddn cn=cool-ldap-user,cn=Utilisateurs,dc=coolcompany,dc=com
bindpw somepassword
scope sub
bind_timelimit 15
timelimit 15
ssl no
referrals no
nss_base_passwd dc=coolcompany,dc=com?sub
nss_base_shadow dc=coolcompany,dc=com?sub
nss_base_group dc=coolcompany,dc=com?sub?&(objectCategory=group)( gidnumber=*)
nss_map_objectclass posixAccount user
nss_map_objectclass shadowAccount user
nss_map_objectclass posixGroup group
nss_map_attribute gecos cn
nss_map_attribute homeDirectory unixHomeDirectory
nss_map_attribute uniqueMember member
nss_initgroups_ignoreusers root,ldap


On a side note, I've configured this to also work with Fedora 6 and Red Hat Server ver 4: see
http://forums.fedoraforum.org/showthread.p...5587#post775587

Good Luck,
Shannon