openldap issue

I have setup an ldap server while I read this guide (http://linux-
blog.anracom.com/2012/03/11/opensuse-121-ldap-i/), I added the test user
“leki” so I tryed to login as leki with su - leki, but I get “su: user
leki does not exist”

Have I missed something?

If I were to hazard a guess, you didn’t specify your Domain, so the machine interpreted your request to su to a local machine account, not a domain account.

Unless that was actually what you were trying to do…

HTH,
TSU

On Wed, 05 Dec 2012 15:55:01 +0000, VampirD wrote:

> I have setup an ldap server while I read this guide (http://linux-
> blog.anracom.com/2012/03/11/opensuse-121-ldap-i/), I added the test user
> “leki” so I tryed to login as leki with su - leki, but I get “su: user
> leki does not exist”
>
> Have I missed something?

Probably, but it’s hard to say without knowing more about how you
configured your setup.

How do you have pam configured?

Jim


Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Never before I need to configure pam, I only setup the server with
yast as described on the link, and then the client with yast. On two
servers it works, but now I havn’t them to see the files


VampirD
No in elenath hîlar nan hâd gîn
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iEUEARECAAYFAlC/ymgACgkQJQ+0ABWtaVl8sACYo0SvoUvYmTuXCAHXzjljliJ4
LACgqF2YhkbDdIvfG1888CR+ZoiN0MY=
=r4QU
-----END PGP SIGNATURE-----

On Wed, 05 Dec 2012 22:29:48 +0000, VampirD wrote:

> Never before I need to configure pam, I only setup the server with yast
as
> described on the link, and then the client with yast. On two servers it
> works, but now I havn’t them to see the files

To the best of my knowledge, to get any of the authentication pieces in
Linux (regardless of distribution), PAM has to be configured to use an
alternative authentication source or user data source.

Otherwise, all it knows to do is look at /etc/passwd and /etc/shadow for
users and user credentials.

Jim

Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yes, I agree, I just think YaST2 do it when you setup the
authentication method to LDAP, maybe YaST is broken, I have to search
for the files and see


VampirD
No in elenath hîlar nan hâd gîn
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iEYEARECAAYFAlDBEPkACgkQJQ+0ABWtaVkztACeN5r/q6qf/f2q+whvvKCWgT7Q
c/wAoNo/WuQ9RwmiNjt0lJC93ielweDb
=9tOO
-----END PGP SIGNATURE-----

On Thu, 06 Dec 2012 21:43:08 +0000, VampirD wrote:

> Yes, I agree, I just think YaST2 do it when you setup the authentication
> method to LDAP, maybe YaST is broken, I have to search for the files and
> see

Ah, yes, I think you’re right about that - for some reason I didn’t think
of that yesterday while I was looking at this. :slight_smile:

Jim


Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

Clarifying my earlier post.

You need to specify a domain if you want to access/assume LDAP credentials. If you specify only a username without specifying a domain, AFAIK all authentication systems will look in the local database.

Besides, there is no rule preventing and is a common cause for confusion that a username could exist both in a local system database as well as a network database like LDAP.

TSU