5:51 PM - The Miracle that is LDAP
It is possible to get a Mac OS X 10.4 Tiger Server (redundant) and a MidnightBSD (or FreeBSD) client to authenticate happily together. The BSD box is the client in this case.
I'm still figuring out exactly what I need, but this tutorial helped
based on http://www.bresciani.ca/how-to/
I'm still figuring out exactly what I need, but this tutorial helped
based on http://www.bresciani.ca/how-to/
install the nss_ldap and pam_ldap from ports
configure the conf file
vi /usr/local/etc/ldap.conf
(symlink this for nss_ldap.conf)
add the lines
#######################################################
host 192.168.0.4
base dc=ldap,dc=domain,dc=com
nss_base_passwd cn=users,dc=ldap,dc=domain,dc=com?one
nss_base_shadow cn=users,dc=ldap,dc=domain,dc=com?one
nss_base_group cn=groups,dc=ldap,dc=domain,dc=com?one
ldap_version 3
#######################################################
and make sure the file is readable by everyone or usernames will not get mapped.
modify /etc/nsswitch.conf by changing the following lines so they match below.
passwd: files ldap
shadow: files ldap
group: files ldap
A quick test at this point is to run the command getent group
to see if it is looking in ldap for users and groups. This assumes that users
and groups exist in ldap.