Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

LDAP authentication with SRSS and SunRay services

19 views
Skip to first unread message

Damon Getsman

unread,
May 26, 2008, 3:34:36 PM5/26/08
to
I already posted this to the sunray mailing list, but I thought I'd
ask here, as well. I'm pretty sure there's a larger reader base and
I'm hoping that somebody might have a bit of experience with this:

----------------------------------------
I struggled for some time trying to get LDAP and PAM to work together
well enough to be able to authenticate successfully on a couple of
ubuntu machines here. Now that it's working successfully we want to
move our OpenSuSE Linux server cluster to be utilizing LDAP; that was
the SunRays that they serve can be much more centrally
administrated... Doing password and other various user changes across
the entire array of Linux machines has been a nightmare.

Anyway, now that I'm starting to know LDAP fairly well, I just dropped
the working PAM configuration files into /etc/pam.d on one of the
machines in our server cluster. Well, all of the standard linux
services (su, sshd, login, chsh, EVERYTHING) worked just fine relying
only on the LDAP directory for authentication (this is OpenLDAP, btw,
not one of sun's directory services which I've only been able to get
working with the Calendar suite for its own data). Unfortunately, gdm
and the SunRay services refuse to authenticate with that data. I had
to restore /etc/pam.d from backup in order to get the SunRays to let
anyone authenticate.

Does anybody out there have a SunRay/SRSS system set up that is using
OpenLDAP? I started looking through the various files in pam.d that
SRSS seems to rely heavily on and I see that they're full of libraries
which appear to be (big surprise) nonstandard and Sun proprietary.
I'd really like to have this system working, or at least be able to
find documentation about it. Unfortunately my google-fu seems to be
lacking. I would really appreciate any information that anyone out
there could give or even a few pointers to resources that I haven't
been able to turn up on my own.

Thank you for your time & help.

<a href="http://www.zoominfo.com/people/Getsman_Damon_-214241.aspx">
Damon Getsman
Linux/Solaris System Administrator
</a>

0 new messages