I’m just setting up a pc with sles 11.3 and ran into a problem with authentication over ldap:
[FONT=System]getent passwd[/FONT] works fine, it lists the users defined on the ldap-server, but when I want to su to one of them, it tells me, that the user doesn’t exist. Nothing is said in [FONT=System]/var/log/messages[/FONT]. I guess the ldap and nsswitch settings must be correct, because of the getent, so I thought maybe pam is not configured properly, but I have a similar machine with sles 11.2, where [FONT=System]/etc/pam.d/[/FONT] is configured exactly the same and everything works fine.
What I did after installation was:
Edit following files:
passwd: files ldap
group: files ldap
shadow: files ldap
nss_base_passwd […] #i’m not sure, if those are needed
nss_map_attribute uniqueMember member
Then I copied the certificate, put hostname and ip of the machine in /etc/hosts and did:
zypper in nss_ldap
zypper in pam_ldap
pam-config -a --ldap
Can anybody tell me, what I forgot, or what the problem could be?