From owner-freebsd-questions@FreeBSD.ORG Sat Mar 7 14:59:54 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 162E21065673 for ; Sat, 7 Mar 2009 14:59:54 +0000 (UTC) (envelope-from freebsd-questions@m.gmane.org) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.freebsd.org (Postfix) with ESMTP id C67988FC12 for ; Sat, 7 Mar 2009 14:59:53 +0000 (UTC) (envelope-from freebsd-questions@m.gmane.org) Received: from list by ciao.gmane.org with local (Exim 4.43) id 1Lfy0G-000054-QS for freebsd-questions@freebsd.org; Sat, 07 Mar 2009 14:59:52 +0000 Received: from ip68-230-160-176.mc.at.cox.net ([68.230.160.176]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sat, 07 Mar 2009 14:59:52 +0000 Received: from jvk-list by ip68-230-160-176.mc.at.cox.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sat, 07 Mar 2009 14:59:52 +0000 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-questions@freebsd.org From: Joe Kraft Date: Sat, 07 Mar 2009 09:59:12 -0500 Lines: 27 Message-ID: Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: ip68-230-160-176.mc.at.cox.net User-Agent: Thunderbird 2.0.0.19 (Windows/20081209) Sender: news Subject: kde/kdm + nsswitch + ldap = nologon X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Mar 2009 14:59:54 -0000 I'm trying to implement SSO using Samba-3.2.4 with an LDAP backend. The intent is to use ldap directly for FBSD clients and Samba for MS Windows clients. The LDAP server (openldap 2.4.11) is running on a FBSD 6.3 server and is setup and seems to be working fine, I can log in locally or through SSH using the ldap accounts. I'm working on the first client which is a FBSD 7.1 machine. I can use ldap to login on this machine, but I'm having issues with logging in using kdm. I can see all the users both from local files and from ldap, but I can't log in using either. Even when kdm won't allow a login, I can and get a normal login shell and login with local or ldap accounts. The ldap lines are included in my /etc/pam.d/kde file. If I remove ldap from the nsswitch.conf file it will start working with local logins on kdm again. I ran into a bug report from last summer that appears to still be open with exactly the same issue (http://www.freebsd.org/cgi/query-pr.cgi?pr=124321). Does anyone know a workaround or have a patch for the issue? I can provide config files and such if anyone thinks it might help. Thanks, Joe.