 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Scott Ehrlich wrote: > I tweaked the LDAP and Kerberos settings using the CentOS/RH GUIs, and > have the clients looking to the RH box for authentication. > > I also have the firewall enabled, but am letting kerberos and ldap ports > through as tcp. > > During a login test, /var/log/messages on the client showed: > > lin1 gdm[pid]: nss_ldap: failed to bind to LDAP server > ldap://192.168.1.100: Can't contact LDAP server > > lin1 gdm[pid]: nss_ldap: reconnecting to LDAP server (sleeping 32 > seconds)... > > lin1 dbus-daemon: nss_ldap: failed to bind to LDAP server > ldap://192.168.1.100: Can't contact LDAP server > > lin1 dbus-daemon: dss_ldap: failed to bind to LDAP server... I'd log into the client box as root or some local user, and use some ldap-browsing utilities (RHEL5 docs suggest this tool: http://www-unix.mcs.anl.gov/~gawor/ldap/ ) to see if it's your local configuration, or if the server is misconfigured. (it's also worthwhile to check /var/log/messages on the server box to see if there are any "unauthorized client" types of messages). If you're able to connect and browse via a stand-alone tool, that eliminates a lot of possibilities. > Anyway, what am I missing? Anything special RH 5 is doing compared to > the openldap docs? According to the docs (https://www.redhat.com/docs/manuals/enterprise/RHEL-5-manual/Deployment_Guide-en-US/ch-ldap.html ), it doesn't appear so. > The goal is a to permit my test user, created on the server, to sit at a > workstation, boot into either Linux or XP, and get their home directory. > > Ideally, the server only needs to consist of one account for them, which > they get upon login on the workstation. That's definitely do-able. (although you might need XP-Pro, since XP-Home has some useful networking features broken). > I want to highly restrict _any_ third-party tools/apps/etc. I will be > happy to take suggestions and leads, but I want to try and rely on what > RH has provided. > > Thanks for any insight/help. > > Scott > -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
