-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/17/2011 09:27 AM, Luc MAIGNAN wrote: > Hi, > > I want to use openLDAP to authenticate users to log-in. > > In the previous versions of Fedora, I just use system-config-auth but it > doesn't seem to work in F14. > > Has someone a good and pretty HOWTO to explain how to do this ? That's concerning. System-config-auth saw a major overhaul in F13 to support SSSD for LDAP authentication. What did you try to do, and how did it fail? As for a HOWTO, the answer should be: Run authconfig-gtk (aka system-config-authentication), select LDAP for user identity store and authentication and set up the certificate. One change from older versions of Fedora is that, with SSSD, you cannot use authentication against LDAP without encryption. This is because the simple bind password would otherwise be sent in the clear over the wire. Older versions of Fedora allowed using unencrypted auth, but no longer (for your protection). After running authconfig-gtk, can you attempt to do a user lookup on the user you want to log in as with getent passwd <username> If that returns the correct information, then we know at least that it's getting users correctly. The next thing to check after that would be to try to log in and then look at /var/log/secure and /var/log/messages for errors. - -- Stephen Gallagher RHCE 804006346421761 Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk00V3sACgkQeiVVYja6o6O8VACeLQLYANxAnClXUyOKoQ0MZmCK QaEAnRaLBc89WnYznAAKH7y8Tcvqzomb =46Zw -----END PGP SIGNATURE----- -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
