[kde-freebsd] kde/kdm + nsswitch + ldap = nologon

[Daniel Eischen]

On Sun, 8 Mar 2009, Joe Kraft wrote:

> I posted this a couple of days ago to freebsd-quesions, but just realized I
> might have more luck here...
>
> I'm trying to implement SSO using Samba-3.2.4 with an LDAP backend.  The
> intent is to use ldap directly for FBSD clients and Samba for MS Windows
> clients.  I'm currently working on the ldap part
>
> The LDAP server (openldap 2.4.11) is running on a FBSD 6.3 server and is
> setup and seems to be working fine, I can log in locally or through SSH
> using the ldap accounts.
>
> I'm working on the first client which is a FBSD 7.1 / KDE 3.5.10 machine.  I
> can use ldap to login on this machine, but I'm having issues with logging
> in using kdm.  I can see all the users both from local files and from ldap,
> but I can't log in using either.  Even when kdm won't allow a login, I
> can <ctrl><alt><F8> and get a normal login shell and login with local or
> ldap accounts.  The ldap lines are included in my /etc/pam.d/kde file.
>
> If I remove ldap from the nsswitch.conf file it will start working with
> local logins on kdm again.
>
> I ran into a bug report from last summer that appears to still be open
> with exactly the same issue
> (http://www.freebsd.org/cgi/query-pr.cgi?pr=124321).

That was my bug report ;-)

> Does anyone know a workaround or have a patch for the issue?  I can
> provide config files and such if anyone thinks it might help.
>
> Is this something that is already fixed in KDE 4.2, so I've come up with my
> excuse to upgrade?

I have not found a fix for this, other than working around
the problem by using gdm or xdm as mentioned in the original
PR.

This *should* work out of the box without any problems -
the use of LDAP for login is very common, even in smaller
organizations.  Doesn't anyone else use kdm with LDAP
logins?

Are you using i386 or amd64?  I was only able to try amd64.

-- 
DE