[kde-freebsd] kde/kdm + nsswitch + ldap = nologon

Joe Kraft jvk-list at thekrafts.org
Mon Mar 9 00:56:33 CET 2009

Daniel Eischen wrote:

> On Sun, 8 Mar 2009, Joe Kraft wrote:
>> I posted this a couple of days ago to freebsd-quesions, but just realized
>> I might have more luck here...
>> I'm trying to implement SSO using Samba-3.2.4 with an LDAP backend.  The
>> intent is to use ldap directly for FBSD clients and Samba for MS Windows
>> clients.  I'm currently working on the ldap part
>> The LDAP server (openldap 2.4.11) is running on a FBSD 6.3 server and is
>> setup and seems to be working fine, I can log in locally or through SSH
>> using the ldap accounts.
>> I'm working on the first client which is a FBSD 7.1 / KDE 3.5.10 machine.
>>  I can use ldap to login on this machine, but I'm having issues with
>> logging in using kdm.  I can see all the users both from local files and
>> from ldap, but I can't log in using either.  Even when kdm won't allow a
>> login, I can <ctrl><alt><F8> and get a normal login shell and login with
>> local or ldap accounts.  The ldap lines are included in my /etc/pam.d/kde
>> file.
>> If I remove ldap from the nsswitch.conf file it will start working with
>> local logins on kdm again.
>> I ran into a bug report from last summer that appears to still be open
>> with exactly the same issue
>> (http://www.freebsd.org/cgi/query-pr.cgi?pr=124321).
> That was my bug report ;-)
>> Does anyone know a workaround or have a patch for the issue?  I can
>> provide config files and such if anyone thinks it might help.
>> Is this something that is already fixed in KDE 4.2, so I've come up with
>> my excuse to upgrade?
> I have not found a fix for this, other than working around
> the problem by using gdm or xdm as mentioned in the original
> PR.
> This *should* work out of the box without any problems -
> the use of LDAP for login is very common, even in smaller
> organizations.  Doesn't anyone else use kdm with LDAP
> logins?
> Are you using i386 or amd64?  I was only able to try amd64.

I'm using i386.  I get the exact same errors you do.  I figured maybe we had
both done the same thing wrong, because I was thinking like you that LDAP
for logins would be relatively common.


More information about the kde-freebsd mailing list