[kde-freebsd] kde/kdm + nsswitch + ldap = nologon
Joe Kraft
jvk-list at thekrafts.org
Mon Mar 9 00:56:33 CET 2009
Daniel Eischen wrote:
> On Sun, 8 Mar 2009, Joe Kraft wrote:
>
>> I posted this a couple of days ago to freebsd-quesions, but just realized
>> I might have more luck here...
>>
>> I'm trying to implement SSO using Samba-3.2.4 with an LDAP backend. The
>> intent is to use ldap directly for FBSD clients and Samba for MS Windows
>> clients. I'm currently working on the ldap part
>>
>> The LDAP server (openldap 2.4.11) is running on a FBSD 6.3 server and is
>> setup and seems to be working fine, I can log in locally or through SSH
>> using the ldap accounts.
>>
>> I'm working on the first client which is a FBSD 7.1 / KDE 3.5.10 machine.
>> I can use ldap to login on this machine, but I'm having issues with
>> logging in using kdm. I can see all the users both from local files and
>> from ldap, but I can't log in using either. Even when kdm won't allow a
>> login, I can <ctrl><alt><F8> and get a normal login shell and login with
>> local or ldap accounts. The ldap lines are included in my /etc/pam.d/kde
>> file.
>>
>> If I remove ldap from the nsswitch.conf file it will start working with
>> local logins on kdm again.
>>
>> I ran into a bug report from last summer that appears to still be open
>> with exactly the same issue
>> (http://www.freebsd.org/cgi/query-pr.cgi?pr=124321).
>
> That was my bug report ;-)
>
>> Does anyone know a workaround or have a patch for the issue? I can
>> provide config files and such if anyone thinks it might help.
>>
>> Is this something that is already fixed in KDE 4.2, so I've come up with
>> my excuse to upgrade?
>
> I have not found a fix for this, other than working around
> the problem by using gdm or xdm as mentioned in the original
> PR.
>
> This *should* work out of the box without any problems -
> the use of LDAP for login is very common, even in smaller
> organizations. Doesn't anyone else use kdm with LDAP
> logins?
>
> Are you using i386 or amd64? I was only able to try amd64.
>
I'm using i386. I get the exact same errors you do. I figured maybe we had
both done the same thing wrong, because I was thinking like you that LDAP
for logins would be relatively common.
Joe.
More information about the kde-freebsd
mailing list