I've almost got my AD integration working completely on my OpenSUSE 12.1 server. I have a OpenSUSE 11.4 system successfully integrated into our AD environment. (Meaning, we use LDAP to authenticate to AD directory via Kerberos, so we can login to our *nix systems via AD users, using name service caching daemon to cache our passwords and groups).
Also, important to note these systems are in our LAN, SSL authentication is disabled.
I am almost all the way there. nss_ldap
is finally authenticating with LDAP server (as /var/log/messages
shows), but right now, I have another problem:
getent passwd
and getent shadow
fails (shows local accounts only), but getent group
works! getent group
shows all my ad groups!
I copied over the relavent configuration files from my working OpenSUSE 11.4 box:
/etc/krb5.conf
/etc/nsswitch.conf
/etc/nscd.conf
/etc/samba/smb.conf
/etc/sssd/sssd.conf
/etc/pam.d/common-session-pc
/etc/pam.d/common-account-pc
/etc/pam.d/common-auth-pc
/etc/pam.d/common-password-pc
I didn't modify anything between the two. I really don't think I need to modify anything, because getent passwd, getent shadow, and getent group all works fine on the OpenSUSE11.4 box.
Attempting to restart nscd service unfortunately didn't do much, and niether did running /usr/sbin/nscd -i passwd
.
Do any of you admin-gurus have any suggestions?
Honestly, I'm happy I made it this far. I'm almost there guys!