Purpose - make an Ubuntu install authenticate against a Leopard Server with an Open Directory Master running on it.

Details taken from [ "LDAPClientAuthentication" ]. Here's a quick how-to on how to get authenticating (partially) successfully against a Leopard and Tiger Server.

To complete this recipe you will need:

I ended up just editing the /etc/ldap.conf file manually. The only lines I needed to change were:

(this was noted as needing to be * base cn=users,"SearchBase" for Leopard, and will work for users, but won't find groups properly)

New for 8.04 it seems we need to also ignore the "root" user in the Open Directory. So add to your /etc/ldap.conf

Thanks for figuring this out, Bart.

Then edit /etc/nsswitch.conf and change the passwd, group, and shadow lines to resemble:

Have /etc/pam.d/common-account read

Have /etc/pam.d/common-auth read

Have /etc/pam.d/common-passwd read

Finally, have /etc/pam.d/common-session read

You should be good to go. Test with a command like:

You should see your local accounts followed by your Open Directory accounts. Now you can try to "su" to one of the OD users. Finally try to ssh in as one of the OD users.

OSXLDAPClientAuthentication (last edited 2009-04-07 00:38:53 by 206-80-210-142)