Hello.
First of I would like to ask for forgivness if I post this question in the
wrong list, I'm new to this...
So now to my question: I have a Microsoft 2003 Active Directory server and
an already working configuration for a Centos/redhat environment. But my
problem has occured when trying to include the BSD (openbsd 4,5 with
login_ldap installed) servers and clients in the solution. I've found a
guide (http://www.obfuscurity.com/2009/08/OpenBSD-as-an-LDAP-Client) that
speaks of this but it seems to be non-functional. So my question is how does
one via login_ldap connect to a AD and auth USER that is not in the passwd
file on the machine?
I've already checked out the kerberosV solution but that is not good for
+1000 accounts that might need to login to this machines (making the passwd
file approach kind of wierd).
I've already got a ypldap.conf file but it times out for me when I try
getent passwd? (note that this is a test env)
# ypldap -dv
startup [debug mode]
configuration starting
applying configuration
connecting to directories
starting directory update
# getent passwd
yp_first: clnt_call: RPC: Timed out
## ypldap.conf
interval 100
domain "prak.local"
provide map "passwd.byname"
provide map "passwd.byuid"
provide map "group.byname"
provide map "group.bygid"
directory "test.prak.local" {
# directory options
binddn "bind@PRAK.LOCAL"
bindcred "gurka123%"
basedn "ou=Users,dc=prak,dc=local"
# passwd maps configuration
passwd filter "(&(objectClass=user))"
attribute name maps to "uid"
fixed attribute passwd "*"
attribute uid maps to "uidNumber"
attribute gid maps to "gidNumber"
attribute gecos maps to "cn"
attribute home maps to "homeDirectory"
fixed attribute shell "/bin/ksh"
fixed attribute change "0"
fixed attribute expire "0"
fixed attribute class "ldap"
# group maps configuration
group filter "(objectClass=group)"
attribute groupname maps to "cn"
fixed attribute grouppasswd "*"
attribute groupgid maps to "gidNumber"
list groupmembers maps to "memberUid"
}
