Discussion:
Ubuntu Linux --> LDAP --> MacOSX Server
(too old to reply)
Yasushi Shinjo
2008-08-05 05:39:46 UTC
Permalink
$B?7>k!wC^GHBg3X>pJs$G$9!#$3$s$K$A$O!#(B

$B$&$A$N<c$$$b$N$,(B Ubuntu Linux $B$+$i(B MacOSX $B$N(B LDAP $B%5!<%P(B
(Open Directory) $B$rMxMQ$7$FG'>Z$7$h$&$H$7$F$$$^$9!#(B

$B<!$N%Z!<%8$K0l1~@bL@$,$"$k$N$G$9$,!"$J$s$+0c$&$h$&$J5$$,$7$^$9!#(B

https://help.ubuntu.com/community/OSXLDAPClientAuthentication

getent passwd $B$G%f!<%6L>0lMw$,<h$l$k$h$&$K$O$J$C$?$N$G$9$,!"(B
$B%m%0%$%s$O$G$-$J$$$7!"(Bbash $B$d(B tcsh $B$G$N(B ~username $B$G$b0z$1$^(B
$B$;$s!#(Bbash $B$r(B strace $B$7$F$_$k$H!"(B/etc/nsswitch.conf $B$r(Bopen
$B$7$F$$$^$;$s!#(Bgetent $B$NJ}$O!"(B/etc/nsswitch.conf $B$r8+$F$$$^$9!#(B
$B$^$:$O(B bash $B$d(B /bin/login? $BEy$G(B /etc/nsswitch.conf $B$r8+$k$h(B
$B$&$K$9$k$N$+$J$H;W$$$^$9!#(B

$B>e$N(B OSXLDAPClientAuthentication $B$G!"(Bmd5 $B$H=P$F$$$^$9$,!"(B
MacOSX $B$N(B LDAP (Open Diretory)$B$G$O!"(Bmd5 $B$N%Q%9%o!<%I$O0z$1$J(B
$B$$$H;W$$$^$9!#$=$NBe$j$K!"(Bbind $B$G$-$k$+$I$&$+$GH=Dj$9$k$N$@(B
$B$H;W$$$^$9!#$3$3$***@_Dj$K$D$$$F$b!"(Bmd5 $B$H=q$$$F$"$k$N$O0c$&$h(B
$B$&$J5$$,$7$^$9!#(B

$B$3$NJU$j$***@_Dj$K$D$$$F2?$+%R%s%H$O$J$$$G$7$g$&$+!#(B
$BB>$N(B PAM/nsswitch $B;H$&(B OS $B$dB>$N(B Linux $B$NNc$G$b$$$$$G$9!#(B

$B!@!@!!?7>k!!Lw!!!J$7$s$8$g$&!!$d$9$7!K!!!@!@(B
$B!@!@!!C^GHBg3X!!EE;R!&>pJs!!!!!!!!!!!!!!!@!@(B
Yasushi Shinjo
2008-08-12 06:40:19 UTC
Permalink
$B?7>k!wC^GHBg3X>pJs$G$9!#$3$s$K$A$O!#(B
bash $B$O!"(Bnscd $B7PM3$G(Bpasswd$B$K%"%/%;%9$9$k$N$G!"(Bnsswitch$B$r(B
$B8+$k$N$O!"(Bnscd $B$G$7$g$&!#(B
nscd (name service cache daemon) $B$G$9$+!#%R%s%H$"$j$,$H$&$4(B
$B$6$$$^$9!#$&$A$N<c$$$b$N$,!"$3$N%R%s%H$GD4$Y$?$i2r7h$7$^$7$?!#(B

RedHat $B$GF0$$$F$$$kNc$,6a$/$K$"$j!"$=$l$@$H!"(Bbash $B$,(B passwd
$B%U%!%$%k$d(Bnsswitch $B$rD>@\8+$K$$$/$h$&$K$J$C$F$$$^$7$?!#(B
Ubuntu $B$H$+$"$?$i$7L\$NJ}$O!"(Bnscd $B$r;H$&$N$G$9$M!#(B

nscd $B$H$$$&$H!"(BSolaris $B$C$F46$8$J$s$@$1$I!"(BLinux $B$G$b;H$&$h(B
$B$&$K$J$C$?$s$G$9$M!#$$$D:"$+$i$=$&$J$C$?$N$G$7$g$&$+!#(B
Post by Yasushi Shinjo
$B$;$s!#(Bbash $B$r(B strace $B$7$F$_$k$H!"(B/etc/nsswitch.conf $B$r(Bopen
$B$7$F$$$^$;$s!#(Bgetent $B$NJ}$O!"(B/etc/nsswitch.conf $B$r8+$F$$$^$9!#(B
$B$^$:$O(B bash $B$d(B /bin/login? $BEy$G(B /etc/nsswitch.conf $B$r8+$k$h(B
$B$&$K$9$k$N$+$J$H;W$$$^$9!#(B
$B8+$k$N$O!"(B
/etc/ldap.conf
/etc/pam.d
/etc/nsswitch.conf
Debian, Ubuntu $B$@$H!"(Bdpkg-reconfigure $B$G$9!#$"$k$$$O!":G=i$N(B
$B>l9g!"%$%s%9%H!<%k$9$k;~$K!"$$$m$$$mJ9$+$l$k$_$?$$!#$?$H$($P(B

aptitude install libpam-ldap nss-updatedb
aptitude install libpam-ldap libnss-ldap nss-updatedb
dpkg-reconfigure libnss-ldap libpam-ldap

$B:#F0$$$F$$$k$N$O!"$3$s$J46$8!#(B

/etc/ldap.conf
------------------------------------------------------------
base dc=xxx,dc=xxx,dc=xxx,dc=xxx,dc=xxx
ldap_version 3
pam_password md5
uri ldap://192.168.xxx.xxx
------------------------------------------------------------
ldapsearch -x $B$,F0$1$PNI$7$N$O$:!#(Bmd5 $BMW$k$N$+$J$"!#(B

------------------------------------------------------------
/etc/nsswitch.conf
% egrep ldap /etc/nsswitch.conf
passwd: compat ldap
group: compat ldap
shadow: compat ldap
%
------------------------------------------------------------

------------------------------------------------------------
/etc/pam.d/
% cd /etc/pam.d/
% egrep ldap *
common-account:account required pam_ldap.so
common-auth:auth required pam_ldap.so use_first_pass
%
------------------------------------------------------------

http://www.tom.sfc.keio.ac.jp/~nao/hiki/hiki.cgi?LDAP%20Client%20on%20Debian
$BA0;H$C$F$^$7$?!#:#$O!"(BLinux$BB&$N(BOpen LDAP$B$G$9!#(BMac OS X $B$b(B
$B8+$k8B$j$O!":9$O$"$j$^$;$s!#(B
bind $B$9$l$P!"$G$9$h$M!#(Bbind $B$7$J$$$G!"(BMD5 $B$N%O%C%7%eCM$r%/%i(B
$B%$%"%s%H$K<h$j4s$;$h$&$H$9$l$P!"0c$C$FMh$k$s$8$c$J$$$+$J!#(B
MacOSX Server 10.4 $B$N(B LDAP (OpenDirectory) $B$@$H!"LZ$N(B
userPassword $B$N%(%s%H%j$r8+$F$b!"(B******** $B$7$+F~$C$F$$$^$;$s!#(B

bind $B$9$k$+$I$&$+$***@_Dj$,$I$3$+$K$"$k$H;W$&$s$@$1$I!":#0l$D(B
$B<aA3$H$7$J$$=j$,$"$j$^$9!#$&$A$N<c$$$b$N$O!"$3$NJU$jDI5a$7$J(B
$B$$$G!"5$3Z$K(B CD $B$+$i:F%$%s%9%H!<%k$9$k$+$i$J$"!#(B

$B!@!@!!?7>k!!Lw!!!J$7$s$8$g$&!!$d$9$7!K!!!@!@(B
$B!@!@!!C^GHBg3X!!EE;R!&>pJs!!!!!!!!!!!!!!!@!@(B

Loading...