LDAP, Windows Server, and REHL6
I have Redhat 5 playing nice as it authenticates against windows server 2008. But I ran into issues trying to get Redhat 6 to do it as well.
Here is where I stand on my redhat 6 box:
I have my certificates working between the windows and the redhat box.
From Root user I can SU to an Active Directory user.
getent works. I can see all the users info.
ldapsearch works with the CA certificate so my SSL handshake is working.
I do not suspect cert issues
But when I try to login as active directory on my Redhat 6 box I get told I used an invalid password. The password works just fine on the windows server, so I didn't fat finger anything. I am just confused as to why I can have getent and ldapsearching but can not login.
I have turned off iptables on redhat and the firewall on 2008 server to see if that would change the situation but no luck.
I noted that in Redhat 6 I need to config SSSD rather then NSCD.
Let me know if you need to see my:
ldap.conf
nsswitch.conf
sssd.conf
var messages
to provide further light and guidance on what I maybe doing wrong or leaving out in my configurations
Comments
I might just have to toss in the towel and stick to REHL5 for now.
For example I've used WinbindD+Samba for getting Windows logon users, by the way kerberos5 is always involved in it.
Give me a while to collect all my information and I'll surely post something.
Another hint, I've recently used OpenSUSE and I've seen what YAST can do with it, installation and AD integration is really painless. I did it from command line (Gentoo first, LFS later) and it's not so easy if you don't have documentation.
Let's start with your nsswitch.conf and pam.d configs if you can post them to us, let's see what happens.
For the blog just give me some days, I'm now focusing on something else
Ben