[sles-beta] Antw: Ldap section does not get read
Peter Varkoly
varkoly at suse.com
Thu May 8 12:12:18 MDT 2014
Hi Markus,
sssd needs nor /etc/ldap.conf neither /etc/openldap.conf
only /etc/sssd/sssd.conf is important.
Am Donnerstag, den 08.05.2014, 13:41 +0000 schrieb
markus.hubler at isc-ejpd.admin.ch:
> Hi Peter
>
>
>
> Thanks for your clarification. Tried your hints. And inserted this
> section into my autoyast file
>
> However nor /etc/ldap.conf neither /etc/openldap.conf received the
> values from the autoyast file.
>
> As I have already opened a SR (about the former problem) I wonder how
> I shall proceed. Any ideas?
>
>
>
> My current working solution is:
>
>
>
> <files config:type="list">
>
> <config_file>
>
> <file_path>/etc/ldap.conf</file_path>
>
> <file_contents>
>
>
>
> <![CDATA[
>
> some content
>
> ]]>
>
>
>
> </file_contents>
>
> </config_file>
>
> </files
>
>
>
> Regards
>
> Markus
>
>
>
>
>
>
>
> Von: Peter Varkoly [mailto:varkoly at suse.com]
> Gesendet: Donnerstag, 8. Mai 2014 09:55
> An: Hubler Markus ISC-EJPD; sles-beta at lists.suse.com
> Betreff: Antw: [sles-beta] Ldap section does not get read
>
>
>
>
> Hi,
>
> the nss_ldap support in autoyast was dropped. Autoyast provides only
> sssd configuration via yast2-auth-client. Your autoyast auth-client
> section looks so:
> <auth-client>
> <nssldap config:type="boolean">false</nssldap>
> <oes config:type="boolean">false</oes>
> <sssd config:type="boolean">true</sssd>
> <sssd_conf>
> <auth_domains config:type="list">
> <listentry>
> <domain_name>suse</domain_name>
> <id_provider>ldap</id_provider>
>
> <ldap_search_base>dc=isc,dc=ejpd,dc=admin,dc=ch</ldap_search_base>
> <ldap_uri>ldap://t4113.test.ch,
> ldap://t4114.test.ch</ldap_uri>
> <ldap_tls_reqcert>never<ldap_tls_reqcert/>
> </listentry>
> </auth_domains>
> <nss>
> <filter_groups>root</filter_groups>
> <filter_users>root</filter_users>
> </nss>
> <sssd>
> <config_file_version>2</config_file_version>
> <domains>suse</domains>
> <services>nss, pam, autofs</services>
> </sssd>
> </sssd_conf>
> </auth-client>
>
> Please note that the default values for autofs correspond to the
> default schema which is rfc2307bis.schema.
> If you are using nis.shema you have to set in your domain:
>
>
> <ldap_autofs_map_object_class>nisMap</ldap_autofs_map_object_class>
> <ldap_autofs_map_name>nisMapName</ldap_autofs_map_name>
>
> <ldap_autofs_entry_object_class>nisObject</ldap_autofs_entry_object_class>
>
> <ldap_autofs_entry_value>nisMapEntry</ldap_autofs_entry_value>
> <ldap_autofs_entry_key>cn</ldap_autofs_entry_key>
>
> We will soon adapt the documentation.
>
>
> >>> <markus.hubler at isc-ejpd.admin.ch> 07.05.14 21.13 Uhr >>>
> Hi
>
> I have an autoyast file which works perfectly under sles 11 sp3 and
> also under sles12 except the ldap section that does got read under
> sles 12 but does not work.
>
> <ldap>
> <base_config_dn> dc=test,dc=ch</base_config_dn>
> <create_ldap config:type="boolean">false</create_ldap>
> <file_server config:type="boolean">false</file_server>
> <ldap_domain>dc=isc,dc=ejpd,dc=admin,dc=ch</ldap_domain>
> <ldap_server>t4113.test.ch t4114.test.ch</ldap_server>
> <ldap_tls config:type="boolean">true</ldap_tls>
> <ldap_v2 config:type="boolean">false</ldap_v2>
> <member_attribute>member</member_attribute>
> <pam_password>ssha</pam_password>
> <start_autofs config:type="boolean">true</start_autofs>
> <start_ldap config:type="boolean">true</start_ldap>
> </ldap>
>
> Any ideas? I have opened a SR for this. Seems to be a problem that
> opensuse 13.1 has too.
>
> http://comments.gmane.org/gmane.linux.suse.autoinstall/7977
>
>
> _______________________________________________
> sles-beta mailing list
> sles-beta at lists.suse.com
> http://lists.suse.com/mailman/listinfo/sles-beta
>
>
>
>
--
Peter Varkoly
Sr. Developer SUSE Linux Enterprise Applications
SUSE LINUX Products GmbH,
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG
Nürnberg)
Maxfeldstraße 5
90409 Nürnberg
Germany
More information about the sles-beta
mailing list