OD, Linux and NFS.

[skrimfid]

So I have an OD master (10.5.4) setup and working. I have Linux (RH AS 5.1) authenticating against OD using PAM. But I can’t seem to figure out the trick to getting the OD users home to mount correctly. I’m exporting the home directory via NFS. Once the user logs in RH says:

Could not chdir to home directory /Network/Servers/vs1.indigomac.com/Users/matthew: No such file or directory

This tells me it’s authenticating fine, and at least getting the mount record, but it isn’t understanding the URL. Has anyone experienced this or found a good document for getting this working?

Thanks so much.

Matthew

[skrimfid]

Thanks Joel, I’ll try it out.

Matthew

[gmsmith]

Sorry to pull up an old topic, but I could use some help…

Looking for some help with authentication. I have a CentOS 5.2 box that I would
like to authenticate against OS X Server’s (Leopard – 10.5.5) implementation of Open
Directory. I have the CentOS box setup so when I do getent passwd, I can see
the users in the OS X Directory. When I try to authenticate I get:

“Oct 11 06:40:22 confluence sshd[16319]: pam_unix(sshd:auth): authentication failure;
logname= uid=0 euid=0 tty=ssh ruser= rhost=10.201.184.31 user=gsmith

So I understand that OS X Leopard needs kerberos to authenticate, so I added
that to my configuration using: authconfig-tui but now I am getting:

Oct 11 06:44:19 confluence sshd[16540]: pam_krb5[16540]: authentication fails
for ‘gsmith’ ([email protected]): Authentication service
cannot retrieve authentication info (Cannot contact any KDC for requested
realm)

Any thoughts as to where my configuration error may be? Or perhaps a pointer to a HOWTO?

[gmsmith]

Thanks for the quick reply. Here is my krb5.conf on my CentOS box. Do I need to do anything on the OS X server? Also, resolveable.domain.name equals the hostname that resolves properly from the CentOS box in question.

[code]
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log

[libdefaults]
default_realm = resolveable.domain.name
dns_lookup_realm = true
dns_lookup_kdc = true
ticket_lifetime = 24h
forwardable = yes

[realms]
EXAMPLE.COM = {
kdc = kerberos.example.com:88
admin_server = kerberos.example.com:749
default_domain = example.com
}

resolveable.domain.name = {
kdc = resolveable.domain.name:88
admin_server = resolveable.domain.name:749
}

[domain_realm]
.example.com = EXAMPLE.COM
example.com = EXAMPLE.COM

resolveable.domain.name = resolveable.domain.name
.resolveable.domain.name = resolveable.domain.name
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
[/code]

[gmsmith]

Looks right…I am seeing this in the logs:

wbg-osx-01:~ gsmith$ sudo tail -f /var/log/krb5kdc/kdc.log
krb5kdc: No such file or directory – while dispatching (tcp)
krb5kdc: No such file or directory – while dispatching (tcp)
krb5kdc: No such file or directory – while dispatching (udp)

Does that offer any insight?

[trondah]

Bump, I want to get this working as well, same setup. Did you have any success?

[Author]

Posts