Finally got my FreeBSD client to authenticate against my OpenLDAP server.
The configuration is fairlystraightforward. What took the time wascompilation the dependencies (running it in a VM can do that to it). That and the following issues.
- It seems that Perl is not a requirement for a FreeBSD install. Not a big deal, (thinking about it, it make sense historically), but I needed to get the certs installed - which mean a install of Perl. Fun.
-ca-root no longer exists. Had to useca-root-nss to build.
-
After working with Red Hat for a while, manually setting up pam was pain.
-
I couldn’t get pass pam_ldap almost all night and part of the afternoon, until I tailed /var/log/auth.log, which showed me this:
User rfoster not allowed because shell /bin/bash does not exist
Bash is not installed by default. Another compile. But afterwards, I was finally able to login.
From there, it was a matter of using amd to work so that I can automount the directories. Using this as a guideline, I setup the symlinks in /usr/home to the mounts:
ln -sf /host/kerberos.monzell.com/exports/users .
Then I add my ldap user to wheel group (so that I can become root):