Authenticate linux on OS X Server?

Does anyone know how to setup their linux box to authenticate against
Mac OS X 10.4 ?

I can't seem to find anything online related to this!

Thanks

- Terence



Terence

On 2007-04-20, Terence <(E-Mail Removed)> wrote:
> Does anyone know how to setup their linux box to authenticate against
> Mac OS X 10.4 ?

Unless you have OS X Server, I believe you will need to configure slapd,
the stand-alone LDAP daemon, manually. It should be fairly
straightforward; follow the docs at openldap.org. You will also need to
populate slapd with appropriate entries, as it will generally not take
them directly from NetInfo. At that point you might want to also
configure your OS X box to authenticate against the LDAP server instead
of using its own NetInfo database.

If you do happen to have OS X Server, just configure it as an LDAP
server, and point your linux box to it. IIRC in this case you will not
need to populate the LDAP directory, as it will read entries from
NetInfo.

--keith

--
kkeller-(E-Mail Removed)
(try just my userid to email me)
AOLSFAQ=http://www.therockgarden.ca/aolsfaq.txt
see X- headers for PGP signature information

Thanks Keith for the reply.

I do indeed have OS X Server, a detail I stupidly forgot to mention.

I recall in the past attempting to setup Linux for LDAP authentication
against the OS X server, but could not get it to work. I can't
actually remember the settings I tried off hand now (it was a while
ago) but it failed so I gave up, and now i'm trying to find again
examples of solutions which people have managed to get working.

I would have expected the whole thing to be quite easy... but perhaps
i'm just not setting the domain / configuration variables correctly?

I'm quite surprised there is no howto of this yet!

- Terence


On Apr 20, 11:13 am, Keith Keller <kkeller-use...@wombat.san-
francisco.ca.us> wrote:
> > Does anyone know how to setup their linux box to authenticate against
> > Mac OS X 10.4 ?
>
> Unless you have OS X Server, I believe you will need to configure slapd,
-snip-

> If you do happen to have OS X Server, just configure it as an LDAP
> server, and point your linux box to it. IIRC in this case you will not
> need to populate the LDAP directory, as it will read entries from
> NetInfo.
>
> --keith

On 2007-04-23, Terence <(E-Mail Removed)> wrote:
>
> I do indeed have OS X Server, a detail I stupidly forgot to mention.
>
> I recall in the past attempting to setup Linux for LDAP authentication
> against the OS X server, but could not get it to work. I can't
> actually remember the settings I tried off hand now (it was a while
> ago) but it failed so I gave up, and now i'm trying to find again
> examples of solutions which people have managed to get working.

One important detail, which IIRC OS X Server hides somewhat, is the base
DN that both client and server use. They must agree, or you'll be
hosed.

For some help with troubleshooting, you can try ldapsearch, something
like

ldapsearch -h osxserver.box -b 'your base dn'

There you can see the entries, and that output might help you figure out
the appropriate settings to put on the linux box. (If the ldapsearch
doesn't work, you have a problem on the OS X side, either it's not
listening on the LDAP port or it's firewalled.)

--keith

--
kkeller-(E-Mail Removed)
(try just my userid to email me)
AOLSFAQ=http://www.therockgarden.ca/aolsfaq.txt
see X- headers for PGP signature information