Index: en_US.ISO8859-1/articles/ldap-auth/article.xml =================================================================== --- en_US.ISO8859-1/articles/ldap-auth/article.xml +++ en_US.ISO8859-1/articles/ldap-auth/article.xml @@ -448,6 +448,34 @@ correctly, then it will allow access. Otherwise it will fail. + Users whose shell is not in + /etc/shells will not be able to log in. + It is particularly important when + bash is set as the user shell on + the LDAP server. bash is not + included with a default installation of &os;. When installed + from a package or port, it is located at + /usr/local/bin/bash. Verify that the + path to the shell on the server is set correctly: + + &prompt.user; getent passwd username + + There are two choices when the output shows + /bin/bash in the last column. The first is + to change the user's entry on the LDAP server to + /usr/local/bin/bash. The second option + is to create a symlink on the LDAP client so + bash is found at the correct + location: + + &prompt.root; ln -s /usr/local/bin/bash /bin/bash + + Make sure that /etc/shells contains + entries for both /usr/local/bin/bash and + /bin/bash. The user will then be able to + log into the system with bash as + their shell. + PAM