Page MenuHomeFreeBSD
Files F154583026

D3194.id7293.diff
No OneTemporary
Actions

D3194.id7293.diff
View Options

Index: en_US.ISO8859-1/articles/ldap-auth/article.xml
===================================================================
--- en_US.ISO8859-1/articles/ldap-auth/article.xml
+++ en_US.ISO8859-1/articles/ldap-auth/article.xml
@@ -448,6 +448,34 @@
correctly, then it will allow access. Otherwise it will
fail.</para>
+ <para>Users whose shell is not in
+ <filename>/etc/shells</filename> will not be able to log in.
+ It is particularly important when
+ <application>Bash</application> is set as the user shell on
+ the LDAP server. <application>Bash</application> is not
+ included with a default installation of &os;. When installed
+ from a package or port, it is located at
+ <filename>/usr/local/bin/bash</filename>. Verify that the
+ path to the shell on the server is set correctly:</para>
+
+ <screen>&prompt.user; <userinput>getent passwd <replaceable>username</replaceable></userinput></screen>
+
+ <para>There are two choices when the output shows
+ <literal>/bin/bash</literal> in the last column. The first is
+ to change the user's entry on the LDAP server to
+ <filename>/usr/local/bin/bash</filename>. The second option
+ is to create a symlink on the LDAP client so
+ <application>Bash</application> is found at the correct
+ location:</para>
+
+ <screen>&prompt.root; <userinput>ln -s /usr/local/bin/bash /bin/bash</userinput></screen>
+
+ <para>Make sure that <filename>/etc/shells</filename> contains
+ entries for both <literal>/usr/local/bin/bash</literal> and
+ <literal>/bin/bash</literal>. The user will then be able to
+ log into the system with <application>Bash</application> as
+ their shell.</para>
+
<sect3 xml:id="client-auth-pam">
<title>PAM</title>

File Metadata

Mime Type
text/plain
Expires
Wed, Apr 29, 11:27 PM (10 h, 38 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
32413005
Default Alt Text
D3194.id7293.diff (1 KB)

Event Timeline