ldap client configurations?

T

TigerMac

Registered
I try to configure a ldap client. I put all the options which is necessary in the directory acces. but it still doesn't function (and i have try everything lol)

i need a little assistance please

thank you
 
ok the clients function now, but i want to create a space disk for each client that can logon from any mac. i have trying with afp but it will not work.

any ideas?
 
TigerMac said:
ok the clients function now, but i want to create a space disk for each client that can logon from any mac. i have trying with afp but it will not work.

any ideas?
Click to expand...

So i guess you need to create a home map for each user. I also would like to now how to do that, but there does not seem to be an easy to use procedure. Anyone ?


Thx, Kees
 
Yes, at first i try to create a space disk for an user on the server. then a try to login from any mac and it give that as answer "can't open session, the home directory is on an afp server". i don't no why it doesn't work.Any solution?

and when i could do this, the second step is to give a user, not a space disk on a server but a space on a mac that can be reach from any mac with his login

thank you
 
I have a big problem. I downloaded some downloading software and it always, "Quits unexpectedly", what do i do to fix this problem?
 
Well, remember, NFS is a relatively insecure method. If AFP is failing, its probably due to authentication.

Pretty much, here's how this all should look:

- OD Master has proper forward and reverse DNS lookup
- WGM has proper AFP URL/path for each user
- WGM has LDAP record for home directories mount
- AFP server is part of the OD domain
- Kerberos is able to work for authenticating to the AFP server, which is supplied from the OD Master domain


Things to look at:

Share out a folder named Home with the individual user share points in it as opposed to creating a different share point for each user.

Make sure you have proper DNS for each server, forward and reverse.

Make sure Kerberos is working.

Check home folder URLs in WGM.

Check LDAP data from a client with dscl.

Hope this helps get you back on track.

Michael
 
inquistette said:
I have a big problem. I downloaded some downloading software and it always, "Quits unexpectedly", what do i do to fix this problem?
Click to expand...

Umm, I think you mean to put that into a general topic, not into a thread on how to configure LDAP connections :)

Could be that the software is not up to date with the version of Mac OS X that you are using? Could be funky permissions?

:)

Michael
 
oki, maybe i have a problem with kerberos. it's running and when i ask a ticket by command it's working. but when an user login i don't see any ticket.
don't now why?

and i have problems too with autorisations. everything likes to be ok and still the user don't have the necessary permissions
 
On your servers, try this out in the terminal:

sudo klist -kt

that'll dump out all the kerberized service principals into the terminal window. Make sure you see the proper records in there.
 
when i do that, i have this a result

2 03/17/06 14:16:10 ldap/ldap.macintosh.org@MACINTOSH.ORG
2 03/17/06 14:16:11 ldap/ldap.macintosh.org@MACINTOSH.ORG
2 03/17/06 14:16:11 ldap/ldap.macintosh.org@MACINTOSH.ORG
2 03/17/06 14:43:12 host/david.macintosh.org@MACINTOSH.ORG
2 03/17/06 14:43:12 host/david.macintosh.org@MACINTOSH.ORG
2 03/17/06 14:43:12 host/david.macintosh.org@MACINTOSH.ORG
3 03/17/06 15:07:23 afpserver/ldap.macintosh.org@MACINTOSH.ORG
3 03/17/06 15:07:23 afpserver/ldap.macintosh.org@MACINTOSH.ORG
3 03/17/06 15:07:23 afpserver/ldap.macintosh.org@MACINTOSH.ORG
2 03/17/06 15:18:15 host/xserver103.macintosh.org@MACINTOSH.ORG
2 03/17/06 15:18:15 host/xserver103.macintosh.org@MACINTOSH.ORG
2 03/17/06 15:18:15 host/xserver103.macintosh.org@MACINTOSH.ORG

i think it is ok, but afp still not work
 
when i login on the server the user received a ticket, and afp works but on a client i can't login because he won't accept afp server. still because kerberos i think.

any solutions?
 
and when i try a ssh with the terminal to my server. it say's "the authenticity of host ... can't be established"
 
The SSH response is common.

That Terminal output is on your OD Master, or on a different server that's part of the OD Domain?

In the AFP service in Server Admin, under Settings -> Access, what Authentication methods are being used?

Do you have the proper Search Domain listed on both server and client? Proper DNS on both as well?

On the server, if you type in hostname in the terminal, does it respond with the proper fqdn?

Just a couple things to look at. :)
 
My dns and the search domain are ok. but i have a warning in admin server that says.still need some configurations for kerberos sso. i don't see anything else to configurate. and i believe that there are several afp servers, can that be a problem? may be i need to say to the client that he must use my afp server

thanks for the assistance
 
and when i try to use sso_util configure in the terminal for all service it says, communication failure with server while initializing kadmin interface and kadmind is running.
 
ok all functions, still one probleme, may be a stupid question but where can i change the icon for each user

thx
 
You must log in or register to reply here.
Back
Top