I'm just setting up a pc with sles 11.3 and ran into a problem with authentication over ldap:
getent passwd works fine, it lists the users defined on the ldap-server, but when I want to su to one of them, it tells me, that the user doesn't exist. Nothing is said in /var/log/messages. I guess the ldap and nsswitch settings must be correct, because of the getent, so I thought maybe pam is not configured properly, but I have a similar machine with sles 11.2, where /etc/pam.d/ is configured exactly the same and everything works fine.
What I did after installation was:
Edit following files:
passwd: files ldap
group: files ldap
shadow: files ldap
nss_base_passwd [...] #i'm not sure, if those are needed
nss_map_attribute uniqueMember member
Then I copied the certificate, put hostname and ip of the machine in /etc/hosts and did:
Can anybody tell me, what I forgot, or what the problem could be?
zypper in nss_ldap
zypper in pam_ldap
pam-config -a --ldap