authenticating user with .ini file or LDAP on Linux server? - Technicalhelp: A Flexible Computing Service

This topic is empty.

Viewing 6 posts - 1 through 6 (of 6 total)

Author

Posts
January 26, 2008 at 5:28 am #883
captron
Member
- Total Post: 7
- Newbie
Has anyone successfully had a user login using the .ini file from ftp or the ldap module?
I have a Ubuntu server with vsftpd and directory for the ../wlx/ini files for each user and an OpenLDAP server using Wyse 5150SE, V50, and S50 Linux thin clients. The guest account won’t work and nothing happens with any user. My server logs shown NO HITS on ftp and no hits on the LDAP server. The thin client correctly reads in the wlx.ini config file. I am using the latest V6.3.1 system, have tried a manual setup of wlx.ini for pam auth and used ConfGen to check my syntax. I have reviewed all current Wyse docs, scoured the internet for info, sent email to Wyse; all to no avail. It would be nice to have a Wyse module for just plain Unix authentication. I get the feeling that not many people are using the Wyse Linux thin clients with Linux servers!
Please help!
Thanks
January 26, 2008 at 10:16 am #11473
thinkthin
Member
- Total Post: 1649
- Jacked into The Matrix
Hi Captron,

Yes you are most likely correct in that most use this with MS AD to connect via LDAP.

You say there are no hits on the FTP or LDAP server yet the device reads the ini file. Are you sure it is in fact reading the .ini? I can not see how if you do not see it connect to the ftp server? If you set a desktop colour via the wlx.ini does this change get picked up?

Also if you can use 6.3.2 build 52 as the latest firmware. You will also see much broader support for other LDAP directory’s soon,

Cheers,
-TT
January 26, 2008 at 2:01 pm #11475
ConfGen
Keymaster
- Total Post: 10696
- Jedi Master
Please also post your wlx.ini file so we can do some troubleshooting here.

CG
January 29, 2008 at 6:12 am #11493
captron
Member
- Total Post: 7
- Newbie
Thank you for your fast replies! I need to clarify that there were no FTP hits on the user.ini files. Also, most of my thin clients are 64MB of flash so I can’t use the latest and greatest Linux image for the 50L versions (128 MB). This did get me thinking about a corrupted image so I went back and loaded an older version 6.3.0 and tested and then upgraded to 6.3.1 and tested. I’m just trying to get one of these methods of authentication to work but ultimately would like the LDAP version but will try auth_domain on a Samba server also.

Here is what happened:
1. If auth_ldap module not present, guest account and myuser.ini work if NO password is used. This must be a problem with encryption. The FTP logs show hits on guest.ini and myuser.ini

2. If auth_ldap module present, nothing happens at login. There are no hits on the Linux FTP server and none on the Linux LDAP server.

Here is my wlx.ini file:

# wlx.ini file

SignOn=yes

# Authentication with pam stack and .ini files and LDAP
#
AUTH=glogin
auth [default=ignore] /lib/security/pam_setpw.so
auth [success=2 default=ignore] /lib/security/pam_guest.so
auth [success=1 new_authtok_reqd=1 default=ignore] /lib/security/pam_inifile.so try_first_pass
auth [success=ok new_authtok_reqd=ok default=die] /lib/security/pam_ldap.so use_first_pass
auth [default=ok] /lib/security/pam_putregistry.so save_ini=/tmp/user.ini

LDAP.conf=SERVER=my.svr.ip.adr DCBASE=dc=myserver,dc=mydomain
January 29, 2008 at 1:14 pm #11502
ConfGen
Keymaster
- Total Post: 10696
- Jedi Master
try changing to this:

AUTH= glogin
auth [ default=ignore ] /lib/security/pam_setpw.so
auth [ success=2 default=ignore ] /lib/security/pam_guest.so
auth [ success=1 new_authtok_reqd=1 default=ignore ] /lib/security/inifile.so try_first_pass
auth [ success=ok new_authtok_reqd=ok default=die ] /lib/security/pam_ldap.so use_first_pass
auth [ default=ok ] /lib/security/pam_putregistry.so save_ini=/tmp/user.ini
LDAP.conf=SERVER=my.svr.ip.adr DCBASE=mydom
January 31, 2008 at 5:11 am #11556
captron
Member
- Total Post: 7
- Newbie
Thank you ConfGen for the speedy reply. Alas, that config file did not work either and there are no hits on my Linux LDAP server. My next step is to try the auth_domain module with a Linux Samba server. I’ll also try to get the source code for the thin client (Wyse has never replied about this). These Wyse Linux thin clients are a somewhat “closed” system. I see no docs for what other variables that could be set in the LDAP.conf file and there are ALOT! I’m starting to rethink about using these Wyse thin clients. I see there has been no recent upgrades for the S50 and V50. A more viable long term solution might be a Ubuntu Linux server with Linux Terminal Server Project (LTSP-5) and recycling of old computers as thin clients. I’ve got alot to study . . . !
Author

Posts

Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.