Comments on: Integrating Login and Home Directory on OS X Leopard Clients http://colin.guthr.ie/2009/07/integrating-login-and-home-directory-on-os-x-leopard-clients/ Illegitimi non carborundum Tue, 27 Jul 2010 12:14:02 +0000 hourly 1 http://wordpress.org/?v=3.0.1 By: Buchan http://colin.guthr.ie/2009/07/integrating-login-and-home-directory-on-os-x-leopard-clients/comment-page-1/#comment-17 Buchan Wed, 29 Jul 2009 10:52:08 +0000 http://colin.guthr.ie/?p=95#comment-17 I have only ever briefly had an Apple machine available to test with, and unfortunately, that was while I was trying to pack up and move to a different country. Without any apple-specific schemas on my Mandriva OpenLDAP server, I could log in to the machine via ssh with an LDAP account, but I could not see LDAP users on the login screen. However, I have some comments ... "One of the first things is that the default LDAP schemas etc. on Mandriva are probably a little old fashioned these days." Well, RFC2307bis is an expired draft, and samba doesn't actually support RFC2307bis (DN-valued group member attributes), so by default we ship RFC2307 (e.g., in openldap-mandriva-dit), but provide the RFC2307bis schema as well. As such, I haven't tested RFC2307bis myself (samba testing is too important), or added support for it in our tools. Please note, you seem to have used "RFC2307" to refer to "RFC2307bis" in some places, please be careful to note the difference. Can you confirm whether RFC2307bis is *really* required. BTW, Mac clients seem to be a bit brain-dead, they often keep re-trying the same searches that seem to be useful for configuration, even when they are configured. I have only ever briefly had an Apple machine available to test with, and unfortunately, that was while I was trying to pack up and move to a different country. Without any apple-specific schemas on my Mandriva OpenLDAP server, I could log in to the machine via ssh with an LDAP account, but I could not see LDAP users on the login screen.

However, I have some comments …

“One of the first things is that the default LDAP schemas etc. on Mandriva are probably a little old fashioned these days.”

Well, RFC2307bis is an expired draft, and samba doesn’t actually support RFC2307bis (DN-valued group member attributes), so by default we ship RFC2307 (e.g., in openldap-mandriva-dit), but provide the RFC2307bis schema as well. As such, I haven’t tested RFC2307bis myself (samba testing is too important), or added support for it in our tools.

Please note, you seem to have used “RFC2307″ to refer to “RFC2307bis” in some places, please be careful to note the difference.

Can you confirm whether RFC2307bis is *really* required.

BTW, Mac clients seem to be a bit brain-dead, they often keep re-trying the same searches that seem to be useful for configuration, even when they are configured.

]]> By: Integrating Login and Home Directory on OS X Leopard Clients … | I AM OSX http://colin.guthr.ie/2009/07/integrating-login-and-home-directory-on-os-x-leopard-clients/comment-page-1/#comment-14 Integrating Login and Home Directory on OS X Leopard Clients … | I AM OSX Mon, 27 Jul 2009 20:09:13 +0000 http://colin.guthr.ie/?p=95#comment-14 [...] Follow this link: Integrating Login and Home Directory on OS X Leopard Clients … [...] [...] Follow this link: Integrating Login and Home Directory on OS X Leopard Clients … [...]

]]>