Différences
Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentes Révision précédente Prochaine révision | Révision précédente | ||
smedev:full_ldap_testing [25/07/2011 17:21] dani [How to enable LDAP auth] |
smedev:full_ldap_testing [16/12/2012 21:10] dani [Need to be tested] |
||
---|---|---|---|
Ligne 19: | Ligne 19: | ||
+ | * Now, you can enabled LDAP auth. It's now as simple as running: | ||
<note important> | <note important> | ||
- | |||
- | * Now, you can enabled LDAP auth. It's now as simple as running: | ||
<code bash> | <code bash> | ||
/ | / | ||
Ligne 46: | Ligne 45: | ||
===== Need to be tested ===== | ===== Need to be tested ===== | ||
- | * After enabling LDAP auth and after the post-upgrade / reboot, the directory **/ | + | * After enabling LDAP auth and after the post-upgrade / reboot, the directory **/ |
* Every users should be available, and functional (same password, mail access, samba access etc...) | * Every users should be available, and functional (same password, mail access, samba access etc...) | ||
* Every group should also be available, and group membership should be the same | * Every group should also be available, and group membership should be the same | ||
* Workstation logon (NT domain) should work for existing machines | * Workstation logon (NT domain) should work for existing machines | ||
* Adding new workstation in the domain should work | * Adding new workstation in the domain should work | ||
- | * users, groups and machine accounts should not be present in / | + | * users, groups and machine accounts should not be present in / |
* Creating/ | * Creating/ | ||
* backup / restore. We need to be sure the ldap dump is restored cleanly | * backup / restore. We need to be sure the ldap dump is restored cleanly | ||
- | * Initial account creation should also be tested. For this, a ISO including the modified rpms should be created. | + | * Initial account creation should also be tested. For this, a ISO with LDAP authentication enabled |
* pptp VPN should work as expected (using LDAP as backend instead of smbpasswd) | * pptp VPN should work as expected (using LDAP as backend instead of smbpasswd) | ||
Ligne 62: | Ligne 61: | ||
* If ldap auth is disabled, passwords for machine accounts maybe out of sync in LDAP (and probably password of users if changed via their windows box in the domain) | * If ldap auth is disabled, passwords for machine accounts maybe out of sync in LDAP (and probably password of users if changed via their windows box in the domain) | ||
* nss_ldap needs to bind as a valid LDAP user (http:// | * nss_ldap needs to bind as a valid LDAP user (http:// | ||
- | * database and ldif can be lost if slapd.conf has a syntax error (http:// | ||
* It's not possible to change LDAP passwords using the passwd command (http:// | * It's not possible to change LDAP passwords using the passwd command (http:// | ||