Just to update on that :
I have received this RedHat update notification last night :
Synopsis openldap bug fix and enhancement update
updated : 06/12/11
Subject
Updated openldap packages that fix number of bugs and add various enhancements are now available for Red Hat Enterprise Linux 6.
Description ... https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.2_Techn...
I updated and the loginShell variable is now properly used over authentication ( with no change on my initial configuration).
I also see that many TLS issues that I have faced in the passed seem to have been fixed : I'm going to check that.
Best,
--- olivier
On Thu, Dec 1, 2011 at 3:00 PM, Olivier ldap@guillard.nom.fr wrote:
Hello,
I have configured nss/pam on a REDHAT6 box to authenticate users against an ldap : it works but I have a problem with getting my favorite user shell when I log in.
The "loginShell" shell attribute sounds to not been used to provide users with their favorite shell when they log in : may be I misunderstood the usage of this "posixAccount" attribute ?
Thanks for your help, see below for additional indications :
$ ssh olivier@redhatbox.example.fr olivier@redhatbox.example.fr's password: < MY LDAP PASSWORD>
RHN Satellite kickstart on 2011-06-16
##################### # redhatbox.example.fr # # # # Hello # #####################
sh-4.1$ grep olivier /etc/passwd <returns nothing (no local entry for olivier)>
-sh-4.1$ pwd
/home/olivier (my home directory found in ldap)
-sh-4.1$ env | grep -i shell SHELL=/bin/sh ( my shell user environnment is not picked in ldap)
sh-4.1$ ldapsearch -D uid=olivier,ou=staff,ou=people,dc=example,dc=fr -W uid=olivier
Enter LDAP Password: < MY LDAP PASSWORD>
# olivier, staff, people, example.fr dn: uid=olivier,ou=staff,ou=people,dc=example,dc=fr cn: Olivier G gidNumber: 18000 homeDirectory: /home/olivier objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount sn: olivier uid: olivier uidNumber: 1000 shadowLastChange: 15282 loginShell: /bin/tcsh givenName: Olivier mail: olivier@example.fr userPassword:: xxxxxxxxxxxxxxxxxxxxxxx
-sh-4.1$ cat /etc/shells /bin/sh /bin/bash /sbin/nologin /bin/tcsh (my favorite shell is allowed) /bin/csh
ANY HELP ???
Thanks
Olivier
openldap-technical@openldap.org