I've been trying to slave a Mac OS X 10.10 system into a 389 Directory
Using the mac dscl command, I can query users from the command line using:
dscl /LDAPv3/FQDN_of_server -read Users/testuser
As root on the Mac system, I can "su" to an LDAP user and create files.
The ownership and group
of the files created by the LDAP user look correct.
But I'm running into the issue where I can't ssh, console login, or "su"
to an LDAP user from an unprivileged account.
I'm seeing a the error:
..... sshd<XXX>: error: PAM: authentication error for testuser ....
I believe the problem is with the authorization file in the /etc/pam.d
directory of the client, but I've tried several changes
to compensate for the error, and nothing works.
Has anyone else run across this issue?