On Sat, 2008-01-12 at 09:11 -0600, Sean Carolan wrote: > > sure, I use webmin's LDAP Users and Groups module on every network > > server that I maintain. It's perfect for my needs. > > Yes, this is exactly what I'm trying to do. It would be perfect for our > needs too. > > > The first question that occurs to me is if you did all that. When you do > > 'getent passwd' does each user in LDAP show up? Remember that if you > > still have a user in /etc/passwd and in LDAP (which would be a fatal > > setup), they would actually appear twice. > > Yep, each user shows up one time when I run 'getent passwd'. I'm > thinking that perhaps there is a problem in my /etc/ldap.conf since this > is what it appears webmin is using to bind to the LDAP server. Here's a > copy of that file if it's any help. ---- not really, have you run system-config-authentication ? That also configures pam & nss which are necessary items. If each user shows only once AND they are in /etc/passwd and LDAP, then it would be a clear indication that the underlying system isn't configured to find users/groups/passwords in LDAP at all. If each user has been removed from /etc/passwd, then it may very well be working. Configuring Webmin's LDAP Users and Groups is only possible when you have configured the underlying system first, can actually do command line add/remove/delete ldap users and can authenticate as an LDAP user to various systems such as ssh. At that point, Webmin's configuration becomes obvious. It is not reasonable to expect Webmin to supply the understanding of LDAP that the administrator cannot accomplish without Webmin. Craig