[CentOS] OpenLDAP authentication, account expired when it's not.

Tue Jul 27 19:41:18 UTC 2010
Bill Campbell <centos at celestial.com>

On Mon, Jul 26, 2010, Scott Robbins wrote:
>On Mon, Jul 26, 2010 at 03:44:48PM -0700, Bill Campbell wrote:
>> I am trying to set up LDAP authentication for CentOS workstations, but
>> can't get it to authenticate properly.  Authentication fails saying the
>> account has expired when I know for certain that it has not (e.g.
>> ldapsearch authenticated with the appropriate uid and password returns
>> shadowLastChange 14816 and shadowMax 99999).
>Well, I'm just going to spam my own page.  Give it a gander, and see if
>following it from the get go works.
>Note the link to the forum thread in it--it's possible, though not
>proven, that CentOS (probably RH) *might* have broken ldap.
>All I can say is that it works for me, but--and it's probably an
>important but--I haven't set it up from scratch on CentOS 5.5 yet. 

Thanks.  I have to go to a client site this afternoon to do some
fire-stomping, and will take a look at this when I get back.  A
quick scan, and looks like it covers all the bases.

INTERNET:   bill at celestial.com  Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
Voice:          (206) 236-1676  Mercer Island, WA 98040-0820
Fax:            (206) 232-9186  Skype: jwccsllc (206) 855-5792

There never was a democracy that did not commit suicide.  -- Samual Adams