CentOS7 LDAP 클라이언트가 LDAP 서버로 인증되지 않음

CentOS7 LDAP 클라이언트가 LDAP 서버로 인증되지 않음

저는 ApacheDS 메일링 리스트 덕분에 설정이 매우 쉬운 ApacheDS를 사용하고 있습니다. ldapsearch 결과를 검색할 수 있지만 "getent passwd "를 수행하여 아무것도 얻을 수 없습니다.

[root@elasticmaster3 pam.d]# ldapsearch -x -H ldap://ldap.kartikv.com:10389/ -b "dc=kartikv,dc=com"
"(uid=tuser)"
# extended LDIF
#
# LDAPv3
# base <dc=kartikv,dc=com> with scope subtree
# filter: (uid=tuser)
# requesting: ALL
#
# Test User + tuser, kartikv.com
dn: commonName=Test User+userid=tuser,dc=kartikv,dc=com
sn: user
commonName: Test User
objectClass: userSecurityInformation
objectClass: top
objectClass: inetOrgPerson
objectClass: person
objectClass: organizationalPerson
objectClass: uidObject
userPassword::
e1NTSEF9MDhQV1pyWXdsRWxQSEhHT2VnSXZvMHNVMnh3R0VnTmpKR1RpZmc9PQ=
 =
userid: tuser
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1


[root@elasticmaster3 pam.d]# authconfig --test
caching is enabled
nss_files is always enabled
nss_compat is disabled
nss_db is disabled
nss_hesiod is disabled
 hesiod LHS = ""
 hesiod RHS = ""
nss_ldap is enabled
 LDAP+TLS is disabled
 LDAP server = "ldap://ldap.kartikv.com:10389/"
 LDAP base DN = "dc=kartikv,dc=com"
nss_nis is disabled
 NIS server = ""
 NIS domain = ""
nss_nisplus is disabled
nss_winbind is disabled
 SMB workgroup = ""
 SMB servers = ""
 SMB security = "user"
 SMB realm = ""
 Winbind template shell = "/bin/false"
 SMB idmap range = "16777216-33554431"
nss_sss is enabled by default
nss_wins is disabled
nss_mdns4_minimal is disabled
DNS preference over NSS or WINS is disabled
pam_unix is always enabled
 shadow passwords are enabled
 password hashing algorithm is md5
pam_krb5 is disabled
 krb5 realm = "#"
 krb5 realm via dns is disabled
 krb5 kdc = ""
 krb5 kdc via dns is disabled
 krb5 admin server = ""
pam_ldap is enabled
 LDAP+TLS is disabled
 LDAP server = "ldap://ldap.kartikv.com:10389/"
 LDAP base DN = "dc=kartikv,dc=com"
 LDAP schema = "rfc2307"
pam_pkcs11 is disabled
 use only smartcard for login is disabled
 smartcard module = ""
 smartcard removal action = ""
pam_fprintd is disabled
pam_ecryptfs is disabled
pam_winbind is disabled
 SMB workgroup = ""
 SMB servers = ""
 SMB security = "user"
 SMB realm = ""
pam_sss is disabled by default
 credential caching in SSSD is enabled
 SSSD use instead of legacy services if possible is disabled
IPAv2 is disabled
IPAv2 domain was not joined
 IPAv2 server = ""
 IPAv2 realm = ""
 IPAv2 domain = ""
pam_pwquality is enabled (try_first_pass local_users_only retry=3 authtok_type=)
pam_passwdqc is disabled ()
pam_access is disabled ()
pam_mkhomedir or pam_oddjob_mkhomedir is enabled (umask=0077)
Always authorize local users is enabled ()
Authenticate system accounts against network services is disabled

[root@elasticmaster3 pam.d]#cat /etc/nsswitch.conf
<snip>
passwd: files sss ldap
shadow: files sss ldap
group: files sss ldap
<snip>

관련 정보