I'm trying to configure LDAP using GDM3 (3.28.0) in Ubuntu 18.04.
But i can just log in terminal with ldap users. In the GUI I can't log in (famous GDM loop login).
I configure pam to create the home folder:
vim /etc/pam.d/common-session
session required pam_mkhomedir.so umask=077 skel=/etc/skel
But, it wasn't sufficient!
I installed lightdm, and in this GUI, I can login!
Any suggestion?
Thanks!
On
Sounds likely to be the same problem I had with NIS, where I couldn't log in for a day or so after booting. To get to the bottom of it, I had to:
socket(AF_INET, SOCK_STREAM, IPPROTO_TCP) = -1 EAFNOSUPPORT (Address family not supported by protocol)
... think "huh, how on earth can that be failing?" and try a Google for "logind nis". Apparently, it's not secure to look up user groups, or whatever logind is doing here, over the network, at least not without some separate locked-down daemon. You might think it would have been deemed important enough to deserve a sensible error message, but that could, I suppose, have been the fault of nscd or nss-nis or something else. From there, it was plain sailing to:
... thence to adapt their answer:
sudo mkdir /etc/systemd/system/systemd-logind.service.d/
sudo tee /etc/systemd/system/systemd-logind.service.d/open_network_interface.conf <<EOF
[Service]
RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6
IPAddressAllow=any
EOF
sudo systemctl daemon-reload
sudo systemctl restart systemd-logind
The warning on that wiki about IPAddressAllow=any not overriding the default seems not to apply, for me, today, on Debian Buster. Simply doing a daemon-reload, you'd think, but no. nscd is listed as the solution there too, but we have that installed and I tried logging in on a different VT immediately before and staying logged in - no dice. Presumably it can sometimes work, after a day or whatever.
I resolved the problem by installing the nscd service.