RSS feed

nslcd and LTSP

[Date Prev][Date Next] [Thread Prev][Thread Next]

nslcd and LTSP

Hi Arthur and nslcd users

I've mostly finished configuring a Ubuntu 20.04 LTSP server. The only outstanding issue now is that LDAP users can login but their sshfs home dirs aren't getting mounted successfully. We are using lightdm for the display manager and when an LDAP user logs in it prints the error:

.Pamltsp failed to mount home via SSHFS: read: Connection reset by peer

I am able to successfully mount the same users home dir manually using sshfs from one of the LTSP client machines. I have already asked the main LTSP developer about this issue and he suspects it is a PAM config error. He suggested using:


In ltsp.conf but that didn't fix this error.

LTSP currently only officially supports using LDAPS via sssd-ldap but we don't have a LDAPS server ready at the moment. The main LTSP developer seems to think we should be able to get LTSP to work using nslcd / LDAP.

Have you heard of anyone successfully using nslcd with LDAP and a recent version of LTSP / Ubuntu?

Here is my current /etc/nslcd.conf. This config works fine with Ubuntu 20.04 without LTSP. Users can login and their home dir gets mounted. Our LDAP server is a Windows Server 2016 DC.

Thanks for your help!

# /etc/nslcd.conf
# nslcd configuration file. See nslcd.conf(5)
# for details.

# The user and group nslcd should run as.
uid nslcd
gid nslcd

# The location at which the LDAP server(s) should be reachable.
uri ldap://

# The search base that will be used for all queries.
base dc=isdads,dc=salford,dc=ac,dc=uk

# The LDAP protocol version to use.
#ldap_version 3

# The DN to bind with for normal lookups.

# The DN used for password modifications by root.
#rootpwmoddn cn=admin,dc=example,dc=com

# SSL options
#ssl off
#tls_reqcert never
#tls_cacertfile /etc/ssl/certs/ca-certificates.crt

# The search scope.
scope sub
timelimit 10

pagesize 1000
referrals off
idle_timelimit 800
filter passwd (&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*))
filter group (objectClass=group)
map    passwd uid              sAMAccountName
map    passwd homeDirectory    unixHomeDirectory
map    passwd gecos            displayName
map    passwd loginShell    "/bin/bash"
filter shadow (&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*))
map    shadow uid              sAMAccountName
map    shadow shadowLastChange pwdLastSet

University of Salford
Specialist Technical Demonstrator
School of Computing, Science & Engineering
Room 145, Newton Building, University of Salford, Manchester M5 4WT
T: +44(0) 0161 295 5242