We do ldap authentication at the University of Wisconsin Department of Mathematics. If you have specific questions let me know. But I can give you some tips on troubleshooting: First thing you need to do is make sure you can search the ldap directory from the client machine. What you want to do is do an ldapsearch with debug on and with encryption so you can tell if your client can talk to the ldap server. On my systems I'd do something like this: $ ldapsearch -d1 -x -ZZ uid=jheim You will be able to tell if the client knows which server to talk to and if it can find a certificate, etc. If that works, the next thing to try is finger: $ finger jheim That will tell you if the client machine is configured correctly to identify logins from the ldap database. I can point you to some howtos if you get stuck at this point. If you get past this point and logins still don't work, then you have to look in the system log on the server to see what queries are being sent from the client. And you have to check /var/log/auth.log on the client machine.