|
Setup: FC2 on a workstation will
all updates. 2 servers running Winblows
server 2003 will all updates. Problem: I can't for the life of me
figure out why I can't authenticate. I see Kerberos authenticates
successfully, but nss_ldap cannot connect to the LDAP server. I guess it can't
query LDAP to see what my UID is and fails on the uid < 100 for pam_unix. I modified the PAM files,
ldap.conf, and krb5.conf files. Here are some excerpts from
some log files. Secure: Oct 28 15:26:42 jparker-dfc2
login[3783]: pam_succeed_if: requirement "uid < 100" not met by
user "jparker" Oct 28 15:27:06 jparker-dfc2
login[30256]: pam_succeed_if: requirement "uid < 100" not met by
user "jparker" Messages: Oct 28 15:26:41 jparker-dfc2
login(pam_unix)[3783]: authentication failure; logname=LOGIN uid=0 euid=0
tty=tty1 ruser= rhost= user=jparker Oct 28 15:26:42 jparker-dfc2 login[3783]:
pam_krb5[3783]: authentication succeeds for 'jparker' (jparker@xxxxxxxx) Oct 28
15:26:42 jparker-dfc2 login[3783]: nss_ldap: could not search LDAP server -
Operations error Oct 28 15:26:42 jparker-dfc2 login[3783]: nss_ldap: could not
search LDAP server - Operations error Oct 28 15:26:42 jparker-dfc2 login[3783]:
pam_ldap: ldap_search_s Operations error Oct 28 15:26:42 jparker-dfc2
pam_winbind[3783]: user 'jparker' granted acces Oct 28 15:26:42 jparker-dfc2
login[3783]: nss_ldap: could not search LDAP server - Operations error Oct 28
15:26:42 jparker-dfc2 login(pam_unix)[3783]: session opened for user jparker by
LOGIN(uid=0) Oct 28 15:26:42 jparker-dfc2 login[3783]: Permission denied I'm looking for any and all
suggestions. Short of passwords and such, I'll post whatever you need. |
