Re: Fedora Core 5 LDAP client authentication problem with Solaris 9 iPlanet LDAP Server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Watching this thread go bye, I was wondering about the more
fundamental question.

Does your LDAP server give the POSIX user information that the linux
system requires for login?  We have one of those Iplanet servers and
user accounts do not have that information by default and the
administrators act like their asses are starting on fire when we ask
them to put in those user attributes.

The symptom of the problem is that logins fail, but ldapsearch does
turn up user information.

pj

On 6/16/06, Gordon Messmer <yinyang@xxxxxxxxx> wrote:
ay0my wrote:
> I tried your suggestion the results looks OK.
>
> [root@sspxz100 ~]# id s39427
> uid=111(s39427) gid=14(sysadmin) groups=14(sysadmin)
> [root@sspxz100 ~]# ls -l ~s39427
> total 0

Good, then NSS is set up right, and you just need to look at PAM.

> I saw the following error in /var/log/secure when the "permission denied" error is encountered.
>
> Jun 15 17:19:38 sspxz100 sshd[13765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ci-nb39427-6.sf.sp.edu.sg  user=s39427

So... what does /etc/pam.d/system-auth look like?  Specifically, what do
the lines that begin with "auth" look like?

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list



--
Paul E. Johnson
Professor, Political Science
1541 Lilac Lane, Room 504
University of Kansas


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux