'[pamldap] Login failing solaris+AD'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pamldap
Subject:    [pamldap] Login failing solaris+AD
From:       "Benjy Portnoy" <benjy () xpert ! com>
Date:       2004-06-02 11:27:14
Message-ID: C2DC75EEA405354AA9C03EF5CB8CDE08015C2EDC () exchange ! xpert ! com
[Download RAW message or body]

Hi,

I have a solaris 9 box and I am using AD SFU 3.5 for ldap. I can successfuly so an \
"id" or "su" to a user in my ldap but telnet login with the same user fails. Also \
from sniffer it appears that when using telnet it is not querying the ldap server at \
all. I have other solaris boxes that are working fine. Any ideas??

PAM.conf

# Authentication management
#
# login service (explicit because of pam_dial_auth)
#
login   auth requisite          pam_authtok_get.so.1
login   auth required           pam_dhkeys.so.1
login   auth required           pam_unix_auth.so.1
login   auth required           pam_dial_auth.so.1
#
# rlogin service (explicit because of pam_rhost_auth)

# rlogin service (explicit because of pam_rhost_auth)
#
rlogin  auth sufficient         pam_rhosts_auth.so.1
rlogin  auth requisite          pam_authtok_get.so.1
rlogin  auth required           pam_dhkeys.so.1
rlogin  auth required           pam_unix_auth.so.1
#
# rsh service (explicit because of pam_rhost_auth,
# and pam_unix_auth for meaningful pam_setcred)
#
rsh     auth sufficient         pam_rhosts_auth.so.1
rsh     auth required           pam_unix_auth.so.1
#
# PPP service (explicit because of pam_dial_auth)
#
ppp     auth requisite          pam_authtok_get.so.1
ppp     auth required           pam_dhkeys.so.1
ppp     auth required           pam_unix_auth.so.1
ppp     auth required           pam_dial_auth.so.1
#
# Default definitions for Authentication management
# Used when service name is not explicitly mentioned for authenctication
#
other   auth requisite          pam_authtok_get.so.1
other   auth required           pam_dhkeys.so.1
other   auth required           pam_unix_auth.so.1
#
# passwd command (explicit because of a different authentication module)
#
passwd  auth required           pam_passwd_auth.so.1

#
other   password required       pam_dhkeys.so.1
other   password requisite      pam_authtok_get.so.1
other   password requisite      pam_authtok_check.so.1
other   password required       pam_authtok_store.so.1
#



LDAP.conf

# vi /etc/ldap.conf 
"/etc/ldap.conf" 62 lines, 1606 characters 
# This is the configuration file for the LDAP nameservice
# switch library and the LDAP PAM module.
#
# PADL Software
# http://www.padl.com
#

# Your LDAP server. Must be resolvable without using LDAP.
host dc20
base dc=bg,dc=lab
ldap_version 3
binddn administrator@test.lab
bindpw 123456
pam_password crypt
nss_base_passwd         cn=Users,DC=test,DC=lab?one
#nss_base_shadow         cn=Users,DC=test,DC=lab?one
nss_base_group          cn=Users,DC=test,DC=lab?one
nss_map_objectclass posixAccount User
nss_map_objectclass shadowAccount User
nss_map_attribute uidNumber msSFU30UidNumber
nss_map_attribute uid msSFU30Name
nss_map_attribute gidNumber msSFU30GidNumber
nss_map_attribute uniqueMember posixMember
nss_map_attribute userPassword msSFU30Password
nss_map_attribute homeDirectory msSFU30HomeDirectory
nss_map_attribute loginShell msSFU30LoginShell
nss_map_attribute gecos msSFU30Gecos
nss_map_objectclass posixGroup Group
nss_map_attribute gid msSFU30Name
nss_map_attribute memberUid msSFU30MemberUid
~


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic