'Re: [pamldap] Very Strange Authentication Problem[Scanned]'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pamldap
Subject:    Re: [pamldap] Very Strange Authentication Problem[Scanned]
From:       "Christopher J. Stephens" <chriss () lanl ! gov>
Date:       2006-04-27 20:35:13
Message-ID: 44512B01.1010000 () lanl ! gov
[Download RAW message or body]

I have just gone through a similar problem with Red Hat Enterprise Work
Station 4.  I'm using an OpenLDAP server, but the client error message
is the same.  I havent found out yet what the root of the problem is,
but I recompiled the nss_ldap library and it fixed the problem. From
what I have seen, and a couple of google hits on the error message, I
would guess that the distributed library was not compiled against the
distributed libraries.... but that is purely a guess at this point.

Hope this helps
Chris Stephens


Chris Bradford wrote:

>I have found out what the login error is:
>
>login:../../../libraries/liblber/sockbuf.c:89: ber_sockbuf_ctrl:
>Assertion ' ( (sb)->sb_opts.lbo_valid == 0x3)' failed
>
>I don't know if this means anything to anyone?
>
>Thanks,
>
>Chris Bradford
>
>
>-----Original Message-----
>From: owner-pamldap@padl.com [mailto:owner-pamldap@padl.com] On Behalf
>Of Chris Bradford
>Sent: 27 April 2006 09:18
>To: pamldap@padl.com
>Subject: [pamldap] Very Strange Authentication Problem[Scanned]
>
>
>Hi all,
>
>I'm using Fedora Core 5 and  open ldap client to authenticate to a
>Windows Server 2003 Active Directory and services for unix 3.5.
>
>The issues I have is that new user accounts work perfectly, but old
>accounts, or currently existing accounts will not work.
>
>If I log in with ssh the window is terminated when using an older
>acount. With a new account it works perfectly.
>
>Logging into gdm works with new users, but with older accounts the gdm
>login manager resets - almost as if X reloads.
>
>Logging into tty1 - 6 fails with an error I don't have time to read. I
>have checked var/log/messages and /var/log/secure and both do not
>contain the error.
>
>Example login from /var/log/secure:
>
>
>Apr 26 15:42:27 linuxclient2 sshd[7055]: pam_unix(sshd:auth):
>authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
>rhost=itdept3a.cambridge.news user=dirsearch Apr 26 15:42:27
>linuxclient2 sshd[7055]: pam_krb5[7055]: authentication succeeds for
>'dirsearch' (dirsearch@CAMBRIDGE.NEWS.) Apr 26 15:42:27 linuxclient2
>sshd[7055]: Accepted password for dirsearch from 10.0.35.100 port 2848
>ssh2 Apr 26 14:42:27 linuxclient2 sshd[7056]: Accepted password for
>dirsearch from 10.0.35.100 port 2848 ssh2 Apr 26 15:42:27 linuxclient2
>sshd[7058]: pam_unix(sshd:session): session opened for user dirsearch by
>(uid=0) Apr 26 15:42:28 linuxclient2 sshd[7055]: nss_ldap: reconnected
>to LDAP server ldap://camb-dc1.cambridge.news after 1 attempt Apr 26
>15:42:36 linuxclient2 sshd[7058]: pam_unix(sshd:session): session closed
>for user dirsearch Apr 26 15:42:52 linuxclient2 sshd[7084]:
>pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0
>tty=ssh ruser= rhost=itdept3a.cambridge.news user=chrisbradford Apr 26
>15:42:53 linuxclient2 sshd[7084]: pam_krb5[7084]: authentication
>succeeds for 'chrisbradford' (chrisbradford@CAMBRIDGE.NEWS.) Apr 26
>15:42:53 linuxclient2 sshd[7084]: Accepted password for chrisbradford
>from 10.0.35.100 port 2854 ssh2 Apr 26 14:42:53 linuxclient2 sshd[7085]:
>Accepted password for chrisbradford from 10.0.35.100 port 2854 ssh2
>
>As you can see dirsearch (a newly created ad user) has a sessio opened.
>
>The currently existing account chrisbradford will not login. No session
>is opened, and login is denied. The log just stops, where a line like
>"Apr 26 15:42:27 linuxclient2 sshd[7058]: pam_unix(sshd:session):
>session opened for user dirsearch by (uid=0)" should exist.
>
>Any ideas as to what could be causing this?
>
>Many thanks,
>
>Chris Bradford
>Systems Administrator
>Cambridge Newspapers
>
>
>This message has been scanned for viruses by BlackSpider MailControl -
>www.blackspider.com
>
>
>
> 
>
>
>  
>


-- 
-----------------------------------
Chris Stephens
Unix Systems Administrator
-----------------------------------
Phone: 665-3280
Pager: 104-2526
Email: chriss@lanl.gov
-----------------------------------


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic