'Re: [pamldap] RE: [nssldap] pam_ldap and nss_ldap on solaris 7'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pamldap
Subject:    Re: [pamldap] RE: [nssldap] pam_ldap and nss_ldap on solaris 7
From:       Peter Moody <peter.moody () lutris ! com>
Date:       2001-01-24 17:59:06
[Download RAW message or body]

I'm going to say that it's a pam issue.
I had this happen to me before, and I forget the exact reason why.
I have found that the configuration of pam is very tricky and not
very well documented.  This is what I have for telnet in my
/etc/pam.conf (solaris 2.6, 

# telnet
telnet auth     sufficient      /usr/lib/security/pam_ldap.so.1
telnet auth     required        /usr/lib/security/pam_unix.so.1 use_first_pass

I think you should probably check your login and other sections of
your pam.conf file too.

http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam.html
is a good spot for information on setting up pam, specifically
the part about the configuration file (i know it says linux
config file, but I found I could use most of the information in
my setup as well).

good luck.

-Peter

Jim Lang wrote:
> Also, what does the log on your ldap server show? 
> And what are the results of an ldapsearch for the 
> same user?
> 
> Jim
> 
> At 01:21 PM 1/24/01 +0100, Alexandre Ghisoli wrote:
> >Hi, 
> >
> >If you're logged on, could you make an ls -l or id user ?
> >
> >So, is the userreccord in ldap an member of shadowaccout ?
> >
> >HTH
> >	--Alexandre
> >
> >
> >> -----Original Message-----
> >> From: owner-nssldap@padl.com [mailto:owner-nssldap@padl.com]On Behalf Of
> >> Joerg Paysen
> >> Sent: Wednesday, January 24, 2001 11:29 AM
> >> To: pamldap@padl.com; nssldap@padl.com
> >> Subject: [nssldap] pam_ldap and nss_ldap on solaris 7
> >> 
> >> 
> >> Hello,
> >> 
> >> I am using nss_ldap-139 and pam_ldap-99 on a solaris 7 machine.
> >> I am not able to login that machine. The ldap connection is
> >> established (I can see that on the ldap server which I started
> >> with slapd -d 1).
> >> (My ldap server configuration seems to be ok, because I can
> >> successfully login a linux machine wich also uses nss_ldap
> >> and pam_ldap without any problems.)
> >> 
> >> When I disable ldap and switch back to NIS in nsswitch.conf login
> >> works also very well (So the password come from the ldap server.
> >> I can verify that because I use different password in ldap and NIS,
> >> and login with the ldap password works...)
> >> When I do a "ldd nss_ldap.so.1" there are also no problems.
> >> 
> >> What the machine says is the following:
> >> 
> >> login: testuser
> >> Password:
> >> Login incorrect
> >> Connection closed by foreign host.
> >> 
> >> and /var/adm/messages says:
> >> 
> >> Jan 24 11:14:49 testmachine login: login account failure: No 
> >> account present for user
> >> 
> >> 
> >> Do you know whats going wrong???
> >> 
> >> 
> >> 
> >
> ________________________________
> Jim Lang            
> Gus Creek Services  http://www.guscreek.com/
> (406)544-4069  

-- 
Peter Moody          Systems Administrator	
Lutris Technologies  peter.moody@lutris.com

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic