'RE: [pamldap] pam_ldap: ldap_search_s No such object'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pamldap
Subject:    RE: [pamldap] pam_ldap: ldap_search_s No such object
From:       "Brendon M. Maragia" <brendon () commaflex ! com>
Date:       2001-08-22 17:59:19
[Download RAW message or body]

If anyone out there is as stupid as me, you will eventually figure out that
pam_ldap.so looks for ldap.conf in /etc/ldap.conf, and not in
/usr/local/etc/openldap/ldap.conf.  Trying making a link. Shit.

-----Original Message-----
From: owner-pamldap@PADL.COM [mailto:owner-pamldap@PADL.COM]On Behalf Of
Brendon M. Maragia
Sent: Wednesday, August 22, 2001 10:58 AM
To: pamldap@padl.com
Subject: [pamldap] pam_ldap: ldap_search_s No such object


Hey list,

I'm trying to setup OpenLDAP to authenticate users using pam and
pam_ldap.so.  I have OpenLDAP installed and compiled, with satisified
dependencies, however, after installing pam_ldap.so and editing
/etc/pam.conf I keep running across the nasty error above in my system logs
everytime I try to authenticate a user via ssh (the only service i have
setup to use pam_ldap.so).  Below you will find my configuration files and
some extra details about my system, could someone please, please, help me by
providing some insight into why this might be happening.

OS: FreeBSD 4.3-RELEASE
OpenLDAP: v2.0.11
CyrusSASL: v1.5.24
pam_ldap: v123

I initially ran 'make install' on pam_ldap and it installed ONLY
pam_ldap.so.1 in /lib/security.  I eventually moved
/lib/security/pam_ldap.so.1 to /usr/lib/pam_ldap.so.1 and made a link to
/usr/lib/pam_ldap.so.  I ran 'ldconfig -m /usr/lib' and 'ldd
/usr/lib/pam_ldap.so.1' (although ldd returned a few errors).


The migration tools found on padl.com came in handy, but they seemed insert
directory data a bit different than they normally would on a Linux system.
I wonder if this could be a cause of my problem.


Below you will find a copy of my /etc/pam.conf,
/usr/local/etc/openldap/ldap.conf, and directory structure.  I hope this is
enough to give you a hint as to what's going on, because I'm way new at
this.  Thanks in advance!

#############
# pam.conf  #
#############

# OpenSSH with PAM support requires similar modules.  The session one is
# a bit strange, though...
sshd    auth    sufficient      /usr/lib/pam_ldap.so.1
sshd    auth    sufficient      pam_skey.so
try_first_pass
#sshd   auth    sufficient      pam_kerberosIV.so
try_first_pass
sshd    auth    required        pam_unix.so
try_first_pass
sshd    session required        pam_permit.so

#############
# ldap.conf #
#############

base o=commaflex, c=com
port 389
pam_filter objectclass=posixAccount
pam_login_attribute uid
pam_member_attribute memberuid
pam_crypt local

################
# initial.ldif #
################

dn: o=commaflex, c=com
objectclass: top
objectclass: organization
o: commaflex


dn: ou=Group, o=commaflex, c=com
objectclass: top
objectclass: organizationalUnit
ou: Group

dn: ou=People, o=commaflex, c=com
objectclass: top
objectclass: organizationalUnit
ou: People

#################
# group.ldif    #
#################

dn: cn=wheel,ou=Group,o=commaflex,c=com
objectClass: posixGroup
objectClass: top
cn: wheel
userPassword: {crypt}
gidNumber: 0
memberUid: root

#################
# passwd.ldif   #
#################

dn: uid=admin,ou=People,o=commaflex,c=com
uid: admin
cn: brendon
objectClass: account
objectClass: posixAccount
objectClass: top
userPassword: {crypt}
loginShell: /usr/local/bin/bash
uidNumber: 1001
gidNumber: 1001
homeDirectory: /usr/home/admin
gecos: brendon


Sincerely,
Brendon M. Maragia

"It is not the critic who counts: Not the man who points out how the strong
man stumbles, or where the doer of deeds could have done them better.  The
credit belongs to the man who is actually in the arena, whose face is marred
by dust and sweat and blood: Who strives valiantly: Who errors, and comes
short again and again: Because there is no effort without error and
shortcoming:  But who does actually strive to do the deeds: Who knows the
great enthusiasms, the great devotions: Who spends himself in a worthy
cause, who at the best knos in the end the triumphs of high achievement and
who at the worst, if he fails, at least fails while daring greatly, so that
his place shall never be with those cold and timid souls who know neither
victory nor defeat." -- Theodore Roosevelt

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic