Re: [389-users] Does Oracle interfere with LDAP authentication?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

One useful method for tracking down oddness like this is to run a test-mode sshd on a different port:

server# /usr/sbin/sshd -ddd -p 28

and then, on the client:

client$ ssh server -p 28

and watch what sshd is doing. It's unlikely that Oracle elements are in the path prior though, since none of these are called directly on a command-line by sshd; instead it's more likely to be a PAM configuration oddness; check /etc/pam.d/* to see whether Oracle has put something strange in there.

  -- C. 
________________________________________
From: 389-users-bounces@xxxxxxxxxxxxxxxxxxxxxxx [389-users-bounces@xxxxxxxxxxxxxxxxxxxxxxx] On Behalf Of David Barr [dafydd@xxxxxxxxxx]
Sent: Wednesday, June 08, 2011 4:43 AM
To: General discussion list for the 389 Directory server project.
Subject: Re: [389-users] Does Oracle interfere with LDAP authentication?

This is occurring at login, before the user-specific path is set. (At
least, I hope we're waiting for authentication before setting the user's
path!) So, the relevant path is the one built into sshd at compile time,
and reported in /etc/ssh/sshd_config, right?[1] That's just
/usr/local/bin:/bin:/usr/bin.

I took at shot at "ps faux" to see if I could find any child processes
invoked by sshd to test the ldap authentication. I didn't catch anything.

"getent passwd" as root on these hosts does return the LDAP based users.
So, I can see at least that much of the RHDS. So, I know the server is
visible and talking to these hosts.

Thanks!
David

[1] -
http://forums13.itrc.hp.com/service/forums/questionanswer.do?admit=109447627+1307470719578+28353475&threadId=686313


On Tue, June 7, 2011 10:49, crashingdaily wrote:
> Oracle includes its own LDAP client and libs whose syntax is different
> from OpenLDAP's. Is  $ORACLE_HOME/bin/  earlier in your $PATH than /
> usr/bin ?
>
> On Jun 7, 2011, at 1:38 PM, David Barr wrote:
>
>> Good Morning!
>>
>> Take 30 hosts, all with identical
>>
>> /etc/nsswitch.conf
>> /etc/ldap.conf
>> /etc/ssh/ssh_config
>> /etc/ssh/sshd_config
>> /etc/auto.master and subsidiary files
>>
>> The only two hosts where LDAP authentication fails are the two Oracle
>> servers. All are running on the same RHEL 5.4.
>>
>> Anyone seen anything like this, before?
>>
>> Thanks!
>> David

--
David - Offbeat                http://dafydd.livejournal.com
dafydd - Online                http://pgp.mit.edu/
Battalion 4 - Black Rock City Emergency Services Department
       Integrity*Commitment*Communication*Support


--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users

--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux