Re: Fedora Core 5 LDAP client authentication problem with Solaris 9 iPlanet LDAP Server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



ay0my wrote:
Hi Gordon,

I tried your suggestion the results looks OK.

[root@sspxz100 ~]# id s39427
uid=111(s39427) gid=14(sysadmin) groups=14(sysadmin)
[root@sspxz100 ~]# ls -l ~s39427
total 0

I saw the following error in /var/log/secure when the "permission denied" error is encountered.

Jun 15 17:19:38 sspxz100 sshd[13765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ci-nb39427-6.sf.sp.edu.sg  user=s39427
Jun 15 17:19:40 sspxz100 sshd[13765]: Failed password for s39427 from 164.78.20.60 port 2029 ssh2
Jun 15 09:19:40 sspxz100 sshd[13766]: Failed password for s39427 from 164.78.20.60 port 2029 ssh2

No error is recorded in /var/log/messages

I also try connecting to the LDAP server at port 389 and it is OK.

[root@sspxz100 ~]# telnet 165.70.35.12 389
Trying 165.70.35.12...
Connected to sspsm040.sf.sp.edu.sg (165.70.35.12).
Escape character is '^]'.

Any other help will be appreciated.

Thanks




Is nsswitch setup correctly to obtain the password from the LDAP server?

Check in /etc/nsswitch.conf that passwd, shadow and group are all set to obtain data from ldap:

passwd:     files ldap
shadow:     files ldap
group:      files ldap

Verify that nss is looking up the data in LDAP by running the following commands on sspxz100:

# getent passwd s39427
# getent shadow s39427

these should show the information retrieved from the LDAP directory for the user in question.

Is host based access control in effect? If so, does the user in question have permission to login to that host?

--
Nigel Wade, System Administrator, Space Plasma Physics Group,
            University of Leicester, Leicester, LE1 7RH, UK
E-mail :    nmw@xxxxxxxxxxxx
Phone :     +44 (0)116 2523548, Fax : +44 (0)116 2523555

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux