Re: Problems with nss_ldap - where to start?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Found an ldif user recipe for CentOS5.2..

Added the user "tactest" with the password "tactest".

Dec 16 12:05:30 ldap sshd[11705]pam_unix(sshd:auth): check pass; user unknown
Dec 16 12:05:30 ldap sshd[11705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ldap
Dec 16 12:05:30 ldap sshd[11705]: pam_succeed_if(sshd:auth): error retrieving information about user tactest

auth still fails.

Peter

On Wed, Dec 16, 2009 at 11:49 AM, Peter Serwe <peter.serwe@xxxxxxxxx> wrote:
I was going to say no TLS on either side. 

Specifically because I wanted to make sure that I was doing it with basic auth prior to using tls, but I found TLS lines in the /etc/ldap.conf.

I commented those out, and guess what, no more nss_ldap messages in /var/log/messages..

Now, I'm somewhat guessing that my directory doesn't have the right information in it.  Maybe I just need an ldif recipe for adding the users.

Peter


On Wed, Dec 16, 2009 at 11:33 AM, <m.roth@xxxxxxxxx> wrote:

First question: do you have tls enabled on the client, and not the server,
or vice versa?

Second question: on the server, can you do a search?

Handy tool: webmin has a whole ldap section, and can give you a *lot* of
clues as to what's going wrong.

      mark

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos






--
Peter Serwe
http://truthlightway.blogspot.com/
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux