Re: Prolem with pam_passthru

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Giovanni Mancuso wrote:

The TRACE is:
[04/Mar/2008:19:04:15 +0100] - <= slapi_reslimit_get_integer_limit() returning NO VALUE [04/Mar/2008:19:04:15 +0100] - => slapi_control_present (looking for 2.16.840.1.113730.3.4.2) [04/Mar/2008:19:04:15 +0100] - => slapi_reslimit_get_integer_limit() conn=0xb669b948, handle=3 
[04/Mar/2008:19:04:15 +0100] - <= slapi_control_present 0 (NOT FOUND)
[04/Mar/2008:19:04:15 +0100] - <= slapi_reslimit_get_integer_limit() returning NO VALUE [04/Mar/2008:19:04:15 +0100] - => slapi_control_present (looking for 1.3.6.1.4.1.42.2.27.8.5.1) [04/Mar/2008:19:04:15 +0100] - => slapi_reslimit_get_integer_limit() conn=0xb669b8a8, handle=3 
[04/Mar/2008:19:04:15 +0100] - <= slapi_control_present 1 (FOUND)
[04/Mar/2008:19:04:15 +0100] - <= slapi_reslimit_get_integer_limit() returning NO VALUE 
[04/Mar/2008:19:04:15 +0100] - <= get_ldapmessage_controls 1 controls
[04/Mar/2008:19:04:15 +0100] - => slapi_reslimit_get_integer_limit() conn=0xb669b808, handle=3 [04/Mar/2008:19:04:15 +0100] - => slapi_control_present (looking for 2.16.840.1.113730.3.4.16) [04/Mar/2008:19:04:15 +0100] - <= slapi_reslimit_get_integer_limit() returning NO VALUE 
[04/Mar/2008:19:04:15 +0100] - <= slapi_control_present 0 (NOT FOUND)
[04/Mar/2008:19:04:15 +0100] - do_bind: version 3 method 0x80 dn uid=usertest,ou=people,dc=castest.it,dc=babel,dc=int 
[04/Mar/2008:19:04:15 +0100] - mapping tree selected backend : userRoot
[04/Mar/2008:19:04:15 +0100] - Calling plugin 'Legacy replication preoperation plugin' #3 type 401 [04/Mar/2008:19:04:15 +0100] - Calling plugin 'Multimaster replication preoperation plugin' #4 type 401 [04/Mar/2008:19:04:15 +0100] - Calling plugin 'PAM Pass Through Auth' #5 type 401 
[04/Mar/2008:19:04:15 +0100] - allow_operation: component identity is NULL
Looks like the bug is here. The component identity is NULL when it should not be. Can you please file a bug about this issue?
[04/Mar/2008:19:04:15 +0100] pam_passthru-plugin - Could not find BIND dn uid=usertest,ou=people,dc=castest.it,dc=babel,dc=int (error 32 - No such object) [04/Mar/2008:19:04:15 +0100] pam_passthru-plugin - Bind DN [uid=usertest,ou=people,dc=castest.it,dc=babel,dc=int] is invalid or not found [04/Mar/2008:19:04:15 +0100] - => send_ldap_result 32::Bind DN [uid=usertest,ou=people,dc=castest.it,dc=babel,dc=int] is invalid or not found 
[04/Mar/2008:19:04:15 +0100] - add_pb
[04/Mar/2008:19:04:15 +0100] - <= send_ldap_result
[04/Mar/2008:19:04:15 +0100] - get_pb
[04/Mar/2008:19:04:15 +0100] - => slapi_reslimit_get_integer_limit() conn=0xb669b8a8, handle=3 
[04/Mar/2008:19:04:15 +0100] - do_unbind
[04/Mar/2008:19:04:15 +0100] - <= slapi_reslimit_get_integer_limit() returning NO VALUE 
[04/Mar/2008:19:04:15 +0100] - => get_ldapmessage_controls
[04/Mar/2008:19:04:15 +0100] - => slapi_reslimit_get_integer_limit() conn=0xb669b808, handle=3 
[04/Mar/2008:19:04:15 +0100] - <= get_ldapmessage_controls no controls
[04/Mar/2008:19:04:15 +0100] - <= slapi_reslimit_get_integer_limit() returning NO VALUE 
[04/Mar/2008:19:04:15 +0100] - defbackend_noop
[04/Mar/2008:19:04:16 +0100] - ldbm backend flushing
[04/Mar/2008:19:04:16 +0100] - ldbm backend done flushing
[04/Mar/2008:19:04:16 +0100] - ldbm backend flushing
[04/Mar/2008:19:04:16 +0100] - ldbm backend done flushing


Rich Megginson ha scritto:

Giovanni Mancuso wrote:

Rich Megginson ha scritto:
However, if you turn on the TRACE debug log level you might find some clues - http://directory.fedoraproject.org/wiki/FAQ#Troubleshooting 

One more thing - in your config you have both

no, sorry, i meant:
the pam_passthru auth works  if  I set
pamIDMapMethod: RDN
but it maps the wrong user
Ok. So this means you have a user uid=username whose pam login is not "username". 

then if I change the dse.ldif and put
pamIDMapMethod: ENTRY
pamIDAttr:   mail
then the slapi_something_() won't find the entry even if it's there...
anyway yes, I want to use the email as the pam userid.

I wish it's clearer now..
Yes. So I think the next step will be to turn on TRACE level debuggging in the error log to see why it cannot find your entry. 

Thx,
Giovanni


--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users


------------------------------------------------------------------------

--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users


------------------------------------------------------------------------

--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users

<<attachment: smime.p7s>>

--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux