|
Hi! We are using 389 DS and PAM to pass authentication to active
directory. It works fine until someone tries to authenticate with a wrong
password. In that case 389 directory server crashes. /log/secure looks like this: Feb 5 12:31:42 st39ldap01 ns-slapd: pam_krb5[12937]:
authentication fails for 'k.thormann' (k.thormann@xxxxxxxxxxxxxxxxx):
Authentication failure (Cannot read password) Feb 5 12:31:42 st39ldap01 ns-slapd:
pam_unix(ldapserver:auth): authentication failure; logname= uid=500 euid=500
tty= ruser= rhost= user=k.thormann Feb 5 12:31:43 st39ldap01 ns-slapd: pam_krb5[12937]:
authentication fails for 'k.thormann' (k.thormann@xxxxxxxxxxxxxxxxx):
Authentication failure (Looping detected inside krb5_get_in_tkt) PAM File looks like this: auth sufficient pam_krb5.so use_first_pass
forwardable auth include system-auth account [default=bad success=ok user_unknown=ignore
service_err=ignore system_err=ignore authinfo_unavail=ignore] pam_krb5.so account include system-auth password include system-auth password sufficient pam_krb5.so use_authtok session optional pam_krb5.so Any idea how we can fix this problem? Cheers, Birgit |
-- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
