Kurzmann Birgit wrote: > > Hi! > > > > We are using 389 DS and PAM to pass authentication to active > directory. It works fine until someone tries to authenticate with a > wrong password. In that case 389 directory server crashes. > What platform? What 389 version? rpm -qi 389-ds-base > > > > /log/secure looks like this: > > > > Feb 5 12:31:42 st39ldap01 ns-slapd: pam_krb5[12937]: authentication > fails for 'k.thormann' (k.thormann@xxxxxxxxxxxxxxxxx): Authentication > failure (Cannot read password) > > Feb 5 12:31:42 st39ldap01 ns-slapd: pam_unix(ldapserver:auth): > authentication failure; logname= uid=500 euid=500 tty= ruser= rhost= > user=k.thormann > > Feb 5 12:31:43 st39ldap01 ns-slapd: pam_krb5[12937]: authentication > fails for 'k.thormann' (k.thormann@xxxxxxxxxxxxxxxxx): Authentication > failure (Looping detected inside krb5_get_in_tkt) > > > > PAM File looks like this: > > > > auth sufficient pam_krb5.so use_first_pass forwardable > > auth include system-auth > > > > account [default=bad success=ok user_unknown=ignore > service_err=ignore system_err=ignore authinfo_unavail=ignore] > pam_krb5.so > > account include system-auth > > password include system-auth > > password sufficient pam_krb5.so use_authtok > > > > session optional pam_krb5.so > > > > Any idea how we can fix this problem? > > > > Cheers, > > Birgit > > > > ------------------------------------------------------------------------ > > -- > 389 users mailing list > 389-users@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
