I'm trying to authenticate with ldap on f13 using the same ldap.conf I'm using successfully on f12. But it doesn't like my password and I see a message like this in /var/log/secure: May 6 14:37:22 empire su: pam_sss(su:auth): received for user foo: 10 (User not known to the underlying authentication module) Any ideas what the problem might be? My /etc/ldap.conf looks something like this: uri ldap://192.168.116.243 base dc=mydomain,dc=mycompany,dc=com binddn cn=ldap,cn=users,dc=mydomain,dc=mycompany,dc=com bindpw theBindPw timelimit 120 bind_timelimit 120 bind_policy soft idle_timelimit 3600 pam_filter objectclass=user nss_base_passwd ou=People,dc=mydomain,dc=mycompany,dc=com?one nss_base_shadow ou=People,dc=mydomain,dc=mycompany,dc=com?one nss_base_group ou=SecurityGroups,dc=mydomain,dc=mycompany,dc=com?one nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon nss_map_objectclass posixAccount User nss_map_objectclass shadowAccount User nss_map_attribute uid sAMAccountName nss_map_attribute uidNumber msSFU30UidNumber nss_map_attribute gidNumber msSFU30GidNumber nss_map_attribute loginShell msSFU30LoginShell nss_map_attribute gecos name nss_map_attribute userPassword msSFU30Password nss_map_attribute homeDirectory msSFU30HomeDirectory nss_map_objectclass posixGroup Group nss_map_attribute memberUid msSFU30MemberUid nss_map_attribute cn cn pam_login_attribute sAMAccountName pam_member_attribute msSFU30PosixMember pam_filter objectclass=User pam_password ad ssl no tls_cacertdir /etc/openldap/cacerts Thanks, David -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test