/etc/nsswitch.conf looks OK, but my /etc/ldap.conf contains
much more information:
# Our two LDAP-Servers, now located on beer and duvel
host server1.mydomain.com server2.mydomain.com
# The (base) distinguished name of the search tree
base dc=mydomain,dc=com
# rootbinddn
# the name of the person who is allowed to modify
# the LDAP-database, for example change other people's
# passwords
# It's corresponding password is given in /etc/ldap.secret
rootbinddn cn=root,ou=People,dc=mydomain,dc=com
# Where do we search
scope sub
# The hashing algorythm libc uses to encrypt passwords
# Normally this defaults to MD5 hashing
pam_password crypt
# The used ID attribute in the database the authentication
# module looks for.
pam_login_attribute uid
I don't know if this is what is missing to make your configuration work
(other people, any comments on this? Did Luis' ldap.conf contain enough info?)
Can you log in on the console, as an LDAP-user? Do your LDAP-users actually
have a password in MD5-format (And not crypt?) Try to use the GQ-ldap client
to see what is in your LDAP-database. Restart your ldap-server manually with the
-d [number] comment to have it print debug messages (which perhaps show you what
it is looking for)...
Maarten
Luis Martinez Martinez wrote:
El Lun 13 Ene 2003 09:58, Maarten Buiter escribió:
Hi Luis,Here they are, (/var/log/secure reports nothing useful)
Could you perhaps send us the contents of your /etc/nsswitch.conf and
/etc/ldap.conf
files? And, if it contains anything interesting, a recent excerpt from
your /var/log/secure?
It might help!
Thanks for your efforts.
Luis
_______________________________________________ Pam-list@redhat.com https://listman.redhat.com/mailman/listinfo/pam-list
