kde/ldap login fails

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello,

RedHat 7.3 (with latest updates), LDAP to authenticate users.

Local users (/etc/passwd) can logon to kde without problems. ssh, su,
etc works for all users (ldap and local). kdelogon is not possible for
ldap users.

I played with /etc/pam.d/kde (rename to kdm, to xdm) as found on the
web/list but nothing helped.

Here an syslog excerpt:

kde(pam_unix): check pass; user unknown
kde(pam_unix): authentication failure; logname= uid=0 euid=0 tty=:0
ruser= rhost=
kde(pam_unix): session opened for user svoelkel
kde(pam_unix): session closed for user svoelkel


pam.d/kde:

auth       required     /lib/security/pam_stack.so service=system-auth
auth       required     /lib/security/pam_nologin.so
account    required     /lib/security/pam_stack.so service=system-auth
password   required     /lib/security/pam_stack.so service=system-auth
session    required     /lib/security/pam_stack.so service=system-auth
session    optional     /lib/security/pam_console.so

pam.d/sshd:

auth       required     /lib/security/pam_stack.so service=system-auth
auth       required     /lib/security/pam_nologin.so
account    required     /lib/security/pam_stack.so service=system-auth
password   required     /lib/security/pam_stack.so service=system-auth
session    required     /lib/security/pam_stack.so service=system-auth
session    required     /lib/security/pam_limits.so
session    optional     /lib/security/pam_console.so

pam.d/system-auth:

auth        required      /lib/security/pam_env.so 
auth        sufficient    /lib/security/pam_unix.so likeauth nullok
auth        sufficient    /lib/security/pam_ldap.so use_first_pass
auth        required      /lib/security/pam_deny.so

account     required      /lib/security/pam_unix.so

password    required      /lib/security/pam_cracklib.so retry=3 type=
password    sufficient    /lib/security/pam_unix.so nullok use_authtok
md5 shadow
password    sufficient    /lib/security/pam_ldap.so use_authtok
password    required      /lib/security/pam_deny.so

session     required      /lib/security/pam_mkhomedir.so
skel=/etc/skel/umask=0077
session     required      /lib/security/pam_limits.so
session     required      /lib/security/pam_unix.so
session     optional      /lib/security/pam_ldap.so

Any ideas?

regards
	Stefan
-- 
--------------------------------------------------------------------
Stefan Völkel                            stefan.voelkel@xxxxxxxxxxxx
Millenux GmbH                              mobile: +49.170.79177.17
Lilienthalstraße 2                          phone: +49.711.88770.300
70825 Stuttgart-Korntal                       fax: +49.711.88770.349
     -= linux without limits -=- http://linux.zSeries.org/ =-

Attachment: signature.asc
Description: This is a digitally signed message part

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux