Hi all. In 7.3, I was able to do a simple setup of an ldap client against an openldap server (also under linux), and all of my services (mainly ssh) worked using ldap as the authentication method. Setting up an ldap client in Redhat 9, though it seemed easier at first, doesn't seem to have covered all of my bases, and I'm having a bit of trouble. It seems that logging in on the console works wonderfully. Just using authconfig to do the setup works great. However, though my /etc/pam.d/system-auth file includes pam_ldap for just about everything, and /etc/pam.d/sshd points to system-auth, it would appear as though something is awry, because I keep getting 'Permission Denied' errors trying to log in via ssh to the client machine. The ldap server's logs *do* show that there is a query coming across, and also that the search being performed for the user are successful, but I don't see a BIND operation occurring, and ssh simply fails. The same user can log in at the console (lest we suspect a mistyped or forgotten password, or a misconfigured /etc/ldap.conf file). Also, only 'files ldap' exists in nsswitch for passwd/shadow/group. Has anyone come across this? I have this list archived locally in my evolution client back to November, and it seems this particular problem hasn't really surfaced. While I'm here, where's the 'system-auth' manpage - where is that covered? Thanks for your time. _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
