Re: Simple Authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, 8 Dec 2003, Les Halliday wrote:

> Hi everyone,
>
> I am using SuSE 8.2 to try and achieve simple authentication against
> novell edirectory. getent passwd or getent group only displays
> information from local files. ldapsearch -x 'uid=linux29' returns the
> correct information stored in edirectory. Entering a edirectory username
> but wrong password results in the following in /var/log/messages:-
>
> Dec  8 10:04:31 linux29 login[2063]: pam_unix2: pam_sm_authenticate()
> called
> Dec  8 10:04:37 linux29 login[2063]: pam_ldap: error trying to bind as
> user "cn=Linux29,ou=SER,ou=KLK,o=EK" (Invalid credenti
> als)
> Dec  8 10:04:37 linux29 login[2063]: pam_unix2: pam_ldap returned 7
> Dec  8 10:04:37 linux29 login[2063]: pam_unix2: username=[linux29]
> Dec  8 10:04:37 linux29 login[2063]: pam_unix2: pw == NULL, return
> PAM_USER_UNKNOWN
> Dec  8 10:04:43 linux29 login[2063]: pam_ldap: error trying to bind as
> user "cn=Linux29,ou=SER,ou=KLK,o=EK" (Invalid credenti
> als)
> Dec  8 10:04:43 linux29 login[2063]: FAILED LOGIN 1 FROM /dev/tty4 FOR
> UNKNOWN, Authentication failure
> Dec  8 10:04:47 linux29 login[2063]: pam_unix2: pam_sm_authenticate()
> called
>
> A correct username and password returns:-
>
> Dec  8 10:07:15 linux29 login[2115]: pam_unix2: pam_sm_authenticate()
> called
> Dec  8 10:07:18 linux29 login[2115]: pam_unix2: pam_ldap returned 0
> Dec  8 10:07:18 linux29 login[2115]: pam_unix2: pam_sm_acct_mgmt()
> called
> Dec  8 10:07:18 linux29 login[2115]: pam_unix2: pam_ldap returned 0
> Dec  8 10:07:18 linux29 login[2115]: Failed to look up user 'linux29'.
>

It seems that a correct username and password authenticates well and the
error is with the account management, is the account healthy?

You can check the configuration of pam_unix2.so too:
/etc/security/pam_unix2.conf

And... why pam_unix2 is calling pam_ldap? Does pam_unix2 have ldap
facilities?

              __
   _ __ __ _ / _| __ _
  | '__/ _` | |_ / _` |
  | | | (_| |  _| (_| |
  |_|   __ _|_|   __ _|

  Rafa Forcada Martínez
mailto:rforcada@xxxxxxxxxxx

   JOvenes INformáticos
  http://www.join-es.com


_______________________________________________

Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux