I didn't see you mention any configure files for nss_ldap and pam_ldap. Do you use separate conf files or single one? You can test nss_ldap to make sure it works and then move to pam_ldap/pam configure. You can turn on debug for nssldap to see if it contact ldap server or not. Command: "id userid" invokes getpw --> nss and is good to test nssldap. --Yu Wang Information Technology Services University of North Florida (904) 620-2820 -----Original Message----- From: pam-list-bounces@xxxxxxxxxx [mailto:pam-list-bounces@xxxxxxxxxx]On Behalf Of Greg Dotts Sent: Wednesday, November 10, 2004 5:22 PM To: pam-list@xxxxxxxxxx Subject: Fedora LDAP authentication failure Greetings Guru's, I'm at my wits end attempting to configure LDAP authentication on my Fedora 2 server. I'm not new to Linux, but am new to directory management. Running debugs on slapd returns positive information when GQ is used to browse/change the directory, but when I attempt to login via console with any user other than root results in no contact with the LDAP server. Root authenticates OK, but not via LDAP. Synopsis: OS=Fedora Core 2, fully updated via APT/Synaptic. Running current updates of openldap et al, nss_ldap, pam, and openssl. My LDAP server is working and searchable/writable locally using either GQ or standard openldap tools. I have used the tools 'authconfig' and 'system-config-authentication' to enable LDAP authentication and manually modified 'nsswitch.conf', and '/etc/pam.d/login and /etc/pam.d/system-auth'. It appears that PAM is not contacting the LDAP server for authentication. Does anyone have a suggestion as to why this may be? I know this is a very open question, but I've struggled with this for about a week and spent several days searching the internet for answers. I have followed many HOW-TO's and rebuilt my LDAP directory about a dozen times. It appears the LDAP server is working fine, but no requests are being made from login to the LDAP server. Best regards to all, Greg _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
