Hello all, I've got a redhat 8 box I'm trying to make an ldap client. It is talking to the server. From the client, I can do ldapsearch and other similar commands. On the client, I can log in as local user (i,e, root) in all normal fashions. As a non-local user (non-priviledged user from ldap database), I can log in via ssh. I cannot log in at console. /var/log/messages gets few error lines when I attempt this. First is "pam_tally: pam_get_uid; no such user todd" Then "check pass; user unknown" (this is gdm(pam_unix)) then "authentication failure; logname= uid=0 euid=0 tty=:0 ruser=gdm rhost=localhost" (this is gdm(pam_unix)) looking in /etc/pam.d I see: gdm is identical to sshd except for one line (sshd requires pam_limits.so for session). Everything else is kicked to system-auth. system-auth goes like this (apologies for the shorthand, order preserved) auth: required pam_env.so required pam_tally.so onerr=fail no_magic_root sufficient pam_unix.so likeauth nullok sufficient pam_ldap.so use_first_pass required pam_deny.so account: required pam_unix.so remember 10 required pam_tally.so per_user deny=5 no_magic_root sufficient pam_ldap.so (will remember work here?) required pam_permit.so password: requisite pam_cracklib.so [with password restrictions that don't seem to be taking effect, is "requisite" correct?] sufficient pam_unix.so nullok use_authtok md5 shadow sufficient pam_ldap.so use_authtok required pam_deny.so session: required pam_limits.so required pam_unix.so optional pam_ldap.so Can anybody see why console logins would be failing? BTW, my pam versions are pam-0.75-40 pam_smb-1.1.6-5 pam_krb5-1.56-1 pam-devel-0.75-40 Thanks in advance, Todd Hunter-Gilbert _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
