Re: PAM to LDAP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Bob.
This is how I've got it setted up., all the users are in the LDAP,
except root of course and other local users, I can login locally or
using ssh as well using any user ( if allowed to ).

It would be nice if you post the logs, at least the relevant ones,
to see what's wrong, if it's pam or anything else.

You also need to configure NIS.



auth    required        pam_env.so
auth    sufficient      pam_ldap.so
auth    required        pam_unix2.so


common-session
session required        pam_limits.so
session sufficient      pam_ldap.so
session required        pam_unix2.so

common-account
account sufficient      pam_ldap.so
account required        pam_unix2.so

common-password
password required       pam_pwcheck.so  nullok
password sufficient     pam_ldap.so
password required       pam_unix2.so    nullok use_first_pass
use_authtok

Bytes

During Thu, 12 Apr 2007, Bob Spat Out:

> Date: Thu, 12 Apr 2007 12:02:18 -0400
> From: Bob <bobif@xxxxxxxxx>
> Reply-To: Pluggable Authentication Modules <pam-list@xxxxxxxxxx>
> To: Pluggable Authentication Modules <pam-list@xxxxxxxxxx>
> Subject: PAM to LDAP
> 
> I am trying to get our SuSE 9 (s390x) to use the common company LDAP server. I
> have tried several ways to get LDAP users to be able to login. Right now the
> /etc/security/pam_unix2.conf is set to use_ldap and there is no sshd in the
> /etc/pam.d. When a user that is in the local Linux system directly can sign
> in, if the user is not in either the Linux machine or LDAP, the system will
> ask for a password a few times and then close the connection.
> 
> But if the user is in the LDAP server, once the password is entered the ssh
> will just close. In the /var/log/messages the following line shows up:
> sshd[5162]: fatal: PAM: authentication thread exited unexpectedly
> 
> Anyone know how to either get around this or what the right configuration is
> to use LDAP or how to get more information on what is wrong.
> 
> _______________________________________________
> Pam-list mailing list
> Pam-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/pam-list
> 

-- 
*-=> LCP - SAIR Linux Certified Professional               <=-*
*-=> Powered By FreeBSD 6.2-STABLE - The Power To Serve    <=-*
*-=> GPG Public Key at http://gnv.us.ks.cryptnet.net       <=-*


*-=> 	    Telematica S.R.L  Telecomunicaciones	   <=-*
*-=> Tel./Fax: (598)2 408 2837 - 4024596 E. Acevedo 1622   <=-*

---
This message was checked by forty monkeys and found to not
contain any SPAM whatsoever.
		-- Your monkeys may vary

_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux