Repair of ldap pam xdm login after disk crash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Dear PAM experts,

I am not to find out cause of problem during repair system with originaly placed

/boot
/home
/opt
/srv
/tmp
/usr/src
and
/var 

directories on crashed RAID controller bus.

I was able to recover system to boot and other things to work exceot one 

PAM based xdm, ssh login using remote  LDAPS server and It worked before RAID crash

My state if art is

that 

ldapsearch works well in both cases binded to rxisting user or annonymous user as well

but 

pamtester  ldap  fodrek authenticate  open_session


pamtester  nss  fodrek authenticate  open_session

as well as

pamtester  sss fodrek authenticate  open_session

results in same output

dap_msgfree
pamtester: successfully authenticated
(rdconf1.c:154): You do not exist? fodrek? Success.
(pam_mount.c:598): error expanding configuration
ldap_unbind
ldap_free_connection 1 1
ldap_send_unbind
ber_flush2: 7 bytes to sd 4
  0000:  30 05 02 01 05 42 00                               0....B.           
tls_write: want=36, written=36
  0000:  ....          PS.v             
ldap_write: want=7, written=7
  0000: ....B.           
tls_write: want=31, written=31
  0000:  .....
      ...i.9....F..;A   
ldap_free_connection: actually freed
tls_write: want=31 error=Bad file descriptor

pamtester: Insufficient credentials to access authentication data

If I do not place open_session in the command last line of output is missing

same ctedential missing output is for acct_mgmt
and  chauthtook and authenticate are only operations that works.


Is there anybody who us able to send me any recommendation, what am I to check
to get  PAM to work here,please?

LDAP server is external server 

usage of

pam-auth-update --force 

only allow me to get system into logging with unix authentofication method but automatic logout  after several seconds 
when  I disable  AFS session mamagement on Ubuntu 16.10 system

But I am not able to log in using LDAP account in thos case,too.


Originally there were system configured to use both PAM for log and SASL for Subversion repository access control.


Thank you for any answer

I look forward hearing from you

Yours faithfully


Peter Fodrek 





_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux