Ok, I wanted to check with my boss before messing with the ldap server. So I asked him; he said that there is nothing wrong with the server. He then proceeded to take a quick look at the "server which is pissing me off" and said that in order for pam_ldap.so to work I need ssh 3.7 or higher. I thought to myself, finally, maybe this is the answer, since I had openssh 3.5. Anyways I proceed to install rpms of openssh 3.7.1p2-1 and its dependencies. Here is the specifics: [root@blochee root]# rpm -qa | grep ssh openssh-askpass-3.7.1p2-1 openssh-3.7.1p2-1 openssh-clients-3.7.1p2-1 openssh-server-3.7.1p2-1 openssh-askpass-gnome-3.7.1p2-1 [root@blochee root]# I made sure to check my /etc/ssh/ssh_config and my /etc/ssh/sshd_config and modified anything that was not correct. Anyways to my dismay this did NOT WORK. However, my login error does give a new line of information in my /log/messages file. Here it is: Jul 8 20:20:57 blochee sshd(pam_unix)[21476]: check pass; user unknown Jul 8 20:20:57 blochee sshd(pam_unix)[21476]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=spidey.ee.ucr.edu Jul 8 20:20:59 blochee sshd[21474]: error: PAM: Authentication failure Jul 8 20:21:03 blochee sshd(pam_unix)[21477]: check pass; user unknown Jul 8 20:21:03 blochee sshd(pam_unix)[21477]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=spidey.ee.ucr.edu Jul 8 20:21:05 blochee sshd[21474]: error: PAM: Authentication failure What I now get that I did not have before is the line with "error: PAM: Authentication failure". If I am understanding this correctly this means that pam_ldap.so is getting called now.... Am I correct in my assumption? This is good because before I update ssh I did not get that error so it look like pam-ldap.so was not working at all. Does this shed any light onto my problem? Maybe my ssh config files are not set correctly? If you still think I need to look at the ldap server log files I will. BTW, On the other redhat servers they run with openssh 3.5.1 and they work...... Thanks for everybodies help on this problem. -- Steven ----- Original Message ----- From: "Rigler, Steve" <SRigler@xxxxxxxxxxxxxxx> To: "General Red Hat Linux discussion list" <redhat-list@xxxxxxxxxx> Sent: Thursday, July 08, 2004 4:30 AM Subject: RE: Cant authenticate to LDAP domain with Redhat9 > Assuming this is OpenLDAP and logging is set to a decent level > (see the "loglevel" directive in the slapd.conf and read > "man slapd.conf" to find out what the different loglevels do), > you can find out where it is doing logging by looking for > "local4.*" in the /etc/syslog.conf. > > Logging might not be turned on. I usually only turn it on when > I'm trying to debug a problem (which requires a restart of slapd). > > -Steve > > -----Original Message----- > From: redhat-list-bounces@xxxxxxxxxx > [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Steven > Sent: Wednesday, July 07, 2004 7:05 PM > To: General Red Hat Linux discussion list > Subject: Re: Cant authenticate to LDAP domain with Redhat9 > > I can log in as root to my ldap server.... > My boss set up the ldap domain so I really have not spent much time in > that server. > I looked for the log files, but cannot find them... The usually > var/log/messages file is empty. > Where should I look for some log files pertaining to the ldap info I > seek? > > -- > Steven > > Rigler, Steve wrote: > > >Do you have access to look at the logs on your directory > >server? > > > >-Steve > > > >-----Original Message----- > >From: redhat-list-bounces@xxxxxxxxxx on behalf of Steven > >Sent: Wed 7/7/2004 5:02 PM > >To: General Red Hat Linux discussion list > >Subject: Re: Cant authenticate to LDAP domain with Redhat9 > > > >Hi, > > > >No I have not tried rpm -V pam, but here is the output: > > > >[root@blochee root]# rpm -V pam > >S.5....T c /etc/pam.d/system-auth > >[root@blochee root]# > > > >Any thoughts on my problem... It is driving me up the wall. > > > >-- > >Steven > > > > > > > > > > > > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > > > > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
