Followup on my own post... Two things I forgot to add: using Webmin, *it* thinks that the RHEL3 box is configured to use LDAP, but when I hit the validate configuration under LDAP clients, it says everything is hunky-dory... except it can't find a valid user. Meanwhile, using the search ldap option of Webmin, and using ldapsearch, I can find entries under People, and all have posixAccounts, etc. mark ----- Original Message ----- From: mroth@xxxxxxxxxx Date: Monday, September 25, 2006 2:01 pm Subject: RHEL3, RHEL4, openssh and openldap To: redhat-list@xxxxxxxxxx > Hi, folks, > > Well, after weeks of fighting, I got openldap working, including > automounting home directories... but that was between two RHEL4 > boxen. I > have an RHEL3 box (and no, I don't look to get permission to > upgrade it > soon), and I've tried everything, but it seems as though openssh is > notgoing through PAM to call ldap. On RHEL4, /var/log/secure tells > me it > hit LDAP; while on the RHEL3 box, I see nothing, other than password > failed for <username>. > > The RHEL4 are running openssh 3.9.p1-8, pam 0.77-65, and openldap > 2.2.13-2, and the server's on one of them. The RHEL3 box has openssh > 3.6.1p2, pam 0.75-67, and openldap 2.0.27 (core, -22, clients, -17). > > I've tried running ssh -vvv to get there, and it tells me nothing > useful, and I've also tried running strace right after attempting > to log > on, and the things that make me nervous are a reference to trying to > open nsswitch.conf, and "... an ex" in the text with it, and then it > seems to be printing out what you'd get with -?. > > Are there any known interoperability issues? Is the version of > openssh I'm using *really* PAM-enabled? > > Clues for the poor? > > mark > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
