Sorry for the long post, but any help would be appreciated!
I have two RH AS4 boxes. I have configured both to authenticate against my
windows ADS.
The only difference between the machines is one is a 32-bit build and the
other is a 64-bit build.
Linux 64bit.mydomain.com 2.6.9-42.0.3.ELsmp #1 SMP Mon Sep 25 17:24:31 EDT
2006 x86_64 x86_64 x86_64 GNU/Linux
Linux 32bit.mydomains.com 2.6.9-42.0.3.ELsmp #1 SMP Mon Sep 25 17:28:02 EDT
2006 i686 i686 i386 GNU/Linux
Both machines allow domain users to login to standard services, ssh or ftp
for example.
Home directories are created when they login in on either machine. ntlm_auth
and getent works on both systems.
My 32-bit machine will allow 3rd part aps (those I've tested) to
authenticate the users, but the same apps fail to authenticate the same
users on the 64-bit machine.
I have compared the following files (they are the same bytes even!)
/etc/pam.d/system-auth
/etc/pam.d/squid
/etc/pam.d/samba
/etc/samba/smb.conf
/etc/hosts
/etc/sysconfig/iptables
/etc/sysconfig/samba
/etc/sysconfig/authconfig
/etc/sysconfig/network
/etc/sysconfig/squid
/etc/sysconfig/saslauthd
/etc/krb5.conf
/etc/nsswitch.conf
/etc/pam_smb.conf
/etc/log.d/conf/services/pam.conf
Both machines are running the same services.
In the /var/log/samba directory:
smbd.log are similiar.
nmbd.log: The 32-bit machine promotes itself as local browser master, the
64-bit machine
doesn't , otherwise all entries are the same.
/var/log/message and /var/log/secure shows the same sequence on login on
either machine.
A 3rd party vendor gave me a utility that calls pam-auth and outputs debug
info call caut.Notice that the module called auth_etc_passwd passes on
32-bit but not on the 64-bit.
32-bit output (passwords x'd out!):
[root@ tmp]# ./caut
Authentication dump
service (eg "su") -
user name - mydomain\buddyj
password (will be echoed) - xxxxxx
auth_auth: debug 1 inline 0
auth_trusted: getspname did not find an entry for User mydomain\buddyj
auth_etc_passswd: getpwnam found entry for User mydomain\buddyj
pw_name: buddyj
pw_passwd: *
auth_check_passwd_crypt: FAILED (Standard crypt) *****
auth_check_passwd_crypt: Salt * passwd * crypt_result **XXXXXXXXXX
Calling pam_start
pam_start succeeded for service , user mydomain\buddyj
Calling pam_authenticate
[GUI]Authentication failure for mydomain\buddyj (PAM Err# 7)
[Result]NOK
Authentication failure for mydomain\buddyj
64-bit output:
root@64bit caut]# ./caut
Authentication dump
service (eg "su") -
user name - mydomain\buddyj
password (will be echoed) - xxxxx
auth_auth: debug 1 inline 0
auth_trusted: getspname did not find an entry for User mydomain\buddyj
auth_etc_passwd: getpwnam did not find an entry for User mydomain\buddyj
Calling pam_start
pam_start succeeded for service , user mydomain\buddyj
Calling pam_authenticate
[GUI]Authentication failure for mydomain\buddyj (PAM Err# 7)
[Result]NOK
Authentication failure for mydomain\buddyj
I can't find any config difference! How else can you determine
configuration differences between two machines? Any suggestions?
I'll post a follow up of the steps I used on both machines.
Thanx!
Buddy
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
