[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
pam_ldap problems after upgrade to debian sarge
- To: openldap-bugs@OpenLDAP.org
- Subject: pam_ldap problems after upgrade to debian sarge
- From: Gal Goldschmidt <gal@cs.haifa.ac.il>
- Date: Tue, 16 Aug 2005 17:28:58 +0300
- Content-disposition: inline
- User-agent: KMail/1.8.1
Hi All,
I am nee to the list ,I don't know if this a real bug or a configuration
problem, but I spent 2 days on googling and decided to ask for your help.
I have a rater complex setup ( Distributed Directory Service), I did not find
any example for such a setup on the web, but it used to work.
I now use:
slapd 2.2.23-8
libpam-ldap 178-1
On Debian sarge
I have 3 servers a,b and c
I set up 2 separate trees on b (b.haifa) and on c (c.haifa) to give
authenticate diffrent groups.
The local pam_ldap + nss_ldap on those server works fine, no complaints.
On server a I want to give both groups services, I created a tree (haifa) and
added ref objects to it for b and c in the format from:
http://www.openldap.org/doc/admin23/referrals.html
So apart from the basic admin and haifa ( root object) I have 2 more objects
dn: dc=b,dc=haifa
objectClass: referral
objectClass: extensibleObject
dc: b
ref: ldap://b.haifa/dc=b,dc=haifa
The same for c.
nss_ldap work fine, I can see all the user ids on server a, when I do
ls /home.
The problem:
When I try to use pam_ldap, with the same lines I use for nss_ldap
---
host 127.0.0.1
base dc=haifa
----
it won't authenticate and log and error :
pam_ldap: error trying to bind as user
"uid=test,ou=People,dc=b,dc=haifa" (Invalid credentials)
If I give pam_ldap:
----
host b.haifa
base dc=b,dc=haifa
-----
It will authenticate.
Any suggestions are welcome.
Thanks
Gal