[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: pam_ldap problems after upgrade to debian sarge
I see nothing in your message indicative of a bug in
OpenLDAP Software. Whether there is a bug in pam_ldap
or not beyond the scope of this list. Suggest you
use <pamldap@padl.com> to discuss any potential bug
in PAM/LDAP.
Kurt
At 07:28 AM 8/16/2005, Gal Goldschmidt wrote:
>Hi All,
>
>I am nee to the list ,I don't know if this a real bug or a configuration
>problem, but I spent 2 days on googling and decided to ask for your help.
>
>I have a rater complex setup ( Distributed Directory Service), I did not find
>any example for such a setup on the web, but it used to work.
>I now use:
>slapd 2.2.23-8
>libpam-ldap 178-1
>On Debian sarge
>
>I have 3 servers a,b and c
>I set up 2 separate trees on b (b.haifa) and on c (c.haifa) to give
>authenticate diffrent groups.
>The local pam_ldap + nss_ldap on those server works fine, no complaints.
>
>On server a I want to give both groups services, I created a tree (haifa) and
>added ref objects to it for b and c in the format from:
> http://www.openldap.org/doc/admin23/referrals.html
>
>So apart from the basic admin and haifa ( root object) I have 2 more objects
> dn: dc=b,dc=haifa
> objectClass: referral
> objectClass: extensibleObject
> dc: b
> ref: ldap://b.haifa/dc=b,dc=haifa
>
>The same for c.
>
>nss_ldap work fine, I can see all the user ids on server a, when I do
>ls /home.
>
>The problem:
>
>When I try to use pam_ldap, with the same lines I use for nss_ldap
>---
>host 127.0.0.1
>base dc=haifa
>----
>it won't authenticate and log and error :
>pam_ldap: error trying to bind as user
>"uid=test,ou=People,dc=b,dc=haifa" (Invalid credentials)
>
>If I give pam_ldap:
>----
>host b.haifa
>base dc=b,dc=haifa
>-----
>It will authenticate.
>
>Any suggestions are welcome.
>
>Thanks
>Gal