[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: PAM problems with login... Please Help (fwd)

To: Cliff Friedel <cliff@wrkcs.net>
Subject: Re: PAM problems with login... Please Help (fwd)
From: Turbo Fredriksson <turbo@nocrew.org>
Date: 14 Aug 2000 22:16:33 +0200
Cc: openldap-software@OpenLDAP.org
In-reply-to: Cliff Friedel's message of "Thu, 20 Jul 2000 16:31:44 -0400 (EDT)"
Organization: LDAP expert wannabe
References: <Pine.LNX.4.21.0007201631280.25627-100000@nfsclient1.wrkcs.net>
User-agent: Gnus/5.0804 (Gnus v5.8.4) Emacs/20.6

Quoting Cliff Friedel <cliff@wrkcs.net>:

> Am seriously wondering if there is something wrong with SuSE 6.4 and login.

Is SuSE's login pam'ed?

----- s n i p -----
[barbapapa.pts/3]$ ldd /bin/login 
        libcrypt.so.1 => /lib/libcrypt.so.1 (0x40019000)
        libpam.so.0 => /lib/libpam.so.0 (0x40046000)
        libpam_misc.so.0 => /lib/libpam_misc.so.0 (0x4004e000)
        libdl.so.2 => /lib/libdl.so.2 (0x40051000)
        libc.so.6 => /lib/libc.so.6 (0x40056000)
        /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
----- s n i p -----

> I would love to see what you have for the following:
> 
> /etc/openldap/ldap.conf

Shouldn't matter, it's only used for ldapsearch etc...

> /etc/openldap/slapd.conf

Only used by slapd. If you can find, and bind, to the LDAP db with
ldapsearch -D '...' the db is ok (and since proftp is ok...)

> /etc/pam.d/login

See previous mail...

> /etc/nsswitch.conf

Should only matter for non-PAM aware programs... But here's mine...

----- s n i p -----
passwd:         files ldap 
group:          files ldap 
shadow:         files ldap
hosts:          files dns ldap
networks:       files
protocols:      db files
services:       db files
ethers:         db files
rpc:            db files
netgroup:       nis
----- s n i p -----

> Sample LDIF file

If ProFTPd can authenticate through the LDAP, you should be ok... But
double check that uidNumber/gidNumber/homeDirectory is readable anonymously

ie, my entry:

----- s n i p -----
[barbapapa.pts/3]$ ldapsearch uid=turbo -L
dn: uid=turbo,ou=People,o=Air2Net Portable,c=SE
objectclass: top
objectclass: mailRecipient
objectclass: posixAccount
uid: turbo
cn: Turbo Fredriksson
mail: turbo@test.org
mailhost: barbapapa.test.org
mailalternateaddress: anonymous@barbapapa.test.org
mailalternateaddress: root@localhost.test.org
mailalternateaddress: postmaster@barbapapa.test.org
homedirectory: /home/turbo/
uidnumber: 1000
gidnumber: 1000
----- s n i p -----

I have other info there to, but it's hidden from anonymously reads...

----- s n i p -----
[barbapapa.pts/3]$ ldapsearch -D 'cn=admin,ou=People,o=Air2Net Portable,c=SE' -W uid=turbo -L
Enter LDAP Password: 
dn: uid=turbo,ou=People,o=Air2Net Portable,c=SE
objectclass: top
objectclass: mailRecipient
objectclass: posixAccount
uid: turbo
cn: Turbo Fredriksson
mail: turbo@test.org
mailhost: barbapapa.test.org
mailalternateaddress: anonymous@barbapapa.test.org
mailalternateaddress: root@localhost.test.org
mailalternateaddress: postmaster@barbapapa.test.org
homedirectory: /home/turbo/
creatorsname: cn=admin, ou=People, o=Air2Net Portable, c=SE
createtimestamp: 20000518085431Z
uidnumber: 1000
gidnumber: 1000
modifytimestamp: 20000607092240Z
modifiersname: cn=admin, ou=People, o=Air2Net Portable, c=SE
userpassword: {crypt}(encrypted password)
----- s n i p -----

> Thanks for all the help thus far...

Follow-Ups:
- Re: PAM problems with login... Please Help (fwd)
  - From: Carsten Hoeger <choeger@suse.de>

Prev by Date: Re: In addition:
Next by Date: Re: SUMMARY: EUREKA! Authentication problem solved.
Index(es):
- Chronological
- Thread