[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Cannot login with pam_ldap
If ldapsearch works, then it sounds like a pam_ldap problem, and there is a
mailing list for that. Try posting your /etc/ldap.conf to the pam_ldap
mailing list.
----- Original Message -----
From: "Stephane Bortzmeyer" <bortzmeyer@netaktiv.com>
To: <OpenLDAP-software@OpenLDAP.org>; <debian-isp@lists.debian.org>
Cc: <golam@netaktiv.com>; <bortzmeyer@netaktiv.com>
Sent: Thursday, April 12, 2001 12:21 PM
Subject: Cannot login with pam_ldap
> I have a LDAP server on a Debian machine, it runs fine (gq and
> ldapsearch show that the posixAccount I add are indeed present).
>
> But the pam_ldap module does not allow logins.
>
> If I give a wrong password, I get a second 'Password:' request from
> login (since I indicated pam_ldap as 'sufficient', not 'required') :
> normal.
>
> If I run ldapsearch, binding to the name of an LDAP account, giving
> its password, it works: normal.
>
> But if I type the same account and password at the login: prompt, I get
> back a login: prompt.
>
> The following appears in the log:
>
> Apr 12 19:30:41 progress login[1149]: pam_ldap: error trying to bind as
user "cn=Vladimir Toto,ou=People,dc=netaktiv,dc=com" (Invalid credentials)
>
> I understand that "Invalid credentials" means a wrong password but it
> works with ldapsearch:
>
> ldapsearch -D "cn=Vladimir Toto,ou=People,dc=netaktiv,dc=com" -x -W
> Enter LDAP Password:
> [My reply]
>
> The log of slapd on the server shows:
>
> Apr 12 17:41:55 soyouz slapd[5843]: conn=0 op=2 BIND dn="CN=VLADIMIR
TOTO,OU=PEOPLE,DC=NETAKTIV,DC=COM" method=128
> Apr 12 17:41:55 soyouz slapd[5843]: conn=0 op=2 RESULT tag=97 err=0 text=
> Apr 12 17:41:55 soyouz slapd[5841]: deferring operation
>
> slapd 2.0.7, pam_ldap 105
>
>
>
>
>