[Date Prev][Date Next] [Chronological] [Thread] [Top]

Authentication issue into a ubuntu client: `finger` and `id` commands working but no `su`



Hello,

I'm trying to configure a Ubuntu 8.10 client to authenticate
againts a openldap directory.

The client configuration (PAM, NSS and /etc/ldap.conf) is here:
    http://pastebin.com/mc279767

I performed some test getting the following results:

 `ldapsearch -xLLL`,  `id $USER`,  `finger $USER`
    Those three commands work fine. See the ouput here:
    http://pastebin.com/d43add436

 `su $USER`
    Prompts twice for a password and then fails.
    See the output with a debug level 1:
    http://pastebin.com/m390ab435

My main question is:

    Line 12 from `su $USER` output says:

        "ldap_connect_to_host: TCP localhost:389"

    It seems like it were trying to connect to the localhost but I
    specified "host 192.168.0.10" and "uri ldap://192.168.0.10/" at the
    /etc/ldap.conf file.

    Maybe I need to specify a bind domain name but if I'm not wrong
    the query will be permormed as anonymous and I have the followings
    credentials at the server /etc/ldap/slapd.conf:

          access to attrs=userPassword,shadowLastChange
                  by dn="cn=admin,dc=carolina,dc=es" write
                    by anonymous auth
                     by self write
                   by * none

          access to *
                  by dn="cn=admin,dc=carolina,dc=es" write
                  by * read

Any idea to solve this? Any one can enlight me?
Thank you in advance,

Carolina F. Bravo