[Date Prev][Date Next] [Chronological] [Thread] [Top]

Strange Pam-Ldap authentication issue



> Hi Joshua 
> > Hello, I'm sorry I know pam/ldap integration is passe, but I've got a
> > strange problem. I've setup the padl libnss-ldap and pam-ldap, and
> 
> Sorry, I missed that you did setup lib_nss.
> 

No problem!

> > everything seems to be working. I have all my user accounts imported 
into
> > Ldap, and I've added one extra user account to LDAP (but not
> > in /etc/passwd) to test with. Here is what I can and cannot do:
> > - "finger test-user" works, and I get a listing of the shell, home 
folder,
> > etc.
> 
> Do you use the "normal" fingerd or the one from OpenLDAP?

I don't know, its the debian package of OpenLDAP, I don't know if it 
replaces fingerd or not. In fact, as far as I can tell, I don't run 
fingerd. Do you need fingerd for local finger lookups?

>  
> > - "chown test-user testfile.txt" does NOT work.
> > 
> > logging in as test-user authenticates _IF_ I include the following line
> > in /etc/passwd:
> > 
> > test-user:x:2000:2000:::/bin/bash
> 
> Remove this entry again, try a "getent passwd" and see is the ldap-only
> user shows up. This query will use nss for lookup. If test-user isn't
> included, then there's something wrong with your nss_ldap setup.
>  

Everything for the test user is CORRECT when I run 'getent passwd', when 
there is no record in /etc/passwd. I am truly stumped, because it seems 
that nss_ldap is running ok...

Any suggestions would be greatly appreciated.