[Date Prev][Date Next]
Strange Pam-Ldap authentication issue
> Hi Joshua
> > Hello, I'm sorry I know pam/ldap integration is passe, but I've got a
> > strange problem. I've setup the padl libnss-ldap and pam-ldap, and
> Sorry, I missed that you did setup lib_nss.
> > everything seems to be working. I have all my user accounts imported
> > Ldap, and I've added one extra user account to LDAP (but not
> > in /etc/passwd) to test with. Here is what I can and cannot do:
> > - "finger test-user" works, and I get a listing of the shell, home
> > etc.
> Do you use the "normal" fingerd or the one from OpenLDAP?
I don't know, its the debian package of OpenLDAP, I don't know if it
replaces fingerd or not. In fact, as far as I can tell, I don't run
fingerd. Do you need fingerd for local finger lookups?
> > - "chown test-user testfile.txt" does NOT work.
> > logging in as test-user authenticates _IF_ I include the following line
> > in /etc/passwd:
> > test-user:x:2000:2000:::/bin/bash
> Remove this entry again, try a "getent passwd" and see is the ldap-only
> user shows up. This query will use nss for lookup. If test-user isn't
> included, then there's something wrong with your nss_ldap setup.
Everything for the test user is CORRECT when I run 'getent passwd', when
there is no record in /etc/passwd. I am truly stumped, because it seems
that nss_ldap is running ok...
Any suggestions would be greatly appreciated.