[Date Prev][Date Next] [Chronological] [Thread] [Top]

Cannot login with pam_ldap

I have a LDAP server on a Debian machine, it runs fine (gq and
ldapsearch show that the posixAccount I add are indeed present).

But the pam_ldap module does not allow logins.

If I give a wrong password, I get a second 'Password:' request from
login (since I indicated pam_ldap as 'sufficient', not 'required') :

If I run ldapsearch, binding to the name of an LDAP account, giving
its password, it works: normal.

But if I type the same account and password at the login: prompt, I get
back a login: prompt.

The following appears in the log:

Apr 12 19:30:41 progress login[1149]: pam_ldap: error trying to bind as user "cn=Vladimir Toto,ou=People,dc=netaktiv,dc=com" (Invalid credentials)

I understand that "Invalid credentials" means a wrong password but it
works with ldapsearch:

ldapsearch -D "cn=Vladimir Toto,ou=People,dc=netaktiv,dc=com" -x -W
Enter LDAP Password: 
[My reply]

The log of slapd on the server shows:

Apr 12 17:41:55 soyouz slapd[5843]: conn=0 op=2 BIND dn="CN=VLADIMIR TOTO,OU=PEOPLE,DC=NETAKTIV,DC=COM" method=128 
Apr 12 17:41:55 soyouz slapd[5843]: conn=0 op=2 RESULT tag=97 err=0 text= 
Apr 12 17:41:55 soyouz slapd[5841]: deferring operation 

slapd 2.0.7, pam_ldap 105