[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
beginner question: authentication via pam_ldap does not work
Hallo!
I'm new to ldap and I just installed via rpm the client tools pam_ldap
and nss_ldap to do user authentification. The rpm packages are included
in my linux distribution.
I use Suse Linux with kernel 2.2.19 and the rpm manager gives me as
version number for pam_ldap 105-31 and for nss_ldap 150-15.
I don't get it working and I have no idea, where to begin to search. How
can I find out, if pam_ldap is really used for authentification and if
it gets anything from the ldap server?
I had a look at /var/log/messages, but I could not find anything related
to pam_ldap.
In the meantime I tried to search with "ldapsearch -x -b o=hs-harz -h
fasan.fh-harz.de uid=97" and I got an answer from the ldap server with
the entries for this user.
Is there an option in ldap.conf to use simple authentication like
"ldapsearch -x" ?
Something about my configuration:
pam_ldap.so resides in /lib/security
My /etc/pam.d/login:
#%PAM-1.0
auth required pam_securetty.so
auth required pam_nologin.so
auth sufficient pam_ldap.so
auth required pam_unix.so nullok try_first_pass
#set_secrpc
account sufficient pam_ldap.so
account required pam_unix.so
password required pam_pwcheck.so nullok
password required pam_ldap.so use_first_pass use_authok
password required pam_unix.so nullok use_first_pass
use_authtok
session required pam_unix.so none # debug or trace
session required pam_limits.so
session required pam_env.so
session optional pam_mail.so
my /etc/nsswitch.conf:
passwd: files ldap
shadow: files ldap
group: files ldap
hosts: files dns
networks: files dns
services: files
protocols: files
rpc: files
ethers: files
netmasks: files
netgroup: files
publickey: files
my /etc/ldap.conf: (only the not commented lines)
host fasan.fh-harz.de
base o=hs-harz
ldap_version 2
port 389
scope base
pam_filter objectclass=posixaccount
pam_login_attribute uid
ssl no