[Date Prev][Date Next]
Re: ldap authentication
Bobby Cheema wrote:
Hi all Gurus
I want to do authentication against ldap. my ldap appeared to be set
properly i.e from client i can run ldapsearch with -Y gssapi and it
works fine. when i do getent passwd i do get responce from ldap.but
when i do ssh to the server (enbled in pam) i get the following
message in my logs
Feb 13 16:06:21 medusa05 sshd(pam_unix): check pass; user unknown
Feb 13 16:06:21 medusa05 sshd: PAM-listfile: getgrgid(8509) failed
Feb 13 16:06:21 medusa05 sshd: pam_krb5afs: authentication
succeeds for `pche066'
Feb 13 16:06:21 medusa05 sshd: pam_krb5afs: Got 130 extra bytes
in v4 TGT
It seems your sshd is using pam_krb5afs instead of pam_ldap. Or is this
on purpose ?
can anybody hep me in rectifying this problem ? secondly in my ldap
database i have following entry
# pche066, People, cs.auckland.ac.nz
description: created by ldapa - `me mi my mo, me mo my me'
well, do i have to change userPassword to make it read as
to make ssh work
If you want to authenticate against a KDC why use LDAP in between ? use
the GSSAPI patches fot openssh (assuming that's what you're using).