[Date Prev][Date Next]
Fwd: Authentication problem
I got it fixed after a while..
The problem is it was somewhat contacting the SSL/TLS-enabled LDAP (that I
dont expect the Auth to do) rather than a normal one (that i expect it to).
I did not read the LOGs properly.
LOGs are a good source of debugging. U can't live without it.
Date: Sun, 15 Jun 2003 23:13:34 +0630
From: "William W.L.K (CTO/MWD)" <email@example.com>
Subject: Authentication problem
I'm trying to use ldap for my user authentication on my Red Hat 9 box.
According to manuals, I've set things up neatly and I can search any info
i want out of the ldap database (using #ldapsearch or gui or from any
But, when user is authenticated, it is not successful and the error is
Jun 12 19:53:15 linpc login: LOGIN ON pts/0 BY william FROM 192.168.214.222
Jun 12 19:57:18 linpc xinetd: START: telnet pid=9915
Jun 12 19:57:32 linpc login: pam_ldap: ldap_simple_bind Can't contact LDAP
Why is that impossible when direct query looks fine?
For your better analysis,
/etc/pam.d/system-auth is as below:
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth sufficient /lib/security/$ISA/pam_ldap.so use_first_pass
auth required /lib/security/$ISA/pam_deny.so
account sufficient /lib/security/$ISA/pam_ldap.so
account required /lib/security/$ISA/pam_unix.so
#account [default=bad success=ok user_unknown=ignore
password required /lib/security/$ISA/pam_cracklib.so retry=3 type=
password sufficient /lib/security/$ISA/pam_unix.so nullok
password sufficient /lib/security/$ISA/pam_ldap.so use_authtok
password required /lib/security/$ISA/pam_deny.so
session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
session optional /lib/security/$ISA/pam_ldap.so
1070C 9,1 All
nsswitch.conf is as below:
passwd: files ldap
shadow: files ldap
group: files ldap
I found the similar problem in this mailing list n 2001 with Red Hat 6.2
but he just removed spaces after values in ldap.conf and he got it working.
ldap.conf bears standard recommended settings and therefore, i don't put
Any pointer? Folks?
This message is for the designated recipient(s) only and may contain
privileged, proprietary, or otherwise private and confidential information.
If you have received it in error, please notify the sender immediately
and/or delete the original. Any other use of the email by you is prohibited.
Unless otherwise stated, any views or opinions expressed are solely those
of the author and do not represent those of Myanmar World Distribution
(MWD) and/or the local and foreign Offices of MWD.
MWD accepts no responsibility for any mis-transmission of, or interference
with, this communication.
The content of this e-mail (including any attachments) as received may not
be the same as sent. If you consider that the content is material to the
formation or performance of a contract or you are otherwise relying upon
its accuracy, you should consider requesting a copy be sent by facsimile or
Myanmar World Distribution Co., Ltd.
No. 30, Phone Gyi St., Lanmadaw Tsp.,
Tel : 00-95-1-211281, 226280
Fax : 00-95-1-210430
Email : firstname.lastname@example.org, email@example.com
Web : http://www.mwd.com.mm
Software Development Center
Room-3, Block-4, MICT Park,
Hlaing Campus, Hlaing TSP,
Tel : 00-95-1-652315