| 1 |
Hi all, |
| 2 |
I just got done following the howto for ldap user auth. everything I thought |
| 3 |
went fine. but when I switch my pam file over to what the howto says, then |
| 4 |
it wont let me log in. |
| 5 |
|
| 6 |
getent passwd|grep 0:0 |
| 7 |
|
| 8 |
returns what it says its is suppose to. below are my pam file, and my |
| 9 |
recent logs, any ideas on what could be wrong? |
| 10 |
|
| 11 |
auth required pam_env.so |
| 12 |
auth sufficient pam_unix.so likeauth nullok |
| 13 |
auth required pam_deny.so |
| 14 |
|
| 15 |
account required pam_unix.so |
| 16 |
|
| 17 |
password required pam_cracklib.so difok=2 minlen=8 dcredit=2 |
| 18 |
ocredit=2 retry=3 |
| 19 |
password sufficient pam_unix.so nullok md5 shadow use_authtok |
| 20 |
password required pam_deny.so |
| 21 |
|
| 22 |
session required pam_limits.so |
| 23 |
session required pam_unix.so |
| 24 |
|
| 25 |
#auth required pam_env.so |
| 26 |
#auth sufficient pam_unix.so likeauth nullok shadow |
| 27 |
#auth sufficient pam_ldap.so use_first_pass |
| 28 |
#auth required pam_deny.so |
| 29 |
|
| 30 |
#account required pam_unix.so |
| 31 |
#account sufficient pam_ldap.so |
| 32 |
|
| 33 |
#password required pam_cracklib.so retry=3 |
| 34 |
#password sufficient pam_unix.so nullok use_authtok shadow md5 |
| 35 |
#password sufficient pam_ldap.so use_authtok |
| 36 |
#password requried pam_deny.so |
| 37 |
|
| 38 |
#session requried pam_limits.so |
| 39 |
#session requried pam_unix.so |
| 40 |
#session requried pam_mkhomedir.so skel=/etc/skel umask=0 |
| 41 |
#session optional pam_ldap.so |
| 42 |
|
| 43 |
Right now I have it set on my old config, so that I can login to the |
| 44 |
system, but when I comment out the top half and uncomment the bottom, |
| 45 |
I cant log in, and I get the follow lines in my log. |
| 46 |
|
| 47 |
Sep 11 02:13:36 tux login[7101]: PAM pam_parse: expecting return |
| 48 |
value; [...requried] |
| 49 |
Sep 11 02:13:36 tux login[7101]: PAM pam_parse: expecting return |
| 50 |
value; [...requried] |
| 51 |
Sep 11 02:13:36 tux login[7101]: PAM pam_parse: expecting return |
| 52 |
value; [...requried] |
| 53 |
Sep 11 02:13:36 tux login[7101]: PAM pam_parse: expecting return |
| 54 |
value; [...requried] |
| 55 |
Sep 11 02:13:40 tux slapd[6726]: conn=27 fd=13 ACCEPT from |
| 56 |
IP=127.0.0.1:53088 <http://127.0.0.1:53088> (IP=0.0.0.0:636 |
| 57 |
<http://0.0.0.0:636>) |
| 58 |
Sep 11 02:13:40 tux slapd[6733]: conn=27 op=0 BIND dn="" method=128 |
| 59 |
Sep 11 02:13:40 tux slapd[6733]: conn=27 op=0 RESULT tag=97 err=0 text= |
| 60 |
Sep 11 02:13:40 tux slapd[6734]: conn=27 op=1 SRCH |
| 61 |
base="ou=People,dc=mydomain,dc=org" scope=2 deref=0 |
| 62 |
filter="(&(objectClass=posixAccount)(uid=timothy))" |
| 63 |
Sep 11 02:13:40 tux login(pam_unix)[7101]: session opened for user |
| 64 |
timothy by LOGIN(uid=0) |
| 65 |
Sep 11 02:13:40 tux slapd[6734]: conn=27 op=1 SEARCH RESULT tag=101 |
| 66 |
err=0 nentries=1 text= |
| 67 |
Sep 11 02:13:40 tux slapd[6733]: conn=27 op=2 UNBIND |
| 68 |
Sep 11 02:13:40 tux slapd[6733]: conn=27 fd=13 closed |
| 69 |
Sep 11 02:13:40 tux login[7101]: Permission denied |
Archives