Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-user

From: Lane <software.research.development@×××××.com>
To: gentoo-user@l.g.o
Subject: [gentoo-user] LDAP client / user not known to the underlying authentication module
Date: Tue, 26 Jan 2016 05:04:52
Message-Id: CAGchGNsfrPdMJEMOUXA7VAfmkwX3rDSeMMbqT1rzSs89wyxRhg@mail.gmail.com
1 server: OpenLDAP 2.4.43
2 clients: nss-pam-ldapd 0.9.6
3
4 I have a user configured in the OpenLDAP database and I can run ldapsearch
5 from the server and get back valid results. However, I'm unable to log into
6 the LDAP client from the server. It looks like the LDAP client machine is
7 not authenticating, so I'm hoping to get some thoughts from others on how
8 to get past this.
9
10 Below is what I'm seeing when trying to log into the LDAP client from the
11 server.
12
13 $ ssh 10.0.1.1
14 You are required to change your password immediately (root enforced)
15 WARNING: Your password has expired.
16 You must change your password now and login again!
17 (current) LDAP Password:
18 passwd: User not known to the underlying authentication module
19 passwd: password unchanged
20 Connection to 10.0.1.1 closed.
21
22 On the LDAP client, the following output is from running nslcd -d (debug).
23 So I believe this is telling me that the LDAP client is talking to the LDAP
24 server. But I do not understand why the connection is being closed, or why
25 the passwd is expired.Also, running 'getent passwd' on the server returns
26 all users withing /etc/passwd. Running the same command from the LDAP
27 client looks like it's only returning the users from the LDAP client's
28 /etc/passwd file (no users).
29
30 nslcd: DEBUG: NSS_LDAP nss-pam-ldapd 0.9.6
31 nslcd: DEBUG: CFG: threads 5
32 nslcd: DEBUG: CFG: uid nslcd
33 nslcd: DEBUG: CFG: gid 246
34 nslcd: DEBUG: CFG: uri ldap://10.0.0.11/
35 nslcd: DEBUG: CFG: ldap_version 3
36 nslcd: DEBUG: CFG: base dc=my,dc=example,dc=com
37 nslcd: DEBUG: CFG: scope sub
38 nslcd: DEBUG: CFG: deref never
39 nslcd: DEBUG: CFG: referrals yes
40 nslcd: DEBUG: CFG: filter aliases (objectClass=nisMailAlias)
41 nslcd: DEBUG: CFG: filter ethers (objectClass=ieee802Device)
42 nslcd: DEBUG: CFG: filter group (objectClass=posixGroup)
43 nslcd: DEBUG: CFG: filter hosts (objectClass=ipHost)
44 nslcd: DEBUG: CFG: filter netgroup (objectClass=nisNetgroup)
45 nslcd: DEBUG: CFG: filter networks (objectClass=ipNetwork)
46 nslcd: DEBUG: CFG: filter passwd (objectClass=posixAccount)
47 nslcd: DEBUG: CFG: filter protocols (objectClass=ipProtocol)
48 nslcd: DEBUG: CFG: filter rpc (objectClass=oncRpc)
49 nslcd: DEBUG: CFG: filter services (objectClass=ipService)
50 nslcd: DEBUG: CFG: filter shadow (objectClass=shadowAccount)
51 nslcd: DEBUG: CFG: map group userPassword "*"
52 nslcd: DEBUG: CFG: map passwd userPassword "*"
53 nslcd: DEBUG: CFG: map passwd gecos "${gecos:-$cn}"
54 nslcd: DEBUG: CFG: map shadow userPassword "*"
55 nslcd: DEBUG: CFG: map shadow shadowLastChange "${shadowLastChange:--1}"
56 nslcd: DEBUG: CFG: map shadow shadowMin "${shadowMin:--1}"
57 nslcd: DEBUG: CFG: map shadow shadowMax "${shadowMax:--1}"
58 nslcd: DEBUG: CFG: map shadow shadowWarning "${shadowWarning:--1}"
59 nslcd: DEBUG: CFG: map shadow shadowInactive "${shadowInactive:--1}"
60 nslcd: DEBUG: CFG: map shadow shadowExpire "${shadowExpire:--1}"
61 nslcd: DEBUG: CFG: map shadow shadowFlag "${shadowFlag:-0}"
62 nslcd: DEBUG: CFG: bind_timelimit 10
63 nslcd: DEBUG: CFG: timelimit 0
64 nslcd: DEBUG: CFG: idle_timelimit 0
65 nslcd: DEBUG: CFG: reconnect_sleeptime 1
66 nslcd: DEBUG: CFG: reconnect_retrytime 10
67 nslcd: DEBUG: CFG: ssl off
68 nslcd: DEBUG: CFG: tls_reqcert demand
69 nslcd: DEBUG: CFG: pagesize 0
70 nslcd: DEBUG: CFG: nss_min_uid 0
71 nslcd: DEBUG: CFG: nss_nested_groups no
72 nslcd: DEBUG: CFG: nss_getgrent_skipmembers no
73 nslcd: DEBUG: CFG: nss_disable_enumeration no
74 nslcd: DEBUG: CFG: validnames /^[a-z0-9._@$()]([a-z0-9._@$() \~-]*[a-z0-9._@
75 $()~-])?$/i
76 nslcd: DEBUG: CFG: ignorecase no
77 nslcd: DEBUG: CFG: cache dn2uid 15m 15m
78 nslcd: version 0.9.6 starting
79 nslcd: DEBUG: unlink() of /run/nslcd/socket failed (ignored): No such file
80 or directory
81 nslcd: DEBUG: initgroups("nslcd",246) done
82 nslcd: DEBUG: setgid(246) done
83 nslcd: DEBUG: setuid(101) done
84 nslcd: accepting connections
85 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
86 nslcd: [8b4567] DEBUG: connection from pid=2850 uid=0 gid=0
87 nslcd: [8b4567] <group/member="root"> DEBUG:
88 myldap_search(base="dc=my,dc=example,dc=com",
89 filter="(&(objectClass=posixAccount)(uid=root))")
90 nslcd: [8b4567] <group/member="root"> DEBUG: ldap_initialize(ldap://
91 10.0.0.11/)
92 nslcd: [8b4567] <group/member="root"> DEBUG: ldap_set_rebind_proc()
93 nslcd: [8b4567] <group/member="root"> DEBUG:
94 ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3)
95 nslcd: [8b4567] <group/member="root"> DEBUG:
96 ldap_set_option(LDAP_OPT_DEREF,0)
97 nslcd: [8b4567] <group/member="root"> DEBUG:
98 ldap_set_option(LDAP_OPT_TIMELIMIT,0)
99 nslcd: [8b4567] <group/member="root"> DEBUG:
100 ldap_set_option(LDAP_OPT_TIMEOUT,0)
101 nslcd: [8b4567] <group/member="root"> DEBUG:
102 ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,0)
103 nslcd: [8b4567] <group/member="root"> DEBUG:
104 ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON)
105 nslcd: [8b4567] <group/member="root"> DEBUG:
106 ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON)
107 nslcd: [8b4567] <group/member="root"> DEBUG: ldap_simple_bind_s(NULL,NULL)
108 (uri="ldap://10.0.0.11/")
109 nslcd: [8b4567] <group/member="root"> DEBUG: ldap_result(): end of results
110 (0 total)
111 nslcd: [8b4567] <group/member="root"> DEBUG:
112 myldap_search(base="dc=my,dc=example,dc=com",
113 filter="(&(objectClass=posixGroup)(memberUid=root))")
114 nslcd: [8b4567] <group/member="root"> DEBUG: ldap_result(): end of results
115 (0 total)
116 nslcd: [7b23c6] DEBUG: connection from pid=27158 uid=0 gid=0
117 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
118 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
119 nslcd: [7b23c6] <passwd="james"> DEBUG:
120 myldap_search(base="dc=my,dc=example,dc=com",
121 filter="(&(objectClass=posixAccount)(uid=james))")
122 nslcd: [7b23c6] <passwd="james"> DEBUG: ldap_initialize(ldap://10.0.0.11/)
123 nslcd: [7b23c6] <passwd="james"> DEBUG: ldap_set_rebind_proc()
124 nslcd: [7b23c6] <passwd="james"> DEBUG:
125 ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3)
126 nslcd: [7b23c6] <passwd="james"> DEBUG: ldap_set_option(LDAP_OPT_DEREF,0)
127 nslcd: [7b23c6] <passwd="james"> DEBUG:
128 ldap_set_option(LDAP_OPT_TIMELIMIT,0)
129 nslcd: [7b23c6] <passwd="james"> DEBUG: ldap_set_option(LDAP_OPT_TIMEOUT,0)
130 nslcd: [7b23c6] <passwd="james"> DEBUG:
131 ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,0)
132 nslcd: [7b23c6] <passwd="james"> DEBUG:
133 ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON)
134 nslcd: [7b23c6] <passwd="james"> DEBUG:
135 ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON)
136 nslcd: [7b23c6] <passwd="james"> DEBUG: ldap_simple_bind_s(NULL,NULL)
137 (uri="ldap://10.0.0.11/")
138 nslcd: [7b23c6] <passwd="james"> DEBUG: ldap_result():
139 uid=james,ou=users,dc=my,dc=example,dc=com
140 nslcd: [7b23c6] <passwd="james"> (re)loading /etc/nsswitch.conf
141 nslcd: [7b23c6] <passwd="james"> DEBUG: ldap_result(): end of results (1
142 total)
143 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
144 nslcd: [3c9869] DEBUG: connection from pid=27158 uid=0 gid=0
145 nslcd: [3c9869] <group/member="james"> DEBUG:
146 myldap_search(base="dc=my,dc=example,dc=com",
147 filter="(&(objectClass=posixAccount)(uid=james))")
148 nslcd: [3c9869] <group/member="james"> DEBUG: ldap_result():
149 uid=james,ou=users,dc=my,dc=example,dc=com
150 nslcd: [3c9869] <group/member="james"> DEBUG:
151 myldap_search(base="dc=my,dc=example,dc=com",
152 filter="(&(objectClass=posixGroup)(|(memberUid=james)(member=uid=james,ou=users,dc=my,dc=example,dc=com)))")
153 nslcd: [3c9869] <group/member="james"> DEBUG: ldap_result(): end of results
154 (0 total)
155 nslcd: [334873] DEBUG: connection from pid=27158 uid=0 gid=0
156 nslcd: [334873] <passwd="james"> DEBUG:
157 myldap_search(base="dc=my,dc=example,dc=com",
158 filter="(&(objectClass=posixAccount)(uid=james))")
159 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
160 nslcd: [334873] <passwd="james"> DEBUG: ldap_result():
161 uid=james,ou=users,dc=my,dc=example,dc=com
162 nslcd: [334873] <passwd="james"> DEBUG: ldap_result(): end of results (1
163 total)
164 nslcd: [b0dc51] DEBUG: connection from pid=27158 uid=0 gid=0
165 nslcd: [b0dc51] <passwd="james"> DEBUG:
166 myldap_search(base="dc=my,dc=example,dc=com",
167 filter="(&(objectClass=posixAccount)(uid=james))")
168 nslcd: [b0dc51] <passwd="james"> DEBUG: ldap_result():
169 uid=james,ou=users,dc=my,dc=example,dc=com
170 nslcd: [b0dc51] <passwd="james"> DEBUG: ldap_result(): end of results (1
171 total)
172 nslcd: [495cff] DEBUG: connection from pid=27158 uid=0 gid=0
173 nslcd: [495cff] <shadow="james"> DEBUG:
174 myldap_search(base="dc=my,dc=example,dc=com",
175 filter="(&(objectClass=shadowAccount)(uid=james))")
176 nslcd: [495cff] <shadow="james"> DEBUG: ldap_result():
177 uid=james,ou=users,dc=my,dc=example,dc=com
178 nslcd: [495cff] <shadow="james"> DEBUG: ldap_result(): end of results (1
179 total)
180 nslcd: [e8944a] DEBUG: connection from pid=27158 uid=0 gid=0
181 nslcd: [e8944a] <passwd="james"> DEBUG:
182 myldap_search(base="dc=my,dc=example,dc=com",
183 filter="(&(objectClass=posixAccount)(uid=james))")
184 nslcd: [e8944a] <passwd="james"> DEBUG: ldap_result():
185 uid=james,ou=users,dc=my,dc=example,dc=com
186 nslcd: [e8944a] <passwd="james"> DEBUG: ldap_result(): end of results (1
187 total)
188 nslcd: [5558ec] DEBUG: connection from pid=27158 uid=0 gid=0
189 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
190 nslcd: [5558ec] <authz="james"> DEBUG:
191 nslcd_pam_authz("james","sshd","","10.0.0.11","ssh")
192 nslcd: [5558ec] <authz="james"> DEBUG:
193 myldap_search(base="dc=my,dc=example,dc=com",
194 filter="(&(objectClass=posixAccount)(uid=james))")
195 nslcd: [5558ec] <authz="james"> DEBUG: ldap_result():
196 uid=james,ou=users,dc=my,dc=example,dc=com
197 nslcd: [5558ec] <authz="james"> DEBUG:
198 myldap_search(base="dc=my,dc=example,dc=com",
199 filter="(&(objectClass=shadowAccount)(uid=james))")
200 nslcd: [5558ec] <authz="james"> DEBUG: ldap_result():
201 uid=james,ou=users,dc=my,dc=example,dc=com
202 nslcd: [8e1f29] DEBUG: connection from pid=27158 uid=0 gid=0
203 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
204 nslcd: [8e1f29] <passwd="james"> DEBUG:
205 myldap_search(base="dc=my,dc=example,dc=com",
206 filter="(&(objectClass=posixAccount)(uid=james))")
207 nslcd: [8e1f29] <passwd="james"> DEBUG: ldap_result():
208 uid=james,ou=users,dc=my,dc=example,dc=com
209 nslcd: [8e1f29] <passwd="james"> DEBUG: ldap_result(): end of results (1
210 total)
211 nslcd: [e87ccd] DEBUG: connection from pid=27158 uid=0 gid=0
212 nslcd: [e87ccd] <passwd="james"> DEBUG:
213 myldap_search(base="dc=my,dc=example,dc=com",
214 filter="(&(objectClass=posixAccount)(uid=james))")
215 nslcd: [e87ccd] <passwd="james"> DEBUG: ldap_result():
216 uid=james,ou=users,dc=my,dc=example,dc=com
217 nslcd: [e87ccd] <passwd="james"> DEBUG: ldap_result(): end of results (1
218 total)
219 nslcd: [1b58ba] DEBUG: connection from pid=27158 uid=0 gid=0
220 nslcd: [1b58ba] <passwd="james"> DEBUG:
221 myldap_search(base="dc=my,dc=example,dc=com",
222 filter="(&(objectClass=posixAccount)(uid=james))")
223 nslcd: [1b58ba] <passwd="james"> DEBUG: ldap_result():
224 uid=james,ou=users,dc=my,dc=example,dc=com
225 nslcd: [1b58ba] <passwd="james"> DEBUG: ldap_result(): end of results (1
226 total)
227 nslcd: [7ed7ab] DEBUG: connection from pid=27158 uid=0 gid=0
228 nslcd: [7ed7ab] <passwd="james"> DEBUG:
229 myldap_search(base="dc=my,dc=example,dc=com",
230 filter="(&(objectClass=posixAccount)(uid=james))")
231 nslcd: [7ed7ab] <passwd="james"> DEBUG: ldap_result():
232 uid=james,ou=users,dc=my,dc=example,dc=com
233 nslcd: [7ed7ab] <passwd="james"> DEBUG: ldap_result(): end of results (1
234 total)
235 nslcd: [b141f2] DEBUG: connection from pid=27158 uid=0 gid=0
236 nslcd: [b141f2] <passwd="james"> DEBUG:
237 myldap_search(base="dc=my,dc=example,dc=com",
238 filter="(&(objectClass=posixAccount)(uid=james))")
239 nslcd: [b141f2] <passwd="james"> DEBUG: ldap_result():
240 uid=james,ou=users,dc=my,dc=example,dc=com
241 nslcd: [b141f2] <passwd="james"> DEBUG: ldap_result(): end of results (1
242 total)
243 nslcd: [b71efb] DEBUG: connection from pid=27158 uid=0 gid=0
244 nslcd: [b71efb] <passwd="james"> DEBUG:
245 myldap_search(base="dc=my,dc=example,dc=com",
246 filter="(&(objectClass=posixAccount)(uid=james))")
247 nslcd: [b71efb] <passwd="james"> DEBUG: ldap_result():
248 uid=james,ou=users,dc=my,dc=example,dc=com
249 nslcd: [b71efb] <passwd="james"> DEBUG: ldap_result(): end of results (1
250 total)
251 nslcd: [e2a9e3] DEBUG: connection from pid=27158 uid=0 gid=0
252 nslcd: [e2a9e3] <passwd="james"> DEBUG:
253 myldap_search(base="dc=my,dc=example,dc=com",
254 filter="(&(objectClass=posixAccount)(uid=james))")
255 nslcd: [e2a9e3] <passwd="james"> DEBUG: ldap_result():
256 uid=james,ou=users,dc=my,dc=example,dc=com
257 nslcd: [e2a9e3] <passwd="james"> DEBUG: ldap_result(): end of results (1
258 total)
259 nslcd: [45e146] DEBUG: connection from pid=27158 uid=0 gid=0
260 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
261 nslcd: [45e146] <passwd="james"> DEBUG:
262 myldap_search(base="dc=my,dc=example,dc=com",
263 filter="(&(objectClass=posixAccount)(uid=james))")
264 nslcd: [45e146] <passwd="james"> DEBUG: ldap_result():
265 uid=james,ou=users,dc=my,dc=example,dc=com
266 nslcd: [45e146] <passwd="james"> DEBUG: ldap_result(): end of results (1
267 total)
268 nslcd: [5f007c] DEBUG: connection from pid=27158 uid=0 gid=0
269 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
270 nslcd: [5f007c] <sess_o="james"> DEBUG:
271 nslcd_pam_sess_o("james","sshd","ssh","10.0.0.11",""):
272 kQlRjhzsaaNBTFAtM7eBH6QP
273 nslcd: [8c895d] DEBUG: connection from pid=27158 uid=0 gid=0
274 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
275 nslcd: [8c895d] <passwd="james"> DEBUG:
276 myldap_search(base="dc=my,dc=example,dc=com",
277 filter="(&(objectClass=posixAccount)(uid=james))")
278 nslcd: [8c895d] <passwd="james"> DEBUG: ldap_result():
279 uid=james,ou=users,dc=my,dc=example,dc=com
280 nslcd: [8c895d] <passwd="james"> DEBUG: ldap_result(): end of results (1
281 total)
282 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
283 nslcd: [3ab105] DEBUG: connection from pid=27163 uid=0 gid=1000
284 nslcd: [3ab105] <group/member="james"> DEBUG:
285 myldap_search(base="dc=my,dc=example,dc=com",
286 filter="(&(objectClass=posixAccount)(uid=james))")
287 nslcd: [3ab105] <group/member="james"> DEBUG: ldap_initialize(ldap://
288 10.0.0.11/)
289 nslcd: [3ab105] <group/member="james"> DEBUG: ldap_set_rebind_proc()
290 nslcd: [3ab105] <group/member="james"> DEBUG:
291 ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3)
292 nslcd: [3ab105] <group/member="james"> DEBUG:
293 ldap_set_option(LDAP_OPT_DEREF,0)
294 nslcd: [3ab105] <group/member="james"> DEBUG:
295 ldap_set_option(LDAP_OPT_TIMELIMIT,0)
296 nslcd: [3ab105] <group/member="james"> DEBUG:
297 ldap_set_option(LDAP_OPT_TIMEOUT,0)
298 nslcd: [3ab105] <group/member="james"> DEBUG:
299 ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,0)
300 nslcd: [3ab105] <group/member="james"> DEBUG:
301 ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON)
302 nslcd: [3ab105] <group/member="james"> DEBUG:
303 ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON)
304 nslcd: [3ab105] <group/member="james"> DEBUG: ldap_simple_bind_s(NULL,NULL)
305 (uri="ldap://10.0.0.11/")
306 nslcd: [3ab105] <group/member="james"> DEBUG: ldap_result():
307 uid=james,ou=users,dc=my,dc=example,dc=com
308 nslcd: [3ab105] <group/member="james"> DEBUG:
309 myldap_search(base="dc=my,dc=example,dc=com",
310 filter="(&(objectClass=posixGroup)(|(memberUid=james)(member=uid=james,ou=users,dc=my,dc=example,dc=com)))")
311 nslcd: [3ab105] <group/member="james"> DEBUG: ldap_result(): end of results
312 (0 total)
313 nslcd: [1da317] DEBUG: connection from pid=27163 uid=0 gid=1000
314 nslcd: [1da317] <passwd="james"> DEBUG:
315 myldap_search(base="dc=my,dc=example,dc=com",
316 filter="(&(objectClass=posixAccount)(uid=james))")
317 nslcd: [1da317] <passwd="james"> DEBUG: ldap_result():
318 uid=james,ou=users,dc=my,dc=example,dc=com
319 nslcd: [1da317] <passwd="james"> DEBUG: ldap_result(): end of results (1
320 total)
321 nslcd: [43a858] DEBUG: connection from pid=27163 uid=0 gid=1000
322 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
323 nslcd: [43a858] <passwd="james"> DEBUG:
324 myldap_search(base="dc=my,dc=example,dc=com",
325 filter="(&(objectClass=posixAccount)(uid=james))")
326 nslcd: [43a858] <passwd="james"> DEBUG: ldap_result():
327 uid=james,ou=users,dc=my,dc=example,dc=com
328 nslcd: [43a858] <passwd="james"> DEBUG: ldap_result(): end of results (1
329 total)
330 nslcd: [1d5ae9] DEBUG: connection from pid=27158 uid=0 gid=0
331 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
332 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
333 nslcd: [1d5ae9] <passwd="james"> DEBUG:
334 myldap_search(base="dc=my,dc=example,dc=com",
335 filter="(&(objectClass=posixAccount)(uid=james))")
336 nslcd: [1d5ae9] <passwd="james"> DEBUG: ldap_result():
337 uid=james,ou=users,dc=my,dc=example,dc=com
338 nslcd: [1d5ae9] <passwd="james"> DEBUG: ldap_result(): end of results (1
339 total)
340 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
341 nslcd: [63845e] DEBUG: connection from pid=27164 uid=0 gid=1000
342 nslcd: [63845e] <passwd=1000> DEBUG:
343 myldap_search(base="dc=my,dc=example,dc=com",
344 filter="(&(objectClass=posixAccount)(uidNumber=1000))")
345 nslcd: [63845e] <passwd=1000> DEBUG: ldap_result():
346 uid=james,ou=users,dc=my,dc=example,dc=com
347 nslcd: [63845e] <passwd=1000> DEBUG: ldap_result(): end of results (1 total)
348 nslcd: [a2a8d4] DEBUG: connection from pid=27164 uid=0 gid=1000
349 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
350 nslcd: [a2a8d4] <passwd="james"> DEBUG:
351 myldap_search(base="dc=my,dc=example,dc=com",
352 filter="(&(objectClass=posixAccount)(uid=james))")
353 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
354 nslcd: [a2a8d4] <passwd="james"> DEBUG: ldap_result():
355 uid=james,ou=users,dc=my,dc=example,dc=com
356 nslcd: [a2a8d4] <passwd="james"> DEBUG: ldap_result(): end of results (1
357 total)
358 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
359 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
360 nslcd: [edbdab] DEBUG: connection from pid=27164 uid=0 gid=1000
361 nslcd: [edbdab] <passwd="james"> DEBUG:
362 myldap_search(base="dc=my,dc=example,dc=com",
363 filter="(&(objectClass=posixAccount)(uid=james))")
364 nslcd: [edbdab] <passwd="james"> DEBUG: ldap_result():
365 uid=james,ou=users,dc=my,dc=example,dc=com
366 nslcd: [edbdab] <passwd="james"> DEBUG: ldap_result(): end of results (1
367 total)
368 nslcd: [838cb2] DEBUG: connection from pid=27164 uid=0 gid=1000
369 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
370 nslcd: [838cb2] <passwd="james"> DEBUG:
371 myldap_search(base="dc=my,dc=example,dc=com",
372 filter="(&(objectClass=posixAccount)(uid=james))")
373 nslcd: [838cb2] <passwd="james"> DEBUG: ldap_result():
374 uid=james,ou=users,dc=my,dc=example,dc=com
375 nslcd: [838cb2] <passwd="james"> DEBUG: ldap_result(): end of results (1
376 total)
377 nslcd: [53d0cd] DEBUG: connection from pid=27164 uid=0 gid=1000
378 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
379 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
380 nslcd: [53d0cd] <config=1> DEBUG: nslcd_config_get(1)
381 nslcd: [03e0c6] DEBUG: connection from pid=27164 uid=0 gid=1000
382 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
383 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
384 nslcd: [03e0c6] <passwd="james"> DEBUG:
385 myldap_search(base="dc=my,dc=example,dc=com",
386 filter="(&(objectClass=posixAccount)(uid=james))")
387 nslcd: [03e0c6] <passwd="james"> DEBUG: ldap_result():
388 uid=james,ou=users,dc=my,dc=example,dc=com
389 nslcd: [03e0c6] <passwd="james"> DEBUG: ldap_result(): end of results (1
390 total)
391 nslcd: [9a769b] DEBUG: connection from pid=27164 uid=0 gid=1000
392 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
393 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
394 nslcd: [9a769b] <passwd="james"> DEBUG:
395 myldap_search(base="dc=my,dc=example,dc=com",
396 filter="(&(objectClass=posixAccount)(uid=james))")
397 nslcd: [9a769b] <passwd="james"> DEBUG: ldap_result():
398 uid=james,ou=users,dc=my,dc=example,dc=com
399 nslcd: [9a769b] <passwd="james"> DEBUG: ldap_result(): end of results (1
400 total)
401 nslcd: [e49eb4] DEBUG: connection from pid=27164 uid=0 gid=1000
402 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
403 nslcd: [e49eb4] <authc="james"> DEBUG:
404 nslcd_pam_authc("james","passwd","***")
405 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
406 nslcd: [e49eb4] <authc="james"> DEBUG:
407 myldap_search(base="dc=my,dc=example,dc=com",
408 filter="(&(objectClass=posixAccount)(uid=james))")
409 nslcd: [e49eb4] <authc="james"> DEBUG: ldap_result():
410 uid=james,ou=users,dc=my,dc=example,dc=com
411 nslcd: [e49eb4] <authc="james"> DEBUG:
412 myldap_search(base="uid=james,ou=users,dc=my,dc=example,dc=com",
413 filter="(objectClass=*)")
414 nslcd: [e49eb4] <authc="james"> DEBUG: ldap_initialize(ldap://10.0.0.11/)
415 nslcd: [e49eb4] <authc="james"> DEBUG: ldap_set_rebind_proc()
416 nslcd: [e49eb4] <authc="james"> DEBUG:
417 ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3)
418 nslcd: [e49eb4] <authc="james"> DEBUG: ldap_set_option(LDAP_OPT_DEREF,0)
419 nslcd: [e49eb4] <authc="james"> DEBUG: ldap_set_option(LDAP_OPT_TIMELIMIT,0)
420 nslcd: [e49eb4] <authc="james"> DEBUG: ldap_set_option(LDAP_OPT_TIMEOUT,0)
421 nslcd: [e49eb4] <authc="james"> DEBUG:
422 ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,0)
423 nslcd: [e49eb4] <authc="james"> DEBUG:
424 ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON)
425 nslcd: [e49eb4] <authc="james"> DEBUG:
426 ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON)
427 nslcd: [e49eb4] <authc="james"> DEBUG:
428 ldap_sasl_bind("uid=james,ou=users,dc=my,dc=example,dc=com","***")
429 (uri="ldap://10.0.0.11/")
430 nslcd: [e49eb4] <authc="james"> DEBUG: ldap_result():
431 uid=james,ou=users,dc=my,dc=example,dc=com
432 nslcd: [e49eb4] <authc="james"> DEBUG: ldap_unbind()
433 nslcd: [e49eb4] <authc="james"> DEBUG: bind successful
434 nslcd: [e49eb4] <authc="james"> DEBUG:
435 myldap_search(base="dc=my,dc=example,dc=com",
436 filter="(&(objectClass=shadowAccount)(uid=james))")
437 nslcd: [e49eb4] <authc="james"> DEBUG: ldap_result():
438 uid=james,ou=users,dc=my,dc=example,dc=com
439 nslcd: [e49eb4] <authc="james"> uid=james,ou=users,dc=my,dc=example,dc=com:
440 "${shadowLastChange:--1}": need a new password
441 nslcd: [f32454] DEBUG: connection from pid=27158 uid=0 gid=0
442 nslcd: [f32454] <passwd="james"> DEBUG:
443 myldap_search(base="dc=my,dc=example,dc=com",
444 filter="(&(objectClass=posixAccount)(uid=james))")
445 nslcd: [f32454] <passwd="james"> DEBUG: ldap_result():
446 uid=james,ou=users,dc=my,dc=example,dc=com
447 nslcd: [f32454] <passwd="james"> DEBUG: ldap_result(): end of results (1
448 total)
449 nslcd: [a88611] DEBUG: connection from pid=27158 uid=0 gid=0
450 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
451 nslcd: [a88611] <passwd="james"> DEBUG:
452 myldap_search(base="dc=my,dc=example,dc=com",
453 filter="(&(objectClass=posixAccount)(uid=james))")
454 nslcd: [a88611] <passwd="james"> DEBUG: ldap_result():
455 uid=james,ou=users,dc=my,dc=example,dc=com
456 nslcd: [a88611] <passwd="james"> DEBUG: ldap_result(): end of results (1
457 total)
458 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
459 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
460 nslcd: [36c40e] DEBUG: connection from pid=27158 uid=0 gid=0
461 nslcd: [36c40e] <sess_c="james"> DEBUG:
462 nslcd_pam_sess_c("james","sshd",kQlRjhzsaaNBTFAtM7eBH6QP)
463 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
464 nslcd: [901d82] DEBUG: connection from pid=27158 uid=0 gid=0
465 nslcd: [901d82] <passwd="james"> DEBUG:
466 myldap_search(base="dc=my,dc=example,dc=com",
467 filter="(&(objectClass=posixAccount)(uid=james))")
468 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
469 nslcd: [901d82] <passwd="james"> DEBUG: ldap_result():
470 uid=james,ou=users,dc=my,dc=example,dc=com
471 nslcd: [901d82] <passwd="james"> DEBUG: ldap_result(): end of results (1
472 total)
473 nslcd: [95f874] DEBUG: connection from pid=27158 uid=0 gid=0
474 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
475 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
476 nslcd: [95f874] <passwd="james"> DEBUG:
477 myldap_search(base="dc=my,dc=example,dc=com",
478 filter="(&(objectClass=posixAccount)(uid=james))")
479 nslcd: [95f874] <passwd="james"> DEBUG: ldap_result():
480 uid=james,ou=users,dc=my,dc=example,dc=com
481 nslcd: [95f874] <passwd="james"> DEBUG: ldap_result(): end of results (1
482 total)
483 nslcd: [138641] DEBUG: connection from pid=27158 uid=0 gid=0
484 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
485 nslcd: [138641] <passwd="james"> DEBUG:
486 myldap_search(base="dc=my,dc=example,dc=com",
487 filter="(&(objectClass=posixAccount)(uid=james))")
488 nslcd: [138641] <passwd="james"> DEBUG: ldap_result():
489 uid=james,ou=users,dc=my,dc=example,dc=com
490 nslcd: [138641] <passwd="james"> DEBUG: ldap_result(): end of results (1
491 total)
492 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
493 nslcd: [7ff521] DEBUG: connection from pid=27173 uid=0 gid=0
494 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
495 nslcd: DEBUG: accept() failed (ignored): Resource temporarily unavailable
496 nslcd: [7ff521] <group/member="root"> DEBUG:
497 myldap_search(base="dc=my,dc=example,dc=com",
498 filter="(&(objectClass=posixAccount)(uid=root))")
499 nslcd: [7ff521] <group/member="root"> DEBUG: ldap_initialize(ldap://
500 10.0.0.11/)
501 nslcd: [7ff521] <group/member="root"> DEBUG: ldap_set_rebind_proc()
502 nslcd: [7ff521] <group/member="root"> DEBUG:
503 ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3)
504 nslcd: [7ff521] <group/member="root"> DEBUG:
505 ldap_set_option(LDAP_OPT_DEREF,0)
506 nslcd: [7ff521] <group/member="root"> DEBUG:
507 ldap_set_option(LDAP_OPT_TIMELIMIT,0)
508 nslcd: [7ff521] <group/member="root"> DEBUG:
509 ldap_set_option(LDAP_OPT_TIMEOUT,0)
510 nslcd: [7ff521] <group/member="root"> DEBUG:
511 ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,0)
512 nslcd: [7ff521] <group/member="root"> DEBUG:
513 ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON)
514 nslcd: [7ff521] <group/member="root"> DEBUG:
515 ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON)
516 nslcd: [7ff521] <group/member="root"> DEBUG: ldap_simple_bind_s(NULL,NULL)
517 (uri="ldap://10.0.0.11/")
518 nslcd: [7ff521] <group/member="root"> DEBUG: ldap_result(): end of results
519 (0 total)
520 nslcd: [7ff521] <group/member="root"> DEBUG:
521 myldap_search(base="dc=my,dc=example,dc=com",
522 filter="(&(objectClass=posixGroup)(memberUid=root))")
523 nslcd: [7ff521] <group/member="root"> DEBUG: ldap_result(): end of results
524 (0 total)
525
526 These are my LDAP clients pam.d files.
527
528 /etc/pam.d/passwd
529 auth sufficient pam_rootok.so
530 auth include system-auth
531 account include system-auth
532 password include system-auth
533
534 /etc/pam.d/sshd
535 auth include system-remote-login
536 account include system-remote-login
537 password include system-remote-login
538 session include system-remote-login
539
540 /etc/pam.d/system-auth
541 auth required pam_env.so
542 auth required pam_unix.so try_first_pass likeauth nullok
543 auth optional pam_permit.so
544 auth sufficient pam_ldap.so use_first_pass
545 account required pam_unix.so
546 account optional pam_permit.so
547 account sufficient pam_ldap.so
548 password required pam_cracklib.so difok=2 minlen=8 dcredit=2
549 ocredit=2 retry=3
550 password required pam_unix.so try_first_pass use_authtok
551 nullok sha512 shadow
552 password optional pam_permit.so
553 password sufficient pam_ldap.so use_authtok use_first_pass
554 session required pam_limits.so
555 session required pam_env.so
556 session required pam_unix.so
557 session optional pam_permit.so
558 session optional pam_ldap.so
559
560 /etc/pam.d/system-remote-login
561 auth include system-login
562 account include system-login
563 password include system-login
564 session include system-login
565
566 /etc/pamd/system-login
567 auth required pam_tally2.so onerr=succeed
568 auth required pam_shells.so
569 auth required pam_nologin.so
570 auth include system-auth
571 account required pam_access.so
572 account required pam_nologin.so
573 account include system-auth
574 account required pam_tally2.so onerr=succeed
575 password include system-auth
576 session optional pam_loginuid.so
577 session required pam_env.so
578 session optional pam_lastlog.so silent
579 session include system-auth
580 session optional pam_motd.so motd=/etc/motd
581 session optional pam_mail.so
582
583 /etc/nslcd.conf
584 uid nslcd
585 gid nslcd
586 uri ldap://10.0.0.11
587 base dc=my,dc=example,dc=com
588
589 /etc/nsswitch.conf
590 passwd: files ldap
591 group: files ldap
592 shadow: files ldap
Report Message
Find on MARC Find on Google Groups