[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Configuration PAM / LDAP : no login
- From: Sébastien Bahloul <bahlouls esiee fr>
- To: pam-list redhat com
- Subject: Configuration PAM / LDAP : no login
- Date: Wed, 16 May 2001 14:40:54 +0200
Hi,
I'm trying to configure PAM to use LDAP, but none of my tests get any positive result :
- ftp : /var/log/message :"protfpd[13557): pc5155.esiee.fr (localhost.localdomain[127.0.0.1]) - user bahlouls (Login falied): Can't find user."
- login : i'm immediately logout and i can see in /var/log/message : "PAM_UNIX[13561]: (system-auth) session opened for use bahlouls"
- pop : my login/password is refused and i can see in /var/log/message : "ipop3d[13578]; Login failure user=bahlouls domain=(null) host=localhost.localdomain
[127.0.0.1]"
My server runs a Netscape Directory Server (4.13) under Solaris 8.
My clients use OpenLDAP libraries (2.0.7), PAM (0.72) and PAM - LDAP 108 under Mandrake 7.2
If you can help me or send me a "RTFM" link, i would be glad.
Regards,
Sébastien.
PS:
- Here follow some important files (there's no /etc/pam.conf) :
/********* /etc/ldap.conf ************/
host pc5155d.esiee.fr
base o=esiee, c=fr
rootbindn cn=Directory Manager
port 389
scope sub
pam_login_attribute uid
pam_lookup_policy yes
pam_password crypt
nss_base_passwd ou=Personnes,o=esiee,c=fr
nss_base_group ou=Personnes,o=esiee,c=fr
nss_base_shadow ou=Personnes,o=esiee,c=fr
/******** /etc/pam.d/login ************/
#%PAM-1.0
auth required /lib/security/pam_securetty.so
auth sufficient /lib/security/pam_ldap.so
auth required /lib/security/pam_stack.so service=system-auth
account sufficient /lib/security/pam_ldap.so
account required /lib/security/pam_stack.so service=system-auth
password sufficient /lib/security/pam_ldap.so
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack/sp service=system-auth
session optional /lib/security/pam_console.so
/*********** /etc/pam.d/ftp ***************/
#%PAM-1.0
auth required /lib/security/pam_ldap.so
account required /lib/security/pam_ldap.so
password required /lib/security/pam_ldap.so
/********* /etc/pam.d/pop ***************/
auth required /lib/security/pam_ldap.so
account required /lib/security/pam_ldap.so
/********* /etc/nsswitch.conf ***********/
passwd: ldap files
shadow: ldap files
group: ldap files
hosts: files dns
Here is nn extract of my LDAP :
dn: uid=bahlouls, ou=Personnes, o=esiee, c=fr
objectclass: top
objectclass: account
objectclass: posixAccount
objectclass: shadowAccount
objectclass: organizationalPerson
objectclass: inetOrgPerson
uid: bahlouls
givenname: Sebastien
sn: Bahloul
cn: Sebastien Bahloul
gecos: Sebastien Bahloul
shadowlastchange: 11457
shadowmax: 30
shadowwarning: 7
shadowinactive: 2
homedirectory: /tmp
loginshell: /bin/sh
gidnumber: 5000
uidnumber: 5000
mail: bahlouls@esiee.fr
- /bin/sh is accessible for all users (r-x)
- /tmp has the following permissions : "drwxrwxrwt"
Sébastien Bahloul
-------------------------------------
Eleve ingénieur en quatrième année
Téléphone: +33 1 43 04 33 73
Fax: +33 1 45 92 66 99
Email: bahlouls@esiee.fr
-------------------------------------
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
[]